diff --git a/README.md b/README.md index c3f9186..bac9a24 100644 --- a/README.md +++ b/README.md @@ -14,196 +14,6 @@ This plugin allows to deploy a [Helm](https://github.com/kubernetes/helm) chart For the usage information and a listing of the available options please take a look at [the docs](DOCS.md). -For example, this configuration will deploy my-app using a chart located in the repo called `my-chart` - -```YAML -pipeline: - helm_deploy: - image: quay.io/ipedrazas/drone-helm - skip_tls_verify: true - chart: ./charts/my-chart - release: ${DRONE_BRANCH} - values: secret.password=${SECRET_PASSWORD} - string_values: image.tag=${DRONE_BRANCH}-${DRONE_COMMIT_SHA:0:7} - prefix: STAGING - debug: true - wait: true - when: - branch: [master] -``` - -Last update of Drone expect you to declare the secrets you want to use: - -```YAML -pipeline: - helm_deploy: - image: quay.io/ipedrazas/drone-helm - chart: ./chart/blog - release: ${DRONE_BRANCH}-blog - string_values: image.tag=${DRONE_BRANCH}-${DRONE_COMMIT_SHA:0:7} - prefix: PROD - secrets: [ prod_api_server, prod_kubernetes_token ] - when: - branch: [master] -``` - -Use Kubernetes Certificate Authority Data. Just add the `_kubernetes_certificate` secret - -```diff - helm_deploy: - image: quay.io/ipedrazas/drone-helm - chart: ./chart/blog - release: ${DRONE_BRANCH}-blog - string_values: image.tag=${DRONE_BRANCH}-${DRONE_COMMIT_SHA:0:7} - prefix: PROD - - secrets: [ prod_api_server, prod_kubernetes_token ] - + secrets: [ prod_api_server, prod_kubernetes_token, prod_kubernetes_certificate ] - when: - branch: [master] -``` - -### Using Values and Value files - -Values can be passed using the `values_files` key. Use this option to define your values in a set of files -and pass them to `helm`. This option trigger the `-f` or ``--values`` flag in `helm`: - -```plain ---values valueFiles specify values in a YAML file (can specify multiple) (default []) -``` - -For example: - -```YAML -pipeline: - helm_deploy: - image: quay.io/ipedrazas/drone-helm - skip_tls_verify: true - chart: ./charts/my-chart - release: ${DRONE_BRANCH} - values_files: ["global-values.yaml", "myenv-values.yaml"] - when: - branch: [master] -``` - -### Using private Repositories - -Charts can also be fetched from your own private Chart Repository. `helm_repos` accepts a comma separated list of key value pairs where the key is the repository name and the value is the repository url. - -For Example: - -```YAML -pipeline: - helm_deploy_staging: - image: quay.io/ipedrazas/drone-helm - skip_tls_verify: true - helm_repos: hb-charts=http://helm-charts.honestbee.com - chart: hb-charts/hello-world - values: image.repository=quay.io/honestbee/hello-drone-helm - string_values: image.tag=${DRONE_BRANCH}-${DRONE_COMMIT_SHA:0:7} - release: ${DRONE_REPO_NAME}-${DRONE_BRANCH} - prefix: STAGING - when: - branch: - exclude: [ master ] -``` - -## Updating Chart dependencies - -In some cases, the local Chart might contain external dependencies defined in `./charts/my-chart/requirements.yaml`, e.g.: - -```YAML -dependencies: - - name: redis - version: 3.3.6 - repository: '@stable' -``` - -To restore these dependecies before the deployment `update_dependencies` parameter should be used, e.g.: - -```YAML -pipeline: - helm_deploy: - image: quay.io/ipedrazas/drone-helm - skip_tls_verify: true - chart: ./charts/my-chart - update_dependencies: true - release: ${DRONE_BRANCH} - values_files: ["global-values.yaml", "myenv-values.yaml"] - when: - branch: [master] -``` - -## Drone Secrets - -There are two secrets you have to create (Note that if you specify the prefix, your secrets have to be created using that prefix): - -```bash -drone secret add --image=quay.io/ipedrazas/drone-helm \ - your-user/your-repo STAGING_API_SERVER https://mykubernetesapiserver - -drone secret add --image=quay.io/ipedrazas/drone-helm \ - your-user/your-repo STAGING_KUBERNETES_TOKEN eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJrdWJ... - -drone secret add --image=quay.io/ipedrazas/drone-helm \ - your-user/your-repo STAGING_SECRET_PASSWORD Sup3rS3cr3t -``` - -`Prefix` helps you to use the same block in different environments: - -```YAML -pipeline: - helm_deploy_staging: - image: quay.io/ipedrazas/drone-helm - skip_tls_verify: true - chart: ./charts/my-chart - release: ${DRONE_BRANCH} - values: secret.password=${SECRET_PASSWORD} - string_values: image.tag=${DRONE_BRANCH}-${DRONE_COMMIT_SHA:0:7} - prefix: STAGING - debug: true - wait: true - when: - branch: - exclude: [ master ] - -pipeline_production: - helm_deploy: - image: quay.io/ipedrazas/drone-helm - skip_tls_verify: true - chart: ./charts/my-chart - release: ${DRONE_BRANCH} - values: secret.password=${SECRET_PASSWORD} - string_values: image.tag=${DRONE_BRANCH}-${DRONE_COMMIT_SHA:0:7} - prefix: PROD - debug: true - wait: true - when: - branch: [master] -``` - -This last block defines how the plugin will deploy - -## Testing with Minikube - -To test the plugin, you can run `minikube` and just run the docker image as follows: - -By using the docker daemon of minikube we can test local builds without having to push to a registry: - -```bash -eval $(minikube docker-env) -``` - -Build the image locally - -```bash -./build.sh -``` - -Get the token for the default service account in the default namespace: - -```bash -KUBERNETES_TOKEN=$(kubectl get secret $(kubectl get sa default -o jsonpath='{.secrets[].name}{"\n"}') -o jsonpath="{.data.token}" | base64 -D) -``` Run the local image (or replace `drone-helm` with `quay.io/ipedrazas/drone-helm`: @@ -223,48 +33,11 @@ docker run --rm \ quay.io/ipedrazas/drone-helm ``` -## Advanced customisations and debugging - -This plugin installs [Tiller](https://github.com/kubernetes/helm/blob/master/docs/architecture.md) in the cluster, if you want to specify the namespace where `tiller` ins installed, use the `tiller_ns` attribute. - -The following example will install `tiller` in the `operations` namespace: - -```YAML -pipeline_production: - helm_deploy: - image: quay.io/ipedrazas/drone-helm - skip_tls_verify: true - chart: ./charts/my-chart - release: ${DRONE_BRANCH} - string_values: image.tag=${DRONE_BRANCH}-${DRONE_COMMIT_SHA:0:7} - prefix: PROD - tiller_ns: operations - when: - branch: [master] -``` - -There's an option to do a `dry-run` in case you want to verify that the secrets and envvars are replaced correctly. Just add the attribute `dry-run` to true: - -```YAML -pipeline_production: - helm_deploy: - image: quay.io/ipedrazas/drone-helm - skip_tls_verify: true - chart: ./charts/my-chart - release: ${DRONE_BRANCH} - string_values: image.tag=${DRONE_BRANCH}-${DRONE_COMMIT_SHA:0:7} - prefix: STAGING - dry-run:true - when: - branch: [master] -``` - -Happy Helming! +### Contribution This repo is setup in a way that if you enable a personal drone server to build your fork it will build and publish your image (makes it easier to test PRs and use the image till the contributions get merged) * Build local ```DRONE_REPO_OWNER=ipedrazas DRONE_REPO_NAME=drone-helm drone exec``` * on your server just make sure you have DOCKER_USERNAME, DOCKER_PASSWORD, and PLUGIN_REPO set as secrets - - + \ No newline at end of file