Building Docker Actions with Aktion
Given a GitHub Action workflow, Aktion will convert it into Tekton API objects: Pipeline, PipelineResources, Tasks and optional TaskRun. These objects are custom resources that the Tekton controller understands and transforms ultimately into Kubernetes Pods to perform, well, tasks. You can get a crash course on Tekton by following the introduction tutorial.
A simple hello world Action workflow would resemble something along the lines of:
Each action is required to specify a uses entry to denote the Docker container to run the specified command in. In the initial release of Aktion, the only supported entry is a pre-existing Docker image using the docker:// prefix. GitHub, however, allows for the specification of a local path inside a repository in the form of ./path/to/Dockerfile, or an external GitHub repository in the form of organization/project/path/to/Dockerfile. At GitHub, Actions take this path, and builds the container on the fly for you.
This means that Aktion also needs to be able to trigger a Docker image build. This technical post shows you how we added this feature and used Tekton objects to perform a container build.
Aktion was recently updated to enable support for the repo specific portion of referring to a Docker container. To support this, some fundamental changes have been made to how Aktion creates the TektonCD Pipeline CRDs:
1. The --repo flag has been replaced by a --git flag, and is now required for actions that utilize the ./path/to/Dockerfile local path approach.
1. Build tasks are now created to convert each uses component into a Docker container for use within the action.
1. Each action still corresponds to a step within a Pipeline Task and each Workflow is a corresponding Pipeline Task. With the introduction of the docker container build tasks, the tasks are now contained within a TektonCD Pipeline.
1. --taskrun has been renamed --pipelinerun and will create a TektonCD PipelineRun CRD.
Looking at a sample action:
Inside the samples/test-images directory is a Dockerfile:
With Aktion, you can translate the entire workflow into Tekton Objects like so:
You will clearly see below that the HCL syntax of GitHub Action is much more terse and user friendly, while the Tekton objects in YAML are not meant for human consumption. We foresee that Action will be used heavily from a user standpoint but that Tekton will become the backend of choice for workflows.
For reference here are all the objects created by the transformation:
The breakdown on the components:
– PipelineResources corresponding to the input Github repo and output image
– A build Task using [Kaniko](https://github.com/GoogleContainerTools/kaniko)
– A third PipelineResource for the git repo to be referenced within the main task
– A main Task that is referencing the image built from the previous build task
– A Pipeline CRD that populates the appropriate references between the build
task and main task
– A PipelineRun CRD to perform the one-shot execute operation
To see the above example in operation on a Kubernetes cluster using TriggerMesh’s Kubernetes based Docker Registry. You can pipe the resulting objects via kubectl apply . Two pods will be created: one to build the image, and a second one to run the main task.
Applying the Tekton objects leads to:
You will be able to verify the status of the build using:
The pods created will be similar to:
Lastly, verifying the logs from local-repo-test-pipeline-run-local-repo-test-7p9mx-pod-09a983 which is the main task:
To rerun the workflow, delete the pipelinerun.tekton.dev/local-repo-test-pipeline-run entity, and reapply the PipelineRun YAML component.
Aktion and remote GitHub repos
GitHub Action also supports referencing GitHub repos as well. Here is a sample workflow that references a remote repository: https://github.com/cab105/aktion-test.
In this case, uses reflects the organization of cab105 and repo name of aktion-test followed by the path that contains a Dockerfile. The @hello-repo indicates the branch to find this directory, but can also reflect the repo tag or changeset ID.
Aktion does require the file workflow file to be present. To try this out, clone the repository https://github.com/cab105/aktion-test and checkout the hello-repo branch.
Since there are no local directories specified in this workflow (the uses arg starting with ./), the --git flag can be omitted.
To create the corresponding Tekton objects do:
Don’t be overwhelmed by the face full of YAML syndrome. Keep in mind what this all means: You can execute GitHub Actions on your own Kubernetes cluster !!!! Think about this …
To find out more and experiment with Aktion, go to: https://github.com/triggermesh/aktion