Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/mamezou-tech/concourse-k8s-resource
Concourse kubernetes resource
https://github.com/mamezou-tech/concourse-k8s-resource
concourse concourse-resource continuous-delivery kubernetes kubernetes-deployment
Last synced: about 1 month ago
JSON representation
Concourse kubernetes resource
- Host: GitHub
- URL: https://github.com/mamezou-tech/concourse-k8s-resource
- Owner: mamezou-tech
- License: mit
- Created: 2019-12-21T05:49:43.000Z (about 5 years ago)
- Default Branch: master
- Last Pushed: 2020-12-20T02:24:00.000Z (about 4 years ago)
- Last Synced: 2024-06-19T18:12:20.846Z (6 months ago)
- Topics: concourse, concourse-resource, continuous-delivery, kubernetes, kubernetes-deployment
- Language: Go
- Homepage:
- Size: 158 KB
- Stars: 7
- Watchers: 2
- Forks: 2
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# concourse-k8s-resource
[](https://goreportcard.com/report/github.com/mamezou-tech/concourse-k8s-resource)
Concourse CI custom resource for kubernetes.
This resource assumes that kubernetes deployment is executed by plain manifests(`kubectl apply -f`) or Kustomize(`kubectl apply -k`).
In addition to deploy(`kubectl apply`) operation, it also supports delete(`kubectl delete`) and undo(`kubectl rollout undo`) operations.
This resource has been tested on kubernetes v1.20.1 and concourse v6.7.2.
## Source Configuration
* **`api_server_url`** - Kubernetes API Server URL. (e.g. `https://172.16.10.11:6443`)
* `api_server_cert` - Kubernetes api server certificate.
* `client_cert` - Client certificate that authenticated to access cluster, if specified, `clusterKey` is required.
* `client_key` - Client key corresponding to `client_cert`.
* `client_token` - Kubernetes ServiceAccount token. Required when accessing a cluster with ServiceAccount(neither `client_cert` nor `client_key`).
* `kubeconfig` - Contents of kubecofig(YAML). if specified, other auth settings(including `api_server_url`) are ignored.
* `skip_tls_verify` - true if you want to skip TLS verification.
* `namespace` - Name of target kubernetes namespace. if not specified, `default` is used.
## Behavior
### `check`
Triggers when the watched resources is updated.
The Revision consists of namespace, resource name, and revision(Deployment or StatefulSet resource).
Multiple resources are combined with `+`.
Example version format : `dev:app1:100+dev:app2:50+dev:app3:10`.
### `in`
Retrieves the watched resource's version and writes to `version` file.
### `out`
Deploys the watched resources to kubernetes using plain manifests or Kustomize overlays. After deployed, wait for the specified time to complete.
* **`paths`** - kubernetes manifest paths(array). plain manifests path(e.g. `k8s/deployment.yaml`) or kustomize directory(e.g. `repo/overlays/prod`)
* `kustomize` - true if deploying by kustomize. Default to `false`.
* `status_check_timeout` - The time(seconds) to wait for deployment to complete. Default to 5 minutes.
* `command_timeout` - The time(seconds) to wait for kubectl apply or delete. Default to unlimited(0).
* `diff` - true if using `kubectl diff`. Default to `false`.
* `server_dry_run` - true if using `kubectl apply --dry-run=server`. Default to `false`.
* `delete` - true if using `kubectl delete` operation. Default to `false`.
* `undo` - true if using `kubectl rollout undo` operation(target resources are `watchedResources`). Default to `false`.
## Example
See full configuration example [here](./test/test-pipeline.yaml).
### `resource_types`
```yaml
resource_types:
- name: k8s
type: docker-image
source:
repository: kudohn/concourse-k8s-resource
tag: 0.0.8
```
### `resources`
```yaml
resources:
- name: k8s
type: k8s
source:
api_server_url: https://172.16.10.11:6443
api_server_cert: |
-----BEGIN CERTIFICATE-----
....
-----END CERTIFICATE-----
# use client certificate
client_cert: |
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
client_key: |
-----BEGIN PRIVATE KEY-----
...
-----END PRIVATE KEY-----
# or use service account token
client_token: ....
# or use kubeconfig
kubeconfig: |
apiVersion: v1
kind: Config
clusters:
- cluster:
....
contexts:
....
current-context: ...
users:
- name: concourse
user:
...
skip_tls_verify: false
namespace: dev
# watched resources(deployment or statefulset is supported)
watch_resources:
- name: app1
kind: Deployment
- name: app2
kind: Deployment
- name: web
kind: StatefulSet
```
### `put`
#### Deploy resources using plain k8s manifests
```yaml
jobs:
- name: deploy-app
plan:
- get: repo
- put: k8s
params:
status_check_timeout: 60
command_timeout: 30
paths:
- repo/test/plain/deploy1.yaml
- repo/test/plain/deploy2.yaml
- repo/test/plain/sts.yaml
```
#### Deploy resources using Kustomize manifests
```yaml
jobs:
- name: deploy-app
plan:
- get: repo
- put: k8s
params:
kustomize: true
status_check_timeout: 60
command_timeout: 30
paths:
- repo/test/kustomize/overlays/prod
```
#### Undo Resources
```yaml
jobs:
- name: deploy-app
plan:
- get: repo
- put: k8s
params:
undo: true
```
#### Deploy resources with server-dry-run
```yaml
jobs:
- name: deploy-app
plan:
- get: repo
- put: k8s
params:
paths:
- repo/test/kustomize/overlays/prod
server_dry_run: true
```
#### Diff Resources manifests
```yaml
jobs:
- name: deploy-app
plan:
- get: repo
- put: k8s
params:
paths:
- repo/test/kustomize/overlays/prod
diff: true
```
#### Delete Resources
```yaml
jobs:
- name: deploy-app
plan:
- get: repo
- put: k8s
params:
delete: true
```
## License
[MIT License](./LICENSE)