third/plugin-drone-k8s-kube
1
0
Fork 0
mirror of https://github.com/zc2638/drone-k8s-plugin.git synced 2026-06-16 14:48:59 +08:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: third/plugin-drone-k8s-kube:0.0.3
Branches Tags
third/plugin-drone-k8s-kube:main
third/plugin-drone-k8s-kube:0.0.4 third/plugin-drone-k8s-kube:0.0.3 third/plugin-drone-k8s-kube:0.0.2 third/plugin-drone-k8s-kube:0.0.1
..
compare: third/plugin-drone-k8s-kube:0.0.4
Branches Tags
third/plugin-drone-k8s-kube:main
third/plugin-drone-k8s-kube:0.0.4 third/plugin-drone-k8s-kube:0.0.3 third/plugin-drone-k8s-kube:0.0.2 third/plugin-drone-k8s-kube:0.0.1

2 Commits
0.0.3 .. 0.0.4

Author SHA1 Message Date
zc 501821bedd support ca automatic base64 decoding 2022-11-17 09:33:38 +08:00
zc 73e34c8f47 support file patterns 2022-11-15 16:04:27 +08:00
5 changed files with 53 additions and 23 deletions
Expand all files Collapse all files
README.md
+20 -16
View File
@@ -20,21 +20,21 @@ docker run --rm \
### Environments
| name | required | type | description |
|:--------------------|:--------:|:---------|:-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| kubernetes_server | ✔️ | string | The address and port of the Kubernetes API server. |
| k8s_server | | string | The same as `kubernetes_server`. |
| kubernetes_token | ✔️ | string | Token from ServiceAccount for authentication to the API server. |
| k8s_token | | string | The same as `kubernetes_token`. |
| kubernetes_ca_crt | | string | Certificate from ServiceAccount for authentication to the API server. |
| k8s_ca_crt | | string | The same as `kubernetes_ca_crt`. |
| kubernetes_skip_tls | | bool | If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure. |
| k8s_skip_tls | | bool | The same as `kubernetes_skip_tls_verify`. |
| init_templates | | []string | Path to Kubernetes Resource yaml based definition file (e.g. ConfigMap, Deployment or others), used to initialize some resources. |
| templates | | []string | Path to Kubernetes Resource yaml based definition file (e.g. ConfigMap, Deployment or others). |
| config_files | | []string | Config file paths for automatic creation/update of ConfigMap.The syntax is expressed as `namespace:name:file_path:file_name` or `namespace:name:file_path`, when file_name is not specified, it will default to the file name of file_path. |
| namespace | | string | Default namespace to use when namespace is not set. |
| debug | | bool | Used to enable debug level logging. |
| name | required | type | description |
|:--------------------|:--------:|:---------|:-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| kubernetes_server | ✔️ | string | The address and port of the Kubernetes API server. |
| k8s_server | | string | The same as `kubernetes_server`. |
| kubernetes_token | ✔️ | string | Token from ServiceAccount for authentication to the API server. The value must be base64 encoded. |
| k8s_token | | string | The same as `kubernetes_token`. |
| kubernetes_ca_crt | | string | Certificate from ServiceAccount for authentication to the API server. The value must be base64 encoded. |
| k8s_ca_crt | | string | The same as `kubernetes_ca_crt`. |
| kubernetes_skip_tls | | bool | If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure. |
| k8s_skip_tls | | bool | The same as `kubernetes_skip_tls_verify`. |
| init_templates | | []string | Path to Kubernetes Resource yaml based definition file (e.g. ConfigMap, Deployment or others), used to initialize some resources. |
| templates | | []string | Path to Kubernetes Resource yaml based definition file (e.g. ConfigMap, Deployment or others). |
| config_files | | []string | Config file paths for automatic creation/update of ConfigMap.The syntax is expressed as `namespace:name:file_path:file_name` or `namespace:name:file_path`, when file_name is not specified, it will default to the file name of file_path. |
| namespace | | string | Default namespace to use when namespace is not set. |
| debug | | bool | Used to enable debug level logging. |
## Drone Example
@@ -56,15 +56,19 @@ steps:
from_secret: k8s_ca_crt
k8s_skip_tls: false
namespace: default
init_templates:
- testdata/namespace.yaml
config_files:
- default:test-config:testdata/config.yaml
- default:test-config:testdata/config.yaml:a.yaml
templates:
- testdata/deployment.yaml
- testdata/service.yaml
- testdata/*.yaml
app_name: ${DRONE_REPO_NAME}
```
OR
OR
```yaml
kind: pipeline
go.mod
+3 -1
View File
@@ -3,7 +3,10 @@ module github.com/zc2638/drone-k8s-plugin
go 1.19
require (
github.com/99nil/gopkg v0.0.0-20221020090523-251ae5920751
github.com/Masterminds/sprig v2.22.0+incompatible
github.com/a8m/envsubst v1.3.0
github.com/bmatcuk/doublestar/v4 v4.4.0
github.com/mitchellh/go-homedir v1.1.0
github.com/mitchellh/mapstructure v1.5.0
github.com/sirupsen/logrus v1.9.0
@@ -20,7 +23,6 @@ require (
github.com/Masterminds/semver v1.5.0 // indirect
github.com/PuerkitoBio/purell v1.1.1 // indirect
github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 // indirect
github.com/a8m/envsubst v1.3.0 // indirect
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/emicklei/go-restful/v3 v3.8.0 // indirect
github.com/fsnotify/fsnotify v1.6.0 // indirect
go.sum
+4
View File
@@ -36,6 +36,8 @@ cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RX
cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0=
cloud.google.com/go/storage v1.14.0/go.mod h1:GrKmX003DSIwi9o29oFT7YDnHYwZoctc3fOKtUw0Xmo=
dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU=
github.com/99nil/gopkg v0.0.0-20221020090523-251ae5920751 h1:Iebp4akbVu6Sf2WlFqb9/aBl7mxH1jTgkG0zHJFrzw8=
github.com/99nil/gopkg v0.0.0-20221020090523-251ae5920751/go.mod h1:qbZsXE0O2/hY9mWK0tOOCbg8FrFarc3Ym/39i7V9akQ=
github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
github.com/Masterminds/goutils v1.1.1 h1:5nUrii3FMTL5diU80unEVvNevw1nH4+ZV4DSLVJLSYI=
@@ -50,6 +52,8 @@ github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 h1:d+Bc7a5rLufV
github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE=
github.com/a8m/envsubst v1.3.0 h1:GmXKmVssap0YtlU3E230W98RWtWCyIZzjtf1apWWyAg=
github.com/a8m/envsubst v1.3.0/go.mod h1:MVUTQNGQ3tsjOOtKCNd+fl8RzhsXcDvvAEzkhGtlsbY=
github.com/bmatcuk/doublestar/v4 v4.4.0 h1:LmAwNwhjEbYtyVLzjcP/XeVw4nhuScHGkF/XWXnvIic=
github.com/bmatcuk/doublestar/v4 v4.4.0/go.mod h1:xBQ8jztBU6kakFMg+8WGxn0c6z1fTSPVIjEY1Wr7jzc=
github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI=
github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI=
pkg/kube/kube.go
+8 -2
View File
@@ -17,6 +17,7 @@ package kube
import (
"encoding/base64"
"errors"
"fmt"
"strings"
"k8s.io/client-go/rest"
@@ -39,7 +40,7 @@ func NewRestConfig(config *Config) (*rest.Config, error) {
token := strings.ReplaceAll(config.Token, " ", "")
tokenBytes, err := base64.StdEncoding.DecodeString(token)
if err != nil {
return nil, err
return nil, fmt.Errorf("base64 decode token failed: %v", err)
}
restConfig = &rest.Config{
BearerToken: string(tokenBytes),
@@ -49,8 +50,13 @@ func NewRestConfig(config *Config) (*rest.Config, error) {
},
}
if !config.SkipTLS {
caCrt := strings.ReplaceAll(config.CaCrt, " ", "")
caCrtBytes, err := base64.StdEncoding.DecodeString(caCrt)
if err != nil {
return nil, fmt.Errorf("base64 decode ca failed: %v", err)
}
restConfig.Insecure = false
restConfig.CAData = []byte(config.CaCrt)
restConfig.CAData = caCrtBytes
}
restConfig.RateLimiter = flowcontrol.NewTokenBucketRateLimiter(1000, 1000)
pkg/plugin/plugin.go
+18 -4
View File
@@ -22,6 +22,10 @@ import (
"regexp"
"strconv"
"github.com/99nil/gopkg/sets"
"github.com/bmatcuk/doublestar/v4"
pkgruntime "k8s.io/apimachinery/pkg/runtime"
v1 "k8s.io/api/core/v1"
@@ -79,16 +83,26 @@ func run(
}
func parseObjectSet(templates []string, envMap map[string]string) ([][]unstructured.Unstructured, error) {
if len(templates) == 0 {
fileSet := sets.New[string]()
for _, v := range templates {
matches, err := doublestar.FilepathGlob(v)
if err != nil {
return nil, err
}
fileSet.Add(matches...)
}
files := fileSet.List()
if len(files) == 0 {
return nil, nil
}
objSet := make([][]unstructured.Unstructured, 0, len(templates))
for _, v := range templates {
objSet := make([][]unstructured.Unstructured, 0, len(files))
for _, v := range files {
ext := filepath.Ext(v)
isYamlFile := ext == ".yaml" || ext == ".yml"
if !isYamlFile {
logrus.Warnf("Ignore file (%s), not a yaml or yml file", v)
logrus.Warnf("Ignore dir or file (%s), not a yaml or yml file", v)
continue
}