Adding tekton

2020-11-15 19:21:45 +01:00 · 2020-11-15 19:21:45 +01:00 · 094dec4074
parent b3dde4b0d9
commit 094dec4074
3 changed files with 50 additions and 5 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,2 +1,3 @@
 k8s/gitea-chart/
-.vagrant
+.vagrant
+k8s/tekton-pipelines/auth
--- a/k8s/README.md
+++ b/k8s/README.md
@ -22,7 +22,7 @@ NAMESPACE="datalab"
 kubectl patch deployment $DEPLOYMENT -n $NAMESPACE -p "{\"spec\": {\"template\": {\"metadata\": { \"labels\": {  \"redeploy\": \"$( date +%s )\"}}}}}"
 ```

-# Deployment
+# Deployment (non persistent stuff)

 ## [ingress-nginx](https://github.com/kubernetes/ingress-nginx/tree/master/charts/ingress-nginx)

@ -104,8 +104,6 @@ DATE=$( date +%Y%m%d )
 velero backup create $DATE --include-namespaces datalab,development,nextcloud,tt-rss,zebrium,mailu --wait
 ```

-
-
 ## Add private docker registry

 **TODO: chart no longer exists. Check how to replace this someday.**
@ -202,7 +200,29 @@ Implement metrics-server:
 kubectl apply -n kube-system -f kube-system/metrics-server.yml
 ```

-# Persistent stuff
+## Tekton
+
+Implementation as described [in the docs](https://tekton.dev/docs/getting-started/).
+
+```sh
+kubectl apply --filename https://storage.googleapis.com/tekton-releases/pipeline/latest/release.yaml
+kubectl apply --filename https://github.com/tektoncd/dashboard/releases/latest/download/tekton-dashboard-release.yaml
+#basic-auth, see https://kubernetes.github.io/ingress-nginx/examples/auth/basic/
+htpasswd -c ./tekton-pipelines/auth tekton
+kubectl delete secret -n tekton-pipelines basic-auth
+kubectl create secret -n tekton-pipelines generic basic-auth --from-file=tekton-pipelines/auth
+kubectl apply -f tekton-pipelines/tekton-ingress.yml
+rm tekton-pipelines/auth
+```
+
+Install client side tools:
+
+```sh
+brew tap tektoncd/tools
+brew install tektoncd/tools/tektoncd-cli
+```
+
+# Deployment (persistent stuff)

 From here everything should be covered by the backup. Implenting those objects should already be performed by the velero backup.

--- a/k8s/tekton-pipelines/tekton-ingress.yml
+++ b/k8s/tekton-pipelines/tekton-ingress.yml
@ -0,0 +1,24 @@
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+  name: tekton-dashboard
+  namespace: tekton-pipelines
+  annotations:
+    kubernetes.io/ingress.class: "nginx"    
+    nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
+    cert-manager.io/cluster-issuer: "letsencrypt-prod"
+    nginx.ingress.kubernetes.io/auth-type: basic
+    nginx.ingress.kubernetes.io/auth-secret: basic-auth
+    nginx.ingress.kubernetes.io/auth-realm: 'Authentication Required - Tekton'
+spec:
+  tls:
+   - hosts:
+     - "tekton.haumdaucher.de"
+     secretName: tekton-haumdaucher-de
+  rules:
+  - host: "tekton.haumdaucher.de"
+    http:
+      paths:
+      - backend:
+          serviceName: tekton-dashboard
+          servicePort: 9097