Tekton builds for zOS workload

Is Jenkins still the king of CI/CD? Or is it time to move on?

‍

If you are slightly interested in DevOps, Tekton and/or IBM Mainframes, then this article with my rambling about these topics might bi of interest to you. But first -a short paragraph with trashing on Jenkins. I hear more and more complaints about Jenkins from our clients. Why?

‍

Well, to be honest, Jenkins "does the job". It's a time-proven solution, and before K8s and OpenShift it was definitely the best solution for your CI/CD pipelines. But even before Jenkins there were CI/CD tools that "did the job" (e.g. Ant) and those were substituted with younger, better, user friendlier tools. Now, the question is - is there a newer tool that better meets the needs of a modern CI/CD pipelines in K8s environments?

‍

Modern pipelines can be really complex and include a lot of steps - from application and container image build, unit and integration tests, code and dependency analysis, container image scans, and image signing to application deployment and rollout throughout the environments. Of course, you can implement all of this (and more) in Jenkins, but it requires a lot of experience and a well defined structure of your Groovy code with established development practices to maintain it's manageability or else it will become a tangled mess of a spaghetti western. On top of that you need to ensure that all maintainers and contributors strictly adhere to these practices which can be challenging and time consuming. Unfortunately the "spaghettification" of Jenkins pipelines happens too often and then the companies usually become dependent on that one "CI/CD/DevOps/GitOps guru manga" which maintains all of it. I don't need to emphasize how much risk this represents for clients...

‍

When engaged by our clients who are using K8s or OCP, we at True North are always suggesting Tekton as a go-to solution for CI pipelines.

‍

A few key points why:

• Kubernetes-native - Tekton pipelines are declaratively defined as Kubernetes objects. This also enables you to use GitOps for your pipelines by storing them in your Git repositories and applying them through GitOps tools like ArgoCD on your K8s/OCP environment.
• Scalability - While Jenkins can be scalable and support parallel build it needs a special setup for this or to be deployed on K8s. Tekton on the other hand doesn't need any special setup or considerations. It run inside pods and utilizes K8s native container orchestration capabilities out-of-the-box.
• Managebility - Tekton pipelines are divided into tasks. Each task has a well defined inputs and results and can be considered a black box with logic inside. This separation is not "optional", instead Tekton imposes that on pipeline developers. The result of this is that you simply can not write a spaghetti western style pipelines. Each task can have multiple steps inside and each step is executed in a container. The container images for each step can be freely chosen according to your needs in a particular step. This enables you to use the right tool, scripting language or higher generation languages for the right job, be it bash, Python, Java, Go, or Groovy if you choose so.
• Updates - While Jenkins has a big community and lots of available plugins, the development and maintenance of these plugins is not guaranteed. When updating Jenkins there's always a possibility that some of these plugins on which you're depending won't work anymore. Tekton on the other hand is only a pipeline / tasks orchestration runtime. All tools that you require are contained in container images that are used for these tasks. This way the tools are extremely loosely coupled with the runtime itself and Tekton updates are much less likely to break your tooling inside pipelines.
• Support - While Tekton is opensource project, it has a fully supported Red Hat distribution called OpenShift Pipelines which is included in OCP subscriptions.

‍

Well, did you know you can build z/os native workload with Tekton? And you even don't have to run the OCP with Tekton on s390x nodes. It works very well even if you're running Tekton on x86 nodes. By z/os workload I mean that "old" COBOL, PL/I, EGL, .. stuff which is running more than 70% of banking transactions worldwide.

‍

You can find the solution on my GitHub. Please bear in mind that this is an initial contribution and work in progress.

‍

‍

Bringing mainframes into the DevOps era with Tekton and Zowe

‍

The solution uses Zowe for interfacing with IBM Mainframes from Tekton tasks based on Python container images. For now there are two tasks: zowe-upload and zowe-submit. You can also find an example tekton pipeline which clones the git repository with COBOL code, uploads the necessary source code and JCLs with zowe-upload task onto IBM Mainframe and submits the JCL jobs that compiles the source code. More info can be find in the GitHub repo itself. With this you can now place your z/os native code on a Git repository and use the same DevOps processes and tools like Tekon (even on x86 machines) for automated build and delivery of it as for the rest of "modern" stuff.

‍