January 19, 2023 By Henrik Loeser 3 min read

The journey to modernize our delivery pipeline continues. Learn how we moved to a Tekton CI/CD pipeline that is deployed using Schematics-managed Terraform (Toolchain as Code).

The IBM Cloud solution tutorial Apply end-to-end security to a cloud application, like many, comes with code and a related GitHub repository. As a reader, you can either follow all the steps and manually create services and deploy the application, or you can take a shortcut and use an automation.

Over time, the automation changed from a classic toolchain with shell scripts in the pipeline to a Tekton-based pipeline with a Terraform-created toolchain. In this blog post, we provide an overview of the recently updated toolchain and how we got there:

A Terraform-created Tekton pipeline running.

Overview: History of a toolchain

The IBM Cloud solution tutorial Apply end-to-end security to a cloud application walks you through how to use some key IBM Cloud security services together. The tutorial uses a file-sharing application as an example. The application source code and an automation to easily deploy the app and required resources are provided in a related GitHub repository.

We first published the tutorial around the early days of the Tekton project—a powerful and flexible open-source framework for creating CI/CD (continuous integration/continuous delivery) systems. At that time, the IBM Cloud Continuous Delivery service only offered support for what, today, is called a classic delivery pipeline. Hence, our initial code included a pipeline-invoked shell script to create the required resources and to deploy the app. The toolchain was based on the Open Toolchain format.

About two years ago, we upgraded the deployment automation to use Terraform code managed in IBM Cloud Schematics to create the cloud services and a Tekton pipeline hosted in the Continuous Delivery service to build and deploy the container image with the application. The toolchain itself still was based on the Open Toolchain format.

Recently, we switched the toolchain creation to Terraform, too. You create an IBM Cloud Schematics workspace to manage the Infrastructure as Code (IaC) deployment. In the workspace, you configure how the Terraform code should create the services and the toolchain. The settings include the resource group, target region, namespace in the Container Registry, service plans, etc. Then, you apply the Terraform code and create the resources. When done, run the delivery pipeline (see screenshot above) and the app is online (see screenshot below):

File-sharing app provided by the IBM Cloud solution tutorial.

Get started

If you already know the tutorial and want to try out the updated code directly, head over to the GitHub repository and its README file. Make sure to meet the few documented prerequisites, then click the link to create the IBM Cloud Schematics workspace. During that creation process, the directory with the Terraform configuration files is read and evaluated. It includes two new files:

  • The resource configuration for the toolchain: toolchain.tf. It defines the toolchain, its integrations with GitHub to find the pipeline source code, the pipeline definitions and details on where to run in (spoiler: on a public worker).
  • The resource configuration for the toolchain properties: toolchain_environment.tf. It defines the input parameters for the Tekton pipeline and its tasks.

When you apply the Terraform plan in Schematics, it creates the service instances for the solution and the toolchain with the Tekton pipeline to build and deploy the app. As part of the latter, it reads the definition files for the Tekton pipeline. Running the pipeline is managed by the Continuous Delivery service. Follow the instruction to run the pipeline in order to build the container image with the app and to deploy it to the Kubernetes cluster.

Conclusions

It is interesting to see how the code for the automated deployment of resources for a single tutorial evolved. As developer, I always try to learn from others or to get hands-on experience on my own. In that sense, I invite you to either learn from the available updated code which I described above or to even utilize the toolchain to deploy the sample app yourself.

Feel free to open an issue in the repository if you run into problems with the updated deployment automation. If you have feedback, suggestions, or questions about this post, please reach out to me on Twitter (@data_henrik), Mastodon (@data_henrik@mastodon.social) or LinkedIn.

Was this article helpful?
YesNo

More from Cloud

Attention new clients: exciting financial incentives for VMware Cloud Foundation on IBM Cloud

4 min read - New client specials: Get up to 50% off when you commit to a 1- or 3-year term contract on new VCF-as-a-Service offerings, plus an additional value of up to USD 200K in credits through 30 June 2025 when you migrate your VMware workloads to IBM Cloud®.1 Low starting prices: On-demand VCF-as-a-Service deployments begin under USD 200 per month.2 The IBM Cloud benefit: See the potential for a 201%3 return on investment (ROI) over 3 years with reduced downtime, cost and…

24 IBM offerings winning TrustRadius 2024 Top Rated Awards

2 min read - TrustRadius is a buyer intelligence platform for business technology. Comprehensive product information, in-depth customer insights and peer conversations enable buyers to make confident decisions. “Earning a Top Rated Award means the vendor has excellent customer satisfaction and proven credibility. It’s based entirely on reviews and customer sentiment,” said Becky Susko, TrustRadius, Marketing Program Manager of Awards. Top Rated Awards have to be earned: Gain 10+ new reviews in the past 12 months Earn a trScore of 7.5 or higher from…

IBM Tech Now: April 8, 2024

< 1 min read - ​Welcome IBM Tech Now, our video web series featuring the latest and greatest news and announcements in the world of technology. Make sure you subscribe to our YouTube channel to be notified every time a new IBM Tech Now video is published. IBM Tech Now: Episode 96 On this episode, we're covering the following topics: IBM Cloud Logs A collaboration with IBM watsonx.ai and Anaconda IBM offerings in the G2 Spring Reports Stay plugged in You can check out the…

IBM Newsletters

Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters