third/plugin-drone-helm

Fork 0

mirror of https://github.com/ipedrazas/drone-helm.git synced 2026-06-04 18:24:13 +08:00

T

Ivan Pedrazas 69e5676fac remove debug statments

2017-01-08 17:11:21 +00:00

.drone.yml

docker push no latest

2017-01-07 02:12:14 +00:00

.drone.yml.sig

docker push no latest

2017-01-07 02:12:14 +00:00

.gitignore

initial release

2016-12-09 13:05:41 +00:00

Dockerfile

split dockerfiles

2017-01-08 10:10:08 +00:00

kubeconfig

re-written for 0.5

2016-12-09 16:00:57 +00:00

LICENSE

Initial commit

2016-12-08 16:21:06 +00:00

main.go

fixed prefix bug

2017-01-08 11:47:26 +00:00

plugin_test.go

extenive debug 02

2017-01-08 11:42:31 +00:00

plugin.go

remove debug statments

2017-01-08 17:11:21 +00:00

README.md

delete event

2016-12-21 14:18:29 +00:00

README.md

Helm (Kubernetes) plugin for drone.io

This plugin allows to deploy a Helm chart into a Kubernetes cluster.

For example, this configuration will deploy my-app using the stable/jenkins chart

    pipeline:
         helm_deploy:
            image: quay.io/ipedrazas/drone-helm                    
            chart: stable/jenkins
            release: my-dear-jenkins

There are two secrets you have to create:

            drone secret add --image=quay.io/ipedrazas/drone-helm \
                    your-user/your-repo API_SERVER https://mykubernetesapiserver


            drone secret add --image=quay.io/ipedrazas/drone-helm \
                    your-user/your-repo KUBERNETES_TOKEN eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJrdWJ...

If you don't know where to get a token from, you can execute the following command:

    kubectl exec POD_NAME -- cat /var/run/secrets/kubernetes.io/serviceaccount/token

For example, in a cluster where there's a pod called nginx-1212390922-fdz1x we coudl do:

    kubectl exec nginx-1212390922-fdz1x -- cat /var/run/secrets/kubernetes.io/serviceaccount/token

To test the plugin, you can run minikube and just run the docker image as follows:

    docker run --rm \
    -e PLUGIN_API_SERVER=https://192.168.64.5:8443 \
    -e PLUGIN_TOKEN="" \
    -e PLUGIN_NAMESPACE=default \
    -e PLUGIN_SKIP_TLS_VERIFY=true \
    -e PLUGIN_RELEASE=my-release \
    -e PLUGIMN_CHART=stable/redis \
    -e PLUGIN_VALUES="tag=TAG,api=API" \
    -e PLUGIN_SECRETS=TAG,API \
    -e PLUGIN_DEBUG=true \
    -e PLUGIN_DRY_RUN=true \
    -e DRONE_BUILD_EVENT=delete \
    quay.io/ipedrazas/drone-helm

Secrets

If you find that you need to put a secret in the --set values of your Helm command you have to create the drone secret first:

            drone secret add --image=quay.io/ipedrazas/drone-helm \
                    your-user/your-repo MYSECRET secretvalue

Then you have to define values as

            pipeline:
              helm_deploy:
                image: quay.io/ipedrazas/drone-helm                    
                chart: stable/jenkins
                release: my-dear-jenkins
                values: webhook.token=${MYSECRET},webhook.key=$KEY
                api_server: ${STAGING_API_SERVER}
                secrets: MYSECRET,STAGING_API_SERVER,KEY

You have to do this because from 0.5 version fo Drone, secrets are not expanded in plugins. This means that there's no possibility of passing secret parameters as part of a value to the plugin.

This is a limitation of Drone. to overcome that problem, we define the SECRETS and the plugin will resolve them

Happy Helming!