Install and configure a Tekton pipeline on Openshift

  1. Install Red Hat OpenShift Pipelines on latest channel from the Operator Hub using the Openshift UI

  2. If you want interact via cli with the pipeline you can install locally Tekton cli
    To interact with the pipelines, you can download from the details of the operator installed (i.e. crc link) :
    https://tkn-cli-serve-openshift-pipelines.apps-crc.testing/tkn/tkn-linux-amd64.tar.gz
    The version proposed by the Operator is correctly aligned version with the tekton version.

  3. If isn't yet created, create the project sonataflow-operator-system

oc new-project sonataflow-operator-system
  1. Install the Tekton kubernetes-actions task
kubectl apply -f https://api.hub.tekton.dev/v1/resource/tekton/task/kubernetes-actions/0.2/raw
  1. Apply the cluster role and cluster role binding
kubectl create -f tekton/role/cluster_role.yaml
kubectl create -f tekton/role/cluster_role_binding.yaml
  1. Create the pipeline
kubectl apply -f tekton/pipeline/kogito_serverless_operator_pipeline.yaml
  1. Create a pipeline run
kubectl apply -f tekton/pipeline/kogito_serverless_operator_pipeline_run.yaml

or with the Tekton cli:

tkn pipeline start kogito-serverless-operator-pipeline \
  -w name=shared-workspace,volumeClaimTemplateFile=https://raw.githubusercontent.com/apache/incubator-kie-kogito-serverless-operator/main/tekton/volume/persistent_volume.yaml \
  -p deployment-name=kogito-serverless-operator \
  -p git-url=https://github.com/apache/incubator-kie-kogito-serverless-operator.git \
  -p git-revision=main \
  -p IMAGE='image-registry.openshift-image-registry.svc:5000/sonataflow-operator-system/kogito-serverless-operator:latest' \
  --use-param-defaults
  1. Check the Pipeline execution

Open the Pipeline menu under the namespace/project sonataflow-operator-system or with the Tekton cli (use the pipeline run id):

tkn pipelinerun logs kogito-serverless-operator-pipeline-run-<id> -f -n <your-namespace>

How to see the content of the workspace

  1. Create the task show_workspace_content
kubectl apply -f tekton/task/show_workspace_content.yaml
  1. Add the task show-workspace in the pipeline after the fetch-repository or build-image

How to redeploy

Go to the pipeline runs and ask for a rerun of a previous pipeline run

Trigger the pipeline on GithubEvents

  1. Create the trigger binding
oc create -f tekton/trigger/trigger_binding.yaml
  1. Create the trigger template
oc create -f tekton/trigger/trigger_template.yaml
  1. Create the trigger resource
oc create -f tekton/trigger/trigger_resource.yaml
  1. Add a label to enable the secure HTTPS connection to the Eventlistener resource
oc label namespace sonataflow-operator-system operator.tekton.dev/enable-annotation=enabled
  1. Create the Event listener trigger
oc create -f tekton/trigger/trigger_event_listener.yaml
  1. Create a route with the re-encrypted TLS termination
oc create route reencrypt --service=el-kogito-serverless-operator-webhook --cert=tls.crt --key=tls.key --ca-cert=ca.crt --hostname=<hostname>
  1. Check the webhook
tkn el -n kogito-serverless-operator-pipeline ls
kubectl get pods,svc -n kogito-serverless-operator-pipeline -l eventlistener=kogito-serverless-operator-webhook
  1. Add a webhook in your github/gitlab repo with the url of the listener on openshift

  2. Authenticating pipelines using git secret https://docs.openshift.com/container-platform/4.12/cicd/pipelines/authenticating-pipelines-using-git-secret.html