☸️ K8s 生态全景

主题

Tekton — 云原生 CI/CD

什么是 Tekton

Tekton 是 K8s 原生的 CI/CD 框架,每个步骤都是一个容器,Pipeline 是 K8s 资源。

核心概念 

Task(任务):一组 Step(步骤)
Pipeline(流水线):一组 Task
TaskRun(任务运行实例)
PipelineRun(流水线运行实例)

安装

bash
kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/latest/release.yaml
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/latest/release.yaml
kubectl apply -f https://storage.googleapis.com/tekton-releases/dashboard/latest/release.yaml

Task 定义

yaml
apiVersion: tekton.dev/v1
kind: Task
metadata:
  name: build-and-push
spec:
  params:
  - name: image
    type: string
  - name: context
    type: string
    default: "."
  workspaces:
  - name: source
  steps:
  - name: build
    image: gcr.io/kaniko-project/executor:latest
    args:
    - --dockerfile=Dockerfile
    - --context=$(workspaces.source.path)/$(params.context)
    - --destination=$(params.image)
    - --cache=true
    env:
    - name: DOCKER_CONFIG
      value: /kaniko/.docker
    volumeMounts:
    - name: docker-config
      mountPath: /kaniko/.docker
  volumes:
  - name: docker-config
    secret:
      secretName: docker-registry-secret

Pipeline 定义

yaml
apiVersion: tekton.dev/v1
kind: Pipeline
metadata:
  name: ci-pipeline
spec:
  params:
  - name: repo-url
  - name: image-name
  workspaces:
  - name: shared-workspace
  tasks:
  - name: clone
    taskRef:
      name: git-clone
      kind: ClusterTask
    workspaces:
    - name: output
      workspace: shared-workspace
    params:
    - name: url
      value: $(params.repo-url)

  - name: test
    taskRef:
      name: run-tests
    runAfter: [clone]
    workspaces:
    - name: source
      workspace: shared-workspace

  - name: build
    taskRef:
      name: build-and-push
    runAfter: [test]
    workspaces:
    - name: source
      workspace: shared-workspace
    params:
    - name: image
      value: $(params.image-name)

  - name: deploy
    taskRef:
      name: kubectl-deploy
    runAfter: [build]
    params:
    - name: image
      value: $(params.image-name)

Trigger(自动触发)

yaml
# 监听 GitHub Webhook
apiVersion: triggers.tekton.dev/v1beta1
kind: EventListener
metadata:
  name: github-listener
spec:
  triggers:
  - name: github-push
    interceptors:
    - ref:
        name: github
      params:
      - name: secretRef
        value:
          secretName: github-webhook-secret
          secretKey: secret
      - name: eventTypes
        value: [push]
    bindings:
    - ref: github-push-binding
    template:
      ref: ci-pipeline-template

本站内容由 褚成志 整理编写,仅供学习参考

Copyright © 2024-present 褚成志 · All Rights Reserved