tekton构建标准ci(clone repo, test, build & push img)

场景介绍

我们在上一篇文章中构建了一个最简单的ci,接下来我们对我们的github的项目构建一个较标准的ci。

Tekton简介,安装和构建最简单ci/cd-CSDN博客文章浏览阅读239次,点赞2次,收藏2次。本文介绍了tekton是什么,如何安装,以及实践了下task和task runhttps://blog.csdn.net/solinger/article/details/141898338?csdn_share_tail=%7B%22type%22%3A%22blog%22%2C%22rType%22%3A%22article%22%2C%22rId%22%3A%22141898338%22%2C%22source%22%3A%22solinger%22%7D

ci是持续集成,我们只需要考虑部署前的事情:

pipeline:

  • clone repo

  • run test

  • build image

  • push image

有了这个思路,我们就把它们实现。 我们按照最简单ci/cd的步骤先写task, taskrun,然后写pipeline, pipelinerun。

构建ci

task git-clone

bash 复制代码
# task-clone.yaml
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
  name: git-clone
  labels:
    app.kubernetes.io/version: "0.8"
spec:
  workspaces:
    - name: output
      description: The git repo will be cloned into the dir
  params:
    - name: url
      description: Repository URL to clone from.
      type: string
    - name: revision
      description: which commit you would like to get, master or others
      type: string
    - name: base_image
      description: base_image for git & unit testing
      type: string
  steps:
    - name: clone
      image: "$(params.base_image)"
      env:
      - name: WORKSPACE_OUTPUT_PATH
        value: $(workspaces.output.path)
      - name: GIT_REPO_URL
        value: $(params.url)
      - name: GIT_REPO_REVISION
        value: $(params.revision)
      script: |
        #!/usr/bin/env sh
        set -eu
        whoami
        pwd
        cd ${WORKSPACE_OUTPUT_PATH}
        pwd
        rm -rf *
        git clone ${GIT_REPO_URL}
        repo_dir=$(echo $GIT_REPO_URL | rev  | cut -d '/' -f 1 | rev | sed 's/.git//g')
        cd ${repo_dir}
        pwd
        git checkout ${GIT_REPO_REVISION}
        ls -al

pipeline & pipelinerun for git-clone

bash 复制代码
# pipeline.yaml
apiVersion: tekton.dev/v1beta1
kind: Pipeline
metadata:
  name: pipeline
spec:
  workspaces:
    - name: git-repo-pvc
  params:
    - name: git_url
      type: string
    - name: revision
      type: string
      default: main
    - name: git_base_image
      type: string
  tasks:
    - name: clone
      taskRef:
        name: git-clone
      workspaces:
        - name: output
          workspace: git-repo-pvc
      params:
        - name: url
          value: $(params.git_url)
        - name: revision
          value: $(params.revision)
        - name: base_image
          value: $(params.git_base_image)
bash 复制代码
# pipelinerun.yaml
apiVersion: tekton.dev/v1beta1
kind: PipelineRun
metadata:
  name: pipelinerun
spec:
  pipelineRef:
    name: pipeline
  workspaces:
    - name: git-repo-pvc
      persistentVolumeClaim:
        claimName: git-repo-pvc
  params:
    - name: git_url
      value: https://github.com/testcara/tekton_triggers_learning.git
    - name: git_base_image
      value: docker.io/cara/cara-pipeline-base:V1

现在让我们测试执行

bash 复制代码
kubectl apply -f task-clone.yaml
kubectl pipeline.yaml
kubectl pipelinerun.yaml

查看结果

bash 复制代码
kubectl get pods
# 当查看到pipelinerun-clone-pod status 为completed时
# 查看pipelinerun logs
tkn pipelinerun logs pipelinerun

可以看到我的输出表明其是正常完成的

bash 复制代码
carawang@ci %tkn pipelinerun logs pipelinerun
[clone : clone] root
[clone : clone] /
[clone : clone] /workspace/output
[clone : clone] Cloning into 'tekton_triggers_learning'...
[clone : clone] /workspace/output/tekton_triggers_learning
[clone : clone] Already on 'main'
[clone : clone] total 28
[clone : clone] drwxr-xr-x 4 root root 4096 Sep  6 02:40 .
[clone : clone] drwxrwxrwx 3 root root 4096 Sep  6 02:40 ..
[clone : clone] drwxr-xr-x 8 root root 4096 Sep  6 02:40 .git
[clone : clone] -rw-r--r-- 1 root root   67 Sep  6 02:40 Dockerfile
[clone : clone] -rw-r--r-- 1 root root   77 Sep  6 02:40 README.md
[clone : clone] -rw-r--r-- 1 root root  496 Sep  6 02:40 index.html
[clone : clone] drwxr-xr-x 2 root root 4096 Sep  6 02:40 nginx

task test

我们就简单的fake个test

bash 复制代码
# task-test.yaml
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
  name: test
spec:
  workspaces:
    - name: output
      description: The git repo will be cloned into the dir
  params:
    - name: base_image
      description: base_image for git & unit testing
      type: string
  steps:
    - name: test
      image: "$(params.base_image)"
      env:
      - name: WORKSPACE_OUTPUT_PATH
        value: $(workspaces.output.path)
      script: |
        #!/usr/bin/env sh
        set -eu
        whoami
        pwd
        cd ${WORKSPACE_OUTPUT_PATH}
        pwd
        ls -al
        if [ -e tekton_triggers_learning/Dockerfile ]
        then
          echo 'fake test passed'
        else
          exit 1
        fi

pipeline & pipelinerun for test

我们仅列出新编写的代码

bash 复制代码
# pipeline.yaml
apiVersion: tekton.dev/v1beta1
kind: Pipeline
metadata:
  name: pipeline
spec:
  params:
    - name: test_base_image
      type: string
  tasks:
    - name: test
      taskRef:
        name: test
      runAfter:
        - clone
      workspaces:
        - name: output
          workspace: git-repo-pvc
      params:
        - name: base_image
          value: $(params.test_base_image)
bash 复制代码
# pipelinerun.yaml
apiVersion: tekton.dev/v1beta1
kind: PipelineRun
metadata:
  name: pipelinerun
spec:
  params:
    - name: test_base_image
      value: centos:7

我们安装这些yaml,然后观察pod,查看pipelinerun logs.

通过我的log, 可以看到pipelinerun顺利完成。

bash 复制代码
carawang@tekton_trigger_learning %tkn pipelinerun logs pipelinerun
[clone : clone] root
[clone : clone] /
[clone : clone] /workspace/output
[clone : clone] Cloning into 'tekton_triggers_learning'...
[clone : clone] /workspace/output/tekton_triggers_learning
[clone : clone] Already on 'main'
[clone : clone] total 28
[clone : clone] drwxr-xr-x 4 root root 4096 Sep  6 04:10 .
[clone : clone] drwxrwxrwx 3 root root 4096 Sep  6 04:10 ..
[clone : clone] drwxr-xr-x 8 root root 4096 Sep  6 04:10 .git
[clone : clone] -rw-r--r-- 1 root root   67 Sep  6 04:10 Dockerfile
[clone : clone] -rw-r--r-- 1 root root   77 Sep  6 04:10 README.md
[clone : clone] -rw-r--r-- 1 root root  496 Sep  6 04:10 index.html
[clone : clone] drwxr-xr-x 2 root root 4096 Sep  6 04:10 nginx

[test : test] root
[test : test] /
[test : test] /workspace/output
[test : test] total 12
[test : test] drwxrwxrwx 3 root root 4096 Sep  6 04:10 .
[test : test] drwxrwxrwx 3 root root 4096 Sep  6 04:10 ..
[test : test] drwxr-xr-x 4 root root 4096 Sep  6 04:10 tekton_triggers_learning
[test : test] fake test passed

task build

我们仅列出新编写的代码

bash 复制代码
# task-build.yaml
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
  name: build
  labels:
    app.kubernetes.io/version: "0.8"
spec:
  workspaces:
    - name: output
  params:
    - name: base_image
      description: base_image for docker build
      type: string
  steps:
    - name: build
      image: "$(params.base_image)"
      volumeMounts:
        - name: docker-socket
          mountPath: /var/run/docker.sock
      env:
      - name: WORKSPACE_OUTPUT_PATH
        value: $(workspaces.output.path)
      script: |
        #!/usr/bin/env sh
        set -eu
        whoami
        pwd
        cd ${WORKSPACE_OUTPUT_PATH}
        cd tekton_triggers_learning
        pwd
        docker version
        docker build . -t cara/cara-hello-nginx:latest
  volumes:
    - name: docker-socket
      hostPath:
        path: /var/run/docker.sock
        type: Socket

pipeline & pipelinerun for build

我们仅列出新编写的代码

bash 复制代码
# pipeline.yaml
spec:
  params:
    - name: docker_build_base_image
      type: string
  tasks:
    - name: build
      taskRef:
        name: build
      runAfter:
        - test
      workspaces:
        - name: output
          workspace: git-repo-pvc
      params:
        - name: base_image
          value: $(params.docker_build_base_image)
bash 复制代码
# pipelinerun.yaml
apiVersion: tekton.dev/v1beta1
kind: PipelineRun
metadata:
  name: pipelinerun
spec:
  params:
    - name: docker_build_base_image
      value: docker.io/cara/my-dind-docker:latest

我们安装这些yaml,然后观察pod,查看pipelinerun logs.

通过我的pod status, 可以看到pipelinerun顺利完成。logs太长,这里不再列出。

bash 复制代码
carawang@ci %kubectl get pods
NAME                                        READY   STATUS      RESTARTS      AGE
hello-nginx-b786f45d4-7lndt                 1/1     Running     3 (50m ago)   20h
hello-nginx-b786f45d4-cpj2g                 1/1     Running     3 (50m ago)   20h
hello-nginx-b786f45d4-rv7ch                 1/1     Running     3 (50m ago)   20h
pipelinerun-build-pod                       0/1     Completed   0             74s
pipelinerun-clone-pod                       0/1     Completed   0             90s
pipelinerun-test-pod                        0/1     Completed   0             81s
project-ci-cd-pipeline-run-fake-ci-cd-pod   0/1     Completed   0             45h

task push

为了简便,我们之间登陆,而不用credentials secrect的方式。这种方式仅作为自己测试和学习使用。不能用于生产。

bash 复制代码
# task-build.yaml
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
  name: push
  labels:
    app.kubernetes.io/version: "0.8"
spec:
  params:
    - name: base_image
      description: base_image for docker build
      type: string
  steps:
    - name: push
      image: "$(params.base_image)"
      volumeMounts:
        - name: docker-socket
          mountPath: /var/run/docker.sock
      env:
      script: |
        #!/usr/bin/env sh
        set -eu
        echo mypassword |  docker login --username myname --password-stdin
        docker push cara/cara-hello-nginx:latest
  volumes:
    - name: docker-socket
      hostPath:
        path: /var/run/docker.sock
        type: Socket

pipeline & pipelinerun for push

我们仅列出新编写的代码

# pipeline.yaml
apiVersion: tekton.dev/v1beta1
kind: Pipeline
metadata:
  name: pipeline
spec:
  tasks:
    - name: push
      taskRef:
        name: push
      runAfter:
        - build
      params:
        - name: base_image
          value: $(params.docker_build_base_image)

pipeline run没有任何变化,这里不列出。

我们安装这些yaml,然后观察pod,查看pipelinerun logs.

通过我的pod status, 可以看到pipelinerun顺利完成。logs太长,这里不再列出。

bash 复制代码
carawang@ci %kubectl get pods
NAME                                        READY   STATUS      RESTARTS       AGE
hello-nginx-b786f45d4-7lndt                 1/1     Running     3 (120m ago)   21h
hello-nginx-b786f45d4-cpj2g                 1/1     Running     3 (120m ago)   21h
hello-nginx-b786f45d4-rv7ch                 1/1     Running     3 (120m ago)   21h
pipelinerun-build-pod                       0/1     Completed   0              7m32s
pipelinerun-clone-pod                       0/1     Completed   0              7m47s
pipelinerun-push-pod                        0/1     Completed   0              7m25s
pipelinerun-test-pod                        0/1     Completed   0              7m38s
project-ci-cd-pipeline-run-fake-ci-cd-pod   0/1     Completed   0              46h

结语

这里我们的tekton ci已经构建完成。我们将在接下文的文章中,介绍用tekton进行部署和用argocd进行部署。这两种部署都是比较流行的cd的形式。

相关推荐
kaixin_learn_qt_ing10 小时前
Bazel CI
ci/cd
创实信息3 天前
GitHub企业版:AWS CodeCommit迁移的最佳路径与技术优势
git·ci/cd·github·aws·github企业版·aws codecommit
Web项目开发3 天前
GoCD 持续集成和部署工具配置指南(CentOS 7)
linux·ci/cd·centos
魔幻云3 天前
第八章:持续集成管理
ci/cd
编码浪子4 天前
devops和ICCID简介
运维·ci/cd·docker·devops
vvw&4 天前
如何在 Ubuntu 22.04 服务器上安装 Jenkins
linux·运维·服务器·ubuntu·ci/cd·自动化·jenkins
优质&青年4 天前
【故障处理系列--gitlab的CI流水线下载安装包提示报错】
linux·运维·ci/cd·云原生·容器·gitlab
明明跟你说过4 天前
在Rocky Linux中安装【Jenkins】的详细指南
linux·运维·服务器·ci/cd·jenkins·devops
Anna_Tong4 天前
探索 CI/CD 工具的力量
ci/cd·开源·jenkins·开源软件·devops
虹科网络安全5 天前
艾体宝案例丨CircleCI 助力 ANA Systems 打造高效 CI/CD 模型
自动化测试·ci/cd·持续集成·saas平台·circleci