Publishing Tekton Resources as bundles on OCI registry
In my previous article I showed you how to reference your Tasks from OCI bundles in your Tekton manifest. Now in this article I’ll show you how to create your own Tekton bundle, push it to remote registry and reference that in your Tekton manifest.
Pre-requisites
tknCLI (min version required is 0.18.x)- Docker CLI (to login to remote registry)
Introduction
So, before understanding how the tkn bundle CLI works, let’s first see how the tekton bundle looks like
{
"schemaVersion": 2,
"mediaType": "application/vnd.docker.distribution.manifest.v2+json",
"config": {
"mediaType": "application/vnd.docker.container.image.v1+json",
"size": 233,
"digest": "sha256:d99714b4b2b38402752875780d9d73fa003ce3c10f4cb553e21e940bc90cf005"
},
"layers": [
{
"mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
"size": 1653,
"digest": "sha256:f8001b6a406d0c0c82b5c7d5df7d22a8213424e3f3b973d7e0d4d86502b5696d",
"annotations": {
"dev.tekton.image.apiVersion": "v1beta1",
"dev.tekton.image.kind": "task",
"dev.tekton.image.name": "maven"
}
}
]
}The Tekton resources are stored as layers and and each layer represents on Tekton resource. The above image just contains only one Tekton Task but the image can hold at max ten Tekton resources which includes Task, Pipeline, etc. For more you can refer Tekton Bundle Contract.
tkn has a bundle sub-command which can help to create a bundle, push it to remote registry and list the tekton resources present in a tekton bundle.
$ tkn bundle --help
Manage Tekton BundlesUsage:
tkn bundle [flags]
tkn bundle [command]Aliases:
bundle, tkb, bundlesAvailable Commands:
list List and print a Tekton bundle's contents
push Create or replace a Tekton bundleFlags:
-h, --help help for bundle
-C, --no-color disable coloring (default: false)Use "tkn bundle [command] --help" for more information about a command.
Now I am going to demonstrate each command below.
tkn bundle push
This command is used to create a bundle and push it to remote registry. To see all the options available you run the help command as shown below:
$ tkn bundle push --helpBefore running this command make sure you are authenticated to the remote image registry and valid credentials should be present in .docker/config.json in order to push to that registry.
Now let’s try to push a manifest to remote registry
$ cat <<EOF > task.yaml
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: demo-task
spec:
steps:
- image: ubuntu
env:
- name: HOME
value: /tekton/home
script: |
#!/usr/bin/env bash
[[ $HOME == /tekton/home ]]
EOFafter creating the task.yaml now you can run the command
$ tkn bundle push quay.io/vinamra2807/bundle:task -f task.yamlCreating Tekton Bundle:
- Added Task: demo-task to imagePushed Tekton Bundle to quay.io/vinamra2807/bundle@sha256:9849a17a80eea5a460cf919acd426e72842453cac189957b15014f6236ef0e65
Create a pipeline.yaml manifest by running:
$ cat <<EOF > pipeline.yaml
apiVersion: tekton.dev/v1beta1
kind: Pipeline
metadata:
name: demo-pipeline
spec:
tasks:
- name: task-1
taskRef:
name: demo-task
---
apiVersion: tekton.dev/v1beta1
kind: PipelineRun
metadata:
name: demo-pipelinerun
spec:
pipelineRef:
name: demo-pipeline
EOFSimilarly you can push multiple Tekton resources using the command:
$ tkn bundle push quay.io/vinamra2807/bundle:taskpipeline -f task.yaml -f pipeline.yamlCreating Tekton Bundle:
- Added Task: demo-task to image
- Added Pipeline: demo-pipeline to image
- Added PipelineRun: demo-pipelinerun to imagePushed Tekton Bundle to quay.io/vinamra2807/bundle@sha256:750c0724044bec5ab7fbdde1411b3d4100fa872ffa9b333120695894cf133f36
tkn bundle list
This command is used to list the Tekton resources and get the YAML of the Tekton resource. To see all the options available you run the help command as shown below:
$ tkn bundle list --helpTo list all the resources in bundle run the following command:
$ tkn bundle list quay.io/vinamra2807/bundle:taskpipeline
task.tekton.dev/demo-task
pipeline.tekton.dev/demo-pipeline
pipelinerun.tekton.dev/demo-pipelinerunTo list all the particular kind of resources in bundle we can run the command:
$ tkn bundle list quay.io/vinamra2807/bundle:taskpipeline task task.tekton.dev/demo-task
If you want to see the YAML manifest of the particular resource then we can run the following command:
$ tkn bundle list quay.io/vinamra2807/maven:0.1 task demo-task -o yamlapiVersion: tekton.dev/v1beta1
kind: Task
metadata:
creationTimestamp: null
name: demo-task
spec:
steps:
- env:
- name: HOME
value: /tekton/home
image: ubuntu
name: ""
resources: {}
script: |
#!/usr/bin/env bash
[[ $HOME == /tekton/home ]]
And if you want to install the Task on cluster then you can just pipe it with kubectl :
$ tkn bundle list quay.io/vinamra2807/maven:0.1 task maven -o yaml | kubectl create -f -task.tekton.dev/demo-task created
Know Issues
There are few known issues which can improve the command:
- The command reads auth file generated by
docker loginonly and if somebody has onlypodmaninstalled on their machine and we dopodman loginthentkn bundlecommand would not be able to take the authfile generated by podman. This issue is tracked on tektoncd/cli repo and you can find that here. tknshould have it’s own sub-command to be able to login to remote registry and generate an authfile which can be referenced bytknfor future and not dependent on other cli tools such aspodmanordockerfor the authentication. This can be tracked here.
Questions?
Follow and hit me up on Twitter @jvinamra776 if you have any questions or comments. If I’ve made a mistake or if there is something that I have missed out in this article be sure to let me know so that I can get it corrected.
Do follow me up on medium for more Tekton related stuffs 😉.
