DO288 - ch07s05

Bookmark this page

Lab: Continuous Deployment by Using Red Hat OpenShift Pipelines

Create custom tasks.

Use tasks and cluster tasks in pipelines.

Create, manage, and execute pipelines.

Outcomes

Create Tekton tasks.
Create Tekton pipelines.
Use tasks and cluster tasks in custom Tekton pipelines.
Start and troubleshoot Tekton pipelines.

As the student user on the workstation machine, use the lab command to prepare your environment for this exercise, and to ensure that all required resources are available.

[student@workstation ~]$ lab start pipelines-review

Instructions

In this lab, you create a pipeline that builds and deploys the vertx-site application. The lab script generates an OpenShift secret that you use in one of the pipeline tasks.

You can test your pipeline by using the PipelineRun object in the /home/student/DO288/labs/pipelines-review/run.yaml file. To test the pipeline multiple times, first remove the pipeline run by using the oc delete -f run.yaml command, and then recreate the object.

[student@workstation ~]$ oc login -u developer -p developer \
https://api.ocp4.example.com:6443
Login successful.
...output omitted...

Ensure that you use the pipelines-review project.

[student@workstation ~]$ oc project pipelines-review
Already on project "pipelines-review" on server "https://api.ocp4.example.com:6443".

The application includes a Containerfile that uses registry.ocp4.example.com:8443/ubi8/openjdk-11 as the base image.
To prevent permission problems in the pipeline execution, make this image public in the internal Quay registry.
1. Open the Quay website at https://registry.ocp4.example.com:8443 and log in with the developer user and the developer password.
2. Search for the ubi8/openjdk-11 repository.
3. In the Repository Visibility section of the ubi8/openjdk-11 settings, make the repository public.

In the pipeline YAML file, define a task to clone the application. Use the following parameters:

Use the git-clone cluster task.
Pass the Git URL property from the pipeline inputs to the task.
Pass the Git revision property from the pipeline inputs to the task.
Configure the task to use the shared workspace.

Navigate to the /home/student/DO288/labs/pipelines-review/ directory.

[student@workstation ~]$ cd /home/student/DO288/labs/pipelines-review
...no output expected...

Discover the parameter names for the git-clone cluster task.

[student@workstation pipelines-review]$ tkn ct describe git-clone
...output omitted...
Params

 NAME                          TYPE     DESCRIPTION              DEFAULT VALUE
 ∙ url                         string   Repository URL to c...   ---
 ∙ revision                    string   Revision to checkou...
 ∙ refspec                     string   Refspec to fetch be...
...output omitted...

Edit the pipeline.yaml file and configure the clone-repository task:

...file omitted...
  tasks:
    - name: clone-repository
      taskRef:
        name: git-clone
        kind: ClusterTask
      params:
        - name: url
          value: $(params.GIT_REPO)
        - name: revision
          value: $(params.GIT_REVISION)
        - name: deleteExisting
          value: 'true'
        - name: sslVerify
          value: 'false'
      workspaces:
        - name: output
          workspace: shared
...file omitted...

Define the maven-task task in the task.yaml file. Use the following parameters:

Use the registry.ocp4.example.com:8443/ubi8/openjdk-11:1.16-3 container image.
Define the following workspaces:
- The source workspace contains the git repository.
- The maven_config workspace contains the settings.xml file.
Define the app_path parameter that configures the location of the application in the workspace.
Define a working directory that combines the source workspace path with the app_path parameter.
Use the mvn clean package -s /path/to/settings.xml command to build the application. The pipeline run mounts the settings.xml file from a secret when you start the pipeline.

Then, create the task in Red Hat OpenShift. Finally, add the task reference to the pipeline.yaml file.

In the task.yaml file, configure the two workspaces and the parameter. Then, in the steps section, complete the build step.

apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
  name: maven-task
spec:
  workspaces:
  - name: source
  - name: maven_config
  params:
  - name: app_path
    description: Path to the application source code in the directory
    type: string
  steps:
    - name: build
      image: registry.ocp4.example.com:8443/ubi8/openjdk-11:1.16-3
      workingDir: $(workspaces.source.path)/$(params.app_path)
      script: |
        mvn clean package -s $(workspaces.maven_config.path)/settings.xml
      securityContext:
        runAsNonRoot: true
        runAsUser: 65532

Create the maven-task task.

[student@workstation pipelines-review]$ oc create -f task.yaml
task.tekton.dev/maven-task created

In the pipeline.yaml file, configure the build task:

...file omitted...
  tasks:
...file omitted...
    - name: build
      taskRef:
        name: maven-task
        kind: Task
      params:
      - name: app_path
        value: $(params.MVN_APP_PATH)
      runAfter:
        - clone-repository
      workspaces:
        - workspace: shared
          name: source
        - workspace: maven_config
          name: maven_config
...file omitted...

In the pipeline, configure the oc-deploy task with the following parameters:

Use the openshift-client cluster task.
Configure the task workspace. The task requires access to the built artifacts from the previous task.

Configure the task to execute the following commands:

cd  "$(workspaces.manifest-dir.path)/$(params.MVN_APP_PATH)" || exit 1
oc new-build --name=$(params.DEPLOY_APP_NAME) \
  -l app=$(params.DEPLOY_APP_NAME) --binary=true \
  --image-stream=openshift/java:8 || echo "BC already exists"
oc start-build $(params.DEPLOY_APP_NAME) --wait=true \
    --from-file=$(params.DEPLOY_ARTIFACT_NAME)
oc new-app $(params.DEPLOY_APP_NAME):latest \
    --name $(params.DEPLOY_APP_NAME) || echo "application exists"
oc expose svc $(params.DEPLOY_APP_NAME) || echo "route exists"

Discover the parameter name for the openshift-client cluster task.

[student@workstation pipelines-review]$ tkn ct describe openshift-client
...output omitted...
Params

 NAME        TYPE     DESCRIPTION              DEFAULT VALUE
 ∙ SCRIPT    string   The OpenShift CLI a...   oc help
 ∙ VERSION   string   The OpenShift Versi...   latest

...output omitted...

Configure the pipeline YAML file.

...file omitted...
  tasks:
...file omitted...
    - name: oc-deploy
      runAfter:
        - "build"
      taskRef:
        name: openshift-client
        kind: ClusterTask
      workspaces:
        - name: manifest-dir
          workspace: shared
      params:
        - name: SCRIPT
          value: |
            cd  "$(workspaces.manifest-dir.path)/$(params.MVN_APP_PATH)" || exit 1
            oc new-build --name=$(params.DEPLOY_APP_NAME) \
              -l app=$(params.DEPLOY_APP_NAME)  --binary=true \
              --image-stream=openshift/java:8 || echo "BC already exists"
            oc start-build $(params.DEPLOY_APP_NAME) --wait=true \
              --from-file=$(params.DEPLOY_ARTIFACT_NAME)
            oc new-app $(params.DEPLOY_APP_NAME):latest \
              --name $(params.DEPLOY_APP_NAME) || echo "application exists"
            oc expose svc $(params.DEPLOY_APP_NAME) || echo "route exists"
...file omitted...

In the pipeline, configure the skopeo-copy task with the following parameters:

Use the skopeo-copy-internal cluster task.
Configure the source URL to use the docker://default-route-openshift-image-registry.apps.ocp4.example.com/pipelines-review/APP_NAME format.
Configure the destination URL to use the docker://registry.ocp4.example.com:8443/developer/APP_NAME format.
Configure the skopeo image to be registry.ocp4.example.com:8443/ubi9/skopeo:9.2.

In both URLs, use the application name pipeline parameter.

Discover the parameter name for the openshift-client cluster task.

[student@workstation pipelines-review]$ tkn ct describe skopeo-copy-internal
...output omitted...
Params

 NAME              TYPE     DESCRIPTION              DEFAULT VALUE
 ∙ srcImageURL     string   URL of the image to...
 ∙ destImageURL    string   URL of the image wh...
 ∙ srcTLSverify    string   Verify the TLS on t...   false
...output omitted...
 ∙ image           string   The image to use       ...
 ...output omitted...

Configure the pipeline YAML file.

...file omitted...
    - name: skopeo-copy
      runAfter:
          - "oc-deploy"
      taskRef:
        name: skopeo-copy-internal
        kind: ClusterTask
      params:
        - name: srcImageURL
          value: docker://default-route-openshift-image-registry.apps.ocp4.example.com/pipelines-review/$(params.DEPLOY_APP_NAME)
        - name: destImageURL
          value: docker://registry.ocp4.example.com:8443/developer/$(params.DEPLOY_APP_NAME)
        - name: image
          value: registry.ocp4.example.com:8443/ubi9/skopeo:9.2

Create and execute the pipeline.

Create the pipeline.

[student@workstation pipelines-review]$ oc create -f pipeline.yaml
pipeline.tekton.dev/maven-java-pipeline created

Execute the pipeline.

[student@workstation pipelines-review]$ oc create -f run.yaml
pipelinerun.tekton.dev/testrun created

Wait until the pipeline finishes.

[student@workstation pipelines-review]$ tkn pipeline \
logs -f -a maven-java-pipeline
2023/08/30 11:49:42 Entrypoint initialization

2023/08/30 11:49:43 Decoded script /tekton/scripts/script-0-ttpl8

+ '[' false = true ']'
...output omitted...

Verify that the pipeline succeeded.

[student@workstation pipelines-review]$ tkn pipeline list
NAME                  AGE          LAST RUN   STARTED        DURATION   STATUS
maven-java-pipeline   1 hour ago   testrun    1 minute ago   1m18s      Succeeded

In a web browser, open the vertx-site-pipelines-review.apps.ocp4.example.com URL to verify that the application responds. Alternatively, test the application by using a curl request.

[student@workstation pipelines-review]$ curl -s \
vertx-site-pipelines-review.apps.ocp4.example.com; echo
<html><body><h1>Welcome to your Vert.x v1.0 application!</h1></body></html>

Evaluation

As the student user on the workstation machine, use the lab command to grade your work. Correct any reported failures and rerun the command until successful.

[student@workstation ~]$ lab grade pipelines-review

Finish

As the student user on the workstation machine, use the lab command to complete this exercise. This step is important to ensure that resources from previous exercises do not impact upcoming exercises.

[student@workstation ~]$ lab finish pipelines-review

Discuss Red Hat OpenShift Developer II: Building and Deploying Cloud-native Applications

Go to community

Red Hat OpenShift Developer II: Building Kubernetes Applications (DO288)

Haley_Ruccio

31 lip 2023

Design, build, and deploy containerized applications on Red Hat OpenShiftRed Hat OpenShift Developer II: Building Kubernetes Applications (DO288) teaches you how to design, build, and deploy containerized software applications on an OpenShift clusterWhether you are migrating existing applications or writing container-native applications, you will learn how to boost developer productivity powered by Red Hat® OpenShift Container Platform, a containerized application platform that allows enterprises to manage container deployments and scale their applications using Kubernetes.This course is based on Red Hat OpenShift Container Platform 4.10.Course content summaryDesign containerized applications for OpenShift.Manage and trigger application builds using Source-to-Image (S2I).Customize an existing source-to-image base image.Deploy multi-container applications using Helm Charts.Create health checks to monitor and improve application reliability.Create and deploy cloud-native applications on OpenShift.Audience for this courseEnterprise application developersDevOps site reliability engineersRecommended for this courseTake our free assessment to gauge whether this offering is the best fit for your skills.View the Red Hat OpenShift skill paths.Complete Red Hat OpenShift I: Containers & Kubernetes (DO180), or have equivalent knowledgeBeing a Red Hat Certified System Administrator or having earned a higher certification is helpful for navigation and usage of the command line, but is not requiredTechnology considerationsThis course uses a lab environment provisioned in the Red Hat Online Learning (ROL) cloud.Internet access is required to run the exercises and labs.

Welcome to the Red Hat OpenShift Developer II (DO288) group in the Red Hat Learning Community!

Deanna

31 lip 2023

We are excited to launch a space dedicated to the Red Hat Training course DO288! To gain the most value from this group - click the "Join Group" button in the upper right hand corner.We encourage group members to collaborate in this group to discuss topics, ask questions, share best practices and tips, provide course feedback, and share their accomplishments as it relates to DO288.Read more about Red Hat OpenShift Developer II: Building Kubernetes Applications here.

406

Revision: do288-4.12-0d49506