Install Tekton⚓︎
EPAM Delivery Platform uses Tekton resources, such as Tasks, Pipelines, Triggers, Interceptors and Chains for running the CI/CD pipelines.
Inspect the main steps to perform for installing the Tekton resources via the Tekton release files.
Prerequisites⚓︎
- Kubectl version 1.24.0 or higher is installed. Please refer to the Kubernetes official website for details.
- For Openshift/OKD, the latest version of the
ocutility is required. Please refer to the OKD page on GitHub for details. - Created AWS ECR repository for Kaniko cache. By default, the Kaniko cache repository name is
kaniko-cacheand this parameter is located in our Tektoncommon-library.
Installation on Kubernetes Cluster⚓︎
To install Tekton resources, follow the steps below:
Info
Please refer to the Install Tekton Pipelines and Install and set up Tekton Triggers sections for details.
-
Install Tekton pipelines v0.53.4 using the release file:
Note
Tekton Pipeline resources are used for managing and running EDP Tekton Pipelines and Tasks. Please refer to the EDP Tekton Pipelines and EDP Tekton Tasks pages for details.
-
Install Tekton Triggers v0.25.3 using the release file:
Note
Tekton Trigger resources are used for managing and running EDP Tekton EventListeners, Triggers, TriggerBindings and TriggerTemplates. Please refer to the EDP Tekton Triggers page for details.
-
Install Tekton Interceptors v0.25.3 using the release file:
Note
EPAM Delivery Platform uses GitLab, GitHub and Cel ClusterInterceptors for managing requests from webhooks.
-
Install Tekton Chains v0.19.0 using the release file:
Installation on OKD cluster⚓︎
To install Tekton resources, follow the steps below:
Info
Please refer to the Install Tekton Operator documentation for details.
Note
Tekton Operator also deploys Pipelines as Code CI that requires OpenShift v4.11 (based on Kubernetes v1.24) or higher. This feature is optional and its deployments can be scaled to zero replicas.
Install Tekton Operator v0.67.0 using the release file:
kubectl apply -f https://github.com/tektoncd/operator/releases/download/v0.67.0/openshift-release.yaml
After the installation, the Tekton Operator will install the following components: Pipeline, Trigger, and Addons.
Note
If there is the following error in the openshift-operators namespace for openshift-pipelines-operator and tekton-operator-webhook deployments:
Patch the deployments with the following commands:
kubectl -n openshift-operators patch deployment openshift-pipelines-operator -p '{"spec": {"template": {"spec": {"securityContext": {"runAsUser": 1000}}}}}'
kubectl -n openshift-operators patch deployment tekton-operator-webhook -p '{"spec": {"template": {"spec": {"securityContext": {"runAsUser": 1000}}}}}'
Grant access for Tekton Service Accounts in the openshift-pipelines namespace to the Privileged SCC:
oc adm policy add-scc-to-user privileged system:serviceaccount:openshift-pipelines:tekton-operators-proxy-webhook
oc adm policy add-scc-to-user privileged system:serviceaccount:openshift-pipelines:tekton-pipelines-controller
oc adm policy add-scc-to-user privileged system:serviceaccount:openshift-pipelines:tekton-pipelines-resolvers
oc adm policy add-scc-to-user privileged system:serviceaccount:openshift-pipelines:tekton-pipelines-webhook
oc adm policy add-scc-to-user privileged system:serviceaccount:openshift-pipelines:tekton-triggers-controller
oc adm policy add-scc-to-user privileged system:serviceaccount:openshift-pipelines:tekton-triggers-core-interceptors
oc adm policy add-scc-to-user privileged system:serviceaccount:openshift-pipelines:tekton-triggers-webhook
oc adm policy add-scc-to-user privileged system:serviceaccount:openshift-pipelines:pipelines-as-code-controller
oc adm policy add-scc-to-user privileged system:serviceaccount:openshift-pipelines:pipelines-as-code-watcher
oc adm policy add-scc-to-user privileged system:serviceaccount:openshift-pipelines:pipelines-as-code-webhook
oc adm policy add-scc-to-user privileged system:serviceaccount:openshift-pipelines:default