Skip to content

DonnieKim411/secure-kube-toolchain-tekton-pipeline-test

Repository files navigation

Icon Develop a Kubernetes app

Continuously deliver a secure container app to a Kubernetes Cluster

This Hello World application uses Docker with Node.js and includes a DevOps toolchain that is preconfigured for continuous delivery with Vulnerability Advisor, source control, issue tracking, and online editing, and deployment to the IBM Kubernetes Service.

Application code is stored in source control, along with its Dockerfile and its Kubernetes deployment script. The target cluster is configured during toolchain setup (using an IBM Cloud API key and cluster name). You can later change these by altering the Delivery Pipeline configuration. Any code change to the Git repo will automatically be built, validated and deployed into the Kubernetes cluster.

Icon

To get started, click this button:

Create toolchain

It implements the following best practices:

  • sanity check the Dockerfile prior to attempting creating the image,
  • build container image on every Git commit, setting a tag based on build number, timestamp and commit id for traceability
  • use a private image registry to store the built image, automatically configure access permissions for target cluster deployment using API tokens than can be revoked,
  • check container image for security vulnerabilities,
  • insert the built image tag into the deployment manifest automatically,
  • use an explicit namespace in cluster to insulate each deployment (and make it easy to clear, by "kubectl delete namespace"),

Learn more