Skip to main content

Tekton Kubernetes-Native CI/CD Project Reaches CNCF Incubation 

The CNCF Technical Oversight Committee (TOC) has voted to accept Tekton as a CNCF incubating project. But what is Tekton?

Tekton is a flexible open source framework for creating continuous integration and delivery (CI/CD) systems. It is used to enable developers to build, test, and deploy across multiple cloud providers and on-premises systems by abstracting away the underlying implementation details.

No doubt attracted by Tekton’s Kubernetes-native DNA, Tekton is distinguished by its ability to operate entirely inside a Kubernetes cluster. It is capable of treating pipelines (which, in this case, we can define as workflow-based collections of tasks arranged in a graph either in sequential or parallel order) as standard Kubernetes resources.

In short, we can say that Tekton serves as a general-purpose, security-minded, Kubernetes-native workflow engine. Where CI/CD tools (such as Jenkins, the widely popularized automation tool) may require a dedicated server, Tekton’s K8S pedigree means that it doesn’t. 

Composable Primitives 

Its composable primitives (steps, tasks and pipelines) allow developers to orchestrate any type of sequential or parallel workload on Kubernetes. Tekton provides a standard, Kubernetes-native interface for defining these workflows, making them portable and reusable.

Tekton wasn’t initially its own standalone project or technology codebase; instead, it started life back in 2018 as a component of Knative (a Kubernetes-based platform for serverless workloads) and was called knative/build before being renamed in the same year.

As the project itself has matured into a fully-blown framework for Kubernetes-native CI/CD, reaching its stable v1.0 release for the core “Pipelines” component, i.e., the core components and building blocks required to build a CI/CD system – and Tekton Pipelines works by adding custom resources to a Kubernetes cluster.

By joining the CNCF as an Incubating Project, Tekton aligns itself more closely with the ecosystem it powers. It integrates deeply with other CNCF projects like Argo CD (for GitOps) and SPIFFE/SPIRE (for identity), and also Sigstore via OpenSSF (for signing and verification), creating a robust supply chain security story.

“One of the accomplishments I’m most proud of is the broad adoption of Tekton across open source projects, commercial products, and in-house platforms. Seeing teams rely on it in production and build on it within their own ecosystems has been especially rewarding. As a Kubernetes-native project that integrates naturally with other CNCF technologies, Tekton has benefited from close collaboration within the Cloud Native Computing Foundation community,” said Andrea Frittoli, Tekton governing board member.

Core Componentry

Tekton’s core components are as follows:

  • Pipelines: The core building blocks (Tasks, Pipelines, Workspaces) for defining CI/CD workflows.
  • Triggers: Allows pipelines to be instantiated based on events (like Git pushes or pull requests).
  • CLI: A command-line interface for interacting with Tekton resources.
  • Dashboard: A web-based UI for visualizing and managing pipelines.
  • Chains: A supply chain security tool that automatically signs and attests artifacts built by Tekton.

“What I’m most proud of is how Tekton has shown that CI/CD can be a true Kubernetes-native primitive, not just another layer on top. Seeing projects like Shipwright – itself a CNCF project – and Konflux build on Tekton as their foundation validates that vision. Building all of this alongside a diverse, multi-vendor community with Red Hat, Google, IBM, and many individual contributors has been one of the most rewarding open source experiences of my career,” said Vincent Demeester, Tekton governing board member

Demeester follows up and says that the future of Tekton is all about the presence of trusted artifacts as a means to change how tasks share data. He also points to a simpler developer experience through Pipelines as Code, and deeper collaboration with CNCF projects like Sigstore and Argo CD. 

Oversight Committee Rationale

The CNCF Technical Oversight Committee (TOC) provides technical leadership to the cloud native community. It defines and maintains the foundation’s technical vision, approves new projects, and stewards them across maturity levels. The TOC also aligns projects within the overall ecosystem, sets cross-cutting standards and best practices and works with end users to ensure long-term sustainability. As part of its charter, the TOC evaluates and supports projects as they meet the requirements for incubation and continue progressing toward graduation.

Tekton’s progression to CNCF incubation is thought to be a reflection of the project’s strong multi-vendor governance and deep alignment with CNCF projects focused on GitOps, identity and software supply chain security.



from DevOps.com https://ift.tt/YfKoxrb
Labels:

Comments

Post a Comment

Popular posts from this blog

Why the Software Development Tools you Choose Directly Affect Your CI/CD Reliability 

Most conversations about CI/CD reliability start in the wrong place. Teams debug flaky pipelines, investigate intermittent failures, tune alerting thresholds and optimize build times. All of that work is legitimate. However, the decisions that most directly determine whether a CI/CD pipeline is reliable or not were made months or years earlier, during tool selection. By the time teams are debugging pipeline reliability, they are usually dealing with the downstream consequences of upstream decisions that seemed reasonable at the time.   The software development tools a team chooses shape their CI/CD pipeline in ways that are not always visible during evaluation. Understanding those connections is the most practical starting point for teams that want reliable pipelines rather than better pipeline firefighting.   The Integration Surface Problem   Every tool in a software development stack creates an integration surface. Integration surface is the set of connections a tool has with oth...
Post a Comment
Read more

Co-Developing an AI Native Observability Platform  

As AI capabilities continue to evolve, AI is becoming central to managing the growing complexity of distributed, hybrid enterprise environments, enabling more effective analysis, correlation, and automation across interconnected systems.   Traditional infrastructure and specifically network monitoring approaches, often built around siloed tools and static thresholds, struggle to keep pace with the scale, velocity, and interdependencies of modern systems. Further blurring the boundaries between network, application, and infrastructure domains makes it harder to isolate root causes and maintain operational resilience. In this context, AIOps platforms have emerged as one response to the growing need for integrated observability, automation, and data-driven decision-making.   At AI Field Day, Selector AI presented an AIOps platform, which can be considered a foundation for co-creating more adaptive and data-driven network operations. Rather than positioning it purely as a product choice,...
Post a Comment
Read more

Postman Adds AI Agent to Automate API Development and Governance

Postman added an artificial intelligence (AI) agent to its portfolio of tools and platforms for building and governing application programming interfaces (APIs) that can autonomously perform tasks ranging from development and documentation to exploration and setting up integrations with continuous integration/continuous deployment (CI/CD) environments. Company CEO Abhinav Asthana said the Autonomous API Engineer significantly reduces the total cost of building and maintaining APIs by automating time-consuming tasks that have historically created bottlenecks in software engineering workflows. In fact, the AI agent developed by Postman will make it significantly simpler to integrate API development and testing within those workflows, said Asthana. Designed to be triggered from a pull request, Slack, Postman command line interface (CLI) or the Postman app, the Autonomous API Engineer spins up a secure, sandboxed environment. It then executes tasks and returns verified artifacts, includ...
Post a Comment
Read more