Skip to Content

Set Up a CI/CD Pipeline for SAP BTP, Kyma Runtime

Beginner
1 hr.
SAP Cloud Application Programming Model, Beginner, Tutorial, SAP Business Technology Platform, Node.js, SAP Fiori
This section describes how to configure and run a predefined continuous integration and delivery (CI/CD) pipeline that automatically tests, builds, and deploys your code changes to speed up your development and delivery cycles.
You will learn
  • How to initialize a repository in VS Code.
  • How to set up your CI/CD pipeline
slavipandeSvetoslav PandelievApril 22, 2025
Created by
slavipande
January 30, 2024
Contributors
grego952
slavipande

Prerequisites

This tutorial follows the guidance provided in the SAP BTP Developer’s Guide.

  • Step 1

    To be able to perform the steps for setting up a CI/CD pipeline, you will need a public repository. Currently, SAP Continuous Integration and Delivery supports GitHub and Bitbucket repositories.

    For real application development, you need to consider the right place for your repository, of course.

    In this example, we’ll be creating a repository on GitHub. You’ll need a GitHub account for this step. Go ahead and create one if you don’t have it yet.

    1. Create a new GitHub repository in your GitHub account.

    2. Under Repository name, enter incident-management.

    3. Choose Create repository.

      Create repository

    4. You’ll be directed to the Quick Setup page of your new repository. Make sure to copy the URL of the repository as you’ll need it in the next steps.

      Quick Setup
  • Step 2
  • Step 3

    1. Navigate to your subaccount and choose ServicesService Marketplace on the left.

    2. Type Continuous Integration & Delivery in the search box and choose Create.

      Continuous Integration and Delivery create service

    3. In the New Instance or Subscription popup select default from the Plan field.

    4. Choose View Subscription and wait until the status changes to Subscribed.

      View subscription
      Status subscribed

    5. In your SAP BTP subaccount, choose SecurityRole Collections in the left-hand pane.

    6. Choose role collection CICD Service Administrator.

    7. Choose Edit.

      Edit role

    8. In the Users section, enter your user and select the icon to add the user.

      Add user

      Keep the setting Default Identity Provider unless you have a custom identity provider configured.

    9. Choose Save.

      You’ve assigned the CICD Service Administrator role collection to your user.

    You might need to log out and log back in to make sure your new role collection is taken into account.

    See Initial Setup for more details on how to enable the service.

  • Step 4

    In order to run the pipeline using the SAP Continuous Integration and Delivery service, you need to create a service account. This is a non-human account that provides a distinct identity in your Kyma cluster. The service account will authenticate your CI/CD pipeline to access your Kyma cluster. See Service Accounts.

    1. Navigate to your subaccount and choose Link to dashboard under the Kyma Environment tab to open Kyma dashboard.

      Open Kyma console

    2. Choose NamespacesCreate.

      Create namespace

    3. Enter a name for your namespace (for example, incident-management-namespace), switch the Enable Sidecar Injection toggle ON, and choose Create.

      Create namespace dialog

    4. Navigate to the namespace incident-management-namespace and choose ConfigurationService Accounts on the left.

      Open namespace

    5. Choose Create.

      Create service account

    6. Enter a name for the service account (for example, incident-management-namespace-service-account) and choose Create.

      Create Service Account dialog

    7. Navigate to the service account incident-management-namespace-service-account and choose Generate TokenRequest.

      Generate token request

      This will generate a set of configurations that represent the kubeconfig file of the service account.

    8. Choose a longer period from the dropdown in the Expiration seconds field and copy the TokenRequest value. You’ll need it in the steps below.

      Copy token request

    9. Navigate to the Cluster Details page and choose ConfigurationCluster Role Bindings.

      Cluster details

    10. Choose Create.

      Create cluster role binding

    11. In the Create Cluster Role Binding dialog:

      • Enter a unique name in the Name field. For example, incident-management-namespace-admin.
      • Select cluster-admin from the dropdown in the Role field.
      • Select ServiceAccount from the dropdown in the Kind field.
      • Select incident-management-namespace from the dropdown in the Service Account Namespace field.
      • Select incident-management-namespace-service-account from the dropdown in the Service Account Name field.
      • Choose Create.
      Create cluster role binding dialog
  • Step 5

    1. In your SAP BTP subaccount, navigate to ServicesInstances and Subscriptions in the left-hand pane.

    2. Choose Continuous Integration & Delivery.

      CI/CD Go to application

    3. Use your SAP BTP global user name and global password to log in to the application.

  • Step 6

    1. Choose the Credentials tab and choose the icon to add a new credential.

      Add new credential

    2. Under Create Credentials on the right:

      • Enter github in the Credential Name field.
      • Select Basic Authentication from the dropdown in the Type field.
      • Enter your GitHub user name in the Username field.
      • Enter your GitHub password (or GitHub access token if you have created one) in the Password field.
      • Choose Create.
      Create GitHub credential

    3. Choose the icon to add a new credential again and create a credential for Kyma.

      • Enter kube-config in the Credentials Name field.
      • Select Kubernetes Configuration from the dropdown in the Type field.
      • Paste the TokenRequest value that you copied in Step 4 above in the Content field.
      • Choose Create.
      Create kube-config credential

    4. Choose the icon to add a new credential again and create a credential for your container registry.

      • Enter container-registry-credentials in the Credentials Name field.
      • Select Container Registry Configuration from the dropdown in the Type field.
      • Paste your container registry credentials in the Content field, removing the https:// and /v1/ from the container registry URL in the auths object.
      • Choose Create.
      Create container registry credential

      Here’s how to get your container registry credentials in the required format:

      1. Run docker --config /tmp login docker.io in a terminal to login to your container registry.

      2. Run cat /tmp/config.json to print your container registry credentials. This is how the output should look like this:

        Container registry credentials

      3. Open the /tmp/config.json in a text editor and delete the credsStore key-value pair.

      4. Run the docker --config /tmp login docker.io command and provide your container registry login credentials.

      5. Print your container registry credentials again with cat /tmp/config.json. This is how the output should look like now:

        Container registry credentials

    What credentials do you need to create when adding a CI/CD job?

  • Step 7
  • Step 8
  • Step 9

    1. You have to trigger your job manually the first time after creation. Go back to the SAP Continuous Integration and Delivery application and navigate to the Jobs tab.

    2. Choose the Incident-Management job and choose Run.

      Run job

    3. Verify that a new tile appears in the Builds view. This tile should be marked as running.

      Build running

    4. Wait until the job has finished and verify that the build tile is marked as successful.

      Build successful
Back to Top
Back to top