Tekton Concepts: Difference between revisions

From NovaOrdis Knowledge Base
Jump to navigation Jump to search
Line 9: Line 9:
=Tekton Domain Model=
=Tekton Domain Model=
==Task==
==Task==
{{External|https://github.com/tektoncd/pipeline/blob/main/docs/tasks.md}}
{{Internal|Tekton Task|Tekton Tasks}}
{{External|https://tekton.dev/docs/pipelines/tasks/}}
 
A '''task''' defines a series of ordered [[Tekton_Step#Overview|steps]], which are executed in order in which they are declared. The output of a step can be used as the input of the next step. Each task executes in its own Kubernetes pod, where individual [[Tekton_Step#Overview|steps]] are executed as pod's containers, so by default, tasks within a [[#Pipeline|pipeline]] do not share data. To make tasks share data, they must be explicitly configured to make their outputs available to the next task, and to ingest the outputs of a previously executed task, as inputs. A task can be executed on its own, or part of a pipeline. The task is implemented as a Kubernetes custom resource.
===Task Example===
<syntaxhighlight lang='yaml'>
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
  name: hello
spec:
  steps:
    - name: echo
      image: alpine
      script: |
        #!/bin/sh
        echo "Hello World"
</syntaxhighlight>
===Task Manifest===
<font size=-1>
apiVersion: tekton.dev/v1beta1 <font color=teal># required field</font>
kind: Task <font color=teal>                    # required field</font>
metadata: <font color=teal>                    # required field</font>
  name: <font color=indigo><''task-name''></font> <font color=teal>          # required field</font>
spec: <font color=teal>                        # required field</font>
  description: 'this is an optional description'
  [[#Task_Parameters|params]]:
    - name: <font color=indigo><''some-array-parameter''></font>
      type: array
    - name: <font color=indigo><''some-string-parameter''></font>
      type: string
  [[#Task_Results|results]]:
    - name: <font color=indigo><''some-name''></font>
      description: '...'
  [[#Task_Step_Template|stepTemplate]]:
    env:
      - name: '...'
          value: '...'
  [[#Task_Step_Definition|steps]]: <font color=teal> # required field</font>
    - name: step-1
      image: ubuntu
      args: ["ubuntu-build-example", "SECRETS-example.md"]
    - image: gcr.io/example-builders/build-example
      command: ["echo"]
      args: ["$(params.pathToDockerFile)"]
    - name: step-3
      image: gcr.io/example-builders/push-example
      args: ["push", "$(resources.outputs.builtImage.url)"]
      volumeMounts:
        - name: docker-socket-example
          mountPath: /var/run/docker.sock
  [[#Task_Workspace|workspaces]]:
    - name: <font color=indigo>''workspace-name''</font>
      description:
      mountPath: <font color=indigo>''path-relative-to-root''</font>
  [[#Task_Volume|volumes]]:
    - name: <font color=indigo>''volume-name''</font>
      emptyDir: {}
  [[#Task_Sidecar|sidecars]]:
    - image: <font color=indigo>''some-image''</font>
      name: <font color=indigo>''some-name''</font>
      securityContext:
        privileged: true
      volumeMounts:
        - name: <font color=indigo>''some-name''</font>
          mountPath: <font color=indigo>''some-mount-path''</font>
  <font color=darkgray>[[#Task_Resources|resources]]: # deprecated
    inputs:
      - name: ...
          type: ...
    outputs:
      - name: ...
          type: ... </font>
</font>
 
===Task Parameters===
{{External|https://tekton.dev/docs/pipelines/tasks/#specifying-parameters}}
Specifies execution parameters for this task. Parameters are passed to the task from its corresponding [[#TaskRun|TaskRun]].
 
 
<font color=darkkhaki>TO PROCESS.</font>
 
===Task Resources===
{{External|https://tekton.dev/docs/pipelines/tasks/#specifying-resources}}
[[#PipelineResource|PipelineResources]] are deprecated. This field is valid for alpha only.
<font color=darkkhaki>TO PROCESS.</font>
 
===Task Workspace===
{{External|https://tekton.dev/docs/pipelines/tasks/#specifying-workspaces}}
Specifies paths to volumes required by the this task.
 
<font color=darkkhaki>TO PROCESS.</font>
 
===Task Results===
{{External|https://tekton.dev/docs/pipelines/tasks/#emitting-results}}
Specifies the names under which this task writes execution results. A task is able to emit string results that can be viewed by users and passed to other tasks in the pipeline. These results have a wide variety of potential uses
 
<font color=darkkhaki>TO PROCESS.</font>
 
===Task Volume===
{{External|https://tekton.dev/docs/pipelines/tasks/#specifying-volumes}}
Specifies one or more volumes that will be available to the [[Tekton_Step#Overview|steps]] in this task.
 
<font color=darkkhaki>TO PROCESS.</font>
 
===Task Step Template===
{{External|https://tekton.dev/docs/pipelines/tasks/#specifying-a-step-template}}
Specifies a container step definition to use as the basis for all [[Tekton_Step#Overview|steps]] in this task.
 
<font color=darkkhaki>TO PROCESS.</font>
 
===Task Sidecar===
{{External|https://tekton.dev/docs/pipelines/tasks/#specifying-sidecars}}
Specifies sidecar containers to run alongside the [[Tekton_Step#Overview|steps]] in the task.
 
<font color=darkkhaki>TO PROCESS.</font>
 
===Task Operations===
* [[Tekton_Operations#List_Tasks|List tasks]]


==ClusterTask==
==ClusterTask==

Revision as of 21:30, 28 April 2022

Internal

Overview

Tekton is a cloud-native solution for building CI/CD pipelines. Tekton installs and runs as an extension on your Kubernetes cluster and uses the well-established Kubernetes resource model. Tekton workloads execute inside Kubernetes containers. It has several components: Tekton Pipelines, Tekton CLI and Tekton Catalog. Tekton is part of the CD Foundation, a Linux Foundation project. It is implemented as a set of Kubernetes Custom Resources. Once deployed, Tekton can be accessed via Tekton CLI commands or API calls.

Tekton Domain Model

Task

Tekton Tasks

ClusterTask

A task is available in a certain namespace, while a ClusterTask is available across the entire cluster. A ClusterTask behaves identically to a task. When declaring a ClusterTask in the pipeline definition, the kind sub-field of the taskRef should be explicitly set to ClusterTask. If not specified, kind defaults to Task.

apiVersion: tekton.dev/v1beta1
kind: Pipeline
metadata:
[...]
spec:
  tasks:
    - name: some-cluster-task
      taskRef:
        name: some-task
        kind: ClusterTask
 ...

Step

Step

TaskRun

https://github.com/tektoncd/pipeline/blob/main/docs/taskruns.md

A task run (or taskRun) instantiates a specific task to execute on a particular set of inputs and produce a particular set of outputs, within specific conditions (for example, build flags). A task run connects resources with tasks. A task run can be created individually via CLI, by a pipeline run, as part of a pipeline, or by a Tekton components such as Tekton Triggers. The task run is implemented as a Kubernetes custom resource.

The task run can be used to parameterize the task. Specific values for task parameters can be declared in the task run.

TaskRun Example

A simple taskrun example:

apiVersion: tekton.dev/v1beta1
kind: TaskRun
metadata:
  name: hello-task-run
spec:
  taskRef:
    name: hello

TaskRun Manifest

apiVersion: tekton.dev/v1beta1 # required field
kind: TaskRun                  # required field
metadata:                      # required field
  name: <taskrun-name>         # required field
spec:                          # required field
  params:
    - name: <parameter-name>
      value: <some-value>
  serviceAccountName: <service-account-name>
  taskRef:                     # one of 'taskRef' and 'taskSpec' is required
    name: <target-task-name>
  taskSpec:                    # one of 'taskRef' and 'taskSpec' is required
  podTemplate:
    schedulerName: <scheduler-name>
    securityContext:
      runAsNonRoot: true
      runAsUser: 1001
    volumes:
      - name: <volume-name>
         persistentVolumeClaim:
           claimName: <claim-name>
  workspaces:
    - name: <workspace-name> # must match workspace name in the Task
      persistentVolumeClaim:
        claimName: <claim-name> # the PVC must already exist
      subPath: my-subdir
  sidecars:
    - ...

Specifying the Target Task

The target task can be specified either by reference, as shown above, or embedding the task specification under taskSpec.

Tekton Bundle

A Tekton bundle is an OCI artifact that contains resources like tasks. The tasks published within a bundle can be referenced within a taskRef:

kind: TaskRun
spec:
  taskRef:
    name: some-task
    bundle: docker.io/myrepo/mybundle[:tag]

TO PROCESS: https://tekton.dev/docs/pipelines/taskruns/#tekton-bundles

Remote Task

TO PROCESS: https://tekton.dev/docs/pipelines/taskruns/#remote-tasks

TaskRun Parameters

https://tekton.dev/docs/pipelines/taskruns/#specifying-parameters

This section specifies value for the execution parameters of the corresponding task.

TO PROCESS.

Implicit Parameters

TO PROCESS: https://tekton.dev/docs/pipelines/taskruns/#implicit-parameters

Extra Parameters

TO PROCESS: https://tekton.dev/docs/pipelines/taskruns/#extra-parameters

TaskRun Resources

https://tekton.dev/docs/pipelines/taskruns/#specifying-resources

PipelineResources are deprecated. This field is valid for alpha only. TO PROCESS.

TaskRun Pod Template

https://tekton.dev/docs/pipelines/taskruns/#specifying-a-pod-template

The pod template, if specifies, serves are the configuration starting point for the pod in which the container images specified by the task will execute. This permits customization of the pod configuration, to make it specific to this task run. TO PROCESS.

TaskRun Workspace

https://tekton.dev/docs/pipelines/taskruns/#specifying-workspaces

TO PROCESS.

TaskRun Sidecar

https://tekton.dev/docs/pipelines/taskruns/#specifying-sidecars

TO PROCESS.

TaskRun Timeout

https://tekton.dev/docs/pipelines/taskruns/#configuring-the-failure-timeout

TO PROCESS.

TaskRun Service Account

https://tekton.dev/docs/pipelines/taskruns/#specifying-serviceaccount-credentials

TO PROCESS:

TaskRun Life Cycle

TO PROCESS: https://tekton.dev/docs/pipelines/taskruns/#monitoring-execution-status

TaskRun Operations

Pipeline

Tekton Pipelines

PipelineRun

https://github.com/tektoncd/pipeline/blob/main/docs/pipelineruns.md

A pipeline run (or pipelineRun) instantiates a specific pipeline to execute on a particular set of inputs and produce a particular set of outputs. A pipeline run connects resources with pipelines. A pipeline run can be created via CLI, or by a Tekton components such as Tekton Triggers. The pipeline run is implemented as a Kubernetes custom resource.

Simple pipelinerun example:

apiVersion: tekton.dev/v1beta1
kind: PipelineRun
metadata:
  name: simple-pipeline-run
spec:
  pipelineRef:
    name: simple-pipeline

PipelineRun Operations

PipelineResource

Deprecated. Defines locations for inputs ingested and outputs produced by the steps in tasks. Also see Task Resources.

Trigger

Implemented as part of the Tekton Triggers component.

Resource

Resources are used to share data between steps and tasks, and depending on which direction they are looked at, the can be input or output resources. Resources are connected to tasks and pipelines by taskRuns and pipelineRuns, respectively. A run must include the actual addresses of resources, such as the URLs of repositories, its task or pipeline needs.

Example of resources:

  • git repository
  • a pull request
  • a container image
  • a Kubernetes cluster
  • storage: an object, a directory, etc.
  • a CloudEvent

Input Resource

The input is defined relative to a step. Examples of input resources are: git repository.

Output Resource

The output is defined relative to a step. Examples of output resources: container image.

Result

https://tekton.dev/docs/results/

Tekton Results aims to help users logically group CI/CD workload history and separate out long term result storage away from the Pipeline controller.

Run

Instantiates a Custom Task for execution when specific inputs.

Tekton Runtime Model

Tekton Pipelines tracks the state of a pipeline using Kubernetes annotations, which are projected inside each step container in the form of files with the Kubernetes Downward API. The step container entrypoint binary watches these projected files and will only start the command the step is supposed to execute only if a specific annotation appears as file.

In addition, Tekton Pipelines schedules some containers to run automatically before and after the step containers to support built-in features such as the retrieval of input resources and the uploading the outputs to wherever they are supposed to go.

Tekton Components

Tekton Pipelines

https://github.com/tektoncd/pipeline/blob/main/docs/README.md

Tekton Pipelines is the component that implements the core functionality of Tekton and sets the foundation for other components. It is implemented as a set of Kubernetes Custom Resources.

Tekton Pipeline Runtime

Tekton Pipelines Controller

Tekton Pipelines Webhook

Tekton Pipeline Operations

Tekton CLI

https://github.com/tektoncd/cli/blob/main/README.md

Tekton CLI provides the command interface called tkn.

Tekton CLI Operations

Tekton API

Tekton APIs are currently available for Pipelines and Triggers allow you to programmatically interact with the Tekton components.

Tekton Catalog

https://github.com/tektoncd/catalog/blob/v1beta1/README.md

Tekton Catalog is a repository of community-contributed Tekton building blocks.

Tekton Hub

https://hub.tekton.dev
https://github.com/tektoncd/hub/blob/main/README.md

Tekton Hub is a web GUI to access Tekton Catalog.

Tekton Triggers

https://github.com/tektoncd/triggers/blob/main/README.md

Tekton Triggers provide triggers, which allow instantiating pipelines based on events (a PR merge, etc.)

Tekton Dashboard

https://github.com/tektoncd/dashboard/blob/main/README.md

Tekton Dashboard is the web GUI that displays information about pipeline execution.

Tekton Operator

https://github.com/tektoncd/operator/blob/main/README.md

Tekton Operator is the implementation of the Kubernetes Operator pattern that assists with the operation of the Tekton projects.

Building Block

Tekton documentation refers to "building blocks". Those are ...

LimitRange

TO PROCESS:

Events

https://tekton.dev/docs/pipelines/events

TO PROCESS.

Programming Model

Process Task Authoring Recommendations: https://github.com/tektoncd/catalog/blob/main/recommendations.md

Variable Substitution

https://tekton.dev/docs/pipelines/tasks/#using-variable-substitution

TO PROCESS.

Code Examples

TO PROCESS:

Start the list here:

  • How to do this
  • How to do that

Playground

https://github.com/ovidiuf/playground/tree/master/tekton