pipeline
by tektoncd
Tekton Pipelines is a cloud-native Kubernetes framework for defining and running CI/CD pipelines using containerized tasks.
A cloud-native Pipeline resource.
Primary Use Case
Tekton Pipelines enables DevSecOps teams and security operations professionals to automate and standardize CI/CD workflows on Kubernetes clusters. It is ideal for organizations looking to implement cloud-native, scalable, and reusable pipeline resources for building, testing, and deploying applications securely and efficiently.
- Cloud-native pipeline resources designed for Kubernetes
- Kubernetes clusters as first-class pipeline targets
- Container-based building blocks for tasks
- Decoupled pipeline and task execution for flexibility
- Typed resources allowing easy swapping of implementations (e.g., kaniko vs buildkit)
- Supports migration guides for API version upgrades
- Comprehensive documentation and version compatibility policy
- Integration with GitHub Container Registry for image hosting
Installation
- Refer to the official installation guide at docs/install.md
- Ensure Kubernetes version 1.28 or later (depending on Tekton version)
- Follow the Getting Started tutorial at https://tekton.dev/docs/getting-started/tasks/
- Use the latest release binaries or manifests from the releases page
- Migrate container images from gcr.io to ghcr.io as per the migration blog
Usage
>_ kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/latest/release.yamlInstall Tekton Pipelines on your Kubernetes cluster
>_ tkn pipeline start <pipeline-name>Start a pipeline run using the Tekton CLI
>_ tkn task start <task-name>Run an individual Tekton Task in isolation
>_ kubectl get pipelinesList all Tekton Pipelines installed in the cluster
>_ kubectl get pipelinerunsView the status of pipeline runs
- Integrate Tekton Pipelines with security scanners (e.g., SAST, DAST) to automate vulnerability detection during CI/CD.
- Leverage pipeline tasks to enforce infrastructure-as-code security policies and cloud configuration scanning.
- Use Tekton’s typed resources to swap container build tools for optimized security posture (e.g., kaniko for secure image builds).
- Automate incident response workflows by triggering alerts or remediation tasks directly from pipeline failures or security findings.
- Facilitate purple team exercises by simulating attack scenarios through pipeline automation and monitoring the detection and response capabilities.
Docs Take 2 Hours. AI Takes 10 Seconds.
Ask anything about pipeline. Installation? Config? Troubleshooting? Get answers trained on real docs and GitHub issues—not generic ChatGPT fluff.
3 free chats per tool • Instant responses • No credit card
Related Tools
grafana
grafana/grafana
The open and composable observability and data visualization platform. Visualize metrics, logs, and traces from multiple sources like Prometheus, Loki, Elasticsearch, InfluxDB, Postgres and many more.
PowerShell
PowerShell/PowerShell
PowerShell for every system!
awx
ansible/awx
AWX provides a web-based user interface, REST API, and task engine built on top of Ansible. It is one of the upstream projects for Red Hat Ansible Automation Platform.
wazuh
wazuh/wazuh
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
awesome-security
sbilly/awesome-security
A collection of awesome software, libraries, documents, books, resources and cools stuffs about security.
crowdsec
crowdsecurity/crowdsec
CrowdSec - the open-source and participative security solution offering crowdsourced protection against malicious IPs and access to the most advanced real-world CTI.