Kaniko cache
steps:
- name: 'gcr.io/kaniko-project/executor:latest'
args:
- --destination=gcr.io/$PROJECT_ID/image
- --cache=true
- --cache-ttl=XXh
Argo CD Notifications Webhook
本质上,发送 webhook要比 发送 gmail 邮件更简单,这里我们沿用之前的trigger
trigger使用argocd上annotation和service绑定,然后再通过configmap和template绑定
trigger <- argocd annotation -> service
trigger <- configmap setting -> template
context
argocdUrl: "https://192.168.194.213:8000"
service.email.gmail
username: xxxxxxxx@gmail.com
password: xxxxxxxx
host: smtp.gmail.com
port: 465
from: xxxxxxxx@gmail.com
service.webhook.mywebhook
url: http://192.168.194.213:30001/deploy
headers:
- name: Content-Type
value: application/json
template.app-sync-succeeded
email:
subject: App Synced New version of an application {{.app.metadata.name}} is up and running.
message: |
Application {{.app.metadata.name}} is now running new version of deployments manifests.
template.my-json-data
webhook:
mywebhook:
method: POST
body: |
{
"name": "helloworld"
}
trigger.on-sync-succeeded
- description: Test
oncePer: app.status.operationState.syncResult.revision
send:
- app-sync-succeeded
- my-json-data
when: app.status.operationState.phase in ['Succeeded'] and app.status.health.status == 'Healthy'
apiVersion: v1
data:
context: 'argocdUrl: "https://192.168.194.213:8000"'
service.email.gmail: |-
username: xxxxxxx@gmail.com
password: xxxxxxx
host: smtp.gmail.com
port: 465
from: xxxxxxx@gmail.com
service.webhook.mywebhook: |-
url: http://192.168.194.213:30001/deploy
headers:
- name: Content-Type
value: application/json
template.app-sync-succeeded: |-
email:
subject: App Synced New version of an application {{.app.metadata.name}} is up and running.
message: |
Application {{.app.metadata.name}} is now running new version of deployments manifests.
template.my-json-data: |-
webhook:
mywebhook:
method: POST
body: |
{
"name": "helloworld"
}
trigger.on-sync-succeeded: |-
- description: Test
oncePer: app.status.operationState.syncResult.revision
send:
- app-sync-succeeded
- my-json-data
when: app.status.operationState.phase in ['Succeeded'] and app.status.health.status == 'Healthy'
kind: ConfigMap
metadata:
annotations:
meta.helm.sh/release-namespace: argocd
creationTimestamp: "2021-08-03T06:44:27Z"
labels:
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: argocd-notifications
app.kubernetes.io/version: 1.1.1
helm.sh/chart: argocd-notifications-1.4.1
name: argocd-notifications-cm
namespace: argocd
本例中的webhook接口是json的
notifications.argoproj.io/subscribe.on-sync-succeeded.mywebhookArgo CD Notifications Gmail
context
argocdUrl: "<https://192.168.194.213:8000>"
service.email.gmail
username: xxxxxxx@gmail.com
password: xxxxxxxxx
host: smtp.gmail.com
port: 465
from: xxxxxxx@gmail.com
template.app-sync-succeeded
email:
subject: App Synced New version of an application {{.app.metadata.name}} is up and running.
message: |
Application {{.app.metadata.name}} is now running new version of deployments manifests.
trigger.on-sync-succeeded
- description: Test
oncePer: app.status.operationState.syncResult.revision
send:
- app-sync-succeeded
when: app.status.operationState.phase in ['Succeeded'] and app.status.health.status == 'Healthy'
apiVersion: v1
data:
context: 'argocdUrl: "https://192.168.194.213:8000"'
service.email.gmail: |-
username: xxxxxxx@gmail.com
password: xxxxxxx
host: smtp.gmail.com
port: 465
from: xxxxxxx@gmail.com
template.app-sync-succeeded: |-
email:
subject: App Synced New version of an application {{.app.metadata.name}} is up and running.
message: |
Application {{.app.metadata.name}} is now running new version of deployments manifests.
trigger.on-sync-succeeded: |-
- description: Test
oncePer: app.status.operationState.syncResult.revision
send:
- app-sync-succeeded
when: app.status.operationState.phase in ['Succeeded'] and app.status.health.status == 'Healthy'
kind: ConfigMap
metadata:
annotations:
meta.helm.sh/release-namespace: argocd
labels:
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: argocd-notifications
app.kubernetes.io/version: 1.1.1
helm.sh/chart: argocd-notifications-1.4.1
name: argocd-notifications-cm
namespace: argocd
Argo CD Notifications install
参考
https://argocd-notifications.readthedocs.io/en/latest/
使用helm3
创建 values.yaml文件
argocdUrl: https://argocd.example.com
notifiers:
service.email.gmail: |
username: $email-username
password: $email-password
host: smtp.gmail.com
port: 465
from: $email-username
secret:
items:
email-username: <your-username>
email-password: <your-password>
templates:
template.app-deployed: |
email:
subject: New version of an application {{.app.metadata.name}} is up and running.
message: |
{{if eq .serviceType "slack"}}:white_check_mark:{{end}} Application {{.app.metadata.name}} is now running new version of deployments manifests.
triggers:
trigger.on-deployed: |
- description: Application is synced and healthy. Triggered once per commit.
oncePer: app.status.operationState.syncResult.revision
send:
- app-deployed
when: app.status.operationState.phase in ['Succeeded'] and app.status.health.status == 'Healthy'安装
helm repo add argo https://argoproj.github.io/argo-helm
helm install argo/argocd-notifications --generate-name -n argocd -f values.yaml安装结束后会得到
这里可以查看pod的 log 方便 debug
主要配置文件在
Buildkit daemonless.sh
除了kaniko, buildkit 的 daemonless 模式也可以用来在没有 守护进程的情况下来构建镜像
直接上 workflow template 例子
先配置 github权限
apiVersion: v1
data:
password: xxxxxxxxx (base64)
username: xxxxxxxxx (base64)
kind: Secret
metadata:
name: github-creds
namespace: default
type: Opaque再配置dockerhub权限
export DOCKER_USERNAME=******
export DOCKER_TOKEN=******
kubectl create secret generic docker-config --from-literal="config.json={\"auths\": {\"https://index.docker.io/v1/\": {\"auth\": \"$(echo -n $DOCKER_USERNAME:$DOCKER_TOKEN|base64)\"}}}" -n argoworkflow template
# Build and push an image using Docker Buildkit. This does not need privileged access, unlike Docker in Docker (DIND).
#
# Publishing images requires an access token. For hub.docker.com you can create one at https://hub.docker.com/settings/security
# This needs to be mounted as `$DOCKER_CONFIG/config.json`. To do this, you'll need to create a secret as follows:
#
# export DOCKER_USERNAME=******
# export DOCKER_TOKEN=******
# kubectl create secret generic docker-config --from-literal="config.json={\"auths\": {\"https://index.docker.io/v1/\": {\"auth\": \"$(echo -n $DOCKER_USERNAME:$DOCKER_TOKEN|base64)\"}}}"
#
# Read more:
#
# * https://github.com/moby/buildkit#expose-buildkit-as-a-tcp-service
# * https://blog.alexellis.io/building-containers-without-docker/
# * https://hub.docker.com/r/moby/buildkit
apiVersion: argoproj.io/v1alpha1
kind: WorkflowTemplate
metadata:
name: buildkit
namespace: argo
annotations:
workflows.argoproj.io/description: |
Build and push an image using Docker Buildkit. This does not need privileged access, unlike Docker in Docker (DIND).
workflows.argoproj.io/maintainer: '@alexec'
workflows.argoproj.io/tags: buildkit
workflows.argoproj.io/version: '>= 2.9.0'
spec:
templates:
- name: clean
container:
name: ''
image: k8s.gcr.io/busybox
imagePullPolicy: IfNotPresent
command:
- /bin/sh
args:
- '-c'
- 'rm -rf /work/*'
workingDir: /work
volumeMounts:
- name: work
mountPath: /work
- name: clone
inputs:
parameters:
- name: repo
- name: branch
artifacts:
- name: argo-source
path: /src
git:
repo: '{{inputs.parameters.repo}}'
revision: '{{inputs.parameters.branch}}'
usernameSecret:
name: github-creds
key: username
passwordSecret:
name: github-creds
key: password
container:
image: k8s.gcr.io/busybox
command:
- /bin/sh
args:
- '-c'
- cp -rf /src/. /work/ && ls /work
workingDir: /src
volumeMounts:
- name: work
mountPath: /work
- name: image
inputs:
parameters:
- name: image
# Mount the configuration so we can push the image.
# This should create the /.docker/config.json file.
volumes:
- name: docker-config
secret:
secretName: docker-config
container:
image: moby/buildkit:v0.7.2
volumeMounts:
- name: work
mountPath: /work
- name: docker-config
mountPath: /.docker
workingDir: /work
env:
# - name: BUILDKITD_FLAGS
# value: --oci-worker-no-process-sandbox
- name: DOCKER_CONFIG
value: /.docker
command:
- buildctl-daemonless.sh
securityContext:
privileged: true
args:
# - --addr
# - kube-pod://buildkitd
- build
- --frontend
- dockerfile.v0
- --local
- context=.
- --local
- dockerfile=.
- --output
- type=image,name=docker.io/{{inputs.parameters.image}},push=true
# command: ["buildctl-daemonless.sh", "--debug",
# "--addr",
# "kube-pod://buildkitd",
# "build",
# "--progress=plain",
# "--frontend=dockerfile.v0",
# "--local", "context=.", "--local", "dockerfile=.",
# "--output", "type=image,name=docker.io/{{inputs.parameters.image}},push=true"]
# buildctl --addr kube-pod://buildkitd build --frontend dockerfile.v0 --local context=. --local dockerfile=. --output - type=image,name=docker.io/{{inputs.parameters.image}},push=false
Tekton cleaner
核心命令行是
kubectl get pipelinerun -o jsonpath='{range .items[?(@.status.completionTime)]}{.status.completionTime}{" "}{.metadata.name}{"\n"}{end}' -n lizhe使用cronjob
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: cleaner
namespace: lizhe
---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: cleaner
namespace: lizhe
rules:
- apiGroups: ["tekton.dev"]
resources: ["pipelineruns"]
verbs: ["delete", "get", "watch", "list"]
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: cleaner-to-cleaner
namespace: lizhe
roleRef:
kind: Role
name: cleaner
apiGroup: rbac.authorization.k8s.io
subjects:
- kind: ServiceAccount
name: cleaner
---
apiVersion: batch/v1beta1
kind: CronJob
metadata:
name: cleanup-pipelineruns
namespace: lizhe
spec:
successfulJobsHistoryLimit: 5
failedJobsHistoryLimit: 5
schedule: "*/30 * * * *"
concurrencyPolicy: Forbid
jobTemplate:
spec:
template:
spec:
restartPolicy: OnFailure
serviceAccount: cleaner
containers:
- name: kubectl
image: libaibai/kubectl
env:
- name: NUM_TO_KEEP
value: "3"
command:
- /bin/bash
- -c
- |
TO_DELETE="$(kubectl get pipelinerun -o jsonpath='{range .items[?(@.status.completionTime)]}{.status.completionTime}{" "}{.metadata.name}{"\n"}{end}' -n lizhe | sort | head -n -${NUM_TO_KEEP} | awk '{ print $2}')"
test -n "$TO_DELETE" && kubectl delete pipelinerun ${TO_DELETE} || true
此脚本会
- 每30分钟运行一次
- 只清理已经完成的 (失败或者成功)的pod
- 保留历史记录3个
- job 本身保留历史记录5个
以上参数都是可以配置的
使用的镜像没有特殊要求,只要能提供 kubectl 就可以了,因为使用的是 RBAC 所以也不需要额外的 config
可以使用下面的镜像构建
FROM ubuntu
RUN apt update -y && apt install -y curl
WORKDIR /
RUN curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
RUN chmod 777 /kubectl
RUN cp /kubectl /usr/local/binTekton CICD demo 5
参考
https://github.com/tektoncd/triggers/tree/main/examples
https://www.arthurkoziel.com/tutorial-tekton-triggers-with-github-integration/
本例中将设置一个trigger,用来从 github 触发构建
首先创建 rbac, 这里官网的 rbac我没有跑通,所以偷个懒直接给了 cluster 级别的 admin 权限
apiVersion: v1
kind: ServiceAccount
metadata:
name: tekton-triggers-lizhe-sa
namespace: lizhe
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: tekton-triggers-lizhe-sa-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: tekton-triggers-lizhe-sa
namespace: lizhe
官方文档里给出需要一个 github 的 secret token,不过实际上我没有用上,因为我是 secret + service account 绑定的,不过还是列在这里仅供参考
==================参考项目开始======================
apiVersion: v1
kind: Secret
metadata:
name: github-secret
type: Opaque
stringData:
secretToken: "123456"
在 your profile 中,找到 developer settings
==================参考项目结束======================
创建binding ,实际上binding 并不是用来绑定什么,而更像是用来传递参数的
不过这里我没用参数,所以都注释掉了,之所以留下helloworld 是因为如果一个参数都不写的话,dashboard会报错
apiVersion: triggers.tekton.dev/v1alpha1
kind: TriggerBinding
metadata:
name: github-pr-binding
namespace: lizhe
spec:
params:
- name: hello
- value: world
# - name: gitrepositoryurl
# value: https://github.com/zl86790/tektongolang.git
# - name: gitrevision
# value: master创建 trigger template
apiVersion: triggers.tekton.dev/v1beta1
kind: TriggerTemplate
metadata:
name: pipeline-template
namespace: lizhe
spec:
params:
- name: hello
description: useless param
default: world
# - name: gitrevision
# description: The git revision
# default: master
# - name: gitrepositoryurl
# description: The git repository url
resourcetemplates:
- apiVersion: tekton.dev/v1beta1
kind: PipelineRun
metadata:
generateName: pipeline-demo-run-
namespace: lizhe
spec:
serviceAccountName: build-bot-sa
pipelineRef:
name: pipeline-demo
resources:
- name: source-repo
resourceRef:
name: tektongolang-git
- name: tektongolang-image
resourceRef:
name: tektongolang-image
- name: dep-repo
resourceRef:
name: tektongolang-dep-git
workspaces:
- name: build-workspace # this workspace name must be declared in the Pipeline
volumeClaimTemplate:
spec:
storageClassName: "local-path"
accessModes:
- ReadWriteOnce # access mode may affect how you can use this volume in parallel tasks
resources:
requests:
storage: 1Gi这里如果你不像上面那样使用 resourceRef,就可以通过参数来构建 git repo, tt 指的是 trigger template,是内置的
spec:
pipelineRef:
name: github-pr-pipeline
resources:
- name: source
resourceSpec:
type: git
params:
- name: revision
value: $(tt.params.gitrevision)
- name: url
value: $(tt.params.gitrepositoryurl)最后通过 eventlistener 把 trigger template 和 triggerbinding 绑定在一起
apiVersion: triggers.tekton.dev/v1alpha1
kind: EventListener
metadata:
name: github-pr
namespace: lizhe
spec:
serviceAccountName: tekton-triggers-lizhe-sa
triggers:
- name: github-listener
interceptors:
# - ref:
# name: "github"
# params:
# - name: "secretRef"
# value:
# secretName: github-secret
# secretKey: secretToken
# - name: "eventTypes"
# value: ["pull_request"]
- ref:
name: "cel"
params:
- name: "filter"
value: "body.action in ['opened', 'synchronize', 'reopened','closed']"
bindings:
- ref: github-pr-binding
template:
ref: pipeline-template这里的 interceptor 用来过滤 webhook 的request,例如这里写到 body.action 有4种,那么我们使用的request为
{
"action": "closed",
"number": 1,
"pull_request": {
"url": "https://api.github.com/repos/zl86790/tektongolang/pulls/1",
"id": 700932179,
"node_id": "MDExOlB1bGxSZXF1ZXN0NzAwOTMyMTc5",
"html_url": "https://github.com/zl86790/tektongolang/pull/1",
"diff_url": "https://github.com/zl86790/tektongolang/pull/1.diff",
"patch_url": "https://github.com/zl86790/tektongolang/pull/1.patch",
"issue_url": "https://api.github.com/repos/zl86790/tektongolang/issues/1",
"number": 1,
"state": "closed",
"locked": false,
"title": "Update helloworld.txt",
"user": {
"login": "zl86790",
"id": 18146284,
"node_id": "MDQ6VXNlcjE4MTQ2Mjg0",
"avatar_url": "https://avatars.githubusercontent.com/u/18146284?v=4",
"gravatar_id": "",
"url": "https://api.github.com/users/zl86790",
"html_url": "https://github.com/zl86790",
"followers_url": "https://api.github.com/users/zl86790/followers",
"following_url": "https://api.github.com/users/zl86790/following{/other_user}",
"gists_url": "https://api.github.com/users/zl86790/gists{/gist_id}",
"starred_url": "https://api.github.com/users/zl86790/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/zl86790/subscriptions",
"organizations_url": "https://api.github.com/users/zl86790/orgs",
"repos_url": "https://api.github.com/users/zl86790/repos",
"events_url": "https://api.github.com/users/zl86790/events{/privacy}",
"received_events_url": "https://api.github.com/users/zl86790/received_events",
"type": "User",
"site_admin": false
},
"body": "",
"created_at": "2021-08-01T15:34:25Z",
"updated_at": "2021-08-01T15:34:33Z",
"closed_at": "2021-08-01T15:34:33Z",
"merged_at": "2021-08-01T15:34:33Z",
"merge_commit_sha": "b91a315e0f44b30898c0072021984fd9fd0479a5",
"assignee": null,
"assignees": [
],
"requested_reviewers": [
],
"requested_teams": [
],
"labels": [
],
"milestone": null,
"draft": false,
"commits_url": "https://api.github.com/repos/zl86790/tektongolang/pulls/1/commits",
"review_comments_url": "https://api.github.com/repos/zl86790/tektongolang/pulls/1/comments",
"review_comment_url": "https://api.github.com/repos/zl86790/tektongolang/pulls/comments{/number}",
"comments_url": "https://api.github.com/repos/zl86790/tektongolang/issues/1/comments",
"statuses_url": "https://api.github.com/repos/zl86790/tektongolang/statuses/7c0ede4fbdb7859c375f49002534b95af18dac18",
"head": {
"label": "zl86790:feature-1",
"ref": "feature-1",
"sha": "7c0ede4fbdb7859c375f49002534b95af18dac18",
"user": {
"login": "zl86790",
"id": 18146284,
"node_id": "MDQ6VXNlcjE4MTQ2Mjg0",
"avatar_url": "https://avatars.githubusercontent.com/u/18146284?v=4",
"gravatar_id": "",
"url": "https://api.github.com/users/zl86790",
"html_url": "https://github.com/zl86790",
"followers_url": "https://api.github.com/users/zl86790/followers",
"following_url": "https://api.github.com/users/zl86790/following{/other_user}",
"gists_url": "https://api.github.com/users/zl86790/gists{/gist_id}",
"starred_url": "https://api.github.com/users/zl86790/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/zl86790/subscriptions",
"organizations_url": "https://api.github.com/users/zl86790/orgs",
"repos_url": "https://api.github.com/users/zl86790/repos",
"events_url": "https://api.github.com/users/zl86790/events{/privacy}",
"received_events_url": "https://api.github.com/users/zl86790/received_events",
"type": "User",
"site_admin": false
},
"repo": {
"id": 390909760,
"node_id": "MDEwOlJlcG9zaXRvcnkzOTA5MDk3NjA=",
"name": "tektongolang",
"full_name": "zl86790/tektongolang",
"private": true,
"owner": {
"login": "zl86790",
"id": 18146284,
"node_id": "MDQ6VXNlcjE4MTQ2Mjg0",
"avatar_url": "https://avatars.githubusercontent.com/u/18146284?v=4",
"gravatar_id": "",
"url": "https://api.github.com/users/zl86790",
"html_url": "https://github.com/zl86790",
"followers_url": "https://api.github.com/users/zl86790/followers",
"following_url": "https://api.github.com/users/zl86790/following{/other_user}",
"gists_url": "https://api.github.com/users/zl86790/gists{/gist_id}",
"starred_url": "https://api.github.com/users/zl86790/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/zl86790/subscriptions",
"organizations_url": "https://api.github.com/users/zl86790/orgs",
"repos_url": "https://api.github.com/users/zl86790/repos",
"events_url": "https://api.github.com/users/zl86790/events{/privacy}",
"received_events_url": "https://api.github.com/users/zl86790/received_events",
"type": "User",
"site_admin": false
},
"html_url": "https://github.com/zl86790/tektongolang",
"description": null,
"fork": false,
"url": "https://api.github.com/repos/zl86790/tektongolang",
"forks_url": "https://api.github.com/repos/zl86790/tektongolang/forks",
"keys_url": "https://api.github.com/repos/zl86790/tektongolang/keys{/key_id}",
"collaborators_url": "https://api.github.com/repos/zl86790/tektongolang/collaborators{/collaborator}",
"teams_url": "https://api.github.com/repos/zl86790/tektongolang/teams",
"hooks_url": "https://api.github.com/repos/zl86790/tektongolang/hooks",
"issue_events_url": "https://api.github.com/repos/zl86790/tektongolang/issues/events{/number}",
"events_url": "https://api.github.com/repos/zl86790/tektongolang/events",
"assignees_url": "https://api.github.com/repos/zl86790/tektongolang/assignees{/user}",
"branches_url": "https://api.github.com/repos/zl86790/tektongolang/branches{/branch}",
"tags_url": "https://api.github.com/repos/zl86790/tektongolang/tags",
"blobs_url": "https://api.github.com/repos/zl86790/tektongolang/git/blobs{/sha}",
"git_tags_url": "https://api.github.com/repos/zl86790/tektongolang/git/tags{/sha}",
"git_refs_url": "https://api.github.com/repos/zl86790/tektongolang/git/refs{/sha}",
"trees_url": "https://api.github.com/repos/zl86790/tektongolang/git/trees{/sha}",
"statuses_url": "https://api.github.com/repos/zl86790/tektongolang/statuses/{sha}",
"languages_url": "https://api.github.com/repos/zl86790/tektongolang/languages",
"stargazers_url": "https://api.github.com/repos/zl86790/tektongolang/stargazers",
"contributors_url": "https://api.github.com/repos/zl86790/tektongolang/contributors",
"subscribers_url": "https://api.github.com/repos/zl86790/tektongolang/subscribers",
"subscription_url": "https://api.github.com/repos/zl86790/tektongolang/subscription",
"commits_url": "https://api.github.com/repos/zl86790/tektongolang/commits{/sha}",
"git_commits_url": "https://api.github.com/repos/zl86790/tektongolang/git/commits{/sha}",
"comments_url": "https://api.github.com/repos/zl86790/tektongolang/comments{/number}",
"issue_comment_url": "https://api.github.com/repos/zl86790/tektongolang/issues/comments{/number}",
"contents_url": "https://api.github.com/repos/zl86790/tektongolang/contents/{+path}",
"compare_url": "https://api.github.com/repos/zl86790/tektongolang/compare/{base}...{head}",
"merges_url": "https://api.github.com/repos/zl86790/tektongolang/merges",
"archive_url": "https://api.github.com/repos/zl86790/tektongolang/{archive_format}{/ref}",
"downloads_url": "https://api.github.com/repos/zl86790/tektongolang/downloads",
"issues_url": "https://api.github.com/repos/zl86790/tektongolang/issues{/number}",
"pulls_url": "https://api.github.com/repos/zl86790/tektongolang/pulls{/number}",
"milestones_url": "https://api.github.com/repos/zl86790/tektongolang/milestones{/number}",
"notifications_url": "https://api.github.com/repos/zl86790/tektongolang/notifications{?since,all,participating}",
"labels_url": "https://api.github.com/repos/zl86790/tektongolang/labels{/name}",
"releases_url": "https://api.github.com/repos/zl86790/tektongolang/releases{/id}",
"deployments_url": "https://api.github.com/repos/zl86790/tektongolang/deployments",
"created_at": "2021-07-30T02:53:21Z",
"updated_at": "2021-08-01T07:00:27Z",
"pushed_at": "2021-08-01T15:34:33Z",
"git_url": "git://github.com/zl86790/tektongolang.git",
"ssh_url": "git@github.com:zl86790/tektongolang.git",
"clone_url": "https://github.com/zl86790/tektongolang.git",
"svn_url": "https://github.com/zl86790/tektongolang",
"homepage": null,
"size": 1,
"stargazers_count": 0,
"watchers_count": 0,
"language": "Go",
"has_issues": true,
"has_projects": true,
"has_downloads": true,
"has_wiki": true,
"has_pages": false,
"forks_count": 0,
"mirror_url": null,
"archived": false,
"disabled": false,
"open_issues_count": 0,
"license": null,
"forks": 0,
"open_issues": 0,
"watchers": 0,
"default_branch": "master",
"allow_squash_merge": true,
"allow_merge_commit": true,
"allow_rebase_merge": true,
"delete_branch_on_merge": false
}
},
"base": {
"label": "zl86790:master",
"ref": "master",
"sha": "9b95a9b2f4cd791717af1f19a4c3bf9825c2a601",
"user": {
"login": "zl86790",
"id": 18146284,
"node_id": "MDQ6VXNlcjE4MTQ2Mjg0",
"avatar_url": "https://avatars.githubusercontent.com/u/18146284?v=4",
"gravatar_id": "",
"url": "https://api.github.com/users/zl86790",
"html_url": "https://github.com/zl86790",
"followers_url": "https://api.github.com/users/zl86790/followers",
"following_url": "https://api.github.com/users/zl86790/following{/other_user}",
"gists_url": "https://api.github.com/users/zl86790/gists{/gist_id}",
"starred_url": "https://api.github.com/users/zl86790/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/zl86790/subscriptions",
"organizations_url": "https://api.github.com/users/zl86790/orgs",
"repos_url": "https://api.github.com/users/zl86790/repos",
"events_url": "https://api.github.com/users/zl86790/events{/privacy}",
"received_events_url": "https://api.github.com/users/zl86790/received_events",
"type": "User",
"site_admin": false
},
"repo": {
"id": 390909760,
"node_id": "MDEwOlJlcG9zaXRvcnkzOTA5MDk3NjA=",
"name": "tektongolang",
"full_name": "zl86790/tektongolang",
"private": true,
"owner": {
"login": "zl86790",
"id": 18146284,
"node_id": "MDQ6VXNlcjE4MTQ2Mjg0",
"avatar_url": "https://avatars.githubusercontent.com/u/18146284?v=4",
"gravatar_id": "",
"url": "https://api.github.com/users/zl86790",
"html_url": "https://github.com/zl86790",
"followers_url": "https://api.github.com/users/zl86790/followers",
"following_url": "https://api.github.com/users/zl86790/following{/other_user}",
"gists_url": "https://api.github.com/users/zl86790/gists{/gist_id}",
"starred_url": "https://api.github.com/users/zl86790/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/zl86790/subscriptions",
"organizations_url": "https://api.github.com/users/zl86790/orgs",
"repos_url": "https://api.github.com/users/zl86790/repos",
"events_url": "https://api.github.com/users/zl86790/events{/privacy}",
"received_events_url": "https://api.github.com/users/zl86790/received_events",
"type": "User",
"site_admin": false
},
"html_url": "https://github.com/zl86790/tektongolang",
"description": null,
"fork": false,
"url": "https://api.github.com/repos/zl86790/tektongolang",
"forks_url": "https://api.github.com/repos/zl86790/tektongolang/forks",
"keys_url": "https://api.github.com/repos/zl86790/tektongolang/keys{/key_id}",
"collaborators_url": "https://api.github.com/repos/zl86790/tektongolang/collaborators{/collaborator}",
"teams_url": "https://api.github.com/repos/zl86790/tektongolang/teams",
"hooks_url": "https://api.github.com/repos/zl86790/tektongolang/hooks",
"issue_events_url": "https://api.github.com/repos/zl86790/tektongolang/issues/events{/number}",
"events_url": "https://api.github.com/repos/zl86790/tektongolang/events",
"assignees_url": "https://api.github.com/repos/zl86790/tektongolang/assignees{/user}",
"branches_url": "https://api.github.com/repos/zl86790/tektongolang/branches{/branch}",
"tags_url": "https://api.github.com/repos/zl86790/tektongolang/tags",
"blobs_url": "https://api.github.com/repos/zl86790/tektongolang/git/blobs{/sha}",
"git_tags_url": "https://api.github.com/repos/zl86790/tektongolang/git/tags{/sha}",
"git_refs_url": "https://api.github.com/repos/zl86790/tektongolang/git/refs{/sha}",
"trees_url": "https://api.github.com/repos/zl86790/tektongolang/git/trees{/sha}",
"statuses_url": "https://api.github.com/repos/zl86790/tektongolang/statuses/{sha}",
"languages_url": "https://api.github.com/repos/zl86790/tektongolang/languages",
"stargazers_url": "https://api.github.com/repos/zl86790/tektongolang/stargazers",
"contributors_url": "https://api.github.com/repos/zl86790/tektongolang/contributors",
"subscribers_url": "https://api.github.com/repos/zl86790/tektongolang/subscribers",
"subscription_url": "https://api.github.com/repos/zl86790/tektongolang/subscription",
"commits_url": "https://api.github.com/repos/zl86790/tektongolang/commits{/sha}",
"git_commits_url": "https://api.github.com/repos/zl86790/tektongolang/git/commits{/sha}",
"comments_url": "https://api.github.com/repos/zl86790/tektongolang/comments{/number}",
"issue_comment_url": "https://api.github.com/repos/zl86790/tektongolang/issues/comments{/number}",
"contents_url": "https://api.github.com/repos/zl86790/tektongolang/contents/{+path}",
"compare_url": "https://api.github.com/repos/zl86790/tektongolang/compare/{base}...{head}",
"merges_url": "https://api.github.com/repos/zl86790/tektongolang/merges",
"archive_url": "https://api.github.com/repos/zl86790/tektongolang/{archive_format}{/ref}",
"downloads_url": "https://api.github.com/repos/zl86790/tektongolang/downloads",
"issues_url": "https://api.github.com/repos/zl86790/tektongolang/issues{/number}",
"pulls_url": "https://api.github.com/repos/zl86790/tektongolang/pulls{/number}",
"milestones_url": "https://api.github.com/repos/zl86790/tektongolang/milestones{/number}",
"notifications_url": "https://api.github.com/repos/zl86790/tektongolang/notifications{?since,all,participating}",
"labels_url": "https://api.github.com/repos/zl86790/tektongolang/labels{/name}",
"releases_url": "https://api.github.com/repos/zl86790/tektongolang/releases{/id}",
"deployments_url": "https://api.github.com/repos/zl86790/tektongolang/deployments",
"created_at": "2021-07-30T02:53:21Z",
"updated_at": "2021-08-01T07:00:27Z",
"pushed_at": "2021-08-01T15:34:33Z",
"git_url": "git://github.com/zl86790/tektongolang.git",
"ssh_url": "git@github.com:zl86790/tektongolang.git",
"clone_url": "https://github.com/zl86790/tektongolang.git",
"svn_url": "https://github.com/zl86790/tektongolang",
"homepage": null,
"size": 1,
"stargazers_count": 0,
"watchers_count": 0,
"language": "Go",
"has_issues": true,
"has_projects": true,
"has_downloads": true,
"has_wiki": true,
"has_pages": false,
"forks_count": 0,
"mirror_url": null,
"archived": false,
"disabled": false,
"open_issues_count": 0,
"license": null,
"forks": 0,
"open_issues": 0,
"watchers": 0,
"default_branch": "master",
"allow_squash_merge": true,
"allow_merge_commit": true,
"allow_rebase_merge": true,
"delete_branch_on_merge": false
}
},
"_links": {
"self": {
"href": "https://api.github.com/repos/zl86790/tektongolang/pulls/1"
},
"html": {
"href": "https://github.com/zl86790/tektongolang/pull/1"
},
"issue": {
"href": "https://api.github.com/repos/zl86790/tektongolang/issues/1"
},
"comments": {
"href": "https://api.github.com/repos/zl86790/tektongolang/issues/1/comments"
},
"review_comments": {
"href": "https://api.github.com/repos/zl86790/tektongolang/pulls/1/comments"
},
"review_comment": {
"href": "https://api.github.com/repos/zl86790/tektongolang/pulls/comments{/number}"
},
"commits": {
"href": "https://api.github.com/repos/zl86790/tektongolang/pulls/1/commits"
},
"statuses": {
"href": "https://api.github.com/repos/zl86790/tektongolang/statuses/7c0ede4fbdb7859c375f49002534b95af18dac18"
}
},
"author_association": "OWNER",
"auto_merge": null,
"active_lock_reason": null,
"merged": true,
"mergeable": null,
"rebaseable": null,
"mergeable_state": "unknown",
"merged_by": {
"login": "zl86790",
"id": 18146284,
"node_id": "MDQ6VXNlcjE4MTQ2Mjg0",
"avatar_url": "https://avatars.githubusercontent.com/u/18146284?v=4",
"gravatar_id": "",
"url": "https://api.github.com/users/zl86790",
"html_url": "https://github.com/zl86790",
"followers_url": "https://api.github.com/users/zl86790/followers",
"following_url": "https://api.github.com/users/zl86790/following{/other_user}",
"gists_url": "https://api.github.com/users/zl86790/gists{/gist_id}",
"starred_url": "https://api.github.com/users/zl86790/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/zl86790/subscriptions",
"organizations_url": "https://api.github.com/users/zl86790/orgs",
"repos_url": "https://api.github.com/users/zl86790/repos",
"events_url": "https://api.github.com/users/zl86790/events{/privacy}",
"received_events_url": "https://api.github.com/users/zl86790/received_events",
"type": "User",
"site_admin": false
},
"comments": 0,
"review_comments": 0,
"maintainer_can_modify": false,
"commits": 1,
"additions": 1,
"deletions": 1,
"changed_files": 1
},
"repository": {
"id": 390909760,
"node_id": "MDEwOlJlcG9zaXRvcnkzOTA5MDk3NjA=",
"name": "tektongolang",
"full_name": "zl86790/tektongolang",
"private": true,
"owner": {
"login": "zl86790",
"id": 18146284,
"node_id": "MDQ6VXNlcjE4MTQ2Mjg0",
"avatar_url": "https://avatars.githubusercontent.com/u/18146284?v=4",
"gravatar_id": "",
"url": "https://api.github.com/users/zl86790",
"html_url": "https://github.com/zl86790",
"followers_url": "https://api.github.com/users/zl86790/followers",
"following_url": "https://api.github.com/users/zl86790/following{/other_user}",
"gists_url": "https://api.github.com/users/zl86790/gists{/gist_id}",
"starred_url": "https://api.github.com/users/zl86790/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/zl86790/subscriptions",
"organizations_url": "https://api.github.com/users/zl86790/orgs",
"repos_url": "https://api.github.com/users/zl86790/repos",
"events_url": "https://api.github.com/users/zl86790/events{/privacy}",
"received_events_url": "https://api.github.com/users/zl86790/received_events",
"type": "User",
"site_admin": false
},
"html_url": "https://github.com/zl86790/tektongolang",
"description": null,
"fork": false,
"url": "https://api.github.com/repos/zl86790/tektongolang",
"forks_url": "https://api.github.com/repos/zl86790/tektongolang/forks",
"keys_url": "https://api.github.com/repos/zl86790/tektongolang/keys{/key_id}",
"collaborators_url": "https://api.github.com/repos/zl86790/tektongolang/collaborators{/collaborator}",
"teams_url": "https://api.github.com/repos/zl86790/tektongolang/teams",
"hooks_url": "https://api.github.com/repos/zl86790/tektongolang/hooks",
"issue_events_url": "https://api.github.com/repos/zl86790/tektongolang/issues/events{/number}",
"events_url": "https://api.github.com/repos/zl86790/tektongolang/events",
"assignees_url": "https://api.github.com/repos/zl86790/tektongolang/assignees{/user}",
"branches_url": "https://api.github.com/repos/zl86790/tektongolang/branches{/branch}",
"tags_url": "https://api.github.com/repos/zl86790/tektongolang/tags",
"blobs_url": "https://api.github.com/repos/zl86790/tektongolang/git/blobs{/sha}",
"git_tags_url": "https://api.github.com/repos/zl86790/tektongolang/git/tags{/sha}",
"git_refs_url": "https://api.github.com/repos/zl86790/tektongolang/git/refs{/sha}",
"trees_url": "https://api.github.com/repos/zl86790/tektongolang/git/trees{/sha}",
"statuses_url": "https://api.github.com/repos/zl86790/tektongolang/statuses/{sha}",
"languages_url": "https://api.github.com/repos/zl86790/tektongolang/languages",
"stargazers_url": "https://api.github.com/repos/zl86790/tektongolang/stargazers",
"contributors_url": "https://api.github.com/repos/zl86790/tektongolang/contributors",
"subscribers_url": "https://api.github.com/repos/zl86790/tektongolang/subscribers",
"subscription_url": "https://api.github.com/repos/zl86790/tektongolang/subscription",
"commits_url": "https://api.github.com/repos/zl86790/tektongolang/commits{/sha}",
"git_commits_url": "https://api.github.com/repos/zl86790/tektongolang/git/commits{/sha}",
"comments_url": "https://api.github.com/repos/zl86790/tektongolang/comments{/number}",
"issue_comment_url": "https://api.github.com/repos/zl86790/tektongolang/issues/comments{/number}",
"contents_url": "https://api.github.com/repos/zl86790/tektongolang/contents/{+path}",
"compare_url": "https://api.github.com/repos/zl86790/tektongolang/compare/{base}...{head}",
"merges_url": "https://api.github.com/repos/zl86790/tektongolang/merges",
"archive_url": "https://api.github.com/repos/zl86790/tektongolang/{archive_format}{/ref}",
"downloads_url": "https://api.github.com/repos/zl86790/tektongolang/downloads",
"issues_url": "https://api.github.com/repos/zl86790/tektongolang/issues{/number}",
"pulls_url": "https://api.github.com/repos/zl86790/tektongolang/pulls{/number}",
"milestones_url": "https://api.github.com/repos/zl86790/tektongolang/milestones{/number}",
"notifications_url": "https://api.github.com/repos/zl86790/tektongolang/notifications{?since,all,participating}",
"labels_url": "https://api.github.com/repos/zl86790/tektongolang/labels{/name}",
"releases_url": "https://api.github.com/repos/zl86790/tektongolang/releases{/id}",
"deployments_url": "https://api.github.com/repos/zl86790/tektongolang/deployments",
"created_at": "2021-07-30T02:53:21Z",
"updated_at": "2021-08-01T07:00:27Z",
"pushed_at": "2021-08-01T15:34:33Z",
"git_url": "git://github.com/zl86790/tektongolang.git",
"ssh_url": "git@github.com:zl86790/tektongolang.git",
"clone_url": "https://github.com/zl86790/tektongolang.git",
"svn_url": "https://github.com/zl86790/tektongolang",
"homepage": null,
"size": 1,
"stargazers_count": 0,
"watchers_count": 0,
"language": "Go",
"has_issues": true,
"has_projects": true,
"has_downloads": true,
"has_wiki": true,
"has_pages": false,
"forks_count": 0,
"mirror_url": null,
"archived": false,
"disabled": false,
"open_issues_count": 0,
"license": null,
"forks": 0,
"open_issues": 0,
"watchers": 0,
"default_branch": "master"
},
"sender": {
"login": "zl86790",
"id": 18146284,
"node_id": "MDQ6VXNlcjE4MTQ2Mjg0",
"avatar_url": "https://avatars.githubusercontent.com/u/18146284?v=4",
"gravatar_id": "",
"url": "https://api.github.com/users/zl86790",
"html_url": "https://github.com/zl86790",
"followers_url": "https://api.github.com/users/zl86790/followers",
"following_url": "https://api.github.com/users/zl86790/following{/other_user}",
"gists_url": "https://api.github.com/users/zl86790/gists{/gist_id}",
"starred_url": "https://api.github.com/users/zl86790/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/zl86790/subscriptions",
"organizations_url": "https://api.github.com/users/zl86790/orgs",
"repos_url": "https://api.github.com/users/zl86790/repos",
"events_url": "https://api.github.com/users/zl86790/events{/privacy}",
"received_events_url": "https://api.github.com/users/zl86790/received_events",
"type": "User",
"site_admin": false
}
}通过端口映射就可以使用 postman 来 dummy webhook了
访问dashboard
kubectl --namespace tekton-pipelines port-forward svc/tekton-dashboard 9097:9097访问trigger
kubectl port-forward --address 0.0.0.0 service/el-github-pr 8080 -n lizhe
最后是截屏
Tekton Trigger
安装
kubectl apply --filename https://storage.googleapis.com/tekton-releases/triggers/latest/release.yaml
kubectl apply --filename https://storage.googleapis.com/tekton-releases/triggers/latest/interceptors.yaml
Tekton CICD demo 4
这一章中,我们会添加一个 task,并且使用它来根据commitid更新 github 中的 yaml 文件
这里使用的是 https://github.com/zl86790/tektongolang_dep.git
要部署的镜像是 libaibai/tektongolang:mockup_tag_name
要用来替换 yaml 的镜像是 libaibai/kanikosed
来看部署用的yaml文件
apiVersion: apps/v1
kind: Deployment
metadata:
name: tektongolang
namespace: tektongolang
spec:
selector:
matchLabels:
app: tektongolang
replicas: 2
template:
metadata:
labels:
app: tektongolang
spec:
containers:
- name: tektongolang
image: mockup_tag_name
ports:
- containerPort: 9090使用下面内容创建一个新镜像
libaibai/kanikosed
Dockerfile
FROM ubuntu
RUN apt update -y && apt install -y git
COPY main.sh /main.sh
CMD [ "/bin/bsh" ]main.sh
#!/bin/bash
git config --global user.email $USER_EMAIL
git config --global user.name $USER_NAME
dep_repo=$1
dep_yaml=$2
build_repo=$3
build_commitid=$4
echo $USER_NAME
echo $USER_EMAIL
echo $dep_repo
echo $dep_yaml
echo $build_repo
echo $build_commitid
ls $dep_repo
echo "================="
ls $build_repo
cat $build_repo/$build_commitid
cat $dep_repo/$dep_yaml
cat $build_repo/$build_commitid | xargs -i sed -i 's/:[0-9A-Za-z]\{40,40\}$/:{}/' $dep_repo/$dep_yaml
cat $build_repo/$build_commitid | xargs -i sed -i 's/:mockup_tag_name/:{}/' $dep_repo/$dep_yaml
cat $dep_repo/$dep_yaml
cd $dep_repo && git add ./*
cd $dep_repo && cat $build_repo/$build_commitid | xargs -i git commit -m {} ./*
cd $dep_repo && git push origin HEAD:master --force
创建 input resource,关联到部署git仓库
apiVersion: tekton.dev/v1alpha1
kind: PipelineResource
metadata:
name: tektongolang-dep-git
namespace: lizhe
spec:
type: git
params:
- name: revision
value: master
- name: url
value: https://github.com/zl86790/tektongolang_dep.git
我们来创建 sed task
注意这里使用了刚刚创建的 自定义 docker image
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: sed-commitid
namespace: lizhe
spec:
resources:
inputs:
- name: dep-source
type: git
steps:
- name: sed-commitid
image: libaibai/kanikosed
env:
- name: "DOCKER_CONFIG"
value: "/tekton/home/.docker/"
- name: "USER_NAME"
value: "lizhe"
- name: "USER_EMAIL"
value: "lizhe@lizhe.name"
command: ["/bin/bash", "-c", "/main.sh /workspace/dep-source tektongolang_dep.yaml /workspace/git-source commitid.txt"]
workspaces:
- name: build-workspace
description: |
The folder where will be shared among the tasks
optional: false
mountPath: /workspace
修改 pipeline 文件
apiVersion: tekton.dev/v1beta1
kind: Pipeline
metadata:
name: pipeline-demo
namespace: lizhe
spec:
resources:
- name: source-repo
type: git
- name: tektongolang-image
type: image
- name: dep-repo
type: git
workspaces:
- name: build-workspace
tasks:
- name: git-commitid
taskRef:
name: get-commitid
resources:
inputs:
- name: git-source
resource: source-repo
workspaces:
- name: build-workspace
workspace: build-workspace
- name: build-img
runAfter: [git-commitid]
taskRef:
name: build-img
resources:
outputs:
- name: builtImage
resource: tektongolang-image
workspaces:
- name: build-workspace
workspace: build-workspace
- name: sed-commitid
runAfter: [build-img]
taskRef:
name: sed-commitid
resources:
inputs:
- name: dep-source
resource: dep-repo
workspaces:
- name: build-workspace
workspace: build-workspace修改pipeline run
apiVersion: tekton.dev/v1beta1
kind: PipelineRun
metadata:
name: pipeline-demo-run
namespace: lizhe
spec:
serviceAccountName: build-bot-sa
pipelineRef:
name: pipeline-demo
resources:
- name: source-repo
resourceRef:
name: tektongolang-git
- name: tektongolang-image
resourceRef:
name: tektongolang-image
- name: dep-repo
resourceRef:
name: tektongolang-dep-git
workspaces:
- name: build-workspace # this workspace name must be declared in the Pipeline
volumeClaimTemplate:
spec:
storageClassName: "local-path"
accessModes:
- ReadWriteOnce # access mode may affect how you can use this volume in parallel tasks
resources:
requests:
storage: 1Gi
然后就可以看到 触发了构建
第一步是下载项目代码
然后通过 获得的 commitid 构建docker image
最后根据 commitid 修改 deploy 的 yaml 文件
这里先使用了一个新的 resource git inputs ,然后使用自定义镜像进行sed
项目代码仓库里的 commitid
docker仓库中push的image
最后是 deploy git仓库中的 yaml 文件
