Tekton应用CI/CD配置
下面的Pipeline配置中使用了镜像标签自动生成、代码构建和镜像推送、应用镜像部署三个任务。也可以根据各自持续集成和交付的需求添加诸如代码质量检查、自动化测试等任务,不断完善持续集成和交付系统。
Java语言配置示例
通过Maven工具构建Java代码。为了提高构建效率,需要为Maven本地仓库配置持久存储,否则会导致每次运行Maven都需要远程下载依赖包。
在Tekton的最佳实践中,鼓励对Task的重用,这样可以减少维护功能重复的Task。下面的镜像标签自动生成与应用镜像部署任务可以在其他Pipeline中重用。
基于Java代码的CI/CD配置示例如下:
# 为Maven本地仓库配置持久存储,容量大小根据Maven本地存储库大小而定
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: maven-repo-local
spec:
accessModes:
- "ReadWriteOnce"
resources:
requests:
storage: "20Gi"
---
# 配置Git仓库地址和分支
apiVersion: tekton.dev/v1alpha1
kind: PipelineResource
metadata:
name: git-resource-helloworld-java-spring
spec:
type: git
params:
- name: url
value: https://github.com/knativebook/helloworld-java-spring.git
- name: revision
value: master
---
# 配置镜像地址(镜像标签不用配置,创建时自动生成)
apiVersion: tekton.dev/v1alpha1
kind: PipelineResource
metadata:
name: image-resource-helloworld-java-spring
spec:
type: image
params:
- name: url
value: docker.io/{username}/helloworld-java-spring
---
# 此Task为镜像自动生成标签(重用Task)
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: generate-image-tag
spec:
resources:
outputs:
- name: builtImage
type: image
results:
- name: timestamp
description: Current timestamp
steps:
- name: get-timestamp
image: bash:latest
script: |
#!/usr/bin/env bash
ts='date "+%Y%m%d-%H%M%S"'
echo "Current Timestamp: ${ts}"
echo "Image URL: $(resources.outputs.builtImage.url):${ts}"
echo $(resources.outputs.builtImage.url):${ts} | tr-d "\n" | tee
$(results.timestamp.path)
volumeMounts:
- name: localtime
mountPath: /etc/localtime
volumes:
- name: localtime
hostPath:
path: /usr/share/zoneinfo/Asia/Shanghai
---
# 此Task创建代码,然后将代码推送到Docker Registry
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: mavn-build-and-push
spec:
params:
- name: imageUrl
type: string
resources:
inputs:
- name: git-source
type: git
steps:
- name: maven-compile
image: maven:3.6.1-jdk-8-alpine-private
workingDir: "$(resources.inputs.git-source.path)"
command: ['/usr/bin/mvn']
args:
- 'clean'
- 'install'
- '-D maven.test.skip=true'
volumeMounts:
- name: maven-repository
mountPath: /root/.m2
- name: build-and-push
image: gcr.io/kaniko-project/executor:debug-v0.24.0
env:
- name: "DOCKER_CONFIG"
value: "/tekton/home/.docker/"
command:
- /kaniko/executor
args:
---dockerfile=$(resources.inputs.git-source.path)/Dockerfile
---destination=$(params.imageUrl)
---context=$(resources.inputs.git-source.path)
---log-timestamp
volumeMounts:
- name: localtime
mountPath: /etc/localtime
volumes:
- name: localtime
hostPath:
path: /usr/share/zoneinfo/Asia/Shanghai
- name: maven-repository
persistentVolumeClaim:
claimName: maven-repo-local
---
# 此Task通过kubectl命令向本地Kubernetes集群部署应用(重用Task)
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: deployment
spec:
params:
- name: imageUrl
type: string
- name: appName
type: string
steps:
- name: create-ksvc
image: bash:latest
command:
- /bin/sh
args:
--c
- |
cat <<EOF > /workspace/knative-ksvc.yaml
apiVersion: serving.knative.dev/v1
kind: Service
metadata:
name: $(params.appName)
namespace: default
labels:
application: $(params.appName)
tier: application
spec:
template:
metadata:
annotations:
autoscaling.knative.dev/class: kpa.autoscaling.knative.dev
autoscaling.knative.dev/metric: concurrency
autoscaling.knative.dev/minScale: "1"
labels:
application: $(params.appName)
tier: application
spec:
containers:
- image: $(params.imageUrl)
imagePullPolicy: IfNotPresent
env:
- name: TARGET
value: "Tekton Sample"
ports:
- containerPort: 80
EOF
- name: run-kubectl
image: lachlanevenson/k8s-kubectl:v1.17.12
command: ['kubectl']
args:
- "apply"
- "-f"
- "/workspace/knative-ksvc.yaml"
---
# 此Pipeline用于串联各Task
apiVersion: tekton.dev/v1beta1
kind: Pipeline
metadata:
name: helloworld-java-spring-pipeline
spec:
resources:
- name: git-source-p
type: git
- name: builtImage-p
type: image
params:
- name: application
type: string
tasks:
- name: generate-image-url
taskRef:
name: generate-image-tag
resources:
outputs:
- name: builtImage
resource: builtImage-p
- name: mavnbuild-and-push
taskRef:
name: mavn-build-and-push
runAfter:
- generate-image-url
resources:
inputs:
- name: git-source
resource: git-source-p
params:
- name: imageUrl
value: "$(tasks.generate-image-url.results.timestamp)"
- name: deployment
taskRef:
name: deployment
runAfter:
- mavnbuild-and-push
params:
- name: appName
value: $(params.application)
- name: imageUrl
value: "$(tasks.generate-image-url.results.timestamp)"
---
# 此PipelineRun为Pipeline传递相应资源参数并触发Pipeline运行
# PipelineRun可以手工创建或通过Dashborad UI创建
apiVersion: tekton.dev/v1beta1
kind: PipelineRun
metadata:
name: helloworld-java-spring-pipeline-run
spec:
pipelineRef:
name: helloworld-java-spring-pipeline
params:
- name: application
value: helloworld-java-spring
resources:
- name: git-source-p
resourceRef:
name: git-resource-helloworld-java-spring
- name: builtImage-p
resourceRef:
name: image-resource-helloworld-java-spring
serviceAccountName: docker-git-sa
timeout: 0h10m0s
