Deploying Tekton on OpenShift

This article explains how to install Tekton on OpenShift and how to run pipelines of a cloud native sample application.

Tekton is an open source CNCF project to run CI/CD pipelines in Kubernetes clusters.

Tekton is a powerful and flexible open-source framework for creating CI/CD systems, allowing developers to build, test, and deploy across cloud providers and on-premise systems.

OpenShift Pipelines

In order to use Tekton in OpenShift, an operator is available. The setup is trivial. One option is to use the user interface of the OpenShift Web Console:

After the setup you can run your first simple pipelines. In many cases though, your pipelines might need to access resources in other projects. In order to do this, you can use Kubernetes cluster roles:

$ oc apply -f scripts-openshift-tekton/ClusterRole.yaml
$ oc create clusterrolebinding routes-and-services-reader-tekton \
    --clusterrole=routes-and-services-reader-tekton  \

This is the definition of the role:

kind: ClusterRole
  name: routes-and-services-reader-tekton
- apiGroups: ["", "", "apps"]
  resources: ["routes", "services", "deployments", "imagestreams"]
  verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]

Sample Pipelines

I have created an application modernization example which shows how to modernize a 10+ year old application with modern technologies. When modernizing applications, updates and improvements to the actual applications is only one part of the story. Equally important is to have or introduce a DevOps culture and to use automation and CI/CD.

If you want to run my sample application, the following commands can be invoked:

$ git clone && cd application-modernization-javaee-quarkus
$ ROOT_FOLDER=$(pwd)
$ sh ${ROOT_FOLDER}/scripts-openshift-tekton/
$ oc login ...
$ sh ${ROOT_FOLDER}/scripts-openshift/
$ sh ${ROOT_FOLDER}/scripts-openshift/
$ sh ${ROOT_FOLDER}/scripts-openshift/
$ sh ${ROOT_FOLDER}/scripts-openshift-tekton/
$ sh ${ROOT_FOLDER}/scripts-openshift-tekton/

The nice thing about Tekton is that (almost) everything is done server-side. In order to run the scripts above, you only need the oc and git CLIs!

What’s next?

If you want to see these mechanisms in action, check out my sample application. Over the next days I’ll blog more about Tekton, CI/CD and ArgoCD.