Resolvers
A Resolver is a component in Tekton that enables remote resolution of resources such as Tasks and Pipelines. Resolvers allow you to reference and fetch resources from external locations rather than defining them directly in your Kubernetes cluster.
TOC
Why Resolvers are Needed
Traditional Resource Management Challenges
In CI/CD systems, managing and sharing resources across teams and projects presents several challenges:
- Version Control: Difficulty in tracking and managing versions of CI/CD resources
- Sharing: Limited ability to share resources across teams and organizations
- Maintenance: Challenges in updating and maintaining resources used by multiple pipelines
- Discoverability: Difficulty in discovering and using resources created by others
- Consistency: Ensuring consistent resource definitions across environments
Tekton's Solution
Tekton Resolvers address these challenges by:
- Remote Resolution: Fetching resources from external locations at runtime
- Version Management: Allowing specific versions of resources to be referenced
- Centralized Storage: Enabling resources to be stored in central repositories
- Dynamic Fetching: Retrieving the latest version of resources when needed
- Flexible Sources: Supporting multiple sources for resources (Git, Bundles, HTTP, etc.)
Advantages
- Reusability: Resources can be easily shared and reused across teams and projects
- Version Control: Resources can be versioned and tracked in source control
- Reduced Duplication: Eliminates the need to duplicate resource definitions
- Simplified Updates: Resources can be updated in one place and automatically used by all consumers
- Improved Discoverability: Resources can be organized and discovered in central repositories
- Consistency: Ensures consistent resource definitions across environments
Scenarios
Resolvers are useful in various scenarios, including:
- Shared Task Libraries: Maintaining a central repository of common Tasks
- CI/CD Templates: Providing standardized Pipeline templates for teams
- Cross-Environment Consistency: Ensuring consistent resource definitions across development, staging, and production
- Organization Standards: Enforcing organizational standards for CI/CD processes
- Third-Party Integration: Leveraging Tasks and Pipelines developed by the community
- Replacing ClusterTasks: Providing shared Tasks without requiring cluster-scoped resources
Constraints and Limitations
- Resolvers require network access to the external resource locations
- Resolution happens at TaskRun/PipelineRun creation time, not during execution
- Some resolvers may require additional configuration for authentication
- Network issues can impact the availability of remotely resolved resources
- Security considerations must be addressed when using external resources
Principles
Resolution Process
When a resource reference is resolved:
- Tekton identifies the resolver type from the resource reference
- The appropriate resolver is invoked to fetch the resource
- The resolver retrieves the resource from the external location
- The resource is validated and converted to the appropriate Tekton resource
- The resolved resource is used in the TaskRun or PipelineRun
Resource References
Resource references specify:
- The resolver type to use (git, bundle, hub, etc.)
- The location of the resource
- Optional parameters such as version, branch, or path
- Authentication information if required
Configuration Examples
Git Resolver Example
apiVersion: tekton.dev/v1
kind: TaskRun
metadata:
name: git-resolver-example
spec:
taskRef:
resolver: git
params:
- name: url
value: https://github.com/tektoncd/catalog.git
- name: revision
value: main
- name: pathInRepo
value: task/git-clone/0.9/git-clone.yaml
Hub Resolver Example
apiVersion: tekton.dev/v1
kind: TaskRun
metadata:
name: remote-task-reference
spec:
taskRef:
resolver: hub
params:
- name: catalog # optional
value: tekton-catalog-tasks
- name: type # optional
value: artifact
- name: kind
value: task
- name: name
value: git-clone
- name: version
value: "0.6"
HTTP Resolver Example
apiVersion: tekton.dev/v1
kind: TaskRun
metadata:
name: http-resolver-example
spec:
taskRef:
resolver: http
params:
- name: url
value: https://raw.githubusercontent.com/tektoncd/catalog/main/task/git-clone/0.9/git-clone.yaml
Built-in Resolvers
Git Resolver
The Git Resolver fetches resources from Git repositories.
Use Cases
- Storing Tasks and Pipelines in the same repository as application code
- Versioning CI/CD resources alongside application code
- Sharing resources across teams through Git repositories
Principles
The Git Resolver:
- Clones the specified Git repository
- Checks out the specified revision (branch, tag, or commit)
- Retrieves the resource from the specified path
- Supports authentication through Kubernetes secrets
Hub Resolver
The Hub Resolver fetches resources from the Tekton Hub.
Use Cases
- Discovering and using community-contributed Tasks and Pipelines
- Accessing a curated catalog of CI/CD resources
- Standardizing on well-tested and maintained resources
Principles
The Hub Resolver:
- Connects to the Tekton Hub API
- Retrieves the specified resource by name and version
- Supports different catalogs and versions
- Provides access to community-contributed resources
HTTP Resolver
The HTTP Resolver fetches resources from a remote HTTP server.
Use Cases
- Fetching resources from a remote server
- Accessing custom or private resources
- Leveraging existing web services for resource resolution
Principles
The HTTP Resolver:
- Fetches the specified resource from the remote server
- Provides access to custom or private resources
References