# Concourse Lab Creation {{#include ../../banners/hacktricks-training.md}} ## Testing Environment ### Running Concourse #### With Docker-Compose Hii faili ya docker-compose inarahisisha usanikishaji wa kufanya majaribio na concourse: ```bash wget https://raw.githubusercontent.com/starkandwayne/concourse-tutorial/master/docker-compose.yml docker-compose up -d ``` Unaweza kupakua amri ya `fly` kwa ajili ya OS yako kutoka mtandao katika `127.0.0.1:8080` #### Pamoja na Kubernetes (Inapendekezwa) Unaweza kwa urahisi kupeleka concourse katika **Kubernetes** (katika **minikube** kwa mfano) kwa kutumia helm-chart: [**concourse-chart**](https://github.com/concourse/concourse-chart). ```bash brew install helm helm repo add concourse https://concourse-charts.storage.googleapis.com/ helm install concourse-release concourse/concourse # concourse-release will be the prefix name for the concourse elements in k8s # After the installation you will find the indications to connect to it in the console # If you need to delete it helm delete concourse-release ``` Baada ya kuunda mazingira ya concourse, unaweza kuunda siri na kutoa ufikiaji kwa SA inayotembea katika concourse web ili kufikia siri za K8s: ```yaml echo 'apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: read-secrets rules: - apiGroups: [""] resources: ["secrets"] verbs: ["get"] --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: read-secrets-concourse roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: read-secrets subjects: - kind: ServiceAccount name: concourse-release-web namespace: default --- apiVersion: v1 kind: Secret metadata: name: super namespace: concourse-release-main type: Opaque data: secret: MWYyZDFlMmU2N2Rm ' | kubectl apply -f - ``` ### Unda Pipeline Pipeline inaundwa na orodha ya [Jobs](https://concourse-ci.org/jobs.html) ambayo ina orodha iliyopangwa ya [Steps](https://concourse-ci.org/steps.html). ### Steps Aina kadhaa tofauti za hatua zinaweza kutumika: - **hatua ya** [**`task` step**](https://concourse-ci.org/task-step.html) **inaendesha** [**task**](https://concourse-ci.org/tasks.html) - hatua ya [`get` step](https://concourse-ci.org/get-step.html) inapata [resource](https://concourse-ci.org/resources.html) - hatua ya [`put` step](https://concourse-ci.org/put-step.html) inasasisha [resource](https://concourse-ci.org/resources.html) - hatua ya [`set_pipeline` step](https://concourse-ci.org/set-pipeline-step.html) inakamilisha [pipeline](https://concourse-ci.org/pipelines.html) - hatua ya [`load_var` step](https://concourse-ci.org/load-var-step.html) inaloadi thamani kwenye [local var](https://concourse-ci.org/vars.html#local-vars) - hatua ya [`in_parallel` step](https://concourse-ci.org/in-parallel-step.html) inaendesha hatua kwa pamoja - hatua ya [`do` step](https://concourse-ci.org/do-step.html) inaendesha hatua kwa mpangilio - mrekebishaji wa hatua ya [`across` step](https://concourse-ci.org/across-step.html#schema.across) inaendesha hatua mara nyingi; mara moja kwa kila mchanganyiko wa thamani za mabadiliko - hatua ya [`try` step](https://concourse-ci.org/try-step.html) inajaribu kuendesha hatua na inafanikiwa hata kama hatua inashindwa Kila [step](https://concourse-ci.org/steps.html) katika [job plan](https://concourse-ci.org/jobs.html#schema.job.plan) inaendesha katika **konteina yake mwenyewe**. Unaweza kuendesha chochote unachotaka ndani ya konteina _(yaani, endesha majaribio yangu, endesha hii bash script, jenga picha hii, nk.)_. Hivyo basi, ikiwa una kazi yenye hatua tano, Concourse itaunda konteina tano, moja kwa kila hatua. Kwa hivyo, inawezekana kuashiria aina ya konteina ambayo kila hatua inahitaji kuendesha ndani yake. ### Mfano wa Rahisi wa Pipeline ```yaml jobs: - name: simple plan: - task: simple-task privileged: true config: # Tells Concourse which type of worker this task should run on platform: linux image_resource: type: registry-image source: repository: busybox # images are pulled from docker hub by default run: path: sh args: - -cx - | sleep 1000 echo "$SUPER_SECRET" params: SUPER_SECRET: ((super.secret)) ``` ```bash fly -t tutorial set-pipeline -p pipe-name -c hello-world.yml # pipelines are paused when first created fly -t tutorial unpause-pipeline -p pipe-name # trigger the job and watch it run to completion fly -t tutorial trigger-job --job pipe-name/simple --watch # From another console fly -t tutorial intercept --job pipe-name/simple ``` Angalia **127.0.0.1:8080** ili kuona mtiririko wa pipeline. ### Bash script na pipeline ya matokeo/ingizo Inawezekana **kuhifadhi matokeo ya kazi moja katika faili** na kuashiria kwamba ni matokeo na kisha kuashiria ingizo la kazi inayofuata kama matokeo ya kazi ya awali. Kile ambacho concourse inafanya ni **kuunganisha directory ya kazi ya awali katika kazi mpya ambapo unaweza kufikia faili zilizoundwa na kazi ya awali**. ### Triggers Huhitaji kuanzisha kazi kwa mikono kila wakati unapotaka kuzifanya, unaweza pia kuzipanga zifanyike kila wakati: - Wakati fulani unapita: [Time resource](https://github.com/concourse/time-resource/) - Kwa commits mpya kwenye tawi kuu: [Git resource](https://github.com/concourse/git-resource) - PR mpya: [Github-PR resource](https://github.com/telia-oss/github-pr-resource) - Pakua au sukuma picha ya hivi karibuni ya programu yako: [Registry-image resource](https://github.com/concourse/registry-image-resource/) Angalia mfano wa YAML pipeline unaoanzishwa kwa commits mpya kwenye master katika [https://concourse-ci.org/tutorial-resources.html](https://concourse-ci.org/tutorial-resources.html) {{#include ../../banners/hacktricks-training.md}}