《OpenShift 4.x HOL教程彙總》
說明:本文已經在OpenShift 4.8環境中驗證
文章目錄
- 設定環境變量
- 用PipelineResource設定Git資源
- 了解 Maven 鏡像
- 探索 Task 和 TaskRun
- 用 Pipeline 串起 Task、PipelineResource
本節建立一個最簡單的Pipeline,完成應用代碼編譯。
設定環境變量
$ export USER=$(oc whoami)
$ export GIT_URL=$(oc get route gitea-server -ojsonpath="{.spec.host}" -n devsecops)
$ export GIT_REPO=https://${GIT_URL}/${USER}/openshift-tasks.git
$ export CICD=${USER}-cicd
$ oc new-project $CICD
用PipelineResource設定Git資源
-
用以下2種方法任意一種建立Git類型PipelineResource對象,Git目标指向“${GIT_REPO}”的位址。
第一種方法:
$ oc apply -f - << EOF
apiVersion: tekton.dev/v1alpha1
kind: PipelineResource
metadata:
name: tasks-source-code
namespace: ${CICD}
spec:
params:
- name: url
value: ${GIT_REPO}
- name: revision
value: dso4
type: git
EOF
第二種方法:
$ tkn resource create -n ${CICD}
? Enter a name for a pipeline resource : tasks-source-code
? Select a resource type to create : [Use arrows to move, type to filter]
cloudEvent
cluster
> git
image
pullRequest
storage
? Select a resource type to create : git
? Enter a value for url : https://gitea-server-devsecops.apps.cluster-39c8.39c8.sandbox139.opentlc.com/user1/openshift-tasks.git
? Enter a value for revision : dso4
- 檢視建立的PipelineResource。
$ tkn resource list -n ${CICD} | grep tasks-source-code
tasks-source-code git url: https://gitea-server-devsecops.apps.cluster-39c8.39c8.sandbox139.opentlc.com/user2/openshift-tasks.git```
了解 Maven 鏡像
- 獲得Gitea Server的通路位址。
$ oc get route gitea-server -ojsonpath={.spec.host} -n devsecops
gitea-server-devsecops.apps.cluster-39c8.39c8.sandbox139.opentlc.com
- 執行指令,在運作一個mvn鏡像。
$ oc project ${CICD}
$ oc run mvn-builder --image=gcr.io/cloud-builders/mvn --rm -it --command -- /bin/bash
If you don't see a command prompt, try pressing enter.
bash-4.4$
- 檢視鏡像中Maven的版本。
bash-4.4$ mvn -version
Apache Maven 3.8.1 (05c21c65bdfed0f71a2f2ada8b84da59348c4c5d)
Maven home: /usr/share/maven
Java version: 16.0.2, vendor: Oracle Corporation, runtime: /usr/java/openjdk-16
Default locale: en, platform encoding: UTF-8
OS name: "linux", version: "4.18.0-305.10.2.el8_4.x86_64", arch: "amd64", family: "unix"
- 從Gitea中下載下傳應用代碼。注意:“https://gitea-server-devsecops.apps.cluster-39c8.39c8.sandbox139.opentlc.com”是Gitea Server的通路位址。
bash-4.4$ curl https://<GITEA-SERVER>/user1/openshift-tasks/archive/dso4.tar.gz | tar xz -C /tmp
bash-4.4$ ls /tmp/openshift-tasks
README.md app-template.yaml configuration pipeline-bc.yaml pom.xml src
- 編譯打包應用。發現“maven-compiler-plugin:3.8.0”錯誤,這是由于版本導緻的。
bash-4.4$ mvn clean package -Dmaven.repo.local=/tmp/.m2 -f /tmp/openshift-tasks/pom.xml
。。。
[INFO] 18 errors
[INFO] -------------------------------------------------------------
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 01:55 min
[INFO] Finished at: 2020-07-20T23:15:57Z
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-compiler-plugin:3.8.0:compile (default-compile) on project jboss-tasks-rs: Compilation failure: Compilation failure:
[ERROR] /tmp/openshift-tasks/src/main/java/org/jboss/as/quickstarts/tasksrs/model/User.java:[31,33] package javax.xml.bind.annotation does not exist
。。。
- 退出Maven容器。
- 下載下傳運作“mvn:3.5.0-jdk-8”的容器,然後重新編譯打包應用。
$ oc run mvn-builder --image=gcr.io/cloud-builders/mvn:3.5.0-jdk-8 --rm -it --command -- /bin/bash
If you don't see a command prompt, try pressing enter.
bash-4.4$ curl https://<GITEA-SERVER>/user1/openshift-tasks/archive/dso4.tar.gz | tar xz -C /tmp
bash-4.4$ mvn clean package -Dmaven.repo.local=/tmp/.m2 -f /tmp/openshift-tasks/pom.xml
。。。
[INFO] Scanning for projects...
Downloading: https://maven.repository.redhat.com/ga/org/jboss/bom/jboss-eap-javaee7/7.0.1.GA/jboss-eap-javaee7-7.0.1.GA.pom
... snipped for brevity ...
[INFO] Building war: /tmp/openshift-tasks/target/openshift-tasks.war
[INFO] WEB-INF/web.xml already added, skipping
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS------------------------------------------------------------------------
- 退出Maven容器。
探索 Task 和 TaskRun
- 建立一個新的Task對象和對應的TaskRun對象。
$ oc create -f - << EOF
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: simple-maven
namespace: ${CICD}
spec:
resources:
inputs:
- name: source
type: git
steps:
- name: mvn-goals
script: |
/usr/bin/mvn clean package -f \$(resources.inputs.source.path)/pom.xml
image: gcr.io/cloud-builders/mvn:3.5.0-jdk-8
EOF
- 檢視建立的Task的資訊。
$ tkn task describe simple-maven
Name: simple-maven
Namespace: user1-cicd
📨 Input Resources
NAME TYPE
∙ source git
📡 Output Resources
No output resources
⚓ Params
No params
📝 Results
No results
📂 Workspaces
No workspaces
🦶 Steps
∙ mvn-goals
🗂 Taskruns
NAME STARTED DURATION STATUS
- 用指令執行“simple-maven”任務,然後檢視日志。
$ tkn task start simple-maven --inputresource source=tasks-source-code --showlog
$ tkn taskrun logs -n ${CICD} -f --last
。。。
[mvn-goals] [INFO] Packaging webapp
[mvn-goals] [INFO] Assembling webapp [jboss-tasks-rs] in [/workspace/source/target/openshift-tasks]
[mvn-goals] [INFO] Processing war project
[mvn-goals] [INFO] Copying webapp resources [/workspace/source/src/main/webapp]
[mvn-goals] [INFO] Webapp assembled in [1104 msecs]
[mvn-goals] [INFO] Building war: /workspace/source/target/openshift-tasks.war
[mvn-goals] [INFO] WEB-INF/web.xml already added, skipping
[mvn-goals] [INFO] ------------------------------------------------------------------------
[mvn-goals] [INFO] BUILD SUCCESS
[mvn-goals] [INFO] ------------------------------------------------------------------------
[mvn-goals] [INFO] Total time: 01:41 min
[mvn-goals] [INFO] Finished at: 2021-08-15T01:26:24Z
[mvn-goals] [INFO] Final Memory: 32M/1221M
[mvn-goals] [INFO] ------------------------------------------------------------------------
- 從TaskRun日志中确認“mvn”執行的是“clean package”。
$ tkn taskrun logs -n ${CICD} -f --last | grep "clean package"
[mvn-goals] + /usr/bin/mvn clean package -f /workspace/source/pom.xml
用 Pipeline 串起 Task、PipelineResource
- 登入OpenShift控制台的“開發者”視圖,進入“user1-cicd”項目的“管道”菜單,然後選擇“建立管道”。
OpenShift 4 - DevSecOps Workshop (3) - 從PipelineResource、Task到一個簡單的Pipeline設定環境變量用PipelineResource設定Git資源了解 Maven 鏡像探索 Task 和 TaskRun用 Pipeline 串起 Task、PipelineResource -
在“管道建構器”界面中将管道名設為“tasks-dev-pipeline”。先在“資源”區域選擇“添加資源”,然後将“名稱”設定為“tasks-source-code”、“資源類型”設為“Git”。在“選擇任務”框選擇“simple-maven”類型的任務,最後在設定任務的以下屬性後點選頁面下方的“建立”。
Display name:simple-maven
source:tasks-source-code
OpenShift 4 - DevSecOps Workshop (3) - 從PipelineResource、Task到一個簡單的Pipeline設定環境變量用PipelineResource設定Git資源了解 Maven 鏡像探索 Task 和 TaskRun用 Pipeline 串起 Task、PipelineResource - 可以在上圖中切換到“YAML視圖”檢視管道對象。檢視完點選“儲存”按鈕即可。
apiVersion: tekton.dev/v1beta1
kind: Pipeline
metadata:
name: tasks-dev-pipeline
spec:
resources:
- name: tasks-source-code
type: git
tasks:
- name: simple-maven
resources:
inputs:
- name: source
resource: tasks-source-code
taskRef:
kind: Task
name: simple-maven
- 運作剛剛建立的“tasks-dev-pipeline”,在“啟動管道”對話框中點選“開始”。
OpenShift 4 - DevSecOps Workshop (3) - 從PipelineResource、Task到一個簡單的Pipeline設定環境變量用PipelineResource設定Git資源了解 Maven 鏡像探索 Task 和 TaskRun用 Pipeline 串起 Task、PipelineResource - 進入“tasks-dev-pipeline”管道,在“管道運作”中檢視日志。
OpenShift 4 - DevSecOps Workshop (3) - 從PipelineResource、Task到一個簡單的Pipeline設定環境變量用PipelineResource設定Git資源了解 Maven 鏡像探索 Task 和 TaskRun用 Pipeline 串起 Task、PipelineResource - 還可通過指令檢視Pipeline的資訊。
$ tkn pipeline describe tasks-dev-pipeline
Name: tasks-dev-pipeline
Namespace: user1-cicd
📦 Resources
NAME TYPE
∙ tasks-source-code git
⚓ Params
No params
📝 Results
No results
📂 Workspaces
No workspaces
🗒 Tasks
NAME TASKREF RUNAFTER TIMEOUT CONDITIONS PARAMS
∙ simple-maven simple-maven --- --- ---
- 除了可在OpenShift控制台運作Pipeline,還可用指令運作Pipeline。
$ tkn pipeline start tasks-dev-pipeline --resource tasks-source-code=tasks-source-code --showlog