Tekton 基于 gitlab 触发流水线

Tekton 基于 gitlab 触发流水线

Tekton EventListener 在8080端口监听事件,Gitlab 提交代码产生push 事件,gitlab webhook触发tekton流水线执行。

前置要求:

  • kubernetes集群中已部署 tekton pipelinetekton triggers以及tekton dashboard 三个组件;
  • 本示例使用LoadBalancer 暴露 EventListener service,集群中有可用负载均衡器分配IP地址。

创建serviceaccount

官方示例:https://github.com/tektoncd/triggers/blob/main/examples/rbac.yaml

因为 EventListener 最终需要创建 taskrun、pipelinerun 同时会查询一些其他信息,因此需要为其配置一个 serviceAccount,同时还需要为这个 serviceAccount 赋予相应的权限。

yaml 复制代码
$ cat serviceAccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
  name: tekton-triggers-example-sa
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: triggers-example-eventlistener-binding
subjects:
- kind: ServiceAccount
  name: tekton-triggers-example-sa
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: tekton-triggers-eventlistener-roles
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: triggers-example-eventlistener-clusterbinding
subjects:
- kind: ServiceAccount
  name: tekton-triggers-example-sa
  namespace: default
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: tekton-triggers-eventlistener-clusterroles

应用yaml

bash 复制代码
kubectl apply -f serviceAccount.yaml

创建EventListener

EventListener 是一个 Kubernetes 对象,用于侦听 Kubernetes 集群上指定端口上的事件。它公开了一个可寻址接收器,用于接收传入事件并指定一个或多个 Triggers 。

yaml 复制代码
$ cat eventListener.yaml
apiVersion: triggers.tekton.dev/v1beta1
kind: EventListener
metadata:
  name: gitlab-pr
spec:
  serviceAccountName: tekton-triggers-example-sa
  resources:
    kubernetesResource:
      serviceType: LoadBalancer
  triggers:
    - name: pr-trigger
      bindings:
        - ref: gitlab-pr-trigger-binding
      template:
        ref: gitlab-pr-trigger-template

应用yaml

bash 复制代码
kubectl apply -f eventListener.yaml

创建TriggerBinding

TriggerBinding 允许您从事件负载中提取字段并将它们绑定到命名参数,然后可以在 TriggerTemplate 中使用这些命名参数。

yaml 复制代码
$ cat triggerBinding.yaml
apiVersion: triggers.tekton.dev/v1beta1
kind: TriggerBinding
metadata:
  name: gitlab-pr-trigger-binding
spec:
  params:
    - name: message
      value: hello

应用yaml

bash 复制代码
kubectl apply -f triggerBinding.yaml

创建TriggerTemplate

TriggerTemplate 是指定资源蓝图的资源,例如 TaskRun 或 PipelineRun ,当您的EventListener 检测到事件。它公开了您可以在资源模板中的任何位置使用的参数。

以下示例通过pipelineSpectaskSpec直接引入task并运行:

yaml 复制代码
$ cat triggerTemplate.yaml
apiVersion: triggers.tekton.dev/v1beta1
kind: TriggerTemplate
metadata:
  name: gitlab-pr-trigger-template
spec:
  params:
    - name: message
      default: hello
  resourcetemplates:
    - apiVersion: tekton.dev/v1beta1
      kind: PipelineRun
      metadata:
        generateName: hello-
      spec:
        params:
          - name: message
            value: $(tt.params.message)
        pipelineSpec:
          tasks:
            - name: hello-message
              taskSpec:
                steps:
                  - name: run-hello
                    image: alpine
                    script: |
                      echo $(params.message)

应用yaml

bash 复制代码
kubectl create -f triggerTemplate.yaml

完整示例

yaml 复制代码
$ cat githlab_trigger.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
  name: tekton-triggers-example-sa
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: triggers-example-eventlistener-binding
subjects:
- kind: ServiceAccount
  name: tekton-triggers-example-sa
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: tekton-triggers-eventlistener-roles
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: triggers-example-eventlistener-clusterbinding
subjects:
- kind: ServiceAccount
  name: tekton-triggers-example-sa
  namespace: default
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: tekton-triggers-eventlistener-clusterroles

---
apiVersion: triggers.tekton.dev/v1beta1
kind: EventListener
metadata:
  name: gitlab-pr
spec:
  serviceAccountName: tekton-triggers-example-sa
  resources:
    kubernetesResource:
      serviceType: LoadBalancer
  triggers:
    - name: pr-trigger
      bindings:
        - ref: gitlab-pr-trigger-binding
      template:
        ref: gitlab-pr-trigger-template
---
apiVersion: triggers.tekton.dev/v1beta1
kind: TriggerBinding
metadata:
  name: gitlab-pr-trigger-binding
spec:
  params:
    - name: message
      value: hello
---
apiVersion: triggers.tekton.dev/v1beta1
kind: TriggerTemplate
metadata:
  name: gitlab-pr-trigger-template
spec:
  params:
    - name: message
      default: hello
  resourcetemplates:
    - apiVersion: tekton.dev/v1beta1
      kind: PipelineRun
      metadata:
        generateName: hello-
      spec:
        params:
          - name: message
            value: $(tt.params.message)
        pipelineSpec:
          tasks:
            - name: hello-message
              taskSpec:
                steps:
                  - name: run-hello
                    image: alpine
                    script: |
                      echo $(params.message)

应用以上配置

bash 复制代码
kubectl create -f githlab_trigger.yaml

配置gitlab webhook

查看EventListener service 监听地址和端口

bash 复制代码
root@kube001:~# kubectl get svc
NAME           TYPE           CLUSTER-IP    EXTERNAL-IP      PORT(S)                         AGE
el-gitlab-pr   LoadBalancer   10.96.0.235   192.168.72.224   8080:31293/TCP,9000:30628/TCP   8m7s

EventListener service 使用LoadBalancer 方式暴露到集群外,访问地址为:

bash 复制代码
http://192.168.72.224:8080

访问自建 gitlab 管理界面,新建demo项目,在项目Settings---> Webhooks中配置 EventListener 监听地址:

点击Push events进行测试,或者推送代码到gitlab项目仓库

点击Edit查看测试结果

查看触发的pipeline任务

bash 复制代码
root@kube001:~# kubectl get pipelineruns | grep hello
hello-vrrs2                      True        Succeeded                  4m42s       4m34s

查看运行完成的pods

bash 复制代码
root@kube001:~# kubectl get pods
NAME                                                    READY   STATUS       RESTARTS   AGE
el-gitlab-pr-5f5749d48f-rqmlb                           1/1     Running      0          12m
hello-vrrs2-hello-message-pod                           0/1     Completed    0          5m49s

访问dashboard查看自动执行的pipelinerun

任务详情

相关推荐
但老师3 小时前
Git遇到“fatal: bad object refs/heads/master - 副本”问题的解决办法
git
秃头女孩y3 小时前
git创建分支
git
研究是为了理解8 小时前
Git Bash 常用命令
git·elasticsearch·bash
DKPT9 小时前
Git 的基本概念和使用方式
git
Winston Wood12 小时前
一文了解git TAG
git·版本控制
喵喵先森13 小时前
Git 的基本概念和使用方式
git·源代码管理
xianwu54314 小时前
反向代理模块
linux·开发语言·网络·git
binishuaio16 小时前
Java 第11天 (git版本控制器基础用法)
java·开发语言·git
会发光的猪。17 小时前
如何在vscode中安装git详细新手教程
前端·ide·git·vscode
stewie618 小时前
在IDEA中使用Git
java·git