Tekton复习
最近需要在CMDB中嵌入一个灵活轻量的ci工具,于是在名气比较响的几个中挑选一个
argo workflow尝试了几遍,图形化做的太抽象,对rbac的控制比较麻烦,放弃
jenkinsfile很熟。但是太old school了,设计上基本已经过时,放弃
gitlab ci还行,但是有些项目是托管在一些saas上的,比如码云coding。放弃
首先明确下CI流水线需求
多step构建,可串行可并行
弹性生成,销毁
支持插件接入较灵活,最好支持go(其他我不会啊-_-||)
支持webhook(这个其实不强求,可以自己实现)
要能有一定的发布鉴权能力:往在线集群发布(这块基本用argocd了,也不强求)
代码仓库少做改造 ,接入要方便
步骤
kind: Pipeline
metadata:
annotations:
tekton.dev/displayName: Buildpacks
tekton.dev/pipelines.minVersion: 0.50.0
tekton.dev/platforms: linux/amd64
tekton.dev/tags: image-build
labels:
app.kubernetes.io/version: '0.9'
name: build-push
namespace: ci-jobs
spec:
description: The Buildpacks pipeline builds source from a Git repository into a container image and pushes it to a registry, using Cloud Native Buildpacks.
finally:
- displayName: shell初始化
name: shell-back-pom
params:
- name: Project_Name
value: $(params.Project_Name)
- name: GIT_REVISION
value: $(params.GIT_REVISION)
taskSpec:
metadata: {}
spec: null
steps:
- computeResources: {}
image: registry-vpc.cn-shanghai.aliyuncs.com/dj-ops/git
name: back-to-pom
script: |
cd $(workspaces.project-path.path)/dj-cloud_$(params.Project_Name)_$(params.GIT_REVISION)/dj-modules/
mv pom.xml new-pom.xml
mv pom.xml.bak pom.xml
workspaces:
- name: project-path
workspace: source
params:
- default: default-project
name: Project_Name
type: string
- description: A git repo url where the source code resides.
name: GIT_URL
type: string
- default: ''
description: The branch, tag or SHA to checkout.
name: GIT_REVISION
type: string
- description: base path image to build.
name: IMAGE_BASE_PATH
type: string
- default: ./Dockerfile
description: Path to the Dockerfile to build.
name: DOCKERFILE_PATH
type: string
- default: ./
description: The build context used by Kaniko.
name: KANIKO_CONTEXT
type: string
- default: []
name: BUILD_EXTRA_ARGS
type: array
- default: registry.cn-shanghai.aliyuncs.com/dj-ops/git:alpine
name: gitInitImage
type: string
- default: registry-vpc.cn-shanghai.aliyuncs.com/dj-ops/kaniko
description: The image on which builds will run (default is v1.5.1)
name: BUILDER_IMAGE
type: string
- name: Dockerfile_Url
type: string
- name: Maven_ProfileId
type: string
tasks:
- displayName: git clone 项目
name: fetch-from-git
params:
- name: GIT_URL
value: $(params.GIT_URL)
- name: GIT_REVISION
value: $(params.GIT_REVISION)
- name: BASE_IMAGE
value: $(params.gitInitImage)
- name: Project_Name
value: $(params.Project_Name)
taskRef:
kind: Task
name: dj-git-api
workspaces:
- name: source
workspace: source
- name: ssh-directory
workspace: ssh-directory
- displayName: 下载dockerfile且修改pom文件
name: shell
params:
- name: Dockerfile_Url
value: $(params.Dockerfile_Url)
- name: Project_Name
value: $(params.Project_Name)
- name: GIT_REVISION
value: $(params.GIT_REVISION)
runAfter:
- fetch-from-git
taskSpec:
metadata: {}
spec: null
steps:
- computeResources: {}
image: registry-vpc.cn-shanghai.aliyuncs.com/dj-ops/git
name: oss-to-dockerfile
script: |
wget "$(params.Dockerfile_Url)" -O $(workspaces.project-path.path)/dj-cloud_"$(params.Project_Name)"_"$(params.GIT_REVISION)"/dj-modules/$(params.Project_Name)/Dockerfile
- computeResources: {}
image: registry-vpc.cn-shanghai.aliyuncs.com/dj-ops/git
name: edit-to-pom
script: |
cd $(workspaces.project-path.path)/dj-cloud_$(params.Project_Name)_$(params.GIT_REVISION)/dj-modules/
cp -f $(workspaces.project-path.path)/edit-pom.sh ./edit-pom.sh
bash ./edit-pom.sh "$(params.Project_Name)"
# 这里我们备份一下原pom文件
mv pom.xml pom.xml.bak
mv new-pom.xml pom.xml
workspaces:
- name: project-path
workspace: source
- displayName: 生成镜像版本号
name: genarate-image-tag
params:
- name: IMAGE_BASE_PATH
value: $(params.IMAGE_BASE_PATH)
- name: GIT_REVISION
value: $(params.GIT_REVISION)
runAfter:
- fetch-from-git
taskRef:
kind: Task
name: generate-rand-image-tag
- displayName: mvn打包
name: mvn-build
params:
- name: Maven_ProfileId
value: $(params.Maven_ProfileId)
- name: Project_Name
value: $(params.Project_Name)
- name: GIT_REVISION
value: $(params.GIT_REVISION)
runAfter:
- shell
taskRef:
kind: Task
name: mvn-build
workspaces:
- name: source
workspace: source
- name: maven-repository
workspace: maven-cache
- displayName: 构建镜像并推送
name: kaniko-build
params:
- name: IMAGE
value: $(tasks.genarate-image-tag.results.IMAGE_URL)
- name: DOCKERFILE
value: $(params.DOCKERFILE_PATH)
- name: CONTEXT
value: $(workspaces.source.path)/dj-cloud_$(params.Project_Name)_$(params.GIT_REVISION)/dj-modules/$(params.Project_Name)
- name: BUILDER_IMAGE
value: $(params.BUILDER_IMAGE)
runAfter:
- mvn-build
taskRef:
kind: Task
name: kaniko
workspaces:
- name: source
workspace: source
- name: dockerconfig
workspace: dockerconfig
workspaces:
- name: ssh-directory
- description: Location where source is stored.
name: source
- description: Location where docker config is stored.
name: dockerconfig
- description: Location where mvn_cache is stored
name: maven-cache
本文是原创文章,采用 CC BY-NC-ND 4.0 协议,完整转载请注明来自 Hunter
评论
匿名评论
隐私政策
你无需删除空行,直接评论以获取最佳展示效果
