基於Tekton和Argocd的CICD實現(1/4)

時間  2021-08-12
標籤 java git github docker api 瀏覽器 緩存 bash markdown app 欄目 Java 简体版
原文   原文鏈接

本文基於Google的GKE搭建的kubernetes集羣,因此不存在牆的問題。java

本地使用WSL2安裝gcloud工具訪問GKE。git

遠程鏡像倉庫採用華爲雲的SWR服務。github

我的博客原文地址docker

使用buildpacks實現基於代碼自動構建鏡像並推送至遠程倉庫

本章使用tekton構建工做流,使用Buildpacks無需Dockerfile從源碼構建鏡像,並將鏡像推送至華爲雲SWR鏡像倉庫。api

安裝tekton

# 安裝tekton
kubectl apply --filename https://storage.googleapis.com/tekton-releases/pipeline/latest/release.yaml

# 安裝tekton CLI
# 能夠去github下載安裝 https://github.com/tektoncd/cli/releases

# 安裝tekton dashboard
kubectl apply --filename https://github.com/tektoncd/dashboard/releases/latest/download/tekton-dashboard-release.yaml

# 對外暴露tekton dashboard
# 本地瀏覽器訪問`loaclhost:9097`便可訪問tekton dashboard
kubectl --namespace tekton-pipelines port-forward svc/tekton-dashboard 9097:9097
複製代碼

Task

Task是一個任務執行模板,task定義中能夠包含變量,能夠由taskrun傳入。Task的steps字段表示有哪些步驟,每個步驟就是基於鏡像啓動一個container執行一些操做,container的啓動參數能夠經過task的入參進行配置。瀏覽器

# 部署buildpacks task
# Buildpacks task使用Cloud Native Buildpacks可以將源碼構建成鏡像並推送到倉庫。
kubectl apply -f https://raw.githubusercontent.com/tektoncd/catalog/master/task/buildpacks/0.1/buildpacks.yaml

# 部署git-clone task
# git-clone task用來ckone repository
kubectl apply -f https://raw.githubusercontent.com/tektoncd/catalog/master/task/git-clone/0.2/git-clone.yaml
複製代碼

建立文件buildpacks_vpc.yaml定義buildpacks須要的pvc,一個用來放源碼,一個做爲構建鏡像時的緩存緩存

---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: buildpacks-source-pvc
spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 500Mi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: buildpacks-cache-pvc
spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 500Mi
複製代碼

Authorization

若是使用本地鏡像倉庫,則不須要受權bash

建立文件swr_auth.yaml,定義須要的secret和samarkdown

apiVersion: v1
kind: Secret
metadata:
    name: basic-user-pass
    annotations:
        tekton.dev/docker-0: swr.cn-north-1.myhuaweicloud.com
type: kubernetes.io/basic-auth
stringData:
    username: <USERNAME> 
    password: <PASSWORD>
---
apiVersion: v1
kind: ServiceAccount
metadata:
    name: buildpacks-service-account
secrets:
    - name: basic-user-pass
複製代碼

Pipeline

Pipeline能夠編排多個task,pipeline的params聲明瞭執行時的入參,spec.tasks定義了須要編排的task,經過runAfter能夠定義task執行的順序。在編排task的時候在spec.tasks.params中能夠指定傳入task的參數。 建立文件buildpacks_pipeline.yaml,PipelineResource是用來在task之間共享資源的,這裏把image的url放在PipelineResource裏,這樣全部的task就能夠共享這些信息了。app

apiVersion: tekton.dev/v1alpha1
kind: PipelineResource
metadata:
  name: buildpacks-app-image 
spec:
  type: image
  params:
    - name: url
      value: swr.cn-north-1.myhuaweicloud.com/zhf/demo-go #This defines the name of output image
---
apiVersion: tekton.dev/v1beta1
kind: Pipeline
metadata:
  name: buildpacks-test-pipeline
spec:
  workspaces:
  - name: shared-workspace
  resources:
  - name: build-image
    type: image
  tasks:
  - name: fetch-repository # This task fetches a repository from github, using the `git-clone` task we installed
    taskRef:
      name: git-clone
    workspaces:
    - name: output
      workspace: shared-workspace
    params:
    - name: url
      value: https://github.com/Myrat92/sample-go
    - name: subdirectory
      value: ""
    - name: deleteExisting
      value: "true"
  - name: buildpacks # This task uses the `buildpacks` task to build the application
    taskRef:
      name: buildpacks
    runAfter:
    - fetch-repository
    workspaces:
    - name: source
      workspace: shared-workspace
    params:
    - name: SOURCE_SUBPATH
      value: 'apps/java-maven' # This is the path within our samples repo we want to build
    - name: BUILDER_IMAGE
      value: 'paketobuildpacks/builder:base' # This is the builder we want the task to use
    - name: CACHE
      value: buildpacks-cache
    resources:
      outputs:
      - name: image
        resource: build-image
複製代碼

使用kubectl應用這些配置

kubectl apply -f buildpacks_vpc.yaml swr_auth.yaml buildpacks_pipeline.yaml
複製代碼

PipelineRun

Task和Pipeline都是一些模板,真正執行須要PipelineRun。PipelineRun能夠給Pipeline傳參,並執行Pipeline。 建立文件buildpacks_pipelinerun.yaml,spec.pipelineRef.name指定了要執行的Pipeline:buildpacks-test-pipeline

apiVersion: tekton.dev/v1beta1
kind: PipelineRun
metadata:
  name: buildpacks-test-pipeline-run
spec:
  serviceAccountName: buildpacks-service-account # Only needed if you set up authorization
  pipelineRef:
    name: buildpacks-test-pipeline
  workspaces:
  - name: shared-workspace
    persistentvolumeclaim:
      claimName: buildpacks-source-pvc
  resources:
  - name: build-image
    resourceRef:
      name: buildpacks-app-image
  podTemplate:
    volumes:
    - name: buildpacks-cache
      persistentVolumeClaim:
        claimName: buildpacks-cache-pvc
複製代碼

使用kubectl應用配置

kubectl apply -f run.yml
複製代碼

查看運行日誌

使用kubectl命令能夠查看PipelineRun的日誌

kubectl describe pipelinerun buildpacks-test-pipeline-run
複製代碼

也能夠本地瀏覽器訪問http://localhost:9097/#/namespaces/default/pipelineruns 在tekton dashboard上查看日誌

參考連接

相關文章
相關標籤/搜索
每日一句
    每一个你不满意的现在,都有一个你没有努力的曾经。
本站公眾號
   歡迎關注本站公眾號,獲取更多信息
聯繫我們 最近搜索 最新文章 沪ICP备13005482号-10 MyBatis教程 SQL 教程 MySQL教程 Java 教程 Thymeleaf 教程 Hibernate教程 Spring教程 Redis教程