Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/topfreegames/flux-gitlab-controller
Flux k8s controller to sync gitlab deploy keys
https://github.com/topfreegames/flux-gitlab-controller
flux fluxcd gitlab kubernetes kubernetes-controller
Last synced: about 1 month ago
JSON representation
Flux k8s controller to sync gitlab deploy keys
- Host: GitHub
- URL: https://github.com/topfreegames/flux-gitlab-controller
- Owner: topfreegames
- Created: 2020-05-05T14:08:10.000Z (over 4 years ago)
- Default Branch: master
- Last Pushed: 2023-03-09T15:41:08.000Z (almost 2 years ago)
- Last Synced: 2024-08-05T08:09:14.995Z (5 months ago)
- Topics: flux, fluxcd, gitlab, kubernetes, kubernetes-controller
- Language: Go
- Size: 49.8 KB
- Stars: 14
- Watchers: 11
- Forks: 1
- Open Issues: 3
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Flux gitlab controller
This repository implements a simple controller for watching Secrets created by gitlab and calling the API to update the deploy keys the specified repo
**Note:** go-get or vendor this package as `github.com/topfreegames/flux-gitlab-controller`.
## Details
The sample controller uses [client-go library](https://github.com/kubernetes/client-go/tree/master/tools/cache) extensively.
## Running
**Prerequisite**: Since the controller uses `apps/v1` deployments, the Kubernetes cluster version should be greater than 1.9.
```sh
# assumes you have a working kubeconfig, not required if operating in-cluster
go build
./flux-gitlab-controller -gitlab-token $TOKEN -kubeconfig=$HOME/.kube/config# create a flux secret with the corresponding `fluxcd.io/git-url` and `fluxcd.io/sync-gc-mark` marks
kubectl create -f artifacts/examples/flux_secret.yaml# Check that the fluxcd.io/deployKeyId has been created in the secret and that the repo contains
# the associated deployment key
kubectl get secret -o yaml flux-git-deploy
```You can also set the `gitlab-token` through the GITLAB_TOKEN env variable if you need an extra
layer of security on provisioning secrets to the controller
## What happens if someone removes the deployment key from the application repo?In that case, this controller won't re-create the key as we're not constantly checking for deleted keys to avoid
putting too much pressure to the gitlab api.In order for flux to re-create the key, the fluxcd.io/deployKeyId annotation needs to be removed
from the secret so flux realizes that the secret is not synched and will recreate the appropriate key