Chapter 2. Installing and configuring Pipelines as Code

2.1. Installing Pipelines as Code on an OpenShift Container Platform

Pipelines as Code is installed in the openshift-pipelines namespace when you install the Red Hat OpenShift Pipelines Operator. For more details, see Installing OpenShift Pipelines in the Additional resources section.

To disable the default installation of Pipelines as Code with the Operator, set the value of the enable parameter to false in the TektonConfig custom resource.

apiVersion: operator.tekton.dev/v1alpha1
kind: TektonConfig
metadata:
  name: config
spec:
  platforms:
    openshift:
      pipelinesAsCode:
        enable: false
        settings:
          application-name: Pipelines as Code CI
          auto-configure-new-github-repo: "false"
          bitbucket-cloud-check-source-ip: "true"
          hub-catalog-name: tekton
          hub-url: https://api.hub.tekton.dev/v1
          remote-tasks: "true"
          secret-auto-create: "true"
# ...

Optionally, you can run the following command:

$ oc patch tektonconfig config --type="merge" -p '{"spec": {"platforms": {"openshift":{"pipelinesAsCode": {"enable": false}}}}}'

To enable the default installation of Pipelines as Code with the Red Hat OpenShift Pipelines Operator, set the value of the enable parameter to true in the TektonConfig custom resource:

apiVersion: operator.tekton.dev/v1alpha1
kind: TektonConfig
metadata:
  name: config
spec:
  platforms:
    openshift:
      pipelinesAsCode:
        enable: true
        settings:
          application-name: Pipelines as Code CI
          auto-configure-new-github-repo: "false"
          bitbucket-cloud-check-source-ip: "true"
          hub-catalog-name: tekton
          hub-url: https://api.hub.tekton.dev/v1
          remote-tasks: "true"
          secret-auto-create: "true"
# ...

Optionally, you can run the following command:

$ oc patch tektonconfig config --type="merge" -p '{"spec": {"platforms": {"openshift":{"pipelinesAsCode": {"enable": true}}}}}'

2.2. Installing Pipelines as Code CLI

Cluster administrators can use the tkn pac and opc CLI tools on local machines or as containers for testing. The tkn pac and opc CLI tools are installed automatically when you install the tkn CLI for Red Hat OpenShift Pipelines.

You can install the tkn pac and opc version 1.13.0 binaries for the supported platforms:

2.3. Customizing Pipelines as Code configuration

To customize Pipelines as Code, cluster administrators can configure the following parameters in the TektonConfig custom resource, in the platforms.openshift.pipelinesAsCode.settings spec:

Table 2.1. Customizing Pipelines as Code configuration
Parameter	Description	Default
`application-name`	The name of the application. For example, the name displayed in the GitHub Checks labels.	`"Pipelines as Code CI"`
`secret-auto-create`	Indicates whether or not a secret should be automatically created using the token generated in the GitHub application. This secret can then be used with private repositories.	`enabled`
`remote-tasks`	When enabled, allows remote tasks from pipeline run annotations.	`enabled`
`hub-url`	The base URL for the Tekton Hub API.	`https://hub.tekton.dev/`
`hub-catalog-name`	The Tekton Hub catalog name.	`tekton`
`tekton-dashboard-url`	The URL of the Tekton Hub dashboard. Pipelines as Code uses this URL to generate a `PipelineRun` URL on the Tekton Hub dashboard.	NA
`bitbucket-cloud-check-source-ip`	Indicates whether to secure the service requests by querying IP ranges for a public Bitbucket. Changing the parameter’s default value might result into a security issue.	`enabled`
`bitbucket-cloud-additional-source-ip`	Indicates whether to provide an additional set of IP ranges or networks, which are separated by commas.	NA
`max-keep-run-upper-limit`	A maximum limit for the `max-keep-run` value for a pipeline run.	NA
`default-max-keep-runs`	A default limit for the `max-keep-run` value for a pipeline run. If defined, the value is applied to all pipeline runs that do not have a `max-keep-run` annotation.	NA
`auto-configure-new-github-repo`	Configures new GitHub repositories automatically. Pipelines as Code sets up a namespace and creates a custom resource for your repository. This parameter is only supported with GitHub applications.	`disabled`
`auto-configure-repo-namespace-template`	Configures a template to automatically generate the namespace for your new repository, if `auto-configure-new-github-repo` is enabled.	`{repo_name}-pipelines`
`error-log-snippet`	Enables or disables the view of a log snippet for the failed tasks, with an error in a pipeline. You can disable this parameter in the case of data leakage from your pipeline.	`true`
`error-detection-from-container-logs`	Enables or disables the inspection of container logs to detect error message and expose them as annotations on the pull request. This setting applies only if you are using the GitHub app.	`true`
`error-detection-max-number-of-lines`	The maximum number of lines inspected in the container logs to search for error messages. Set to `-1` to inspect an unlimited number of lines.	50
`secret-github-app-token-scoped`	If set to `true`, the GitHub access token that Pipelines as Code generates using the GitHub app is scoped only to the repository from which Pipelines as Code fetches the pipeline definition. If set to `false`, you can use both the `TektonConfig` custom resource and the `Repository` custom resource to scope the token to additional repositories.	`true`
`secret-github-app-scope-extra-repos`	Additional repositories for scoping the generated GitHub access token.

Chapter 2. Installing and configuring Pipelines as Code

2.1. Installing Pipelines as Code on an OpenShift Container Platform

2.2. Installing Pipelines as Code CLI

2.3. Customizing Pipelines as Code configuration

2.4. Additional resources

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

Making open source more inclusive

About Red Hat

Red Hat legal and privacy links

Red Hat legal and privacy links