Skip to content

saritasa-tekton-1.1.0-dev.3
Compare
Choose a tag to compare
@github-actions github-actions released this 24 Oct 10:17
saritasa-tekton-1.1.0-dev.3
6783784
This commit was signed with the committer’s verified signature. The key has expired.
populov Serge Populov
GPG key ID: B4871FDEF345AF56
Expired
Learn about vigilant mode.

A Helm chart for Tekton. Implements: - tekton engine - tekton dashboard - tekton triggers - tekton dashboard ingress - webhook ingress ## example usage with argocd Install the chart: helm repo add saritasa https://saritasa-nest.github.io/saritasa-devops-helm-charts/ then create the manifest and apply: yaml apiVersion: argoproj.io/v1alpha1 kind: Application metadata: name: tekton-engine namespace: argo-cd finalizers: - resources-finalizer.argocd.argoproj.io annotations: argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true argocd.argoproj.io/sync-wave: "40" spec: destination: server: https://kubernetes.default.svc namespace: tekton-pipelines project: default source: chart: saritasa-tekton helm: values: | domainZone: staging.site.com # install engine engine: enabled: true config: defaultServiceAccount: "build-bot-sa" defaultTimeoutMinutes: "60" defaultPodTemplate: | nodeSelector: ci: "true" # install triggers triggers: enabled: true # install dashboard with a public ingress dashboard: enabled: true ingress: enabled: true annotations: kubernetes.io/ingress.class: "nginx" nginx.ingress.kubernetes.io/proxy-body-size: 100m cert-manager.io/cluster-issuer: "letsencrypt-prod" nginx.ingress.kubernetes.io/auth-type: basic nginx.ingress.kubernetes.io/auth-secret: tekton-basic-auth nginx.ingress.kubernetes.io/auth-realm: "Authentication Required" argocd.argoproj.io/sync-wave: "1" hosts: - host: tekton.staging.site.com paths: - path: / pathType: Prefix backend: service: name: tekton-dashboard port: number: 9097 tls: - secretName: tekton.staging.site.com-crt hosts: - tekton.staging.site.com # install github webhook ingress that invokes tekton's eventlistener webhook: enabled: true namespace: "ci" ingress: enabled: true annotations: kubernetes.io/ingress.class: "nginx" nginx.ingress.kubernetes.io/proxy-body-size: 100m cert-manager.io/cluster-issuer: "letsencrypt-prod" argocd.argoproj.io/sync-wave: "10" hosts: - host: webhook.staging.site.com paths: - path: / pathType: Prefix backend: service: name: el-build-pipeline-event-listener port: number: 8080 tls: - secretName: webhook.staging.site.com-crt hosts: - webhook.staging.site.com eventlistener: create: true labelSelector: builder: tekton namespaceSelector: - ci - ci-experiments serviceAccount: create: true name: "build-bot-sa" nodeSelector: tekton_builder: "true" repoURL: https://saritasa-nest.github.io/saritasa-devops-helm-charts/ targetRevision: "0.1.4" syncPolicy: automated: prune: true selfHeal: true syncOptions: - CreateNamespace=true Keep in mind that tekton has config-default configmap, an example you can see here. You can customize it values in this map engine.config: {}. Just add keys in the map and they will be added into the tekton-pipelines/config-defaults configmap. yaml engine: config: defaultServiceAccount: "build-bot-sa" defaultTimeoutMinutes: "60" defaultPodTemplate: | nodeSelector: ci: "true" If you want to pull images from a private registry (or if you want to skip 200 pulls on dockerhub) imagePullSecrets: - name: "your-docker-secret-name" You can generate that secret by doing the following kubectl create secret -n argo-cd generic docker-saritasa-infra-v2-ro \ --from-file=.dockerconfigjson=~/.docker/config.json \ --type=kubernetes.io/dockerconfigjson Make dure this ~/.docker/config.json is cleaned from non-infra-v2 registries first.

Assets 3
Loading