Tekton Concepts
Internal
Overview
Tekton is a cloud-native solution for building CI/CD pipelines. Tekton installs and runs as an extension on your Kubernetes cluster and uses the well-established Kubernetes resource model. Tekton workloads execute inside Kubernetes containers. It has several components: Tekton Pipelines, Tekton CLI and Tekton Catalog. Tekton is part of the CD Foundation, a Linux Foundation project. It is implemented as a set of Kubernetes Custom Resources. Once deployed, Tekton can be accessed via Tekton CLI commands or API calls.
Tekton Domain Model
Task
ClusterTask
A task is available in a certain namespace, while a ClusterTask is available across the entire cluster. A ClusterTask behaves identically to a task. When declaring a ClusterTask in the pipeline definition, the kind
sub-field of the taskRef
should be explicitly set to ClusterTask
. If not specified, kind
defaults to Task
.
apiVersion: tekton.dev/v1beta1
kind: Pipeline
metadata:
[...]
spec:
tasks:
- name: some-cluster-task
taskRef:
name: some-task
kind: ClusterTask
...
Step
TaskRun
A task run (or taskRun) instantiates a specific task to execute on a particular set of inputs and produce a particular set of outputs, within specific conditions (for example, build flags). A task run connects resources with tasks. A task run can be created individually via CLI, by a pipeline run, as part of a pipeline, or by a Tekton components such as Tekton Triggers. The task run is implemented as a Kubernetes custom resource.
The task run can be used to parameterize the task. Specific values for task parameters can be declared in the task run.
TaskRun Example
A simple taskrun example:
apiVersion: tekton.dev/v1beta1
kind: TaskRun
metadata:
name: hello-task-run
spec:
taskRef:
name: hello
TaskRun Manifest
apiVersion: tekton.dev/v1beta1 # required field kind: TaskRun # required field metadata: # required field name: <taskrun-name> # required field spec: # required field params: - name: <parameter-name> value: <some-value> serviceAccountName: <service-account-name> taskRef: # one of 'taskRef' and 'taskSpec' is required name: <target-task-name> taskSpec: # one of 'taskRef' and 'taskSpec' is required podTemplate: schedulerName: <scheduler-name> securityContext: runAsNonRoot: true runAsUser: 1001 volumes: - name: <volume-name> persistentVolumeClaim: claimName: <claim-name> workspaces: - name: <workspace-name> # must match workspace name in the Task persistentVolumeClaim: claimName: <claim-name> # the PVC must already exist subPath: my-subdir sidecars: - ...
Specifying the Target Task
The target task can be specified either by reference, as shown above, or embedding the task specification under taskSpec
.
Tekton Bundle
A Tekton bundle is an OCI artifact that contains resources like tasks. The tasks published within a bundle can be referenced within a taskRef
:
kind: TaskRun spec: taskRef: name: some-task bundle: docker.io/myrepo/mybundle[:tag]
TO PROCESS: https://tekton.dev/docs/pipelines/taskruns/#tekton-bundles
Remote Task
TO PROCESS: https://tekton.dev/docs/pipelines/taskruns/#remote-tasks
TaskRun Parameters
This section specifies value for the execution parameters of the corresponding task.
TO PROCESS.
Implicit Parameters
TO PROCESS: https://tekton.dev/docs/pipelines/taskruns/#implicit-parameters
Extra Parameters
TO PROCESS: https://tekton.dev/docs/pipelines/taskruns/#extra-parameters
TaskRun Resources
PipelineResources are deprecated. This field is valid for alpha only. TO PROCESS.
TaskRun Pod Template
The pod template, if specifies, serves are the configuration starting point for the pod in which the container images specified by the task will execute. This permits customization of the pod configuration, to make it specific to this task run. TO PROCESS.
TaskRun Workspace
TO PROCESS.
TaskRun Sidecar
TO PROCESS.
TaskRun Timeout
TO PROCESS.
TaskRun Service Account
TO PROCESS:
- https://tekton.dev/docs/pipelines/taskruns/#specifying-serviceaccount-credentials
- https://tekton.dev/docs/pipelines/taskruns/#example-of-using-custom-serviceaccount-credentials
TaskRun Life Cycle
TO PROCESS: https://tekton.dev/docs/pipelines/taskruns/#monitoring-execution-status
TaskRun Operations
Pipeline
PipelineRun
A pipeline run (or pipelineRun) instantiates a specific pipeline to execute on a particular set of inputs and produce a particular set of outputs. A pipeline run connects resources with pipelines. A pipeline run can be created via CLI, or by a Tekton components such as Tekton Triggers. The pipeline run is implemented as a Kubernetes custom resource.
Simple pipelinerun example:
apiVersion: tekton.dev/v1beta1
kind: PipelineRun
metadata:
name: simple-pipeline-run
spec:
pipelineRef:
name: simple-pipeline
PipelineRun Operations
PipelineResource
Deprecated. Defines locations for inputs ingested and outputs produced by the steps in tasks. Also see Task Resources.
Trigger
Implemented as part of the Tekton Triggers component.
Resource
Resources are used to share data between steps and tasks, and depending on which direction they are looked at, the can be input or output resources. Resources are connected to tasks and pipelines by taskRuns and pipelineRuns, respectively. A run must include the actual addresses of resources, such as the URLs of repositories, its task or pipeline needs.
Example of resources:
- git repository
- a pull request
- a container image
- a Kubernetes cluster
- storage: an object, a directory, etc.
- a CloudEvent
Input Resource
The input is defined relative to a step. Examples of input resources are: git repository.
Output Resource
The output is defined relative to a step. Examples of output resources: container image.
Result
Tekton Results aims to help users logically group CI/CD workload history and separate out long term result storage away from the Pipeline controller.
Run
Instantiates a Custom Task for execution when specific inputs.
Tekton Runtime Model
Tekton Pipelines tracks the state of a pipeline using Kubernetes annotations, which are projected inside each step container in the form of files with the Kubernetes Downward API. The step container entrypoint binary watches these projected files and will only start the command the step is supposed to execute only if a specific annotation appears as file.
In addition, Tekton Pipelines schedules some containers to run automatically before and after the step containers to support built-in features such as the retrieval of input resources and the uploading the outputs to wherever they are supposed to go.
Tekton Components
Tekton Pipelines
Tekton Pipelines is the component that implements the core functionality of Tekton and sets the foundation for other components. It is implemented as a set of Kubernetes Custom Resources.
Tekton Pipeline Runtime
Tekton Pipelines Controller
Tekton Pipelines Webhook
Tekton Pipeline Operations
Tekton CLI
Tekton CLI provides the command interface called tkn
.
Tekton CLI Operations
Tekton API
Tekton APIs are currently available for Pipelines and Triggers allow you to programmatically interact with the Tekton components.
Tekton Catalog
Tekton Catalog is a repository of community-contributed Tekton building blocks.
Tekton Hub
Tekton Hub is a web GUI to access Tekton Catalog.
Tekton Triggers
Tekton Triggers provide triggers, which allow instantiating pipelines based on events (a PR merge, etc.)
Tekton Dashboard
Tekton Dashboard is the web GUI that displays information about pipeline execution.
Tekton Operator
Tekton Operator is the implementation of the Kubernetes Operator pattern that assists with the operation of the Tekton projects.
Building Block
Tekton documentation refers to "building blocks". Those are ...
LimitRange
TO PROCESS:
- https://tekton.dev/docs/pipelines/taskruns/#specifying-limitrange-values
- https://kubernetes.io/docs/concepts/policy/limit-range/
- https://tekton.dev/docs/pipelines/limitrange/
Events
TO PROCESS.
Programming Model
Process Task Authoring Recommendations: https://github.com/tektoncd/catalog/blob/main/recommendations.md
Variable Substitution
TO PROCESS.
Code Examples
TO PROCESS:
- Code Examples: https://tekton.dev/docs/pipelines/tasks/#code-examples
- Code Examples: https://github.com/tektoncd/pipeline/tree/main/examples
- TaskRun code examples: https://tekton.dev/docs/pipelines/taskruns/#code-examples
- https://github.com/tektoncd/pipeline/blob/release-v0.35.x/examples/v1beta1/taskruns/run-steps-as-non-root.yaml
Start the list here:
- How to do this
- How to do that