Tektonを使用したCIパイプラインの作成(パート2/2)
この記事では、Tektonを使用してCIパイプラインを構築し続けます。では最初の部分は、我々はローカルクラスタTektonの確立しているようなものを、私たちの最初のタスクを決定したクローン、そのアプリケーションのためのリポジトリはGitHubと起動したアプリケーションのテストゴー(レポ)。
このパートでは、GoアプリのDockerイメージを作成し、それをDockerHubにプッシュするタスクを作成します。その後、タスクをパイプラインにマージします。
DockerHub認証情報の追加
Kanikoを使用してDockerイメージをビルドおよびアップロードします。これにより、Dockerデーモンとは独立してKubernetesクラスター内にDockerイメージをビルドできます。
Kanikoは、同じコマンドでイメージをビルドして実行します。つまり、タスクを開始する前に、DockerHubの認証情報を設定して、Dockerイメージをレジストリにプッシュできるようにする必要があります。
資格情報はKubernetesによって秘密にされます。次の内容でsecret.yamlというファイルを作成し、myusernameとmypasswordをDockerHub認証情報に置き換えます。
apiVersion: v1 kind: Secret metadata: name: basic-user-pass annotations: tekton.dev/docker-0: https://index.docker.io/v1/ type: kubernetes.io/basic-auth stringData: username: myusername password: mypassword
tekton.dev/docker-0 , Tekton, Docker .
ServiceAccount, . serviceaccount.yaml :
apiVersion: v1 kind: ServiceAccount metadata: name: build-bot secrets: - name: basic-user-pass
kubectl:
$ kubectl apply -f secret.yaml secret/basic-user-pass created $ kubectl apply -f serviceaccount.yaml serviceaccount/build-bot created
ServiceAccount ( build-bot
) Tekton, serviceAccountName
. .
Docker
, , , , Docker.
apiVersion: tekton.dev/v1beta1 kind: Task metadata: name: build-and-push spec: resources: inputs: - name: repo type: git steps: - name: build-and-push image: gcr.io/kaniko-project/executor:v1.3.0 env: - name: DOCKER_CONFIG value: /tekton/home/.docker command: - /kaniko/executor - --dockerfile=Dockerfile - --context=/workspace/repo/src - --destination=arthurk/tekton-test:latest
, git ( — ) , .
DockerHub arthurk / tekton-test . .
DOCKER_CONFIG
, Kaniko Docker.
kubectl:
$ kubectl apply -f task-build-push.yaml task.tekton.dev/build-and-push created
: TaskRun kubectl, Tekton CLI (tkn).
.
kubectl
kubectl, TaskRun, , , ServiceAccount (serviceAccountName
) .
apiVersion: tekton.dev/v1beta1 kind: TaskRun metadata: name: build-and-push spec: serviceAccountName: build-bot taskRef: name: build-and-push resources: inputs: - name: repo resourceRef: name: arthurk-tekton-example
, , build-and-push
:
$ kubectl apply -f taskrun-build-push.yaml taskrun.tekton.dev/build-and-push created $ kubectl get pods | grep build-and-push build-and-push-pod-c698q 2/2 Running 0 4s $ kubectl logs --all-containers build-and-push-pod-c698q --follow {"level":"info","ts":1588478267.3476844,"caller":"creds-init/main.go:44", "msg":"Credentials initialized."} {"level":"info","ts":1588478279.2681644,"caller":"git/git.go:136","msg":"Successfully cloned https://github.com/arthurk/tekton-example @ 301aeaa8f7fa6ec01218ba6c5ddf9095b24d5d98 (grafted, HEAD, origin/master) in path /workspace/repo"} {"level":"info","ts":1588478279.3249557,"caller":"git/git.go:177","msg":"Successfully initialized and updated submodules in path /workspace/repo"} INFO[0004] Resolved base name golang:1.14-alpine to golang:1.14-alpine INFO[0004] Retrieving image manifest golang:1.14-alpine INFO[0012] Built cross stage deps: map[] ... INFO[0048] Taking snapshot of full filesystem... INFO[0048] Resolving paths INFO[0050] CMD ["app"]
, / Docker:
$ docker run arthurk/tekton-test:latest hello world
Tekton CLI
Tekton CLI . TaskRun , .
$ tkn task start build-and-push --inputresource repo=arthurk-tekton-example --serviceaccount build-bot --showlog Taskrun started: build-and-push-run-ctjvv Waiting for logs to be available... [git-source-arthurk-tekton-example-p9zxz] {"level":"info","ts":1588479279.271127,"caller":"git/git.go:136","msg":"Successfully cloned https://github.com/arthurk/tekton-example @ 301aeaa8f7fa6ec01218ba6c5ddf9095b24d5d98 (grafted, HEAD, origin/master) in path /workspace/repo"} [git-source-arthurk-tekton-example-p9zxz] {"level":"info","ts":1588479279.329212,"caller":"git/git.go:177","msg":"Successfully initialized and updated submodules in path /workspace/repo"} [build-and-push] INFO[0004] Resolved base name golang:1.14-alpine to golang:1.14-alpine [build-and-push] INFO[0008] Retrieving image manifest golang:1.14-alpine [build-and-push] INFO[0012] Built cross stage deps: map[] ... [build-and-push] INFO[0049] Taking snapshot of full filesystem... [build-and-push] INFO[0049] Resolving paths [build-and-push] INFO[0051] CMD ["app"]
, , , kubectl , .
, (, ), , : , , Docker DockerHub.
apiVersion: tekton.dev/v1beta1 kind: Pipeline metadata: name: test-build-push spec: resources: - name: repo type: git tasks: # Run application tests - name: test taskRef: name: test resources: inputs: - name: repo # name of the Task input (see Task definition) resource: repo # name of the Pipeline resource # Build docker image and push to registry - name: build-and-push taskRef: name: build-and-push runAfter: - test resources: inputs: - name: repo # name of the Task input (see Task definition) resource: repo # name of the Pipeline resource
, , , . . : git . .
. taskRef
( ) .
kubectl:
$ kubectl apply -f pipeline.yaml pipeline.tekton.dev/test-build-push created
, Task, TaskRun, Pipeline, PipelineRun.
kubectl Tekton CLI. .
kubectl
kubectl, PipelineRun. pipelinerun.yaml :
apiVersion: tekton.dev/v1beta1 kind: PipelineRun metadata: name: test-build-push-pr spec: serviceAccountName: build-bot pipelineRef: name: test-build-push resources: - name: repo resourceRef: name: arthurk-tekton-example
, Pod' PiplelineRun , :
$ kubectl apply -f pipelinerun.yaml pipelinerun.tekton.dev/test-build-push-pr created $ kubectl get pods | grep test-build-push-pr test-build-push-pr-build-and-push-gh4f4-pod-nn7k7 0/2 Completed 0 2m39s test-build-push-pr-test-d2tck-pod-zh5hn 0/2 Completed 0 2m51s $ kubectl logs test-build-push-pr-build-and-push-gh4f4-pod-nn7k7 --all-containers --follow INFO[0005] Resolved base name golang:1.14-alpine to golang:1.14-alpine INFO[0005] Retrieving image manifest golang:1.14-alpine ... INFO[0048] Taking snapshot of full filesystem... INFO[0048] Resolving paths INFO[0050] CMD ["app"]
, Tekton CLI.
Tekton CLI
CLI PipelineRun, Pipeline. --showlog
, ():
$ tkn pipeline start test-build-push --resource repo=arthurk-tekton-example --serviceaccount build-bot --showlog Pipelinerun started: test-build-push-run-9lmfj Waiting for logs to be available... [test : git-source-arthurk-tekton-example-k98k8] {"level":"info","ts":1588483940.4913514,"caller":"git/git.go:136","msg":"Successfully cloned https://github.com/arthurk/tekton-example @ 301aeaa8f7fa6ec01218ba6c5ddf9095b24d5d98 (grafted, HEAD, origin/master) in path /workspace/repo"} [test : git-source-arthurk-tekton-example-k98k8] {"level":"info","ts":1588483940.5485842,"caller":"git/git.go:177","msg":"Successfully initialized and updated submodules in path /workspace/repo"} [test : run-test] PASS [test : run-test] ok _/workspace/repo/src 0.006s [build-and-push : git-source-arthurk-tekton-example-2vqls] {"level":"info","ts":1588483950.2051432,"caller":"git/git.go:136","msg":"Successfully cloned https://github.com/arthurk/tekton-example @ 301aeaa8f7fa6ec01218ba6c5ddf9095b24d5d98 (grafted, HEAD, origin/master) in path /workspace/repo"} [build-and-push : git-source-arthurk-tekton-example-2vqls] {"level":"info","ts":1588483950.2610846,"caller":"git/git.go:177","msg":"Successfully initialized and updated submodules in path /workspace/repo"} [build-and-push : build-and-push] INFO[0003] Resolved base name golang:1.14-alpine to golang:1.14-alpine [build-and-push : build-and-push] INFO[0003] Resolved base name golang:1.14-alpine to golang:1.14-alpine [build-and-push : build-and-push] INFO[0003] Retrieving image manifest golang:1.14-alpine ...
Tekton Kubernetes, , TaskRun YAML, Tekton CLI tkn.
Tekton Pipeline, . GitHub . Docker DockerHub.