mirror of
https://github.com/tektoncd/catalog.git
synced 2024-11-29 06:34:08 +00:00
f4708d478e
At this moment all tasks which can be executed on linux/s390x or linux/ppc64le are tested and labelled accordingly. The rest of the tasks can be labelled as `linux/amd64`, which is default platform and where tasks are already tested via default PR testing cycle. Signed-off-by: Yulia Gaponenko <yulia.gaponenko1@de.ibm.com> |
||
---|---|---|
.. | ||
support | ||
.gitignore | ||
buildkit.yaml | ||
create-certs.sh | ||
README.md |
BuildKit
This Task builds source into a container image using Moby BuildKit.
See also buildkit-daemonless
for the daemonless version of this task.
Install
Step 0: Create mTLS secrets
You need to determine the SAN of the BuildKit daemon Service
and create mTLS certificates.
In this example, we use buildkitd
as the SAN.
$ ./create-certs.sh buildkitd
$ kubectl apply -f .certs/buildkit-daemon-certs.yaml
secret/buildkit-daemon-certs created
$ kubectl apply -f .certs/buildkit-client-certs.yaml
secret/buildkit-client-certs created
$ rm -rf .certs
Step 1: Deploy BuildKit daemon
Two types of the daemon manifests are included:
deployment+service.rootless.yaml
(recommended): Run the daemon as a non-root user. Using Ubuntu nodes is recommended. Needssysctl
configuration for Debian hosts and RHEL/CentOS 7 hosts. Does not work on Google COS.deployment+service.privileged.yaml
: Run the daemon as the root user withsecurityContext.privileged=true
. Try this version ifdeployment+service.rootless.yaml
does not work or too slow.
$ kubectl apply -f deployment+service.rootless.yaml
deployment.apps/buildkitd created
service/buildkitd created
The number of replicas can be adjusted as you like:
$ kubectl scale --replicas=10 deployment/buildkitd
See also BuildKit documentation for the further information about the manifests.
Step 2: Install the task
$ kubectl apply -f task.yaml
task.tekton.dev/buildkit created
Parameters
- DOCKERFILE: The path to the
Dockerfile
to execute (default:./Dockerfile
) - BUILDKIT_CLIENT_IMAGE: BuildKit client image (default:
moby/buildkit:vX.Y.Z@sha256:...
) - BUILDKIT_DAEMON_ADDRESS: BuildKit daemon address (default:
tcp://buildkitd:1234
) - BUILDKIT_CLIENT_CERTS: The name of Secret that contains
ca.pem
,cert.pem
,key.pem
for mTLS connection to BuildKit daemon (default:buildkit-client-certs
)
Workspaces
- source: A Workspace containing the source to build.
Resources
Outputs
- image: An
image
-typePipelineResource
specifying the image that should be built. Currently, generatingresourceResult
is not supported. (buildkit#993
)
Platforms
The Task can be run on linux/amd64
platform.