From 094dec4074f95eb4dc39c51dedf969cf3bb9e560 Mon Sep 17 00:00:00 2001 From: Moritz Graf Date: Sun, 15 Nov 2020 19:21:45 +0100 Subject: [PATCH] Adding tekton --- .gitignore | 3 ++- k8s/README.md | 28 +++++++++++++++++++++---- k8s/tekton-pipelines/tekton-ingress.yml | 24 +++++++++++++++++++++ 3 files changed, 50 insertions(+), 5 deletions(-) create mode 100644 k8s/tekton-pipelines/tekton-ingress.yml diff --git a/.gitignore b/.gitignore index b5e2664..f020c1c 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ k8s/gitea-chart/ -.vagrant \ No newline at end of file +.vagrant +k8s/tekton-pipelines/auth \ No newline at end of file diff --git a/k8s/README.md b/k8s/README.md index c8ad24d..d9a0d4a 100644 --- a/k8s/README.md +++ b/k8s/README.md @@ -22,7 +22,7 @@ NAMESPACE="datalab" kubectl patch deployment $DEPLOYMENT -n $NAMESPACE -p "{\"spec\": {\"template\": {\"metadata\": { \"labels\": { \"redeploy\": \"$( date +%s )\"}}}}}" ``` -# Deployment +# Deployment (non persistent stuff) ## [ingress-nginx](https://github.com/kubernetes/ingress-nginx/tree/master/charts/ingress-nginx) @@ -104,8 +104,6 @@ DATE=$( date +%Y%m%d ) velero backup create $DATE --include-namespaces datalab,development,nextcloud,tt-rss,zebrium,mailu --wait ``` - - ## Add private docker registry **TODO: chart no longer exists. Check how to replace this someday.** @@ -202,7 +200,29 @@ Implement metrics-server: kubectl apply -n kube-system -f kube-system/metrics-server.yml ``` -# Persistent stuff +## Tekton + +Implementation as described [in the docs](https://tekton.dev/docs/getting-started/). + +```sh +kubectl apply --filename https://storage.googleapis.com/tekton-releases/pipeline/latest/release.yaml +kubectl apply --filename https://github.com/tektoncd/dashboard/releases/latest/download/tekton-dashboard-release.yaml +#basic-auth, see https://kubernetes.github.io/ingress-nginx/examples/auth/basic/ +htpasswd -c ./tekton-pipelines/auth tekton +kubectl delete secret -n tekton-pipelines basic-auth +kubectl create secret -n tekton-pipelines generic basic-auth --from-file=tekton-pipelines/auth +kubectl apply -f tekton-pipelines/tekton-ingress.yml +rm tekton-pipelines/auth +``` + +Install client side tools: + +```sh +brew tap tektoncd/tools +brew install tektoncd/tools/tektoncd-cli +``` + +# Deployment (persistent stuff) From here everything should be covered by the backup. Implenting those objects should already be performed by the velero backup. diff --git a/k8s/tekton-pipelines/tekton-ingress.yml b/k8s/tekton-pipelines/tekton-ingress.yml new file mode 100644 index 0000000..81d02c6 --- /dev/null +++ b/k8s/tekton-pipelines/tekton-ingress.yml @@ -0,0 +1,24 @@ +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: tekton-dashboard + namespace: tekton-pipelines + annotations: + kubernetes.io/ingress.class: "nginx" + nginx.ingress.kubernetes.io/force-ssl-redirect: "true" + cert-manager.io/cluster-issuer: "letsencrypt-prod" + nginx.ingress.kubernetes.io/auth-type: basic + nginx.ingress.kubernetes.io/auth-secret: basic-auth + nginx.ingress.kubernetes.io/auth-realm: 'Authentication Required - Tekton' +spec: + tls: + - hosts: + - "tekton.haumdaucher.de" + secretName: tekton-haumdaucher-de + rules: + - host: "tekton.haumdaucher.de" + http: + paths: + - backend: + serviceName: tekton-dashboard + servicePort: 9097 \ No newline at end of file