tekton taskrun资源

原创

云原生总监 2022-12-16 22:54:49 ©著作权

文章标签 docker git ubuntu 文章分类 运维

©著作权归作者所有：来自51CTO博客作者云原生总监的原创作品，请联系作者获取转载授权，否则将追究法律责任

什么是taskrun

使用TaskRun资源对象创建并运行群集上的进程以完成操作。task只是定义了一个任务模版，taskRun才真正代表了一次实际的运行，启动taskrun才可以运行task，当然你也可以自己手动创建一个taskRun，taskRun创建出来之后，就会自动触发task描述的构建任务。taskRun只有当task的所有Step都执行完成才会运行完。

资源详解

taskRef

taskrun/taskrun-taskref.yaml
 
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
  name: hello
spec:
  steps:
    - name: hello
      image: ubuntu
      command:
        - echo
      args:
        - "Hello World!"
---        
apiVersion: tekton.dev/v1beta1
kind: TaskRun
metadata:
  name: hello-run
spec:
  taskRef:
    name: hello

taskSpec

taskrun/taskrun-taskSpec.yaml
 
apiVersion: tekton.dev/v1beta1
kind: TaskRun
metadata:
  generateName: taskspec-
spec:
  taskSpec:
    steps:
    - name: hello
      image: ubuntu
      command:
        - echo
      args:
        - "Hello World!"

serviceAccountName

task/resources/sa.yaml
 
apiVersion: v1
kind: ServiceAccount
metadata:
  name: test-task-robot-git-ssh
secrets:
  - name: registry-secret
 
 
kubectl create secret docker-registry registry-secret \
       --docker-server=registry.cn-beijing.aliyuncs.com \
       --docker-username=195446040@qq.com \
       --docker-password=123456 -n tekton
 
task/resources/res-dockerfile-examples.yaml
 
apiVersion: tekton.dev/v1alpha1
kind: PipelineResource
metadata:
  name: dockerfile-examples
spec:
  type: git
  params:
    - name: url
      value: https://github.com/13567436138/tekton.git
    - name: revision
      value: main
 
task/resources/res-my-app-image.yaml
 
apiVersion: tekton.dev/v1alpha1
kind: PipelineResource
metadata:
  name: my-app-image
spec:
  type: image
  params:
    - name: url
      value: registry.cn-beijing.aliyuncs.com/hxpdocker/tekton-test
 
task/resources/task-example-task.yaml
 
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
  name: example-task
spec:
  params:
    - name: pathToDockerFile
      type: string
      description: The path to the dockerfile to build
      default: /workspace/workspace/
  resources:
    inputs:
      - name: workspace
        type: git
    outputs:
      - name: builtImage
        type: image
  steps:
    - image: docker:20.10.5
      command: ["docker"]
      imagePullPolicy: IfNotPresent
      args: 
      - build
      - --tag 
      - $(resources.outputs.builtImage.url)
      - $(params.pathToDockerFile)
      volumeMounts:
        - name: docker-socket
          mountPath: /var/run/docker.sock
    - name: dockerfile-pushexample
      image: docker:20.10.5
      imagePullPolicy: IfNotPresent
      command: ["docker"]
      args: ["push","$(resources.outputs.builtImage.url)"]
      volumeMounts:
        - name: docker-socket
          mountPath: /var/run/docker.sock
 
task/resources/taskrun-mytaskrun.yaml
 
apiVersion: tekton.dev/v1beta1
kind: TaskRun
metadata:
  generateName: mytaskrun-
spec:
  serviceAccountName: test-task-robot-git-ssh
  taskRef:
    name: example-task
  resources:
    inputs:
      - name: workspace
        resourceRef:
          name: dockerfile-examples
    outputs:
      - name: builtImage
        resourceRef:
          name: my-app-image
  podTemplate:
    volumes:
    - name: docker-socket
      hostPath:
        path: /var/run/docker.sock
        type: Socket

params

taskrun/taskrun-params.yaml
 
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
  name: my-params-array
spec:
  params:
  - name: array-param
    type: array
    default:
    - a
    - b
    - c
  steps:
  - image: ubuntu
    command: [echo]
    args:
    - "$(params.array-param[*])"
    imagePullPolicy: IfNotPresent
---
apiVersion: tekton.dev/v1beta1
kind: TaskRun
metadata:
  generateName: params-
spec:
  taskRef:
    name: my-params-array
  params:
    - name: array-param
      value: 
      - xxx
      - yyy

resources

task/resources/sa.yaml
 
apiVersion: v1
kind: ServiceAccount
metadata:
  name: test-task-robot-git-ssh
secrets:
  - name: registry-secret
 
 
kubectl create secret docker-registry registry-secret \
       --docker-server=registry.cn-beijing.aliyuncs.com \
       --docker-username=195446040@qq.com \
       --docker-password=123456 -n tekton
 
task/resources/res-dockerfile-examples.yaml
 
apiVersion: tekton.dev/v1alpha1
kind: PipelineResource
metadata:
  name: dockerfile-examples
spec:
  type: git
  params:
    - name: url
      value: https://github.com/13567436138/tekton.git
    - name: revision
      value: main
 
task/resources/res-my-app-image.yaml
 
apiVersion: tekton.dev/v1alpha1
kind: PipelineResource
metadata:
  name: my-app-image
spec:
  type: image
  params:
    - name: url
      value: registry.cn-beijing.aliyuncs.com/hxpdocker/tekton-test
 
task/resources/task-example-task.yaml
 
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
  name: example-task
spec:
  params:
    - name: pathToDockerFile
      type: string
      description: The path to the dockerfile to build
      default: /workspace/workspace/
  resources:
    inputs:
      - name: workspace
        type: git
    outputs:
      - name: builtImage
        type: image
  steps:
    - image: docker:20.10.5
      command: ["docker"]
      imagePullPolicy: IfNotPresent
      args: 
      - build
      - --tag 
      - $(resources.outputs.builtImage.url)
      - $(params.pathToDockerFile)
      volumeMounts:
        - name: docker-socket
          mountPath: /var/run/docker.sock
    - name: dockerfile-pushexample
      image: docker:20.10.5
      imagePullPolicy: IfNotPresent
      command: ["docker"]
      args: ["push","$(resources.outputs.builtImage.url)"]
      volumeMounts:
        - name: docker-socket
          mountPath: /var/run/docker.sock
 
task/resources/taskrun-mytaskrun.yaml
 
apiVersion: tekton.dev/v1beta1
kind: TaskRun
metadata:
  generateName: mytaskrun-
spec:
  serviceAccountName: test-task-robot-git-ssh
  taskRef:
    name: example-task
  resources:
    inputs:
      - name: workspace
        resourceRef:
          name: dockerfile-examples
    outputs:
      - name: builtImage
        resourceRef:
          name: my-app-image
  podTemplate:
    volumes:
    - name: docker-socket
      hostPath:
        path: /var/run/docker.sock
        type: Socket

timeout

taskrun/taskrun-timeout.yaml
 
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
  name: hello
spec:
  steps:
    - name: hello
      image: ubuntu
      command:
        - echo
      args:
        - "Hello World!"
---        
apiVersion: tekton.dev/v1beta1
kind: TaskRun
metadata:
  generateName: timout-run-
spec:
  taskRef:
    name: hello
  timeout: 1s

podTemplate

taskrun/taskrun-podTemplate.yaml
 
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
  name: hello-podtemplate
spec:
  steps:
    - name: hello
      image: ubuntu
      command:
        - id
---
apiVersion: tekton.dev/v1beta1
kind: TaskRun
metadata:
  generateName: podtemplate-
spec:
  taskRef:
    name: hello-podtemplate
  podTemplate:
    securityContext:
      runAsNonRoot: true
      runAsUser: 1001

workspaces

task/task-workspaces.yaml
 
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
  name: workspaces
spec:
  steps:
  - name: write-message
    image: ubuntu
    script: |
      #!/usr/bin/env bash
      set -xe
      if [ "$(workspaces.messages.bound)" == "true" ] ; then
        echo hello! > $(workspaces.messages.path)/message
        cat $(workspaces.messages.path)/message
      fi
  workspaces:
  - name: messages
    description: |
      The folder where we write the message to. If no workspace
      is provided then the message will not be written.
    optional: true
    mountPath: /test
 
task/taskrun-workspaces.yaml
 
apiVersion: tekton.dev/v1beta1
kind: TaskRun
metadata:
  generateName: workspaces-
spec:
  taskRef:
    name: workspaces
  workspaces:
    - name: messages
      emptyDir: {}