►
Description
Christian Hernandez, Technical Marketing Manager for Red Hat OpenShift, explains how to build a pipeline using a Kubernetes-native workflow and CI/CD tools all through the OpenShift GitOps operator.
A
Here
I
have
an
openshift
4.7.1
cluster,
which
is
running
kubernetes
1.20
that
I'm
going
to
be
using
for
this
demonstration,
and
here
I
have
a
sample
application.
This
sample,
php
application
for
testing
purposes,
has
a
container
file.
Docker
file
that
will
be
used
for
container
builds
in
order
to
build
this
application,
and
I
also
have
a
deployment
repository
here.
A
This
deployment
repository
is
my
githubs
repository
on
how
I'm
going
to
keep
this
application
continuously
in
sync
in
my
cluster,
so
to
get
started,
I'm
going
to
go
ahead
and
install
the
openshift
get
ops
operator
by
going
to
the
operator
hub
and
typing
in
openshift
get
ups
oops.
If
I
spell
that
right.
A
There
it
goes
clicking,
install
and
accepting
the
defaults.
This
will
go
ahead
and
install
the
red
hat.
Openshift
get
ops
operator,
so
the
openshift
red
hat,
the
red
hat
openshift
get
ops
operator
what
it
is.
It's
a
sort
of
meta
operator,
this
operator,
installs
argo,
cd
and
tekton
in
order
for
me
to
use
in
my
ci
cd
pipeline.
A
So
once
the
operator
is
up
and
running,
I
can
go
ahead
and
look
at
my
installed
operators
making
sure
I'm
in
the
openshift
get
ops
namespace.
I
can
see
that
it
installs
the
ability
to
do
an
argo
cd
and
a
tekton
pipeline.
So
if
I
click
here
and
look
at
my
argo
cd
instance,
this
installs
an
instance
of
argo
cd.
So
what
I'm
gonna
do
is
I'm
actually
going
to
make
some
customizations
for
my
current
workflow?
So
first,
what
I'm
gonna
do
here
is
I'm
just
gonna.
A
Instead
of
typing
this
out,
I'm
gonna
copy
and
paste
it
I'm
going
to
patch
the
the
instance
of
argo
cd
to
ignore
routes,
openshift
routes,
because
in
my
git
gaps
repo
I
am
not
specifying
the
routes.
I
just
set
the
platform
creating
for
me
also.
What
I'm
going
to
do
is
I'm
going
to
set
up
an
openshift
policy
to
allow
the
argo
cd
service
account
access
to
my
application.
A
Next,
I'm
going
to
delete
the
pods
right,
so
I'm
going
to
delete
the
pause
in
order
for
it
to
reset
everything,
especially
since
I'm
updating
roles
and
config
maps,
I'm
gonna
delete
the
pod
so
that
way,
it'll
it'll
kick
off
here.
A
So
next,
what
I'm
gonna
do
is
I'm
going
to
install
seal
secrets
right
installing
steel
secrets
allows
me,
allows
a
platform
to
decrypt
some
of
the
secrets
I
have
uploaded
in
the
git
repo.
A
So,
while
that's
going
I'll
show
you
some
other
configurations,
I've
done
in
my
in
my
application,
repo
I've
actually
set
up
a
web
hook.
This
web
hook
triggers
a
tecton
pipeline
anytime.
I
make
a
commit
to
a
specific
branch.
In
this
specific
example,
I'm
going
to
be
using
the
main
branch,
but
you
can
make
it
listen
to
whatever
branch
you
want
to.
A
Going
off
here,
double
checking
still
secrets
still
waiting
for
oops
for
it
to
come
back
up.
Let's
talk
a
little
bit
about
my
my
get
ops,
repo,
my
deployment,
repo
right.
So
there's
there's
a
few
things
here.
I'm
leveraging
customize
here
customize
is:
I
have
a
base
repo
where
all
this
all
the
manifests
here
are
the
same,
no
matter
which
environment
I'm
deploying
in
and
then
I'm
utilizing
overlays
for
different
environments
right.
A
So
I
have
the
dev
version,
which
takes
the
base,
configuration
and
then
patches
them
for
the
specific
environment,
for
example,
I'm
installing
this
applicative
application
in
the
dev
namespace,
and
I'm
also
patching
the
deployment
to
use
a
specific
version
of
this
image
same
for
production
production.
A
What
I'm
overlaying
is
the
same,
I'm
deploying
in
a
different
namespace
and
then
I
am
using
a
specific
image
tag
right,
so
I
can
use
the
same
deployment
config
across
multiple
environments
and
I'm
leveraging
customize
in
order
to
change
that,
depending
on
the
environment,
I'm
in
so
going
back
here
see
seo
secrets
is
installed.
I
can
go
ahead
now
and
deploy
my
repo
again,
I'm
going
to
be
using
customize
to
deploy
my
application
repo.
So
let
me
clear
this.
A
A
There
we
go,
I'm
gonna
be
using
customize
to
override
the
default
namespace,
because
I'm
using
the
openshift
git
ops
operator
and
then
I'm
just
gonna
use
customize
build
and
apply
this
to
the
to
the
cluster.
So,
as
you
see
here,
created
three
different
environments.
A
Welcome
dev,
welcome,
prod
right
for
for
my
development
environment
and
for
my
production
environment,
and
then
I
have
a
different
name
space
for
my
pipeline
right
and
so
in
order
to
see
what's
going
on
here,
let's
actually
log
into
the
argo
city
interface.
First,
let's
get
the
password
from
a
secret.
A
I
will
then
open
this
here,
integrated
ui
here.
That
will
take
me
to
the
oops.
That's
not
what
I
wanted
there.
It
goes.
Let
me
reload
this.
A
Accept
the
southside
certificate,
so
let's
do
username
and
password.
A
So
here
you
can
see
that
I
have
different
environments
now
right
I
have
the
dev
environment,
my
production
environment
and
then
the
the
pipeline,
which
is
a
different
set
of
manifests
and
that's
matches
to
what
created
here.
So
let's
take
a
look
at
the
the
dev
environment,
it
says
everything's
in
sync,.
A
Let's
look
at
the
live
manifests
here,
so
this
is
the
the
development
branch
right
here
and
then
let's
take
a
look
at
the
production.
A
Right
there,
so
in
theory
this
should
all
be
the
same
right
so
yeah.
So
I
have
my
development
version
here.
I
have
an
h2
that
says
blue
and
it
matches
production
because
they're
using
the
same
code
base
at
this
point.
A
So
that's
all
everything's
green
everything's
synced
up
we're
good
to
go
here.
So
now
I'm
gonna
be
switching
over
to
the
developer
perspective
developer
perspective
gives
the
developer
a
set
of
tool,
sets
that
that
they
need
in
order
to
do
application,
development
right
and
it's
and
it
comes
with
a
a
tour.
So
you
can
know
where.
Where
is
where
right?
A
I'm
gonna
skip
the
tour
since
I'm
already
familiar
and
then
I'm
going
to
go
to
the
pipeline
namespace
and
I'm
going
to
go
to
the
pipelines
and,
as
you
can
see
here
there
is.
I
set
up
a
pipeline
in
order,
a
textile
pipeline
to
do
the
changes
across
the
environments
right
and
so
let's
introduce
a
change
and
see
how
this
works
out.
So
let
me
go
to
my
visual
studio.
A
I
have
the
code
up
here
already,
so
let's
go
down
and
change
this
h2
from
blue
to
let's
say
something:
different,
green
right,
we're
all
familiar
with
that
and
let's
do
a
git
commit.
A
A
So
what
what's
going
to
happen
here?
It's
going
to
hit
that
that
web
hook
remember
that
web
hook.
I
showed
you
earlier
from
the
from
the
welcome
app
and
that
should
trigger
a
pipeline
run
right.
So
when
that
web
hood
going
back
to
the
settings
and
looking
at
the
web
hook
here,
it
sees
that
I
have
a
listener
here,
set
up,
protect
on
and
that
hit
the
web
hook
and
that
fired
off
a
pipeline
event.
So
this
is
gonna,
go
through
a
few
phases.
A
So,
let's
take
a
look
here,
see
what's
gonna
go
on,
so
I
have
a
few
steps
right.
So
first
I
have
the
step
talking
about
cloning,
the
repo
once
it
clones
the
repo
it's
going
to
set
the
image
tag
for
a
specific
version
right.
I
don't
use
a
floating
tag
like
dev
or
prod.
A
I
actually
use
the
specific
hash
of
the
git
commit
as
my
image
tag
and
it's
going
to
build
and
push
it
into
my
image
repository
once
it
does
that
it's
going
to
it's
going
to
clone
the
deployment
repository
right,
my
git
ops
repository.
So
this
is
different
than
my
application
repository
once
it
clones
that
it's
going
to
edit
the
image
tag
on
the
get
ops
repo
to
this
current
one
that
it's
building
part
part
of
this.
A
I
have
parallel
tasks
right
parallel
tasks
in
tekton
is
just
tasks
that
run
at
the
same
time,
my
latest
always
matches
what
my
dev
is
and
that's
just
something
I
do
as
a
part,
that's
independent
of
cloning,
the
repo
and
then
once
that's
done,
I'm
going
to
patch
the
dev
repo
right,
the
dev
overlay.
With
the
new
the
new
image
tag.
I'm
gonna
commit
it
to
the
repo
I'm
gonna,
then
I'm
going
to
patch
production
right.
A
So
once
once
I
once
I
patch
production
right,
I'm
going
to
create
a
branch
in
my
production,
get
ops
repo
and
I'm
going
to
submit
a
pr
right.
So
this
is
how
I
do
gating
in
tecton
is
that
I
submit
a
pr
instead
of
automatically
pushing
it
into
production.
So
if
I
take
a
look
at
the
logs
here,
you
can
see
the
log
for
each
individual
task.
I
do
a
git
clone.
I
do.
A
I
do
the
the
commit,
and
now
I
am
pushing
I'm
using
builder-
to
push
the
the
steps
up
here,
so
this
pipeline
could
take
some
time,
so
I'm
going
to
I'm
going
to
pause
here.
So
I'm
bringing
you
back
here
to
show
you
that
I
made
a
commit
to
development.
A
I
want
to
switch
back
over
here
and
look
at
the
development
environment
and
do
a
refresh
here.
So
argo
cd
sees
the
fact
that
the
image
has
changed
in
the
repo.
The
image
has
changed.
So
therefore,
argo
cd
assumes
that,
since
I
have
this
set
to
auto
sync,
that
I
want
this
at
the
latest
available
dev
version
and
it
does
essentially
a
rolling
a
rolling
roll
out
of
the
new
version
of
the
image.
So
the
image
tag
changed
changed
in
git.
Then
argo
city
saw
that
change
and
automatically
synced
it
for
me.
A
So
if
I
go
to
my
a
dev
environment
right,
remember
that
it
said
blue
right
now,
they're
both
matched
dev
prod.
Now
it
says
green
right
same
as
my
commit
now
says.
Green
production,
though
stays
the
same
as
blue.
A
So
going
back
to
the
pipeline,
let's
see
what
happened
here.
It
finished
right
I
committed
to
dev.
I
patched
production
right
so
production
this
step
here
is
that
I'm
gonna
patch
patch
the
the
image,
the
latest
image
here
and
create
a
branch
and
then
create
a
pr.
A
So
then,
here
now
it
says
now
you
have
a
new
pr.
Let's
take
a
look
at
this
pr.
So
if
I
go
to
my
git
ops,
repo
and
look
at
this
pull
request
notice
that
I
have
a
new
pr
here,
this
pr
here
is
saying
that
that
I'm
gonna
update
to
the
image
to
the
image
matching
dev
into
prod.
So
if
I
click
on
files
change
and
take
a
look
at
here,
you
can
see
that
my
overlays
production
deployment
goes
from
this
tag
to
this
new
tag
that
I
that
just
happened.
A
A
You
know
once
merge.
I
don't
need
this
branch
anymore,
so
I
just
delete
it.
But
if
I
go
back
to
to
my
ergo
here
and
do
a
refresh,
you
can
see
that
it
now
saw
that
oh
hey,
there's
been
an
update
and
get.
Let
me
complete.
Let
me
sync
that
for
you
and
make
sure
you're
at
the
version,
you
told
me
that
you
wanted
in
get
which
happened
to
just
update
since
we're
using
git
ops
right.
A
So
now
the
application
is
done.
Syncing
I
can
go
over
to
you
know
this
is
the
dev
version.
I
go
to
the
production
version.
I
do
a
refresh
and
now
production
shows
green.
So
now
they
match
as
they
do
in
the
git
repo.
So
anytime,
I
want
to
make
a
change.
I
can
either
to
the
code
base.
I
can
go
back
here
to
visual
studio,
make
an
update
to
the
code
base.
A
If
I
want
to
change
something
like,
let
me
go
back
to
my
repo
like
the
scale
of
the
application,
I
would
just
do
a
pr
to
the
git
repo
and
then
argo
will
reflect
that
change.
So
thank
you
for
watching
this
video.
I
hope
you
found
it
informative
and
how
you
can
use
kubernetes
native
ci
cd
workflows
in
order
to
build
your
get
ops
pipeline.
Thank.