"Tekton is a powerful and flexible open-source framework for creating CI/CD systems, allowing developers to build, test, and deploy across cloud providers and on-premise systems."
Tekton is a fantastic project that allows to build pipelines for your CI/CD needs. It works really great as it takes advantage of dynamic nature of Kubernetes cluster and uses resources only when it actually executes a task.
Tasks that are executed can be pretty much anything that starts a container (pod) and executes. There is a huge collection of tasks available in Tekton Hub that can be easily used within your own pipelines. Have a further read about Tekton if you're not familiar with it here.
There is just one tiny issue - tasks in Tekon are mainly about executing things and not waiting for things. And here comes Automatiko
that plugs into the Tekton ecosystem via Custom Tasks. Custom tasks (realized in
Runs) allow to provide additional capabilities that are not meant to execute things - like starting a container/pod.
That is exactly what approvals are - they pause the pipeline run and wait for (usually) human based decision to be made.
Let's explore the features of the Approval Tasks
Approval Tasks are used within pipeline as any other task, by using
apiVersion: tekton.dev/v1beta1 kind: Pipeline metadata: name: testpipeline spec: tasks: - name: approval taskRef: apiVersion: tekton.automatiko.io/v1alpha1 kind: ApprovalTask name: approvaltask params: - name: pipeline value: "$(context.pipelineRun.name)" - name: description value: "Sample approval from pipeline $(context.pipeline.name)" - name: approvers value: - "john"
Approval task have several paramters that should be provided
It also produces results
falsethat represents approved or rejected decision
- name: approved when: - input: $(tasks.approval.results.decision) operator: in values: [ "true" ] taskRef: name: print-decision runAfter: - approval
Tekton Dashboard comes with really useful feature called
Extensions. This allows to watch custom resources
as dedicated item in the Dashboard's menu (as shown above).
Approval tasks detail view uses labels to communicate current state of the task - decision and responses. Users who are managing pipelines can easily find out where the task is and what is still to be done to move the pipeline forward.
Above is a sample email that is sent to approvers. Great value in email notification is that it has direct link to a task form where approver can make the decision to either approve or reject it.
Approval tasks can be (currently) assigned based on two strategies
Lastly, a short video demonstrating approval tasks with Tekton can be watched below.
The source code of approval tasks can be found here
This is really a first version of the approval task and lots of features are already in the works (integration with OIDC/OAuth, timeouts, cancelation etc) so stay tuned and provide your feedback and feature requests so this can become useful for many Tekton users.
Thanks for reading and make sure to drop us feedback or ask questions about this article.
Photographs by Unsplash.