{"id":18929645,"url":"https://github.com/thecodingmachine/k8s-gitlabci","last_synced_at":"2025-08-13T18:35:30.429Z","repository":{"id":53076198,"uuid":"144960687","full_name":"thecodingmachine/k8s-gitlabci","owner":"thecodingmachine","description":null,"archived":false,"fork":false,"pushed_at":"2021-04-07T21:21:56.000Z","size":52,"stargazers_count":2,"open_issues_count":1,"forks_count":3,"subscribers_count":7,"default_branch":"master","last_synced_at":"2025-04-11T18:59:49.064Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/thecodingmachine.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-08-16T08:37:13.000Z","updated_at":"2020-04-13T13:28:18.000Z","dependencies_parsed_at":"2022-09-10T04:33:15.811Z","dependency_job_id":null,"html_url":"https://github.com/thecodingmachine/k8s-gitlabci","commit_stats":null,"previous_names":[],"tags_count":6,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/thecodingmachine%2Fk8s-gitlabci","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/thecodingmachine%2Fk8s-gitlabci/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/thecodingmachine%2Fk8s-gitlabci/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/thecodingmachine%2Fk8s-gitlabci/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/thecodingmachine","download_url":"https://codeload.github.com/thecodingmachine/k8s-gitlabci/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":249097878,"owners_count":21212366,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-08T11:34:08.773Z","updated_at":"2025-04-15T15:31:08.634Z","avatar_url":"https://github.com/thecodingmachine.png","language":"PHP","funding_links":[],"categories":[],"sub_categories":[],"readme":"# K8S Gitlab-CI\n\nA Kubectl image bundled with the Google Cloud console.\n\nImage on Docker hub: [thecodingmachine/k8s-gitlabci](https://hub.docker.com/r/thecodingmachine/k8s-gitlabci)\n\nIt also feature useful scripts to easily create secrets and a script to delete images in Gitlab Registry.\n\n## Connecting to a GCloud environment\n\nYou can automate connection to a GKE cluster by setting these environment variables:\n\n- GCLOUD_SERVICE_KEY\n- GCLOUD_PROJECT\n- GCLOUD_ZONE\n- GKE_CLUSTER\n\nThen, simply call:\n \n```bash\n# connect\n```\n\nOr if you want to connect automatically on container startup, set the environment variable:\n\n- AUTOCONNECT=1\n\n## Connecting to a \"standard\" environment\n\nIf a \"kubeconfig\" file is enough to connect to your environement, you can automate connection to your cluster\nby setting the `KUBE_CONFIG_FILE` environment variable.\n\n- KUBE_CONFIG_FILE should contain the content of the *kubeconfig* file.\n\nThen, simply call:\n \n```bash\n# connect\n```\n\nOr if you want to connect automatically on container startup, set the environment variable:\n\n- AUTOCONNECT=1\n\n## Creating secrets from CI environment variables\n\nAny environment variable starting with \"K8S_SECRET_\" in Gilab can be ported to a Kubernetes secret.\n\nUsage:\n\n```bash\n$ kutils secret:create --name=my_secrets_name \u003e secret.yaml\n```\n\nIf you want to change the prefix (for instance to get all environment variables starting with \"K8S_DB_SECRET_\"), use:\n\n```bash\n$ kutils secret:create --name=my_secrets_name --prefix=K8S_DB_SECRET_ \u003e secret.yaml\n```\n\n## Adding a secret a a secrets YAML file\n\nIf you already have a secrets YAML file and you want to edit it, you can use the `secret:add` command.\n\n\nUsage:\n\n```bash\n$ kutils secret:add secret.yaml --secret-name=DB_PASSWORD --secret-value=foobar [--name=my-secrets]\n```\n\nThe \"--name\" is optional and can be used to specify the name of the secret resource to edit (in case your YAML file contains multiple documents with multiple secrets).\n\nYou can also ask `secret:add` to populate the secret from the content of an environment variable:\n\n```bash\n$ kutils secret:add secret.yaml --secret-name=DB_PASSWORD --secret-value-from-env=MYSQL_PASSWORD\n```\n\nIn the example above, the `$MYSQL_PASSWORD` environment variable will be turned in a secret whose name is \"DB_PASSWORD\".\n\n## Editing the host in an Ingress file\n\nYou can change the \"host\" of an Ingress file with a single command:\n\n```bash\n$ kutils ingress:edit-host ingress.yaml https://example.com\n```\n\nIf your file contains many Ingresses, or if your Ingress contains many rules with many hosts, use:\n\n```bash\n$ kutils ingress:edit-host ingress.yaml  https://example.com --ingress-name=my-ingress --host-position=0\n```\n\n## Deleting images\n\nOut of the box, there is no easy way to delete a special tag of a given image in the Gitlab registry (as of version 10.8).\n\nThis image provides a simple script that enables you to delete images easily.\n \n## Why?\n\nIf you want to do continuous deployment, it is not uncommon to build one image per pipeline in Gitlab. You will typically\ntag all your images using the commit SHA or the branch name. You will soon end up having a lot of images in your Gitlab \nregistry. Docker images are big, and disk-space is finite so at some point, you will need to have a mechanism to \nautomatically delete an image when it is no more needed.\n\nAs it turns out, deleting an image is surprisingly difficult, due to a number of outstanding issues:\n\n - [#20176 - Provide a programmatic method to delete images/tags from the registry](https://gitlab.com/gitlab-org/gitlab-ce/issues/20176)\n - [#21608 - Container Registry API](https://gitlab.com/gitlab-org/gitlab-ce/issues/21608)\n - [#25322 - Create a mechanism to clean up old container image revisions](https://gitlab.com/gitlab-org/gitlab-ce/issues/25322)\n - [#28970 - Delete from registry images for merged branches](https://gitlab.com/gitlab-org/gitlab-ce/issues/28970)\n - [#39490 - Allow to bulk delete docker images](https://gitlab.com/gitlab-org/gitlab-ce/issues/39490)\n - [#40096 - pipeline user $CI_REGISTRY_USER lacks permission to delete its own images](https://gitlab.com/gitlab-org/gitlab-ce/issues/40096)\n\nThis image is here to help.\n\n## Usage\n\nYou will typically use this image in your `.gitlab-ci.yml` file.\n\n**.gitlab-ci.yml**\n```yml\ndelete_image:\n  stage: cleanup\n  image: thecodingmachine/k8s-gitlabci:latest\n  script:\n    - /delete_image.sh registry.gitlab.mycompany.com/path/to/image:$CI_COMMIT_REF_NAME\n  when: manual\n  environment:\n    name: review/$CI_COMMIT_REF_NAME\n    action: stop\n  only:\n  - branches\n  except:\n  - master\n```\n\nThe `/delete_image.sh` script takes one single argument: the full path to the image to be deleted (including the tag).\n\n**Important**: for the script to work, you must add a \"Secret variable\" in Gitlab CI named `CI_ACCOUNT`.\nThis variable must be in the form `[user]:[password]` where [user] is a Gitlab user that has access to the registry\nand [password] is the Gitlab password of the user. This can be regarded obviously as a security issue if you don't trust\nall developers who have access to the CI environment (as they will be able to \"echo\" this secret variable).\n\nThis is needed because the default Gitlab registry token available to the CI does not have the rights to delete\nan image by default. An issue is opened in Gitlab to fix this issue: [#39490 - Allow to bulk delete docker images](https://gitlab.com/gitlab-org/gitlab-ce/issues/39490)\n\n## Special thanks\n\nAll the hard work has been done by [Alessandro Lai](https://engineering.facile.it/blog/eng/continuous-deployment-from-gitlab-ci-to-k8s-using-docker-in-docker/#the-scary-part-deleting-docker-images)\nand [Vincent Composieux](https://gitlab.com/gitlab-org/gitlab-ce/issues/21608#note_53674456).\n\nI've only put your ideas in a Docker image.\n\n## Miscellaneous\n\nThis image also contains `kubectl` (the command line tool for Kubernetes) that can be useful to perform cleanup actions\nin a Kubernetes cluster.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fthecodingmachine%2Fk8s-gitlabci","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fthecodingmachine%2Fk8s-gitlabci","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fthecodingmachine%2Fk8s-gitlabci/lists"}