Update 2022-04-12 - Added Blue/Green Deployment. There is always 1 Route, 1 Service, but the Service will be patched to the correct Deployment and Pods. There will be a maximum of 2 Deployments, which the Service will point to the new Deployment. The old Deployment will continue to be active so the Service just needs the Pod Selector updated to rollback.
This is a sample pipeline that can be used for deploying an application to a tWAS container and deploying it to OCP. The pipeline will do the following:
- Update the name of the project to lowercase and remove spaces.
- Download code from a Git repository
- Compile the code using Maven
- Use the Dockerfile to build a new tWAS image and store it in the OCP ImageStreams repository
- Create a Deployment, Autoscaler, Service and Route.
The first 3 items are done with Tasks from the Tekton Hub.
The OpenShift and Tekton CLIs are needed to run commands and setup the pipeline.
- Login to your OCP cluster
- Create a project (namespace) for the pipelines, if necessary
oc new-project <project>
- Install the Tekton Pipeline.
oc apply -f tekton/tekton-pipelines-install.yaml
- Install the necessary Tekton Tasks from the Tekton Hub
tkn hub install task git-clone -n <project>
tkn hub install task maven -n <project>
tkn hub install task kaniko -n <project>
- Add task to format the app name (make lowercase, remove spaces)
oc apply -f tekton/was-pipeline-task-appname.yaml -n <project>
- Add the custom Task
oc apply -f tekton/was-pipeline-task.yaml -n <project>
- Add the PersistentVolumeClaim used to share between tasks.
oc apply -f tekton/was-pipeline-pvc.yaml -n <project>
- Install the Pipeline
oc apply -f tekton/was-pipeline.yaml -n <project>
To run the pipeline, a sample Pipeline Run is included
oc create -f tekton/was-pipeline-run.yaml -n <project>
In a true CI/CD pipeline developers would not be submitting a Pipeline Run with the necessary data to kick off a pipeline, they would use an EventListener that would take some inputs and start the Pipeline Run.
- Setup the necessary ServiceAccount and cluster secuity to receive events and act upon them. The file must be updated with the namespace used for the Pipeline for the security. Update
CHANGE_MEwith the appropriate namespace.
oc apply -f was-triggers-security.yaml -n <project>
- Add the Trigger Template, which is an outline of how to handle the Trigger and what to run, which is similar to the Pipeline Run
oc apply -f was-triggers-template.yaml -n <project>
- Add the necessary bindings for this specific application. This contains information to be passed to the Trigger Template
oc apply -f was-triggers-bindings.yaml -n <project>
- Add the EventListener, which will startup a Pod and service to listen to Events for the trigger. The Pod name will be prefixed with an
elwith the name of the EventListen. In this sample it is calledel-was-triggers-eventlistener. The Service is given the same name as the Pod.
oc apply -f was-triggers-eventlistener.yaml -n <project>
- Create a Route so that the Trigger can be called from outside the cluster.
oc apply -f was-triggers-route.yaml -n <project>
To test the Trigger, the Route endpoint can be called with the necessary JSON parameters.
ROUTE_HOST=$(oc get route el-was-triggers-listener -n <project> --template='http://{{.spec.host}}')
URL=https://github.com/bpaskin/WAS-Tekton.git
curl -v -H 'X-GitHub-Event: pull_request' -H 'Content-Type: application/json' -d '{ "repository": {"clone_url": "'"${URL}"'"}, "pull_request": {"head": {"sha": "master1", "repo": {"name":"WAS-TekTon"}}} }' ${ROUTE_HOST}
If the request is accepted successfully the HTTP response should be either a 201 Created or 202 Accepted.
The Pipeline can be started when a GitHub Pull is done. This will send a message to the Event Listener endpoint with some data. The repository name, SHA of the pull request and URL of the repository will be used in the pipeline.
- Go to the GitHub repository page in the web browser.
- Click the Settings tab.
- In the navigation pane, click Hooks.
- Click Add Webhook.
- In the Payload URL field, paste the webhook URL (output from the
oc get route el-was-triggers-listener -n <project> --template='http://{{.spec.host}}'command - In the Content type field, select JSON.
- Leave the Secret field empty
- In the options displayed, ensure that the Pull event is selected only.
- Ensure that the Active check box is selected. This option keeps the webhook enabled and sends notifications whenever an event is triggered.
- Click Add webhook to complete the configuration of the webhook in GitHub Enterprise.
Helpful while testing Tasks: tkn task start was-deploy-app --showlog
To build a container without OCP:
docker/podman build -t modresorts .
Run the container exposing the admin and app ports (9443 is the internal app port)
podman run -d -p 19443:9443 -p 9043:9043 -p 19080:9080 --name modresorts1 modresorts
podman run -d -p 19444:9443 -p 9044:9043 -p 19081:9080 --name modresorts2 modresorts
To access the application
https://host:19443/
https://host:19444/
To access the admin console:
https://host:9043/admin
https://host:9044/admin
userid is wsadmin, password is passw0rd