mirror of
https://github.com/tektoncd/catalog.git
synced 2025-01-21 13:12:15 +00:00
.. | ||
build_deploy | ||
service_traffic | ||
service_update | ||
kn_deployer.yaml | ||
README.md |
Git Source with Dockerfile to Knative Service
This documents the example Pipeline to build the source code with a Dockerfile in the git repo and deploy it as Knative Service. It uses buildah task for building the source code and kn task to create or update a Knative Service.
Prerequisites:
- Latest Tekton Pipelines installed.
kubectl
CLI installed.tkn
CLI installed.- User account exists at a container registry (e.g. quay.io)
- A ServiceAccount to enable access to perform the required operations in the Pipeline, we'll configure one in following section.
One time setup:
1 - Create a sample namespace tkn-kn
, we'll reference this namespace in the subsequent operations.
kubectl create namespace tkn-kn
2 - Create a docker-registry
type secrets for pushing/pulling the built container images.
kubectl create secret docker-registry container-registry --docker-server=<DOCKER-REGISTRY> --docker-username=<USERNAME> --docker-password=<PASSWORD> --docker-email=<EMAIL>
More about secrets for interacting with a private registry
.
Note:
- For using
docker.io
: Please create a new empty public repository and refer it in subsequent steps. - For using
quay.io
: No need to create a repository beforehand.
3 - Create a ServiceAccount kn-deployer-account
and
- link
container-registry
secret created above in step 2 - create cluster role
kn-deployer
to access the Knative resources - binds the ServiceAccount with cluster role
kn-deployer
in namespacetkn-kn
- Save following YAML in e.g.
kn_deployer.yaml
and apply usingkubectl apply -f kn_deployer.yaml
.
# Define a ServiceAccount named kn-deployer-account that has permission to
# manage Knative services.
apiVersion: v1
kind: ServiceAccount
metadata:
name: kn-deployer-account
namespace: tkn-kn
# Link the container registry secrets
secrets:
- name: container-registry
# To be able to pull the (private) image from the container registry
imagePullSecrets:
- name: container-registry
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: kn-deployer
rules:
- apiGroups: ["serving.knative.dev"]
resources: ["services"]
verbs: ["get", "list", "create", "update", "delete", "patch", "watch"]
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: kn-deployer-binding
subjects:
- kind: ServiceAccount
name: kn-deployer-account
namespace: tkn-kn
roleRef:
kind: ClusterRole
name: kn-deployer
apiGroup: rbac.authorization.k8s.io
- If you've used the same names for namespace and secrets as mentioned above, you can configure the ServiceAccount with the YAML file in this repo using:
kubectl create -f https://raw.githubusercontent.com/tektoncd/catalog/master/kn/knative-dockerfile-deploy/kn_deployer.yaml
4 - Install buildah task from tektoncd/atalog
kubectl apply -f https://raw.githubusercontent.com/tektoncd/catalog/master/buildah/buildah.yaml
5 - Install the kn task from the tektoncd/atalog
kubectl apply -f https://raw.githubusercontent.com/tektoncd/catalog/master/kn/kn.yaml
Pipelines:
Let's create some Pipelines using buildah
and kn
tasks: