diff --git a/docs/install.md b/docs/install.md index c67249b349e..7a6cbeee5ca 100644 --- a/docs/install.md +++ b/docs/install.md @@ -86,10 +86,6 @@ To install Tekton Pipelines on a Kubernetes cluster: kubectl apply --filename https://storage.googleapis.com/tekton-releases/pipeline/latest/release.notags.yaml ``` -1. **Note**: To install Tekton Pipelines without including [the built-in remote resolvers](#installing-and-configuring-remote-task-and-pipeline-resolution) - follow the directions above, but replace `release.yaml` or `release.notags.yaml` with `minimal-release.yaml` or - `minimal-release.notags.yaml` as appropriate. - 1. **Note**: Some cloud providers (such as [GKE](https://github.com/tektoncd/pipeline/issues/3317#issuecomment-708066087)) may also require you to allow port 8443 in your firewall rules so that the Tekton Pipelines webhook is reachable. @@ -272,27 +268,9 @@ data: bucket.service.account.field.name: GOOGLE_APPLICATION_CREDENTIALS ``` -## Installing and configuring remote Task and Pipeline resolution - -By default, when Tekton Pipelines is installed using `release.yaml` or `release.notags.yaml`, the -[built-in resolvers](#built-in-resolvers) are installed into the `tekton-pipelines-resolvers` namespace. - -### Installing built-in remote resolvers with a minimal Tekton Pipelines installation - -If you have installed Tekton Pipelines using `minimal-release.yaml` or `minimal-release.notags.yaml` and -wish to add the [built-in remote resolvers](#built-in-resolvers) later, you can install them separately -by running the following command: - - ```bash - kubectl apply --filename https://storage.googleapis.com/tekton-releases/pipeline/latest/resolvers.yaml - ``` - -To install a specific version, see [Installing Tekton Pipelines on Kubernetes](#installing-tekton-pipelines-on-kubernetes). -Change `release.yaml` to `resolvers.yaml`. - -### Built-in Resolvers +## Configuring built-in remote Task and Pipeline resolution -Three remote resolvers are currently provided as part of the `resolvers.yaml` installation. +Three remote resolvers are currently provided as part of the Tekton Pipelines installation. By default, these remote resolvers are disabled. Each resolver is enabled by setting the appropriate feature flag in the `resolvers-feature-flags` ConfigMap in the `tekton-pipelines-resolvers` namespace: diff --git a/tekton/publish.yaml b/tekton/publish.yaml index 8e73e426bbe..6bfe591aa12 100644 --- a/tekton/publish.yaml +++ b/tekton/publish.yaml @@ -11,10 +11,7 @@ spec: default: github.com/tektoncd/pipeline - name: images description: List of cmd/* paths to be published as images - default: "controller webhook entrypoint nop kubeconfigwriter git-init imagedigestexporter pullrequest-init workingdirinit" - - name: resolverImages - description: List of cmd/* paths to be published as images in release manifest resolvers.yaml - default: "resolvers" + default: "controller webhook entrypoint nop kubeconfigwriter git-init imagedigestexporter pullrequest-init workingdirinit resolvers" - name: versionTag description: The vX.Y.Z version that the artifacts should be tagged with (including `v`) - name: imageRegistry @@ -164,20 +161,14 @@ spec: git tag $(params.versionTag) ko resolve --platform=$(params.platforms) --preserve-import-paths -t $(params.versionTag) -R -f ${PROJECT_ROOT}/config/ > $OUTPUT_RELEASE_DIR/release.yaml - ko resolve --platform=$(params.platforms) --preserve-import-paths -t $(params.versionTag) -l 'app.kubernetes.io/component!=resolvers' -R -f ${PROJECT_ROOT}/config/ > $OUTPUT_RELEASE_DIR/minimal-release.yaml - ko resolve --platform=$(params.platforms) --preserve-import-paths -t $(params.versionTag) -f ${PROJECT_ROOT}/config/resolvers > $OUTPUT_RELEASE_DIR/resolvers.yaml # Publish images and create release.notags.yaml # This is useful if your container runtime doesn't support the `image-reference:tag@digest` notation # This is currently the case for `cri-o` (and most likely others) ko resolve --platform=$(params.platforms) --preserve-import-paths -R -f ${PROJECT_ROOT}/config/ > $OUTPUT_RELEASE_DIR/release.notags.yaml - ko resolve --platform=$(params.platforms) --preserve-import-paths -l 'app.kubernetes.io/component!=resolvers' -R -f ${PROJECT_ROOT}/config/ > $OUTPUT_RELEASE_DIR/minimal-release.notags.yaml - ko resolve --platform=$(params.platforms) --preserve-import-paths -f ${PROJECT_ROOT}/config/resolvers > $OUTPUT_RELEASE_DIR/resolvers.notags.yaml # Rewrite "devel" to params.versionTag sed -i -e 's/\(pipeline.tekton.dev\/release\): "devel"/\1: "$(params.versionTag)"/g' -e 's/\(app.kubernetes.io\/version\): "devel"/\1: "$(params.versionTag)"/g' -e 's/\(version\): "devel"/\1: "$(params.versionTag)"/g' ${OUTPUT_RELEASE_DIR}/release.yaml sed -i -e 's/\(pipeline.tekton.dev\/release\): "devel"/\1: "$(params.versionTag)"/g' -e 's/\(app.kubernetes.io\/version\): "devel"/\1: "$(params.versionTag)"/g' -e 's/\(version\): "devel"/\1: "$(params.versionTag)"/g' ${OUTPUT_RELEASE_DIR}/release.notags.yaml - sed -i -e 's/\(pipeline.tekton.dev\/release\): "devel"/\1: "$(params.versionTag)"/g' -e 's/\(app.kubernetes.io\/version\): "devel"/\1: "$(params.versionTag)"/g' -e 's/\(version\): "devel"/\1: "$(params.versionTag)"/g' ${OUTPUT_RELEASE_DIR}/resolvers.yaml - sed -i -e 's/\(pipeline.tekton.dev\/release\): "devel"/\1: "$(params.versionTag)"/g' -e 's/\(app.kubernetes.io\/version\): "devel"/\1: "$(params.versionTag)"/g' -e 's/\(version\): "devel"/\1: "$(params.versionTag)"/g' ${OUTPUT_RELEASE_DIR}/resolvers.notags.yaml - name: koparse image: gcr.io/tekton-releases/dogfooding/koparse:latest script: | @@ -190,20 +181,11 @@ spec: IMAGES="${IMAGES} ${IMAGES_PATH}/cmd/${cmd}:$(params.versionTag)" done - # Parse the built images from the minimal-release.yaml generated by ko + # Parse the built images from the release.yaml generated by ko koparse \ - --path $OUTPUT_RELEASE_DIR/minimal-release.yaml \ + --path $OUTPUT_RELEASE_DIR/release.yaml \ --base ${IMAGES_PATH} --images ${IMAGES} > /workspace/built_images - for cmd in $(params.resolverImages) - do - RESOLVER_IMAGES="${RESOLVER_IMAGES} ${IMAGES_PATH}/cmd/${cmd}:$(params.versionTag)" - done - - # Parse the built images from the resolvers.yaml generated by ko - koparse \ - --path $OUTPUT_RELEASE_DIR/resolvers.yaml \ - --base ${IMAGES_PATH} --images ${RESOLVER_IMAGES} >> /workspace/built_images - name: tag-images image: gcr.io/go-containerregistry/crane:debug diff --git a/tekton/release-pipeline.yaml b/tekton/release-pipeline.yaml index 61b4fc07316..22b977a42f8 100644 --- a/tekton/release-pipeline.yaml +++ b/tekton/release-pipeline.yaml @@ -50,12 +50,6 @@ spec: - name: release-file-no-tag description: the URL of the release file value: $(tasks.report-bucket.results.release-no-tag) - - name: resolvers-file - description: the URL of the resolvers release file - value: $(tasks.report-bucket.results.resolvers) - - name: resolvers-file-no-tag - description: the URL of the resolvers release file - value: $(tasks.report-bucket.results.resolvers-no-tag) tasks: - name: git-clone taskRef: @@ -192,14 +186,6 @@ spec: description: The full URL of the release file in the bucket - name: release-no-tag description: The full URL of the release file (no tag) in the bucket - - name: minimal-release - description: The full URL of the minimal release (without resolvers) file in the bucket - - name: minimal-release-no-tag - description: The full URL of the minimal release file (without resolvers, no tag) in the bucket - - name: resolvers - description: The full URL of the resolvers release file in the bucket - - name: resolvers-no-tag - description: The full URL of the resolvers file (no tag) in the bucket steps: - name: create-results image: alpine @@ -214,7 +200,3 @@ spec: BASE_URL=$(echo ${BASE_URL} | sed 's,gs://,https://storage.googleapis.com/,g') echo "${BASE_URL}/release.yaml" > $(results.release.path) echo "${BASE_URL}/release.notag.yaml" > $(results.release-no-tag.path) - echo "${BASE_URL}/minimal-release.yaml" > $(results.minimal-release.path) - echo "${BASE_URL}/minimal-release.notag.yaml" > $(results.minimal-release-no-tag.path) - echo "${BASE_URL}/resolvers.yaml" > $(results.resolvers.path) - echo "${BASE_URL}/resolvers.notags.yaml" > $(results.resolvers-no-tag.path)