Building CI pipelines with Tekton (inside Kubernetes). Part 2/2

Creating CI Pipelines with Tekton (Part 2/2)







In this article, we're going to continue building the CI pipeline with Tekton . In the first part, we have established a local cluster Tekton kind and determined our first task that clones the repository GitHub and launches applications tests for the application the Go ( the repo ).







In this part, we're going to create a task that will build a Docker image for our Go app and push it to DockerHub . After that, we will merge our tasks into a pipeline.







Adding DockerHub Credentials



We use Kaniko to build and upload our Docker image , which can build Docker images inside the Kubernetes cluster, independent of the Docker daemon.







Kaniko will build and run the image with the same command. This means that before starting our task, we need to set up credentials for DockerHub so that the docker image can be pushed to the registry.







The credentials are kept secret by Kubernetes. Create a file called secret.yaml with the following content and replace myusername and mypassword with your DockerHub credentials:







apiVersion: v1
kind: Secret
metadata:
  name: basic-user-pass
  annotations:
    tekton.dev/docker-0: https://index.docker.io/v1/
type: kubernetes.io/basic-auth
stringData:
    username: myusername
    password: mypassword
      
      





tekton.dev/docker-0 , Tekton, Docker .







ServiceAccount, . serviceaccount.yaml :







apiVersion: v1
kind: ServiceAccount
metadata:
  name: build-bot
secrets:
  - name: basic-user-pass
      
      





kubectl:







$ kubectl apply -f secret.yaml
secret/basic-user-pass created

$ kubectl apply -f serviceaccount.yaml
serviceaccount/build-bot created
      
      





ServiceAccount ( build-bot



) Tekton, serviceAccountName



. .







Docker



, , , , Docker.







task-build-push.yaml :







apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
  name: build-and-push
spec:
  resources:
    inputs:
      - name: repo
        type: git
  steps:
    - name: build-and-push
      image: gcr.io/kaniko-project/executor:v1.3.0
      env:
        - name: DOCKER_CONFIG
          value: /tekton/home/.docker
      command:
        - /kaniko/executor
        - --dockerfile=Dockerfile
        - --context=/workspace/repo/src
        - --destination=arthurk/tekton-test:latest
      
      





, git ( — ) , .







DockerHub arthurk / tekton-test . .







Tekton , . , , .







DOCKER_CONFIG



, Kaniko Docker.







kubectl:







$ kubectl apply -f task-build-push.yaml
task.tekton.dev/build-and-push created
      
      





: TaskRun kubectl, Tekton CLI (tkn).







.







kubectl



kubectl, TaskRun, , , ServiceAccount (serviceAccountName



) .







taskrun-build-push.yaml :







apiVersion: tekton.dev/v1beta1
kind: TaskRun
metadata:
  name: build-and-push
spec:
  serviceAccountName: build-bot
  taskRef:
    name: build-and-push
  resources:
    inputs:
      - name: repo
        resourceRef:
          name: arthurk-tekton-example
      
      





, , build-and-push



:







$ kubectl apply -f taskrun-build-push.yaml
taskrun.tekton.dev/build-and-push created

$ kubectl get pods | grep build-and-push
build-and-push-pod-c698q   2/2     Running     0          4s

$ kubectl logs --all-containers build-and-push-pod-c698q --follow
{"level":"info","ts":1588478267.3476844,"caller":"creds-init/main.go:44", "msg":"Credentials initialized."}
{"level":"info","ts":1588478279.2681644,"caller":"git/git.go:136","msg":"Successfully cloned https://github.com/arthurk/tekton-example @ 301aeaa8f7fa6ec01218ba6c5ddf9095b24d5d98 (grafted, HEAD, origin/master) in path /workspace/repo"}
{"level":"info","ts":1588478279.3249557,"caller":"git/git.go:177","msg":"Successfully initialized and updated submodules in path /workspace/repo"}
INFO[0004] Resolved base name golang:1.14-alpine to golang:1.14-alpine
INFO[0004] Retrieving image manifest golang:1.14-alpine
INFO[0012] Built cross stage deps: map[]
...
INFO[0048] Taking snapshot of full filesystem...
INFO[0048] Resolving paths
INFO[0050] CMD ["app"]
      
      





, / Docker:







$ docker run arthurk/tekton-test:latest
hello world
      
      





Tekton CLI



Tekton CLI . TaskRun , .







$ tkn task start build-and-push --inputresource repo=arthurk-tekton-example --serviceaccount build-bot --showlog
Taskrun started: build-and-push-run-ctjvv
Waiting for logs to be available...
[git-source-arthurk-tekton-example-p9zxz] {"level":"info","ts":1588479279.271127,"caller":"git/git.go:136","msg":"Successfully cloned https://github.com/arthurk/tekton-example @ 301aeaa8f7fa6ec01218ba6c5ddf9095b24d5d98 (grafted, HEAD, origin/master) in path /workspace/repo"}
[git-source-arthurk-tekton-example-p9zxz] {"level":"info","ts":1588479279.329212,"caller":"git/git.go:177","msg":"Successfully initialized and updated submodules in path /workspace/repo"}

[build-and-push] INFO[0004] Resolved base name golang:1.14-alpine to golang:1.14-alpine
[build-and-push] INFO[0008] Retrieving image manifest golang:1.14-alpine
[build-and-push] INFO[0012] Built cross stage deps: map[]
...
[build-and-push] INFO[0049] Taking snapshot of full filesystem...
[build-and-push] INFO[0049] Resolving paths
[build-and-push] INFO[0051] CMD ["app"]
      
      





, , , kubectl , .









, (, ), , : , , Docker DockerHub.







pipeline.yaml :







apiVersion: tekton.dev/v1beta1
kind: Pipeline
metadata:
  name: test-build-push
spec:
  resources:
    - name: repo
      type: git
  tasks:
    # Run application tests
    - name: test
      taskRef:
        name: test
      resources:
        inputs:
          - name: repo      # name of the Task input (see Task definition)
            resource: repo  # name of the Pipeline resource

    # Build docker image and push to registry
    - name: build-and-push
      taskRef:
        name: build-and-push
      runAfter:
        - test
      resources:
        inputs:
          - name: repo      # name of the Task input (see Task definition)
            resource: repo  # name of the Pipeline resource
      
      





, , , . . : git . .







. taskRef



( ) .







kubectl:







$ kubectl apply -f pipeline.yaml
pipeline.tekton.dev/test-build-push created
      
      





, Task, TaskRun, Pipeline, PipelineRun.







kubectl Tekton CLI. .







kubectl



kubectl, PipelineRun. pipelinerun.yaml :







apiVersion: tekton.dev/v1beta1
kind: PipelineRun
metadata:
  name: test-build-push-pr
spec:
  serviceAccountName: build-bot
  pipelineRef:
    name: test-build-push
  resources:
  - name: repo
    resourceRef:
      name: arthurk-tekton-example
      
      





, Pod' PiplelineRun , :







$ kubectl apply -f pipelinerun.yaml
pipelinerun.tekton.dev/test-build-push-pr created

$ kubectl get pods | grep test-build-push-pr
test-build-push-pr-build-and-push-gh4f4-pod-nn7k7   0/2     Completed   0          2m39s
test-build-push-pr-test-d2tck-pod-zh5hn             0/2     Completed   0          2m51s

$ kubectl logs test-build-push-pr-build-and-push-gh4f4-pod-nn7k7 --all-containers --follow
INFO[0005] Resolved base name golang:1.14-alpine to golang:1.14-alpine
INFO[0005] Retrieving image manifest golang:1.14-alpine
...
INFO[0048] Taking snapshot of full filesystem...
INFO[0048] Resolving paths
INFO[0050] CMD ["app"]
      
      





, Tekton CLI.







Tekton CLI



CLI PipelineRun, Pipeline. --showlog



, ():







$ tkn pipeline start test-build-push --resource repo=arthurk-tekton-example --serviceaccount build-bot --showlog

Pipelinerun started: test-build-push-run-9lmfj
Waiting for logs to be available...
[test : git-source-arthurk-tekton-example-k98k8] {"level":"info","ts":1588483940.4913514,"caller":"git/git.go:136","msg":"Successfully cloned https://github.com/arthurk/tekton-example @ 301aeaa8f7fa6ec01218ba6c5ddf9095b24d5d98 (grafted, HEAD, origin/master) in path /workspace/repo"}
[test : git-source-arthurk-tekton-example-k98k8] {"level":"info","ts":1588483940.5485842,"caller":"git/git.go:177","msg":"Successfully initialized and updated submodules in path /workspace/repo"}

[test : run-test] PASS
[test : run-test] ok    _/workspace/repo/src    0.006s

[build-and-push : git-source-arthurk-tekton-example-2vqls] {"level":"info","ts":1588483950.2051432,"caller":"git/git.go:136","msg":"Successfully cloned https://github.com/arthurk/tekton-example @ 301aeaa8f7fa6ec01218ba6c5ddf9095b24d5d98 (grafted, HEAD, origin/master) in path /workspace/repo"}
[build-and-push : git-source-arthurk-tekton-example-2vqls] {"level":"info","ts":1588483950.2610846,"caller":"git/git.go:177","msg":"Successfully initialized and updated submodules in path /workspace/repo"}

[build-and-push : build-and-push] INFO[0003] Resolved base name golang:1.14-alpine to golang:1.14-alpine
[build-and-push : build-and-push] INFO[0003] Resolved base name golang:1.14-alpine to golang:1.14-alpine
[build-and-push : build-and-push] INFO[0003] Retrieving image manifest golang:1.14-alpine
...
      
      







Tekton Kubernetes, , TaskRun YAML, Tekton CLI tkn.







Tekton Pipeline, . GitHub . Docker DockerHub.







All code examples are available here .








All Articles