Tekton
0 comparisons available
About Tekton
Tekton is an open-source, Kubernetes-native CI/CD framework providing cloud-native pipeline primitives as Kubernetes CRDs, originally created by Google as part of the Knative project in 2018 and donated to the CD Foundation (now part of the Linux Foundation) in 2019. Tekton's design philosophy is building blocks over opinions — it provides the lowest-level Kubernetes-native pipeline primitives that platform engineers compose into custom CI/CD systems, not a pre-packaged CI/CD product. Tekton's core CRDs: Task (defines steps running containers in sequence), Pipeline (orchestrates Tasks with dependencies), TaskRun and PipelineRun (executes a Task or Pipeline with specific parameters), Workspace (shared volumes between tasks), and Trigger (starts PipelineRuns from webhooks or events). Each Tekton step runs in its own container on Kubernetes, inheriting full Kubernetes RBAC, resource limits, secrets management, and node scheduling. Tekton Chains (supply chain security) automatically signs task run results and artifacts with Sigstore/Cosign, producing SLSA provenance attestations. Tekton Hub hosts 100+ community-contributed tasks for Docker, kubectl, git-clone, buildpacks, and cloud providers. Tekton Operator simplifies installation and upgrades on Kubernetes clusters. Tekton is the CI engine underlying OpenShift Pipelines (Red Hat), Jenkins X, and several enterprise internal developer platforms. Its primary use case is platform engineering teams building internal CI/CD platforms on Kubernetes — it is not designed for teams wanting a ready-to-use CI/CD product out of the box.
Frequently Asked Questions
Is Tekton a complete CI/CD platform?
Tekton is a CI/CD framework, not a complete platform. It provides the Kubernetes-native pipeline execution layer (CRDs, controllers, runners) but lacks built-in UI, user management, secrets management, multi-tenancy, and developer experience features. Platform teams build complete internal developer platforms on top of Tekton. OpenShift Pipelines (Red Hat) and Jenkins X are complete products built on Tekton. Teams wanting a ready-to-use CI/CD should choose GitHub Actions, CircleCI, or Jenkins instead.
What is SLSA provenance and how does Tekton Chains help?
SLSA (Supply-chain Levels for Software Artifacts) is a security framework for verifying software supply chain integrity. Tekton Chains automatically intercepts completed TaskRuns, signs the inputs/outputs with Sigstore/Cosign keys, and stores signed attestations in an OCI registry or Rekor transparency log. This creates a verifiable audit trail: for any container image, you can prove it was built from specific source code by a specific pipeline run — critical for software supply chain security.
Tekton vs Jenkins — which should a platform team choose?
Tekton for platform teams building a Kubernetes-native internal developer platform: each build step runs as a K8s pod, inheriting RBAC, resource limits, and cluster autoscaling. Tekton integrates naturally with Argo CD (Tekton builds → ArgoCD deploys), Harbor/Rekor for image signing, and cloud-native toolchains. Jenkins for teams needing a complete product with UI, plugins, and minimal platform engineering investment. Tekton has steeper ramp-up but superior cloud-native architecture.
Top Alternatives to Tekton
ArgoCD
GitOps CD tool — Tekton handles CI builds; ArgoCD handles GitOps Kubernetes deployment
GitHub Actions
Ready-to-use CI/CD — Actions for teams wanting a product; Tekton for platform teams building a product
Jenkins
Traditional CI with plugins — Jenkins is the ready-to-run alternative to building on Tekton primitives
Flux
GitOps CD for Kubernetes — Tekton for CI pipeline execution; Flux for GitOps deployment sync
CircleCI
Managed CI/CD SaaS — CircleCI for teams wanting managed CI; Tekton for K8s-native DIY platforms
Drone
Container-native CI — simpler than Tekton for Docker-based pipelines without K8s complexity
No comparisons found for Tekton yet.
Search for a comparison