How The Stars Aligned To Build Aktion

Today we are pleased to announce TriggerMesh Aktion, a CLI to transform GitHub Actions into Tekton pipelines.

You have most likely heard about Github Actions, it is an alpha feature of GitHub which lets you express CI/CD workflows store them directly in your repository and GitHub automatically runs the actions that are described in the workflow. This is a very exciting feature.

You also most likely have not yet heard about Tekton and are wondering what this new thing is. Well, it came out of the Knative project and is a Kubernetes extension to express application pipelines and their dependencies. Tekton is meant to be the engine that drives CI/CD and I am sure other types of pipelines really soon.

Several events converged that led us to build Aktion, let me go over them to bring some color to this announcement:

Google Cloud Build Can Do More Than Container Builds

At Google Next, Google renamed their Google Container Build service “Google Cloud Build” and we started using it heavily at TriggerMesh to build container images. Using GCB it became rather clear however that you could do much more with it than just build containers. You could indeed run any actions. Any application/code/script that can run in a container can be configured to run via GCB and get triggered on repository push events.

Knative Gives Serverless Components

Knative was announced in July at the same Google Next. One of the components of Knative is Build, which in combination with Kaniko allows you to build containers in unprivileged containers. Knative Build has it turned out felt like a GCB lite down to the actual syntax. That’s when we started enabling a GCB like functionality in our own cloud and started thinking about CI/CD for serverless.

GitHub Announces Actions With a HCL Syntax

Then in October last year, GitHub announced Actions at GitHub Universe. GitHub runs on Kubernetes therefore when Actions was announced we automatically thought that they were running on Kubernetes. That was an exciting move by GitHub and we can’t wait to see the service go GA. However looking at the workflow syntax, HCL jumped at us having used Terraform for some time and we right away saw a link between the GitHub Actions and the Steps in a Knative Build, that’s when we knew we could “re-engineer” GitHub Actions

Knative Community Develops Tekton Pipelines

Finally, the Knative community started working on something much more ambitious than pure build and started developing Knative “pipelines”. Today Knative pipelines has been renamed Tekton and is a seeding project of the Continuous Delivery Foundation (CDF).

GitHub Open Sources the Actions Parser

The last minute kicker was on February 7th (a month ago literally), when GitHub open sourced their Actions parser. We right away ditched our own parser, adopted theirs, and started building Tekton objects from GitHub Actions.

So what can you do with aktion. Here it is:

Usage

Take a GitHub Action workflow like this one:

$ cat main.workflow
workflow "knative test" {
  on = "push"
  resolves = [
    "run this",
  ] 
}

action "run this" {
  uses = "docker://centos"
  runs = "echo"
  env = {
    FOO = "BAR" 
  }
  args = "hello world"
  secrets = ["BAR", "BAZ"]
}

You transform it with:

$ aktion create -f main.workflow 
apiVersion: tekton.dev/v1alpha1
kind: Task
metadata:
  creationTimestamp: null
  name: knative-test
spec:
  steps:
  - args:
    - hello
    - world
    command:
    - echo
    env:
    - name: FOO
      value: BAR
    envFrom:
    - secretRef:
        name: BAR
    - secretRef:
        name: BAZ
    image: centos
    name: run-this
    resources: {}

A Task is a Tekton API object. Secrets are Kubernetes secrets The image is a Docker image.

To specify the repository that is used:

$ aktion create -f main.workflow --repo https://gitub.com/sebgoa/klr-demo
---
apiVersion: tekton.dev/v1alpha1
kind: PipelineResource
metadata:
  creationTimestamp: null
  name: knative-test
spec:
  params:
  - name: revision
    value: master
  - name: url
    value: https://gitub.com/sebgoa/klr-demo
  type: git
status: {}
---
apiVersion: tekton.dev/v1alpha1
kind: Task
...
spec:
  inputs:
    resources:
    - name: knative-test
      targetPath: ""
      type: git
...

The PipelineResource object is another Tekton API object that lets us define input and output resources of a pipeline.

Finally, to launch the Actions in a Kubernetes cluster you can use kubectl apply

aktion create -f main.workflow --repo https://gitub.com/sebgoa/klr-demo | kubectl apply -f -

A note on eventing

Until you dive into Tekton some of this will appear a bit obscure. Creating the pipeline and its resources is one great step, the really useful step is to launch that pipeline and do it when specific events happen.

That’s where Knative Eventing comes into play. With Eventing you can define event sources (like our own AWS event sources called KLASS) as Kubernetes objects, listen to events and have functions subscribe to those events. In Aktion we have built a so-called transceiver that receives GitHub events via a Knative GitHub event source, and creates a `TaskRun` object. This `TaskRun` is what tells Tekton to execute the pipeline.

This part is still WIP due to some Go dependencies conflicts, but keep your eyes out for the following command:

aktion launch -f main.workflow

What the hell does this mean you are screaming at me ?

This means that we have an event-driven pipeline execution engine running on Kubernetes.

Conclusions

Kubernetes is showing its strength as a development platform everyday. Knative and Tekton are going to become exciting building blocks for future cloud-native applications. Join us at https://github.com/triggermesh/aktion to keep on developing aktion and unify GitHub Actions to run on Kubernetes everywhere.