Tekton Kubernetes-Native CI-CD Cheat Sheet

Updated 2026-05-22

Next Topic: Tetragon eBPF Runtime Enforcement Cheat Sheet

Tekton is a cloud-native, open-source framework for building CI/CD systems that runs as a set of Kubernetes CRDs inside any cluster. Unlike hosted CI services, Tekton makes every pipeline step a container, giving teams full control over build environments and resource scheduling without managing separate CI infrastructure. The key mental model: every concept in Tekton — Task, Pipeline, Run — is a Kubernetes object you kubectl apply, meaning GitOps, RBAC, namespacing, and all standard K8s tooling work natively out of the box.

What This Cheat Sheet Covers

This topic spans 18 focused tables and 137 indexed concepts. Below is a complete table-by-table outline of this topic, spanning foundational concepts through advanced details.

Table 1: Core CRD Resource TypesTable 2: Step Configuration OptionsTable 3: Parameters and ResultsTable 4: Workspaces and Volume MountsTable 5: Tekton Triggers and EventListenersTable 6: Task and Pipeline Execution ControlTable 7: Resolvers — Remote Task and Pipeline ReferencesTable 8: Workspaces Authentication and SecretsTable 9: Tekton Triggers (Pipelines as Code)Table 10: Tekton Chains — Supply Chain SecurityTable 11: Tekton Operator and TektonConfig CRDTable 12: Observability and MetricsTable 13: Debugging and TroubleshootingTable 14: Pod Templates and Resource ConfigurationTable 15: Tekton DashboardTable 16: Tekton CLI (tkn) ReferenceTable 17: Tekton vs. GitHub Actions and GitLab CITable 18: Common CI/CD Pipeline Patterns

Table 1: Core CRD Resource Types

Tekton's building blocks are Kubernetes Custom Resource Definitions. Understanding each CRD type and its runtime counterpart is essential before writing any pipeline YAML.

Type	Example	Description
Task	`kind: Task` `spec:` `steps:` `- name: build` `image: golang:1.22` `command: [go, build, ./...]`	Reusable, namespaced unit of work composed of one or more sequential Steps, each running in its own container.
TaskRun	`kind: TaskRun` `spec:` `taskRef:` `name: build-task` `serviceAccountName: build-bot`	• A single instantiation of a Task • creates a Pod and executes Steps in order
Pipeline	`kind: Pipeline` `spec:` `tasks:` `- name: build` `taskRef: {name: build-task}` `- name: deploy` `runAfter: [build]` `taskRef: {name: deploy-task}`	• A DAG of Tasks arranged with `runAfter` ordering or parallel execution • declares shared Workspaces and parameters

Table 1: Core CRD Resource Types

Tekton's building blocks are Kubernetes Custom Resource Definitions. Understanding each CRD type and its runtime counterpart is essential before writing any pipeline YAML.

Type	Example	Description
Task	`kind: Task` `spec:` `steps:` `- name: build` `image: golang:1.22` `command: [go, build, ./...]`	Reusable, namespaced unit of work composed of one or more sequential Steps, each running in its own container.
TaskRun	`kind: TaskRun` `spec:` `taskRef:` `name: build-task` `serviceAccountName: build-bot`	• A single instantiation of a Task • creates a Pod and executes Steps in order
Pipeline	`kind: Pipeline` `spec:` `tasks:` `- name: build` `taskRef: {name: build-task}` `- name: deploy` `runAfter: [build]` `taskRef: {name: deploy-task}`	• A DAG of Tasks arranged with `runAfter` ordering or parallel execution • declares shared Workspaces and parameters

Tekton Kubernetes-Native CI/CD Cheat Sheet

Table 1: Core CRD Resource Types

Tekton Kubernetes-Native CI/CD Cheat Sheet

Table 1: Core CRD Resource Types