Skills2026年4月16日·1 分钟阅读

Concourse — Container-Native CI/CD with Pipelines as Code

Build reliable CI/CD pipelines with Concourse. Every step runs in an isolated container, pipelines are declarative YAML, and the resource model makes dependencies explicit and reproducible.

Script Depot · Community

Agent 就绪

先审查再安装

这个资产需要先审查。复制的指令会要求 Agent dry-run、列出写入项，确认后再继续。

Needs Confirmation · 64/100策略：需确认

Agent 入口

任意 MCP/CLI Agent

类型

Skill

安装

Single

信任

信任等级：Established

入口

Concourse CI/CD Pipeline

先审查命令

npx -y tokrepo@latest install 8c85c9b7-3939-11f1-9bc6-00163e2b0d79 --target codex

先 dry-run，确认写入项后再运行此命令。

TL;DR

Concourse runs every CI/CD task in an isolated container with declarative YAML pipelines and explicit dependencies.

§01

What it is

Concourse is an open-source CI/CD system where every task runs in its own OCI container. Pipelines are defined in declarative YAML, and the resource model makes dependencies between jobs explicit and reproducible. Unlike Jenkins or GitHub Actions, Concourse treats pipelines as first-class code with no implicit state.

Concourse is for DevOps teams and platform engineers who need reproducible, auditable CI/CD pipelines. Its container-per-task model ensures that builds run identically regardless of where the worker runs.

§02

How it saves time or tokens

Concourse's resource model eliminates hidden dependencies. Every input and output is declared explicitly, so you never encounter 'works on my machine' pipeline failures. When a pipeline breaks, you know exactly which resource changed.

The container-per-task isolation means no shared state between jobs. You do not need to clean workspaces, manage tool versions on shared runners, or worry about one job corrupting another's environment.

§03

How to use

Start Concourse with Docker Compose:

curl -O https://concourse-ci.org/docker-compose.yml
docker-compose up -d

fly -t local login -c http://localhost:8080 -u test -p test

Define a pipeline in YAML and set it:

# pipeline.yml
resources:
- name: repo
  type: git
  source:
    uri: https://github.com/org/app.git
    branch: main

jobs:
- name: test
  plan:
  - get: repo
    trigger: true
  - task: run-tests
    config:
      platform: linux
      image_resource:
        type: registry-image
        source: { repository: node, tag: '20' }
      inputs:
      - name: repo
      run:
        path: sh
        args: ['-c', 'cd repo && npm ci && npm test']

fly -t local set-pipeline -p my-pipeline -c pipeline.yml
fly -t local unpause-pipeline -p my-pipeline

§04

Example

A multi-stage pipeline with build, test, and deploy:

jobs:
- name: build
  plan:
  - get: repo
    trigger: true
  - task: compile
    config:
      platform: linux
      image_resource:
        type: registry-image
        source: { repository: golang, tag: '1.22' }
      inputs: [{ name: repo }]
      outputs: [{ name: binary }]
      run:
        path: sh
        args: ['-c', 'cd repo && go build -o ../binary/app .']
  - put: artifact-bucket
    params: { file: binary/app }

§05

Related on TokRepo

DevOps AI tools -- CI/CD and infrastructure tools
Automation tools -- pipeline and workflow automation

§06

Common pitfalls

Concourse has a steeper learning curve than GitHub Actions or GitLab CI. The resource model is powerful but requires understanding inputs, outputs, and triggers before writing your first pipeline.
Worker scaling is manual. Unlike cloud CI services, you manage your own Concourse workers. Under-provisioned workers cause queued builds.
Concourse does not have built-in secret management. Integrate with Vault, AWS Secrets Manager, or CredHub for secure credential handling.

常见问题

How does Concourse compare to Jenkins?+

Concourse runs every task in a fresh container with no shared state. Jenkins runs tasks on shared agents with plugins that accumulate state over time. Concourse pipelines are declarative YAML; Jenkins uses Groovy-based Jenkinsfiles. Concourse is simpler but less extensible than Jenkins.

What is a Concourse resource?+

A resource is an external entity that Concourse tracks and interacts with -- a Git repository, an S3 bucket, a Docker image, or a Slack channel. Resources have get (input), put (output), and check (detect changes) operations. The resource model is what makes pipelines explicit and reproducible.

Can Concourse run on Kubernetes?+

Yes. Concourse provides a Helm chart for Kubernetes deployment. Workers run as pods, and the web UI and ATC (Air Traffic Controller) run as Kubernetes services. This is the recommended production deployment method.

Does Concourse support parallel jobs?+

Yes. Jobs with no dependencies run in parallel by default. You can also use the in_parallel step within a job to run multiple tasks concurrently. Worker capacity determines the actual parallelism.

How does Concourse handle secrets?+

Concourse integrates with external secret managers: HashiCorp Vault, AWS Secrets Manager, and CredHub. Secrets are referenced in pipeline YAML using double-parenthesis syntax like ((aws-access-key)) and resolved at runtime from the configured secret backend.

引用来源 (3)

Concourse GitHub— Concourse container-native CI/CD system
Concourse Documentation— Resource model and pipeline configuration
OCI Runtime Specification— Container isolation for CI/CD tasks

讨论

登录后参与讨论。

还没有评论，来写第一条吧。

Concourse — Container-Native CI/CD with Pipelines as Code

先审查再安装

What it is

How it saves time or tokens

How to use

Example

Related on TokRepo

Common pitfalls

常见问题

引用来源 (3)

TokRepo 相关

讨论

相关资产

Tekton Pipelines — Cloud-Native CI/CD Primitives for Kubernetes

Docker Selenium Grid — Containerized Browser Testing at Scale

Fn Project — Container-Native Serverless Functions Platform

cAdvisor — Real-Time Container Resource Monitoring by Google