Tekton est un framework CI/CD cloud-native, Kubernetes-native, maintenu par la Continuous Delivery Foundation (CDF, sous-projet Linux Foundation). Tout est modélisé comme des CRDs Kubernetes : Task, Pipeline, TaskRun, PipelineRun. Les pipelines s'exécutent directement dans des pods, sans infrastructure CI externe. Tekton se distingue par sa modularité (Tasks réutilisables, Tekton Hub) et son interopérabilité avec d'autres outils GitOps comme Argo CD ou FluxCD via son composant Triggers.
Informations essentielles
Origine : Google → CDF Graduated (Linux Foundation) · Licence : Apache 2.0 · Architectures : x86_64, ARM64
Liens : Site officiel · Documentation · GitHub · Tekton Hub
Support : CDF Graduated. Communauté active, utilisé en production chez Google, IBM, Red Hat.
Stack par défaut
| Composant | Valeur |
|---|---|
| Pipelines | CRDs Task, Pipeline, TaskRun, PipelineRun |
| Triggers | CRDs TriggerTemplate, TriggerBinding, EventListener |
| Dashboard | UI web pour visualiser les runs |
| CLI | tkn |
| Stockage | Workspace (PVC, ConfigMap, Secret, emptyDir) |
Prérequis
| Ressource | Valeur |
|---|---|
| Kubernetes | 1.25+ |
| Storage | StorageClass disponible (pour les workspaces PVC) |
| kubectl | Configuré avec accès cluster |
Installation
Tekton Pipelines
kubectl apply -f \
https://storage.googleapis.com/tekton-releases/pipeline/latest/release.yaml
# Vérifier l'installation
kubectl get pods -n tekton-pipelines
# tekton-pipelines-controller et tekton-pipelines-webhook Running
Tekton Triggers (webhooks entrants)
kubectl apply -f \
https://storage.googleapis.com/tekton-releases/triggers/latest/release.yaml
kubectl apply -f \
https://storage.googleapis.com/tekton-releases/triggers/latest/interceptors.yaml
Tekton Dashboard (UI web)
kubectl apply -f \
https://storage.googleapis.com/tekton-releases/dashboard/latest/release.yaml
kubectl port-forward svc/tekton-dashboard -n tekton-pipelines 9097:9097
# Ouvrir http://localhost:9097
CLI tkn
TKN_VERSION=$(curl -s "https://api.github.com/repos/tektoncd/cli/releases/latest" \
| grep '"tag_name"' | sed 's/.*"v\([^"]*\)".*/\1/')
curl -Lo tkn.tar.gz \
"https://github.com/tektoncd/cli/releases/download/v${TKN_VERSION}/tkn_${TKN_VERSION}_Linux_x86_64.tar.gz"
tar -xzf tkn.tar.gz -C /tmp && sudo mv /tmp/tkn /usr/local/bin/
tkn version
Concepts fondamentaux
Task - unité de travail
apiVersion: tekton.dev/v1
kind: Task
metadata:
name: build-and-push
spec:
params:
- name: image
type: string
workspaces:
- name: source
steps:
- name: build
image: gcr.io/kaniko-project/executor:latest
args:
- --dockerfile=Dockerfile
- --context=dir://$(workspaces.source.path)
- --destination=$(params.image)
Pipeline - enchaînement de Tasks
apiVersion: tekton.dev/v1
kind: Pipeline
metadata:
name: ci-pipeline
spec:
params:
- name: repo-url
- name: image
workspaces:
- name: shared-workspace
tasks:
- name: fetch-source
taskRef:
name: git-clone
workspaces:
- name: output
workspace: shared-workspace
params:
- name: url
value: $(params.repo-url)
- name: build
runAfter: ["fetch-source"]
taskRef:
name: build-and-push
workspaces:
- name: source
workspace: shared-workspace
params:
- name: image
value: $(params.image)
PipelineRun - exécution
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
generateName: ci-run-
spec:
pipelineRef:
name: ci-pipeline
params:
- name: repo-url
value: https://github.com/org/my-app.git
- name: image
value: ghcr.io/org/my-app:latest
workspaces:
- name: shared-workspace
volumeClaimTemplate:
spec:
accessModes: [ReadWriteOnce]
resources:
requests:
storage: 1Gi
kubectl create -f pipelinerun.yaml
tkn pipelinerun logs --last -f
Tekton Triggers - webhook entrant
# Déclencher un PipelineRun sur push GitHub
apiVersion: triggers.tekton.dev/v1beta1
kind: EventListener
metadata:
name: github-listener
spec:
serviceAccountName: tekton-triggers-sa
triggers:
- name: github-push
interceptors:
- ref:
name: github
params:
- name: secretRef
value:
secretName: github-webhook-secret
secretKey: token
- name: eventTypes
value: ["push"]
bindings:
- ref: github-push-binding
template:
ref: pipeline-trigger-template
Tekton Hub - Tasks réutilisables
# Installer la Task git-clone depuis Tekton Hub
tkn hub install task git-clone
# Installer la Task buildpacks
tkn hub install task buildpacks
# Rechercher des Tasks
tkn hub search --tags build
Mise à jour
kubectl apply -f \
https://storage.googleapis.com/tekton-releases/pipeline/latest/release.yaml
Troubleshooting
# État des pods
kubectl get pods -n tekton-pipelines
# Logs d'un TaskRun
tkn taskrun logs <nom> -f
# Logs d'un PipelineRun
tkn pipelinerun logs <nom> -f
# Décrire un PipelineRun en erreur
tkn pipelinerun describe <nom>
# Logs du contrôleur
kubectl logs -n tekton-pipelines -l app=tekton-pipelines-controller --tail=50
Commandes utiles
tkn task list # Lister les Tasks
tkn pipeline list # Lister les Pipelines
tkn pipelinerun list # Lister les runs
tkn pipelinerun logs --last -f # Logs du dernier run
tkn pipelinerun cancel <nom> # Annuler un run en cours
tkn hub list tasks --tags build # Rechercher des Tasks sur Tekton Hub
Ressources
- Site officiel : https://tekton.dev
- Documentation : https://tekton.dev/docs/
- GitHub Pipelines : https://github.com/tektoncd/pipeline
- Tekton Hub : https://hub.tekton.dev
- Releases : https://github.com/tektoncd/pipeline/releases