third/plugin-drone-helm
1
0
Fork 0
mirror of https://github.com/ipedrazas/drone-helm.git synced 2026-06-04 18:24:13 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix conflicts in readme file

Browse Source
This commit is contained in:
Miguel Ángel García
2018-09-04 11:38:37 +02:00
parent 483ed99c6c
commit 9b298320be
1 changed files with 2 additions and 229 deletions
Download Patch File Download Diff File Expand all files Collapse all files
README.md
+2 -229
View File
@@ -14,196 +14,6 @@ This plugin allows to deploy a [Helm](https://github.com/kubernetes/helm) chart
For the usage information and a listing of the available options please take a look at [the docs](DOCS.md).
For example, this configuration will deploy my-app using a chart located in the repo called `my-chart`
```YAML
pipeline:
helm_deploy:
image: quay.io/ipedrazas/drone-helm
skip_tls_verify: true
chart: ./charts/my-chart
release: ${DRONE_BRANCH}
values: secret.password=${SECRET_PASSWORD}
string_values: image.tag=${DRONE_BRANCH}-${DRONE_COMMIT_SHA:0:7}
prefix: STAGING
debug: true
wait: true
when:
branch: [master]
```
Last update of Drone expect you to declare the secrets you want to use:
```YAML
pipeline:
helm_deploy:
image: quay.io/ipedrazas/drone-helm
chart: ./chart/blog
release: ${DRONE_BRANCH}-blog
string_values: image.tag=${DRONE_BRANCH}-${DRONE_COMMIT_SHA:0:7}
prefix: PROD
secrets: [ prod_api_server, prod_kubernetes_token ]
when:
branch: [master]
```
Use Kubernetes Certificate Authority Data. Just add the `<prefix>_kubernetes_certificate` secret
```diff
helm_deploy:
image: quay.io/ipedrazas/drone-helm
chart: ./chart/blog
release: ${DRONE_BRANCH}-blog
string_values: image.tag=${DRONE_BRANCH}-${DRONE_COMMIT_SHA:0:7}
prefix: PROD
- secrets: [ prod_api_server, prod_kubernetes_token ]
+ secrets: [ prod_api_server, prod_kubernetes_token, prod_kubernetes_certificate ]
when:
branch: [master]
```
### Using Values and Value files
Values can be passed using the `values_files` key. Use this option to define your values in a set of files
and pass them to `helm`. This option trigger the `-f` or ``--values`` flag in `helm`:
```plain
--values valueFiles specify values in a YAML file (can specify multiple) (default [])
```
For example:
```YAML
pipeline:
helm_deploy:
image: quay.io/ipedrazas/drone-helm
skip_tls_verify: true
chart: ./charts/my-chart
release: ${DRONE_BRANCH}
values_files: ["global-values.yaml", "myenv-values.yaml"]
when:
branch: [master]
```
### Using private Repositories
Charts can also be fetched from your own private Chart Repository. `helm_repos` accepts a comma separated list of key value pairs where the key is the repository name and the value is the repository url.
For Example:
```YAML
pipeline:
helm_deploy_staging:
image: quay.io/ipedrazas/drone-helm
skip_tls_verify: true
helm_repos: hb-charts=http://helm-charts.honestbee.com
chart: hb-charts/hello-world
values: image.repository=quay.io/honestbee/hello-drone-helm
string_values: image.tag=${DRONE_BRANCH}-${DRONE_COMMIT_SHA:0:7}
release: ${DRONE_REPO_NAME}-${DRONE_BRANCH}
prefix: STAGING
when:
branch:
exclude: [ master ]
```
## Updating Chart dependencies
In some cases, the local Chart might contain external dependencies defined in `./charts/my-chart/requirements.yaml`, e.g.:
```YAML
dependencies:
- name: redis
version: 3.3.6
repository: '@stable'
```
To restore these dependecies before the deployment `update_dependencies` parameter should be used, e.g.:
```YAML
pipeline:
helm_deploy:
image: quay.io/ipedrazas/drone-helm
skip_tls_verify: true
chart: ./charts/my-chart
update_dependencies: true
release: ${DRONE_BRANCH}
values_files: ["global-values.yaml", "myenv-values.yaml"]
when:
branch: [master]
```
## Drone Secrets
There are two secrets you have to create (Note that if you specify the prefix, your secrets have to be created using that prefix):
```bash
drone secret add --image=quay.io/ipedrazas/drone-helm \
your-user/your-repo STAGING_API_SERVER https://mykubernetesapiserver
drone secret add --image=quay.io/ipedrazas/drone-helm \
your-user/your-repo STAGING_KUBERNETES_TOKEN eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJrdWJ...
drone secret add --image=quay.io/ipedrazas/drone-helm \
your-user/your-repo STAGING_SECRET_PASSWORD Sup3rS3cr3t
```
`Prefix` helps you to use the same block in different environments:
```YAML
pipeline:
helm_deploy_staging:
image: quay.io/ipedrazas/drone-helm
skip_tls_verify: true
chart: ./charts/my-chart
release: ${DRONE_BRANCH}
values: secret.password=${SECRET_PASSWORD}
string_values: image.tag=${DRONE_BRANCH}-${DRONE_COMMIT_SHA:0:7}
prefix: STAGING
debug: true
wait: true
when:
branch:
exclude: [ master ]
pipeline_production:
helm_deploy:
image: quay.io/ipedrazas/drone-helm
skip_tls_verify: true
chart: ./charts/my-chart
release: ${DRONE_BRANCH}
values: secret.password=${SECRET_PASSWORD}
string_values: image.tag=${DRONE_BRANCH}-${DRONE_COMMIT_SHA:0:7}
prefix: PROD
debug: true
wait: true
when:
branch: [master]
```
This last block defines how the plugin will deploy
## Testing with Minikube
To test the plugin, you can run `minikube` and just run the docker image as follows:
By using the docker daemon of minikube we can test local builds without having to push to a registry:
```bash
eval $(minikube docker-env)
```
Build the image locally
```bash
./build.sh
```
Get the token for the default service account in the default namespace:
```bash
KUBERNETES_TOKEN=$(kubectl get secret $(kubectl get sa default -o jsonpath='{.secrets[].name}{"\n"}') -o jsonpath="{.data.token}" | base64 -D)
```
Run the local image (or replace `drone-helm` with `quay.io/ipedrazas/drone-helm`:
@@ -223,48 +33,11 @@ docker run --rm \
quay.io/ipedrazas/drone-helm
```
## Advanced customisations and debugging
This plugin installs [Tiller](https://github.com/kubernetes/helm/blob/master/docs/architecture.md) in the cluster, if you want to specify the namespace where `tiller` ins installed, use the `tiller_ns` attribute.
The following example will install `tiller` in the `operations` namespace:
```YAML
pipeline_production:
helm_deploy:
image: quay.io/ipedrazas/drone-helm
skip_tls_verify: true
chart: ./charts/my-chart
release: ${DRONE_BRANCH}
string_values: image.tag=${DRONE_BRANCH}-${DRONE_COMMIT_SHA:0:7}
prefix: PROD
tiller_ns: operations
when:
branch: [master]
```
There's an option to do a `dry-run` in case you want to verify that the secrets and envvars are replaced correctly. Just add the attribute `dry-run` to true:
```YAML
pipeline_production:
helm_deploy:
image: quay.io/ipedrazas/drone-helm
skip_tls_verify: true
chart: ./charts/my-chart
release: ${DRONE_BRANCH}
string_values: image.tag=${DRONE_BRANCH}-${DRONE_COMMIT_SHA:0:7}
prefix: STAGING
dry-run:true
when:
branch: [master]
```
Happy Helming!
### Contribution
This repo is setup in a way that if you enable a personal drone server to build your fork it will
build and publish your image (makes it easier to test PRs and use the image till the contributions get merged)
* Build local ```DRONE_REPO_OWNER=ipedrazas DRONE_REPO_NAME=drone-helm drone exec```
* on your server just make sure you have DOCKER_USERNAME, DOCKER_PASSWORD, and PLUGIN_REPO set as secrets