Membuat CI Pipelines dengan Tekton (Part 2/2)
Pada artikel ini, kami akan terus membangun pipeline CI dengan Tekton . Pada bagian pertama , kami telah membuat cluster lokal jenis Tekton dan menentukan tugas pertama kami yang mengkloning repositori GitHub dan meluncurkan pengujian aplikasi untuk aplikasi Go ( repo ).
Di bagian ini, kita akan membuat tugas yang akan membangun image Docker untuk aplikasi Go kita dan mendorongnya ke DockerHub . Setelah itu, kami akan menggabungkan tugas kami ke dalam pipa.
Menambahkan Kredensial DockerHub
Kami menggunakan Kaniko untuk membangun dan mengunggah image Docker kami , yang dapat membangun image Docker di dalam cluster Kubernetes, terlepas dari daemon Docker.
Kaniko akan membangun dan menjalankan image dengan perintah yang sama. Ini berarti bahwa sebelum memulai tugas kita, kita perlu menyiapkan kredensial untuk DockerHub sehingga image buruh pelabuhan dapat didorong ke registri.
Kredensial dirahasiakan oleh Kubernetes. Buat file bernama secret.yaml dengan konten berikut dan ganti myusername dan mypassword dengan kredensial DockerHub Anda:
apiVersion: v1 kind: Secret metadata: name: basic-user-pass annotations: tekton.dev/docker-0: https://index.docker.io/v1/ type: kubernetes.io/basic-auth stringData: username: myusername password: mypassword
tekton.dev/docker-0 , Tekton, Docker .
ServiceAccount, . serviceaccount.yaml :
apiVersion: v1 kind: ServiceAccount metadata: name: build-bot secrets: - name: basic-user-pass
kubectl:
$ kubectl apply -f secret.yaml secret/basic-user-pass created $ kubectl apply -f serviceaccount.yaml serviceaccount/build-bot created
ServiceAccount ( build-bot
) Tekton, serviceAccountName
. .
Docker
, , , , Docker.
apiVersion: tekton.dev/v1beta1 kind: Task metadata: name: build-and-push spec: resources: inputs: - name: repo type: git steps: - name: build-and-push image: gcr.io/kaniko-project/executor:v1.3.0 env: - name: DOCKER_CONFIG value: /tekton/home/.docker command: - /kaniko/executor - --dockerfile=Dockerfile - --context=/workspace/repo/src - --destination=arthurk/tekton-test:latest
, git ( β ) , .
DockerHub arthurk / tekton-test . .
DOCKER_CONFIG
, Kaniko Docker.
kubectl:
$ kubectl apply -f task-build-push.yaml task.tekton.dev/build-and-push created
: TaskRun kubectl, Tekton CLI (tkn).
.
kubectl
kubectl, TaskRun, , , ServiceAccount (serviceAccountName
) .
apiVersion: tekton.dev/v1beta1 kind: TaskRun metadata: name: build-and-push spec: serviceAccountName: build-bot taskRef: name: build-and-push resources: inputs: - name: repo resourceRef: name: arthurk-tekton-example
, , build-and-push
:
$ kubectl apply -f taskrun-build-push.yaml taskrun.tekton.dev/build-and-push created $ kubectl get pods | grep build-and-push build-and-push-pod-c698q 2/2 Running 0 4s $ kubectl logs --all-containers build-and-push-pod-c698q --follow {"level":"info","ts":1588478267.3476844,"caller":"creds-init/main.go:44", "msg":"Credentials initialized."} {"level":"info","ts":1588478279.2681644,"caller":"git/git.go:136","msg":"Successfully cloned https://github.com/arthurk/tekton-example @ 301aeaa8f7fa6ec01218ba6c5ddf9095b24d5d98 (grafted, HEAD, origin/master) in path /workspace/repo"} {"level":"info","ts":1588478279.3249557,"caller":"git/git.go:177","msg":"Successfully initialized and updated submodules in path /workspace/repo"} INFO[0004] Resolved base name golang:1.14-alpine to golang:1.14-alpine INFO[0004] Retrieving image manifest golang:1.14-alpine INFO[0012] Built cross stage deps: map[] ... INFO[0048] Taking snapshot of full filesystem... INFO[0048] Resolving paths INFO[0050] CMD ["app"]
, / Docker:
$ docker run arthurk/tekton-test:latest hello world
Tekton CLI
Tekton CLI . TaskRun , .
$ tkn task start build-and-push --inputresource repo=arthurk-tekton-example --serviceaccount build-bot --showlog Taskrun started: build-and-push-run-ctjvv Waiting for logs to be available... [git-source-arthurk-tekton-example-p9zxz] {"level":"info","ts":1588479279.271127,"caller":"git/git.go:136","msg":"Successfully cloned https://github.com/arthurk/tekton-example @ 301aeaa8f7fa6ec01218ba6c5ddf9095b24d5d98 (grafted, HEAD, origin/master) in path /workspace/repo"} [git-source-arthurk-tekton-example-p9zxz] {"level":"info","ts":1588479279.329212,"caller":"git/git.go:177","msg":"Successfully initialized and updated submodules in path /workspace/repo"} [build-and-push] INFO[0004] Resolved base name golang:1.14-alpine to golang:1.14-alpine [build-and-push] INFO[0008] Retrieving image manifest golang:1.14-alpine [build-and-push] INFO[0012] Built cross stage deps: map[] ... [build-and-push] INFO[0049] Taking snapshot of full filesystem... [build-and-push] INFO[0049] Resolving paths [build-and-push] INFO[0051] CMD ["app"]
, , , kubectl , .
, (, ), , : , , Docker DockerHub.
apiVersion: tekton.dev/v1beta1 kind: Pipeline metadata: name: test-build-push spec: resources: - name: repo type: git tasks: # Run application tests - name: test taskRef: name: test resources: inputs: - name: repo # name of the Task input (see Task definition) resource: repo # name of the Pipeline resource # Build docker image and push to registry - name: build-and-push taskRef: name: build-and-push runAfter: - test resources: inputs: - name: repo # name of the Task input (see Task definition) resource: repo # name of the Pipeline resource
, , , . . : git . .
. taskRef
( ) .
kubectl:
$ kubectl apply -f pipeline.yaml pipeline.tekton.dev/test-build-push created
, Task, TaskRun, Pipeline, PipelineRun.
kubectl Tekton CLI. .
kubectl
kubectl, PipelineRun. pipelinerun.yaml :
apiVersion: tekton.dev/v1beta1 kind: PipelineRun metadata: name: test-build-push-pr spec: serviceAccountName: build-bot pipelineRef: name: test-build-push resources: - name: repo resourceRef: name: arthurk-tekton-example
, Pod' PiplelineRun , :
$ kubectl apply -f pipelinerun.yaml pipelinerun.tekton.dev/test-build-push-pr created $ kubectl get pods | grep test-build-push-pr test-build-push-pr-build-and-push-gh4f4-pod-nn7k7 0/2 Completed 0 2m39s test-build-push-pr-test-d2tck-pod-zh5hn 0/2 Completed 0 2m51s $ kubectl logs test-build-push-pr-build-and-push-gh4f4-pod-nn7k7 --all-containers --follow INFO[0005] Resolved base name golang:1.14-alpine to golang:1.14-alpine INFO[0005] Retrieving image manifest golang:1.14-alpine ... INFO[0048] Taking snapshot of full filesystem... INFO[0048] Resolving paths INFO[0050] CMD ["app"]
, Tekton CLI.
Tekton CLI
CLI PipelineRun, Pipeline. --showlog
, ():
$ tkn pipeline start test-build-push --resource repo=arthurk-tekton-example --serviceaccount build-bot --showlog Pipelinerun started: test-build-push-run-9lmfj Waiting for logs to be available... [test : git-source-arthurk-tekton-example-k98k8] {"level":"info","ts":1588483940.4913514,"caller":"git/git.go:136","msg":"Successfully cloned https://github.com/arthurk/tekton-example @ 301aeaa8f7fa6ec01218ba6c5ddf9095b24d5d98 (grafted, HEAD, origin/master) in path /workspace/repo"} [test : git-source-arthurk-tekton-example-k98k8] {"level":"info","ts":1588483940.5485842,"caller":"git/git.go:177","msg":"Successfully initialized and updated submodules in path /workspace/repo"} [test : run-test] PASS [test : run-test] ok _/workspace/repo/src 0.006s [build-and-push : git-source-arthurk-tekton-example-2vqls] {"level":"info","ts":1588483950.2051432,"caller":"git/git.go:136","msg":"Successfully cloned https://github.com/arthurk/tekton-example @ 301aeaa8f7fa6ec01218ba6c5ddf9095b24d5d98 (grafted, HEAD, origin/master) in path /workspace/repo"} [build-and-push : git-source-arthurk-tekton-example-2vqls] {"level":"info","ts":1588483950.2610846,"caller":"git/git.go:177","msg":"Successfully initialized and updated submodules in path /workspace/repo"} [build-and-push : build-and-push] INFO[0003] Resolved base name golang:1.14-alpine to golang:1.14-alpine [build-and-push : build-and-push] INFO[0003] Resolved base name golang:1.14-alpine to golang:1.14-alpine [build-and-push : build-and-push] INFO[0003] Retrieving image manifest golang:1.14-alpine ...
Tekton Kubernetes, , TaskRun YAML, Tekton CLI tkn.
Tekton Pipeline, . GitHub . Docker DockerHub.
Semua contoh kode tersedia di sini .