Loading templates/gitlab-ci-k8s.yml +43 −43 Original line number Diff line number Diff line Loading @@ -299,25 +299,22 @@ stages: "$1" fi } function login() { environment_type=$1 url=$2 cacert=$3 token=$4 namespace=$5 config=$6 if [[ -f "$config" ]] function k8s_login() { k8s_namespace=${ENV_SPACE:-$K8S_SPACE} k8s_config=${ENV_KUBE_CONFIG:-${K8S_DEFAULT_KUBE_CONFIG}} if [[ -f "$k8s_config" ]] then # $config is a path to a Kuberconfig file # $k8s_config is a path to a Kuberconfig file export KUBECONFIG="$CI_PROJECT_DIR/.kubeconfig" cp -f "$config" "$KUBECONFIG" cp -f "$k8s_config" "$KUBECONFIG" log_info "--- using \\e[32mKUBECONFIG\\e[0m provided by env variables (file)" elif [[ -n "$config" ]] elif [[ -n "$k8s_config" ]] then # $config is a Kuberconfig file content # $k8s_config is a Kuberconfig file content export KUBECONFIG="$CI_PROJECT_DIR/.kubeconfig" echo "$config" > "$KUBECONFIG" echo "$k8s_config" > "$KUBECONFIG" log_info "--- using \\e[32mKUBECONFIG\\e[0m provided by env variables (content)" elif [[ -n "$KUBECONFIG" ]] then Loading @@ -329,34 +326,37 @@ stages: log_info "--- switch to the given \\e[32mKUBE_CONTEXT\\e[0m: ${KUBE_CONTEXT}" fi else log_info "--- using exploded \\e[32mKUBECONFIG\\e[0m parameters (env: \\e[33;1m${environment_type}\\e[0m, url: \\e[33;1m${url}\\e[0m, namespace: \\e[33;1m${namespace}\\e[0m)" k8s_server_url=${ENV_API_URL:-$K8S_URL} k8s_cacert=${ENV_CA_CERT:-$K8S_CA_CERT} k8s_token=${ENV_TOKEN:-$K8S_TOKEN} log_info "--- using exploded \\e[32mKUBECONFIG\\e[0m parameters (server url: \\e[33;1m${k8s_server_url}\\e[0m, namespace: \\e[33;1m${k8s_namespace}\\e[0m)" assert_defined "${url}" "Missing required Kubernetes URL. Provide a kubeconfig file or \$K8S_*_URL" assert_defined "${token}" "Missing required Kubernetes Token. Provide a kubeconfig file or \$K8S_*_TOKEN" assert_defined "${k8s_server_url}" "Missing required Kubernetes URL. Provide a kubeconfig file or \$K8S_*_URL" assert_defined "${k8s_token}" "Missing required Kubernetes Token. Provide a kubeconfig file or \$K8S_*_TOKEN" export KUBECONFIG="$CI_PROJECT_DIR/.kubeconfig" touch "$KUBECONFIG" if [[ "$cacert" ]] if [[ "$k8s_cacert" ]] then # Cluster config with CA cert mkdir -p "$CI_PROJECT_DIR/.kube/certs/k8s-cluster/" echo "$cacert" > "$CI_PROJECT_DIR/.kube/certs/k8s-cluster/k8s-ca.crt" kubectl config set-cluster k8s-cluster --certificate-authority="$CI_PROJECT_DIR/.kube/certs/k8s-cluster/k8s-ca.crt" --server="$url" echo "$k8s_cacert" > "$CI_PROJECT_DIR/.kube/certs/k8s-cluster/k8s-ca.crt" kubectl config set-cluster k8s-cluster --certificate-authority="$CI_PROJECT_DIR/.kube/certs/k8s-cluster/k8s-ca.crt" --server="$k8s_server_url" else # Cluster config w/o CA cert kubectl config set-cluster k8s-cluster --server="$url" kubectl config set-cluster k8s-cluster --server="$k8s_server_url" fi # Credentials config kubectl config set-credentials gitlab --token="$token" kubectl config set-credentials gitlab --token="$k8s_token" # Context config kubectl config set-context gitlab-k8s-cluster --cluster=k8s-cluster --user=gitlab --namespace="$namespace" kubectl config set-context gitlab-k8s-cluster --cluster=k8s-cluster --user=gitlab --namespace="$k8s_namespace" kubectl config use-context gitlab-k8s-cluster fi kubectl config set-context --current --namespace="$namespace" kubectl config set-context --current --namespace="$k8s_namespace" # finally test connection and dump versions kubectl ${TRACE+-v=5} version Loading Loading @@ -398,12 +398,12 @@ stages: fi } function deploy() { export environment_type=$1 export environment_name=$2 environment_url=$3 function k8s_deploy() { export environment_type=$ENV_TYPE export environment_name=${ENV_APP_NAME:-${K8S_BASE_APP_NAME}${ENV_APP_SUFFIX}} environment_url=${ENV_URL:-${K8S_ENVIRONMENT_URL:-$ENV_URL_LEGACY}} # also export environment_name in SCREAMING_SNAKE_CASE format (may be useful with Kubernetes env variables) environment_name_ssc=$(to_ssc "$2") environment_name_ssc=$(to_ssc "$environment_name") export environment_name_ssc # for backward compatibility Loading Loading @@ -481,11 +481,11 @@ stages: } function rollback() { export environment_type=$1 export environment_name=$2 export environment_type=${1:-$ENV_TYPE} export environment_name=${2:-${ENV_APP_NAME:-${K8S_BASE_APP_NAME}${ENV_APP_SUFFIX}}} environment_url=$3 # also export environment_name in SCREAMING_SNAKE_CASE format (may be useful with Kubernetes env variables) environment_name_ssc=$(to_ssc "$2") environment_name_ssc=$(to_ssc "$environment_name") export environment_name_ssc # for backward compatibility Loading Loading @@ -531,11 +531,11 @@ stages: fi } function cleanup() { export environment_type=$1 export environment_name=$2 function k8s_cleanup() { export environment_type=$ENV_TYPE export environment_name=${ENV_APP_NAME:-${K8S_BASE_APP_NAME}${ENV_APP_SUFFIX}} # also export environment_name in SCREAMING_SNAKE_CASE format (may be useful with Kubernetes env variables) environment_name_ssc=$(to_ssc "$2") environment_name_ssc=$(to_ssc "$environment_name") export environment_name_ssc # for backward compatibility Loading Loading @@ -583,8 +583,8 @@ stages: fi } function score() { export environment_type=$1 function k8s_score() { export environment_type=$ENV_TYPE if [[ "$K8S_KUSTOMIZE_ENABLED" == "true" ]] then kustofile=$(ls -1 "$K8S_SCRIPTS_DIR/${environment_type}/kustomization.yml" 2>/dev/null || ls -1 "$K8S_SCRIPTS_DIR/${environment_type}/kustomization.yaml" 2>/dev/null || ls -1 "$K8S_SCRIPTS_DIR/kustomization.yml" 2>/dev/null || ls -1 "$K8S_SCRIPTS_DIR/kustomization.yaml" 2>/dev/null || echo "") Loading Loading @@ -641,7 +641,7 @@ k8s-score: name: $K8S_KUBE_SCORE_IMAGE entrypoint: [""] script: - score "$ENV_TYPE" - k8s_score parallel: matrix: - ENV_TYPE: review Loading Loading @@ -696,9 +696,9 @@ k8s-score: - *k8s-scripts - install_ca_certs "${CUSTOM_CA_CERTS:-$DEFAULT_CA_CERTS}" - assert_defined "${ENV_SPACE:-$K8S_SPACE}" 'Missing required env $ENV_SPACE or $K8S_SPACE' - login "$ENV_TYPE" "${ENV_API_URL:-$K8S_URL}" "${ENV_CA_CERT:-$K8S_CA_CERT}" "${ENV_TOKEN:-$K8S_TOKEN}" "${ENV_SPACE:-$K8S_SPACE}" "${ENV_KUBE_CONFIG:-${K8S_DEFAULT_KUBE_CONFIG}}" - k8s_login script: - deploy "$ENV_TYPE" "${ENV_APP_NAME:-${K8S_BASE_APP_NAME}${ENV_APP_SUFFIX}}" "${ENV_URL:-${K8S_ENVIRONMENT_URL:-$ENV_URL_LEGACY}}" - k8s_deploy artifacts: name: "$ENV_TYPE env url for $CI_PROJECT_NAME on $CI_COMMIT_REF_SLUG" when: always Loading Loading @@ -732,9 +732,9 @@ k8s-score: - *k8s-scripts - install_ca_certs "${CUSTOM_CA_CERTS:-$DEFAULT_CA_CERTS}" - assert_defined "${ENV_SPACE:-$K8S_SPACE}" 'Missing required env $ENV_SPACE or $K8S_SPACE' - login "$ENV_TYPE" "${ENV_API_URL:-$K8S_URL}" "${ENV_CA_CERT:-$K8S_CA_CERT}" "${ENV_TOKEN:-$K8S_TOKEN}" "${ENV_SPACE:-$K8S_SPACE}" "${ENV_KUBE_CONFIG:-${K8S_DEFAULT_KUBE_CONFIG}}" - k8s_login script: - cleanup "$ENV_TYPE" ${ENV_APP_NAME:-${K8S_BASE_APP_NAME}${ENV_APP_SUFFIX}} - k8s_cleanup environment: action: stop Loading Loading
templates/gitlab-ci-k8s.yml +43 −43 Original line number Diff line number Diff line Loading @@ -299,25 +299,22 @@ stages: "$1" fi } function login() { environment_type=$1 url=$2 cacert=$3 token=$4 namespace=$5 config=$6 if [[ -f "$config" ]] function k8s_login() { k8s_namespace=${ENV_SPACE:-$K8S_SPACE} k8s_config=${ENV_KUBE_CONFIG:-${K8S_DEFAULT_KUBE_CONFIG}} if [[ -f "$k8s_config" ]] then # $config is a path to a Kuberconfig file # $k8s_config is a path to a Kuberconfig file export KUBECONFIG="$CI_PROJECT_DIR/.kubeconfig" cp -f "$config" "$KUBECONFIG" cp -f "$k8s_config" "$KUBECONFIG" log_info "--- using \\e[32mKUBECONFIG\\e[0m provided by env variables (file)" elif [[ -n "$config" ]] elif [[ -n "$k8s_config" ]] then # $config is a Kuberconfig file content # $k8s_config is a Kuberconfig file content export KUBECONFIG="$CI_PROJECT_DIR/.kubeconfig" echo "$config" > "$KUBECONFIG" echo "$k8s_config" > "$KUBECONFIG" log_info "--- using \\e[32mKUBECONFIG\\e[0m provided by env variables (content)" elif [[ -n "$KUBECONFIG" ]] then Loading @@ -329,34 +326,37 @@ stages: log_info "--- switch to the given \\e[32mKUBE_CONTEXT\\e[0m: ${KUBE_CONTEXT}" fi else log_info "--- using exploded \\e[32mKUBECONFIG\\e[0m parameters (env: \\e[33;1m${environment_type}\\e[0m, url: \\e[33;1m${url}\\e[0m, namespace: \\e[33;1m${namespace}\\e[0m)" k8s_server_url=${ENV_API_URL:-$K8S_URL} k8s_cacert=${ENV_CA_CERT:-$K8S_CA_CERT} k8s_token=${ENV_TOKEN:-$K8S_TOKEN} log_info "--- using exploded \\e[32mKUBECONFIG\\e[0m parameters (server url: \\e[33;1m${k8s_server_url}\\e[0m, namespace: \\e[33;1m${k8s_namespace}\\e[0m)" assert_defined "${url}" "Missing required Kubernetes URL. Provide a kubeconfig file or \$K8S_*_URL" assert_defined "${token}" "Missing required Kubernetes Token. Provide a kubeconfig file or \$K8S_*_TOKEN" assert_defined "${k8s_server_url}" "Missing required Kubernetes URL. Provide a kubeconfig file or \$K8S_*_URL" assert_defined "${k8s_token}" "Missing required Kubernetes Token. Provide a kubeconfig file or \$K8S_*_TOKEN" export KUBECONFIG="$CI_PROJECT_DIR/.kubeconfig" touch "$KUBECONFIG" if [[ "$cacert" ]] if [[ "$k8s_cacert" ]] then # Cluster config with CA cert mkdir -p "$CI_PROJECT_DIR/.kube/certs/k8s-cluster/" echo "$cacert" > "$CI_PROJECT_DIR/.kube/certs/k8s-cluster/k8s-ca.crt" kubectl config set-cluster k8s-cluster --certificate-authority="$CI_PROJECT_DIR/.kube/certs/k8s-cluster/k8s-ca.crt" --server="$url" echo "$k8s_cacert" > "$CI_PROJECT_DIR/.kube/certs/k8s-cluster/k8s-ca.crt" kubectl config set-cluster k8s-cluster --certificate-authority="$CI_PROJECT_DIR/.kube/certs/k8s-cluster/k8s-ca.crt" --server="$k8s_server_url" else # Cluster config w/o CA cert kubectl config set-cluster k8s-cluster --server="$url" kubectl config set-cluster k8s-cluster --server="$k8s_server_url" fi # Credentials config kubectl config set-credentials gitlab --token="$token" kubectl config set-credentials gitlab --token="$k8s_token" # Context config kubectl config set-context gitlab-k8s-cluster --cluster=k8s-cluster --user=gitlab --namespace="$namespace" kubectl config set-context gitlab-k8s-cluster --cluster=k8s-cluster --user=gitlab --namespace="$k8s_namespace" kubectl config use-context gitlab-k8s-cluster fi kubectl config set-context --current --namespace="$namespace" kubectl config set-context --current --namespace="$k8s_namespace" # finally test connection and dump versions kubectl ${TRACE+-v=5} version Loading Loading @@ -398,12 +398,12 @@ stages: fi } function deploy() { export environment_type=$1 export environment_name=$2 environment_url=$3 function k8s_deploy() { export environment_type=$ENV_TYPE export environment_name=${ENV_APP_NAME:-${K8S_BASE_APP_NAME}${ENV_APP_SUFFIX}} environment_url=${ENV_URL:-${K8S_ENVIRONMENT_URL:-$ENV_URL_LEGACY}} # also export environment_name in SCREAMING_SNAKE_CASE format (may be useful with Kubernetes env variables) environment_name_ssc=$(to_ssc "$2") environment_name_ssc=$(to_ssc "$environment_name") export environment_name_ssc # for backward compatibility Loading Loading @@ -481,11 +481,11 @@ stages: } function rollback() { export environment_type=$1 export environment_name=$2 export environment_type=${1:-$ENV_TYPE} export environment_name=${2:-${ENV_APP_NAME:-${K8S_BASE_APP_NAME}${ENV_APP_SUFFIX}}} environment_url=$3 # also export environment_name in SCREAMING_SNAKE_CASE format (may be useful with Kubernetes env variables) environment_name_ssc=$(to_ssc "$2") environment_name_ssc=$(to_ssc "$environment_name") export environment_name_ssc # for backward compatibility Loading Loading @@ -531,11 +531,11 @@ stages: fi } function cleanup() { export environment_type=$1 export environment_name=$2 function k8s_cleanup() { export environment_type=$ENV_TYPE export environment_name=${ENV_APP_NAME:-${K8S_BASE_APP_NAME}${ENV_APP_SUFFIX}} # also export environment_name in SCREAMING_SNAKE_CASE format (may be useful with Kubernetes env variables) environment_name_ssc=$(to_ssc "$2") environment_name_ssc=$(to_ssc "$environment_name") export environment_name_ssc # for backward compatibility Loading Loading @@ -583,8 +583,8 @@ stages: fi } function score() { export environment_type=$1 function k8s_score() { export environment_type=$ENV_TYPE if [[ "$K8S_KUSTOMIZE_ENABLED" == "true" ]] then kustofile=$(ls -1 "$K8S_SCRIPTS_DIR/${environment_type}/kustomization.yml" 2>/dev/null || ls -1 "$K8S_SCRIPTS_DIR/${environment_type}/kustomization.yaml" 2>/dev/null || ls -1 "$K8S_SCRIPTS_DIR/kustomization.yml" 2>/dev/null || ls -1 "$K8S_SCRIPTS_DIR/kustomization.yaml" 2>/dev/null || echo "") Loading Loading @@ -641,7 +641,7 @@ k8s-score: name: $K8S_KUBE_SCORE_IMAGE entrypoint: [""] script: - score "$ENV_TYPE" - k8s_score parallel: matrix: - ENV_TYPE: review Loading Loading @@ -696,9 +696,9 @@ k8s-score: - *k8s-scripts - install_ca_certs "${CUSTOM_CA_CERTS:-$DEFAULT_CA_CERTS}" - assert_defined "${ENV_SPACE:-$K8S_SPACE}" 'Missing required env $ENV_SPACE or $K8S_SPACE' - login "$ENV_TYPE" "${ENV_API_URL:-$K8S_URL}" "${ENV_CA_CERT:-$K8S_CA_CERT}" "${ENV_TOKEN:-$K8S_TOKEN}" "${ENV_SPACE:-$K8S_SPACE}" "${ENV_KUBE_CONFIG:-${K8S_DEFAULT_KUBE_CONFIG}}" - k8s_login script: - deploy "$ENV_TYPE" "${ENV_APP_NAME:-${K8S_BASE_APP_NAME}${ENV_APP_SUFFIX}}" "${ENV_URL:-${K8S_ENVIRONMENT_URL:-$ENV_URL_LEGACY}}" - k8s_deploy artifacts: name: "$ENV_TYPE env url for $CI_PROJECT_NAME on $CI_COMMIT_REF_SLUG" when: always Loading Loading @@ -732,9 +732,9 @@ k8s-score: - *k8s-scripts - install_ca_certs "${CUSTOM_CA_CERTS:-$DEFAULT_CA_CERTS}" - assert_defined "${ENV_SPACE:-$K8S_SPACE}" 'Missing required env $ENV_SPACE or $K8S_SPACE' - login "$ENV_TYPE" "${ENV_API_URL:-$K8S_URL}" "${ENV_CA_CERT:-$K8S_CA_CERT}" "${ENV_TOKEN:-$K8S_TOKEN}" "${ENV_SPACE:-$K8S_SPACE}" "${ENV_KUBE_CONFIG:-${K8S_DEFAULT_KUBE_CONFIG}}" - k8s_login script: - cleanup "$ENV_TYPE" ${ENV_APP_NAME:-${K8S_BASE_APP_NAME}${ENV_APP_SUFFIX}} - k8s_cleanup environment: action: stop Loading
