Pipelines as Code - Installation # Pipelines-as-Code support different installation method to Git provider platforms (i.e: GitHub, Bitbucket and so on)
The preferred method to use Pipelines-as-Code is configured with a GitHub Application.
Install Pipelines as Code infrastructure # Pipelines-as-Code support different installation method to Git provider platforms (ie: GitHub, Bitbucket and so on) The preferred method to use Pipelines-as-Code is configured with a GitHub Application.
To get started with Pipelines-as-Code, you need to
Installation # Operator Install # The easiest way to install Pipelines as Code on OpenShift is with the Red Hat Openshift Pipelines Operator.
On the Openshift Pipelines Operator, the default namespace is openshift-pipelines.
Manual Install # Prerequisite # Before installing Pipelines As Code, please verify tektoncd/pipeline is installed. You can install the latest released version using the following command
kubectl apply --filename https://storage.googleapis.com/tekton-releases/pipeline/latest/release.yaml If you are not installing the latest version, ensure you are running Tekton Pipeline greater than v0.
Pipelines-As-Code configuration settings # There is a few things you can configure through the config map pipelines-as-code in the pipelines-as-code namespace.
application-name
The name of the application showing for example in the GitHub Checks labels. Default to Pipelines as Code CI
secret-auto-create
Whether to auto create a secret with the token generated through the GitHub application to be used with private repositories. This feature is enabled by default.
Custom certificates # If you need to configure Pipelines-as-Code with a Git repository that requires a privately signed or custom certificate to access, then you will need to expose the certificate to Pipelines-as-Code.
OpenShift # If you have installed Pipelines-as-Code through the OpenShift Pipelines operator, then you will need to add your custom certificate to the cluster via the Proxy object. The operator will expose the certificate in all OpenShift Pipelines components and workloads, including Pipelines-as-Code.
Create a Pipelines-as-Code GitHub App # The GitHub App install is different from the other install methods since it acts as the integration point with OpenShift Pipelines and brings the Git workflow into Tekton pipelines. You only need one GitHub App for every user on the cluster usually setup by the admin.
You need the webhook of the GitHub App to point to your Pipelines-as-Code Controller route or ingress endpoint which would listen to GitHub events.
Use Pipelines-as-Code with GitHub Webhook # If you are not able to create a GitHub application you can use Pipelines-as-Code with GitHub Webhook on your repository.
Using Pipelines as Code through GitHub webhook does not give you access to the GitHub CheckRun API, therefore the status of the tasks will be added as a Comment on the PullRequest and not through the Checks Tab.
gitops comment (ie: /retest /ok-to-test) with GitHub webhook is not supported.
Use Pipelines-as-Code with Gitlab Webhook # Pipelines-As-Code supports on Gitlab through a webhook.
Follow the pipelines-as-code installation according to your Kubernetes cluster.
Create GitLab Personal Access Token # Follow this guide to generate a personal token as the manager of the Org or the Project:
https://docs.gitlab.com/ee/user/profile/personal_access_tokens.html
Note: You can create a token scoped only to the project. Since the token needs to be able to have api access to the forked repository from where the MR come from, it will fail to do it with a project scoped token.
Use Pipelines-as-Code with Bitbucket Cloud # Pipelines-As-Code supports on Bitbucket Cloud through a webhook.
Follow the Pipelines-As-Code installation according to your Kubernetes cluster.
Create Bitbucket Cloud App Password # Follow this guide to create an app password:
https://support.atlassian.com/bitbucket-cloud/docs/app-passwords/
Check these boxes to add the permissions to the token:
Account: Email, Read Workspace membership: Read, Write Projects: Read, Write Issues: Read, Write Pull requests: Read, Write NOTE: If you are going to configure webhook through CLI, you must also add additional permission
Install Pipelines-As-Code on Bitbucket Server # Pipelines-As-Code has a full support of Bitbucket Server.
After following the installation:
You will have to generate a personal token as the manager of the Project, follow the steps here: https://confluence.atlassian.com/bitbucketserver/personal-access-tokens-939515499.html
The token will need to have the PROJECT_ADMIN and REPOSITORY_ADMIN permissions.
Note that the token needs to be able to have access to the forked repository in pull requests, or it would not be able to process and access the pull request.
Kubernetes # Pipelines as Code works on kubernetes/minikube/kind.
Prerequisites # You will need to pre-install the pipeline release.yaml file on your kubernetes cluster.
Install # The release YAML to install pipelines are for the released version :
kubectl apply -f https://raw.githubusercontent.com/openshift-pipelines/pipelines-as-code/stable/release.k8s.yaml and for the nightly :
kubectl apply -f https://raw.githubusercontent.com/openshift-pipelines/pipelines-as-code/nightly/release.k8s.yaml Verify # Ensure that the pipelines-as-code controller, webhook, and watcher have come up healthy, for example: