Creating CI Pipelines with Tekton (Part 2/2)
In this article, we're going to continue building the CI pipeline with Tekton . In the first part, we have established a local cluster Tekton kind and determined our first task that clones the repository GitHub and launches applications tests for the application the Go ( the repo ).
In this part, we're going to create a task that will build a Docker image for our Go app and push it to DockerHub . After that, we will merge our tasks into a pipeline.
Adding DockerHub Credentials
We use Kaniko to build and upload our Docker image , which can build Docker images inside the Kubernetes cluster, independent of the Docker daemon.
Kaniko will build and run the image with the same command. This means that before starting our task, we need to set up credentials for DockerHub so that the docker image can be pushed to the registry.
The credentials are kept secret by Kubernetes. Create a file called secret.yaml with the following content and replace myusername and mypassword with your DockerHub credentials:
apiVersion: v1 kind: Secret metadata: name: basic-user-pass annotations: tekton.dev/docker-0: https://index.docker.io/v1/ type: kubernetes.io/basic-auth stringData: username: myusername password: mypassword
tekton.dev/docker-0 , Tekton, Docker .
ServiceAccount, . serviceaccount.yaml :
apiVersion: v1 kind: ServiceAccount metadata: name: build-bot secrets: - name: basic-user-pass
kubectl:
$ kubectl apply -f secret.yaml secret/basic-user-pass created $ kubectl apply -f serviceaccount.yaml serviceaccount/build-bot created
ServiceAccount ( build-bot
) Tekton, serviceAccountName
. .
Docker
, , , , Docker.
apiVersion: tekton.dev/v1beta1 kind: Task metadata: name: build-and-push spec: resources: inputs: - name: repo type: git steps: - name: build-and-push image: gcr.io/kaniko-project/executor:v1.3.0 env: - name: DOCKER_CONFIG value: /tekton/home/.docker command: - /kaniko/executor - --dockerfile=Dockerfile - --context=/workspace/repo/src - --destination=arthurk/tekton-test:latest
, git ( — ) , .
DockerHub arthurk / tekton-test . .
DOCKER_CONFIG
, Kaniko Docker.
kubectl:
$ kubectl apply -f task-build-push.yaml task.tekton.dev/build-and-push created
: TaskRun kubectl, Tekton CLI (tkn).
.
kubectl
kubectl, TaskRun, , , ServiceAccount (serviceAccountName
) .
apiVersion: tekton.dev/v1beta1 kind: TaskRun metadata: name: build-and-push spec: serviceAccountName: build-bot taskRef: name: build-and-push resources: inputs: - name: repo resourceRef: name: arthurk-tekton-example
, , build-and-push
:
$ kubectl apply -f taskrun-build-push.yaml taskrun.tekton.dev/build-and-push created $ kubectl get pods | grep build-and-push build-and-push-pod-c698q 2/2 Running 0 4s $ kubectl logs --all-containers build-and-push-pod-c698q --follow {"level":"info","ts":1588478267.3476844,"caller":"creds-init/main.go:44", "msg":"Credentials initialized."} {"level":"info","ts":1588478279.2681644,"caller":"git/git.go:136","msg":"Successfully cloned https://github.com/arthurk/tekton-example @ 301aeaa8f7fa6ec01218ba6c5ddf9095b24d5d98 (grafted, HEAD, origin/master) in path /workspace/repo"} {"level":"info","ts":1588478279.3249557,"caller":"git/git.go:177","msg":"Successfully initialized and updated submodules in path /workspace/repo"} INFO[0004] Resolved base name golang:1.14-alpine to golang:1.14-alpine INFO[0004] Retrieving image manifest golang:1.14-alpine INFO[0012] Built cross stage deps: map[] ... INFO[0048] Taking snapshot of full filesystem... INFO[0048] Resolving paths INFO[0050] CMD ["app"]
, / Docker:
$ docker run arthurk/tekton-test:latest hello world
Tekton CLI
Tekton CLI . TaskRun , .
$ tkn task start build-and-push --inputresource repo=arthurk-tekton-example --serviceaccount build-bot --showlog Taskrun started: build-and-push-run-ctjvv Waiting for logs to be available... [git-source-arthurk-tekton-example-p9zxz] {"level":"info","ts":1588479279.271127,"caller":"git/git.go:136","msg":"Successfully cloned https://github.com/arthurk/tekton-example @ 301aeaa8f7fa6ec01218ba6c5ddf9095b24d5d98 (grafted, HEAD, origin/master) in path /workspace/repo"} [git-source-arthurk-tekton-example-p9zxz] {"level":"info","ts":1588479279.329212,"caller":"git/git.go:177","msg":"Successfully initialized and updated submodules in path /workspace/repo"} [build-and-push] INFO[0004] Resolved base name golang:1.14-alpine to golang:1.14-alpine [build-and-push] INFO[0008] Retrieving image manifest golang:1.14-alpine [build-and-push] INFO[0012] Built cross stage deps: map[] ... [build-and-push] INFO[0049] Taking snapshot of full filesystem... [build-and-push] INFO[0049] Resolving paths [build-and-push] INFO[0051] CMD ["app"]
, , , kubectl , .
, (, ), , : , , Docker DockerHub.
apiVersion: tekton.dev/v1beta1 kind: Pipeline metadata: name: test-build-push spec: resources: - name: repo type: git tasks: # Run application tests - name: test taskRef: name: test resources: inputs: - name: repo # name of the Task input (see Task definition) resource: repo # name of the Pipeline resource # Build docker image and push to registry - name: build-and-push taskRef: name: build-and-push runAfter: - test resources: inputs: - name: repo # name of the Task input (see Task definition) resource: repo # name of the Pipeline resource
, , , . . : git . .
. taskRef
( ) .
kubectl:
$ kubectl apply -f pipeline.yaml pipeline.tekton.dev/test-build-push created
, Task, TaskRun, Pipeline, PipelineRun.
kubectl Tekton CLI. .
kubectl
kubectl, PipelineRun. pipelinerun.yaml :
apiVersion: tekton.dev/v1beta1 kind: PipelineRun metadata: name: test-build-push-pr spec: serviceAccountName: build-bot pipelineRef: name: test-build-push resources: - name: repo resourceRef: name: arthurk-tekton-example
, Pod' PiplelineRun , :
$ kubectl apply -f pipelinerun.yaml pipelinerun.tekton.dev/test-build-push-pr created $ kubectl get pods | grep test-build-push-pr test-build-push-pr-build-and-push-gh4f4-pod-nn7k7 0/2 Completed 0 2m39s test-build-push-pr-test-d2tck-pod-zh5hn 0/2 Completed 0 2m51s $ kubectl logs test-build-push-pr-build-and-push-gh4f4-pod-nn7k7 --all-containers --follow INFO[0005] Resolved base name golang:1.14-alpine to golang:1.14-alpine INFO[0005] Retrieving image manifest golang:1.14-alpine ... INFO[0048] Taking snapshot of full filesystem... INFO[0048] Resolving paths INFO[0050] CMD ["app"]
, Tekton CLI.
Tekton CLI
CLI PipelineRun, Pipeline. --showlog
, ():
$ tkn pipeline start test-build-push --resource repo=arthurk-tekton-example --serviceaccount build-bot --showlog Pipelinerun started: test-build-push-run-9lmfj Waiting for logs to be available... [test : git-source-arthurk-tekton-example-k98k8] {"level":"info","ts":1588483940.4913514,"caller":"git/git.go:136","msg":"Successfully cloned https://github.com/arthurk/tekton-example @ 301aeaa8f7fa6ec01218ba6c5ddf9095b24d5d98 (grafted, HEAD, origin/master) in path /workspace/repo"} [test : git-source-arthurk-tekton-example-k98k8] {"level":"info","ts":1588483940.5485842,"caller":"git/git.go:177","msg":"Successfully initialized and updated submodules in path /workspace/repo"} [test : run-test] PASS [test : run-test] ok _/workspace/repo/src 0.006s [build-and-push : git-source-arthurk-tekton-example-2vqls] {"level":"info","ts":1588483950.2051432,"caller":"git/git.go:136","msg":"Successfully cloned https://github.com/arthurk/tekton-example @ 301aeaa8f7fa6ec01218ba6c5ddf9095b24d5d98 (grafted, HEAD, origin/master) in path /workspace/repo"} [build-and-push : git-source-arthurk-tekton-example-2vqls] {"level":"info","ts":1588483950.2610846,"caller":"git/git.go:177","msg":"Successfully initialized and updated submodules in path /workspace/repo"} [build-and-push : build-and-push] INFO[0003] Resolved base name golang:1.14-alpine to golang:1.14-alpine [build-and-push : build-and-push] INFO[0003] Resolved base name golang:1.14-alpine to golang:1.14-alpine [build-and-push : build-and-push] INFO[0003] Retrieving image manifest golang:1.14-alpine ...
Tekton Kubernetes, , TaskRun YAML, Tekton CLI tkn.
Tekton Pipeline, . GitHub . Docker DockerHub.
All code examples are available here .