Giters

emelhu / hwsw-workshop-20220524

Tekton workshop

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

HWSW-TEKTON

Install Tekton Operator

Alt text

kubectl apply -f https://storage.googleapis.com/tekton-releases/operator/latest/release.yaml

Install tekton-pipelines by operator

cat <<EOF | kubectl create -f -
apiVersion: operator.tekton.dev/v1alpha1
kind: TektonConfig
metadata:
  name: config
spec:
  profile: all
  targetNamespace: tekton-pipelines
  pruner:
    resources:
    - pipelinerun
    - taskrun
    keep: 2
    schedule: "0 8 * * *"
EOF
Installing Tekton Results (optional) https://tekton.dev/docs/results/

Installing Tekton Results (optional) https://tekton.dev/docs/results/

Alt text

Prerequisites

  1. Tekton Pipelines must be installed on the cluster.

  2. Generating a database root password.

    A database root password must be generated by the user and stored in a Kubernetes Secret before installing. By default, Tekton Results expects this Secret to have the following properties:

    • namespace: tekton-pipelines
    • name: tekton-results-postgres
    • contains the fields:
      • POSTGRES_USER=postgres
      • POSTGRES_PASSWORD=<your password>

    If you are not using a particular password management strategy, the following command will generate a random password for you:

    kubectl create secret generic tekton-results-postgres --namespace="tekton-pipelines" --from-literal=POSTGRES_USER=postgres --from-literal=POSTGRES_PASSWORD=$(openssl rand -base64 20)

  3. Generate cert/key pair. Note: Feel free to use any cert management software to do this!

    Tekton Results expects the cert/key pair to be stored in a TLS Kubernetes Secret named tekton-results-tls.

    cd cert
    # Generate new self-signed cert.
openssl req -x509 \
-newkey rsa:4096 \
-keyout key.pem \
-out cert.pem \
-days 365 \
-nodes \
-subj "/CN=tekton-results-api-service.tekton-pipelines.svc.cluster.local" \
-addext "subjectAltName = DNS:tekton-results-api-service.tekton-pipelines.svc.cluster.local"
    # Create new TLS Secret from cert.
kubectl create secret tls -n tekton-pipelines tekton-results-tls \
--cert=cert.pem \
--key=key.pem

Installing latest release

kubectl apply -f https://storage.googleapis.com/tekton-releases/results/previous/v0.4.0/release.yaml

Create Pipline

Alt text

graph TD;
    clone[Git Clone]-->dockerlint[Dockerfile lint];
    clone[Git Clone]-->build[Build and Push];
    dockerlint[Dockerfile lint]-->build[Build and Push];
    clone[Git Clone]-->helm[Helm install];
    dockerlint[Dockerfile lint]-->helm[Helm install];
    build[Build and Push]-->helm[Helm install];
Loading

Install tasks

TKN cli install https://github.com/tektoncd/cli

git-clone https://hub.tekton.dev/tekton/task/git-clone

tkn hub install task git-clone -n default

buildah https://hub.tekton.dev/tekton/task/buildah

tkn hub install task buildah -n default

helm-upgrade-from-source https://hub.tekton.dev/tekton/task/helm-upgrade-from-source

tkn hub install task helm-upgrade-from-source -n default

Create hadolint task https://hub.tekton.dev/tekton/task/hadolint (created arm64 hadolint)

kubectl apply -f tekton/workshop-task-hadolint.yaml

Generate new github token

https://github.com/settings/tokens/new

Add secret with generated token

cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: Secret
metadata:
  name: hwsw-workshop-cr-push-secret
  namespace: default
  annotations:
    tekton.dev/docker-0: https://ghcr.io
type: kubernetes.io/basic-auth
stringData:
    username: ptzool
    password: ${TOKEN} 
EOF

or

kubectl create secret generic hwsw-workshop-cr-push-secret -n default --type="kubernetes.io/basic-auth" --from-literal=username=USER --from-literal=password=TOKEN

kubectl annotate secret hwsw-workshop-cr-push-secret tekton.dev/docker-0=https://ghcr.io

Add pipline

cat tekton/workshop-pipeline-pvc.yaml | yq
kubectl apply -f tekton/workshop-pipeline-pvc.yaml
cat tekton/workshop-serviceaccount.yaml | yq
kubectl apply -f tekton/workshop-serviceaccount.yaml
cat tekton/workshop-pipeline.yaml | yq
kubectl apply -f tekton/workshop-pipeline.yaml

Start pipline

cat cat tekton/workshop-pipelinerun.yaml | yq
kubectl create -f tekton/workshop-pipelinerun.yaml

Add eventlistener

cat tekton/eventlistener/workshop-el.yaml | yq
kubectl apply -f tekton/eventlistener/workshop-el.yaml
cat tekton/eventlistener/workshop-el-tt.yaml | yq
kubectl apply -f tekton/eventlistener/workshop-el-tt.yaml
cat tekton/eventlistener/workshop-el-tb.yaml | yq
kubectl apply -f tekton/eventlistener/workshop-el-tb.yaml

Port forwards

# workshop deployment port forward
kubectl -n default port-forward svc/hwsw-workshop 8081:8080

# tekton dashboard port forward
kubectl -n tekton-pipelines port-forward svc/tekton-dashboard 9097

# event listener port forward
kubectl -n default port-forward svc/el-workshop-el 8080

or

sudo -E kubefwd svc -n tekton-pipelines -n default

Forwarded urls

EL curl request

curl -X POST -d '{"imageTag":"v1.0.6"}' http://el-workshop-el.default:8080 | jq

Contact

About

Tekton workshop

Languages

Language:Smarty 52.8%Language:Go 37.1%Language:Dockerfile 10.2%