Installation and upgrade of Tekton with Tekton Operator

Vincent Hou
4 min readApr 29, 2021

--

I give 100% credit to my friend and colleague Andrea Frittoli for sharing his experiences on Tekton with me. Without his guidance, I wouldn’t be able to write this tutorial. I was preparing a demo of Tekton Operator for the session Tekton's Hassle-free Journey with Tekton Operator at the in coming cdCon 2021. However, I ran into the issue of connecting github events to Tekton Trigger installed on Kubernetes service. Andrea’s expertise was like the a beam of light penetrating my darkest tunnel, guiding me through the path to the paradise of Tekton truth. Next, I will walk you through how toset up and test the demo of Tekton operator.

Prerequisites:

  1. Set up a local Tekton locally on docker-desktop Kubernetes

Install smee. Click on the button Start a new channel. You will be directed to the page of webhook Deliveries:

A Webhook Proxy URL is generated for you at https://smee.io/pUUFF1sfFnIXhvX. This URL will be different each time you visit this page. Save it into the variable WEBHOOK_URL for further use. Open the terminal on the local workstation, and run the following commands:

export WEBHOOK_URL=https://smee.io/pUUFF1sfFnIXhvXnpm install --global smee-clientsmee -u $WEBHOOK_URL --target http://localhost/ci/

Install nginx. Run the following commands:

kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v0.45.0/deploy/static/provider/cloud/deploy.yamlkubectl wait --namespace ingress-nginx --for=condition=ready pod --selector=app.kubernetes.io/component=controller --timeout=120s

2. Set up Tekton in IKS

TBD…

Github repository with the webhook:

I am about to use github as the platform to generate the event, so I create the repository here, and then create a webhook for this repository:

Make sure the payload URL is set as the value of the $WEBHOOK_URL. It is https://smee.io/pUUFF1sfFnIXhvX for my example. Don’t forget to get a secret. I use tekton as the secret.

Specify json as the content type. Specify Pull requests as the event.

After this webhook is created, each time there is a new PR, an event payload will be sent to the $WEBHOOK_URL as you specified.

For local Kubernetes service on dosker-desktop, smee can redirect all the traffics sent to the $WEBHOOK_URL to the local path “http://localhost/ci/”. We need to set up an ingress defining the traffic rules, which I will touch based on later.

Install Tekton with Tekton operator:

The latest release of Tekton operator is v0.22.0–2 by far. Install this version via the command:

kubectl apply -f https://storage.googleapis.com/tekton-releases/operator/previous/v0.22.0-2/release.yaml

Check if the operator is ready:

kubectl get deploy -n tekton-operator

If everything is installed, you will get the output as:

NAME              READY   UP-TO-DATE   AVAILABLE   AGE
tekton-operator 1/1 1 1 19s

To check the log of the operator, run the command:

kubectl logs -f deploy/tekton-operator -n tekton-operator

Install all Tekton components: pipeline, trigger and dashboard with a single command:

kubectl apply -f https://raw.githubusercontent.com/tektoncd/operator/main/config/crs/kubernetes/config/all/operator_v1alpha1_config_cr.yaml

The CR TektonConfig with full mode is able install of the Tekton operator CRs: TektonPipeline, TektonTrigger and TektonDashboard. This is the most convenient way to install everything, but you can always choose to install them individually with:

For pipeline:

kubectl apply -f https://raw.githubusercontent.com/tektoncd/operator/main/config/crs/kubernetes/pipeline/operator_v1alpha1_pipeline_cr.yaml

For trigger:

kubectl apply -f https://raw.githubusercontent.com/tektoncd/operator/main/config/crs/kubernetes/trigger/operator_v1alpha1_trigger_cr.yaml

For dashboard:

kubectl apply -f https://raw.githubusercontent.com/tektoncd/operator/main/config/crs/kubernetes/dashboard/operator_v1alpha1_dashboard_cr.yaml

Check the status of Tekton components:

kubectl get TektonConfig,TektonPipeline,TektonTrigger,TektonDashboard

Once they are ready, you should get the output as below:

NAME                                      READY   REASON
tektonconfig.operator.tekton.dev/config True

NAME VERSION READY REASON
tektonpipeline.operator.tekton.dev/pipeline 0.22.0 True

NAME VERSION READY REASON
tektontrigger.operator.tekton.dev/trigger 0.12.1 True

NAME VERSION READY REASON
tektondashboard.operator.tekton.dev/dashboard 0.15.0 True

Configure the ingress for dashboard:

Apply the following resource “kind: ingress” named “tekton-dashboard” to the cluster.

cat <<EOF | kubectl create -f -
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: tekton-dashboard
namespace: tekton-pipelines
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /\$2
nginx.ingress.kubernetes.io/configuration-snippet: |
rewrite ^(/[a-z1-9\-]*)$ \$1/ redirect;
spec:
rules:
- http:
paths:
- path: /dashboard(/|$)(.*)
pathType: Prefix
backend:
service:
name: tekton-dashboard
port:
number: 9097
EOF

Attention! Be aware of the “escape”. If you want to save the ingress resource into the yaml file, save the following content:

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: tekton-dashboard
namespace: tekton-pipelines
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /$2
nginx.ingress.kubernetes.io/configuration-snippet: |
rewrite ^(/[a-z1-9\-]*)$ $1/ redirect;
spec:
rules:
- http:
paths:
- path: /dashboard(/|$)(.*)
pathType: Prefix
backend:
service:
name: tekton-dashboard
port:
number: 9097

The char “escape” is for script only, not applicable in the yaml file.

Visit the link at http://localhost/dashboard

Install the Github example for Tekton trigger:

Go to the repository: https://github.com/tektoncd/triggers. Download the source code:

git clone git@github.com:tektoncd/triggers.git

Install the example under examples/github/:

kubectl apply -f examples/github/

Configure the ingress for the eventListener in trigger. Save the following content into a file called ingress-trigger.yaml:

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: tekton-trigger
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /$2
nginx.ingress.kubernetes.io/configuration-snippet: |
rewrite ^(/[a-z1-9\-]*)$ $1/ redirect;
spec:
rules:
- http:
paths:
- path: /ci(/|$)(.*)
pathType: Prefix
backend:
service:
name: el-github-listener-interceptor
port:
number: 8000

Run the command to install the ingress for the event listener:

kubectl apply -f ingress-trigger.yaml

Create a new PR for the repository: https://github.com/houshengbo/demo-tekton/

Check if a TaskRun is created, with the name beginning with “github-run-”:

kubectl get taskruns | grep github-run-

Don’t want to derail? Follow Vincent!

--

--

Vincent Hou

A Chinese software engineer, used to study in Belgium and currently working in US, as Knative & Tekton Operator Lead and Istio Operator Contributor.