Start With CI/CD Using the Cloud Native Toolkit From the IBM Garage
Today’s blog post is about the awesome IBM Garage Cloud Native Toolkit to support continuous integration and continuous delivery (CICD) in today's agile world.
Join the DZone community and get the full member experience.Join For Free
I want to provide a basic overview from my perspective, which I structured in the following sections:
- Basic Overview
- Try it out
- Open-Source Tools/Technologies
- What are the major tasks inside an OOTB Tekton pipeline?
I love to see how tools can support different kinds of software development processes fully or partly, especially in today’s agile world. With my background of using Rational Tools for a long time, I always like to see, how is it possible to make life easier for the different roles in the Software Development Lifecycle.
Continuous integration and continuous delivery are two big important parts of the effective implementation of a Software Development Lifecycle in a company to speed up development and innovation. So, the IBM Garage
Cloud Native Toolkit exactly does address these two critically important topics. The toolkit does address it with a concrete initial configuration.
The Cloud Native Toolkit utilizes the Tekton Operator to create an awesome starting point with a pre-configuration for continuous integration and continuous delivery in your Red Hat OpenShift cluster using Open-Source tools.
Try It Out
I wanted to try out the Cloud Native Toolkit with my own simple project and I used one of my very basic Node.js server implementations in my private GitHub repository. My objective was only to try out the basic
Out-Of-The-Box configuration. I followed the given guides in the getting started documentation of the Cloud Native Toolkit for the setup of the toolkit and then I used it.
The documentation worked fine for me for the entire setup and the usage for my example application.
The Cloud Native Toolkit highlights in an impressive way how Open-Source technologies/tools can be used together to support continuous integration and continuous delivery for containerized applications in Red Hat OpenShift. So, I want to give you a basic overview of the used Open-Source tools/technologies in the
Out-Of-The-Box default configuration for a Tekton pipeline, provided by the Cloud Native Toolkit.
These are the used Open-Source tools/technologies in the pipeline with a very short explanation of what they do address in the context of the Cloud Native Toolkit:
|OPEN-SOURCE TECHNOLOGY/TOOL||ADDRESSES FOLLOWING TOPIC|
|Tekton||Continuous integration is realized with Tekton. The following image shows some of the predefined tasks in the Tekton pipeline and how the pipeline appears in Red Hat OpenShift.
|Tekton Operator||The IBM Garage team is using the Tekton Operator provided by Red Hat to set up the Cloud Native Toolkit inside Red Hat OpenShift.
|ArgoCD||Continuous delivery is implemented with ArgoCD, related to GitOps.
|SonarQube||White box testing/scanning is realized with SonarQube. That's related to the implementation of the scanning for the well-known top 10 security risks identified by the OWASP project, which is well known in the application security area.
|Artifactory||Saving binary assets like tgz files containing the Helm chart configurations within Artifactory.
|Helm charts||Defining the deployment of the containerized applications with Helm charts. “Helm is the best way to find, share, and use software built for Kubernetes.”|
|Mocha and supertest||In the Tekton Task Test, I used for the unit tests of my Node.js server Mocha in combination with Supertest.
What Are the Major Tasks Inside an OOTB Tekton Pipeline?
The IBM Garage team did a lot of bash programming and YAML pre-configration for the Tekton tasks and steps to reflect, for example, different quality gates you can customize to stop the execution of your pipeline. It also includes a lot of experience from a huge number of different customers' projects.
The image contains a brief look inside an example of task implementation.
Image 1: Screenshot of the default configuration for a pipeline.
Image 2: Overview of the preconfigured Tekton pipeline tasks
Here is a short and very simplified overview of the preconfigured Tekton pipeline tasks, which are defined for the
Out-Of-The-Box configuration I used.
||Executing unit tests and security scanning for the application.|
||Building a container image based on the Dockerfile|
||Deploying the application using a
||Doing an automated tagging of your deployed releases in your GitHub project.|
||Tag the container image in your container registry.|
||Security scan of the container using container registry capabilities.|
||Helm chart for this deployment will be saved in a repository.|
||Using the Helm chart to deploy container into other projects with ArgoCD.
These projects can reflect for example deferent environments like
The IBM Cloud Garage team invested time and shared their experience with us to provide us a great professional starting point with pre-configurations and guided setups containing different Open-Source tools/projects to get started with a setup and using continuous integration and continuous delivery in a professional way. The Cloud Native Toolkit also provides various templates for different technologies.
Published at DZone with permission of Thomas Suedbroecker. See the original article here.
Opinions expressed by DZone contributors are their own.