All Projects → honestbee → Drone Kubernetes

honestbee / Drone Kubernetes

Licence: gpl-3.0
A drone plugin to update a deployment on a kubernetes cluster

Programming Languages

shell
77523 projects

Projects that are alternatives of or similar to Drone Kubernetes

deploy-drone
Deploy Drone CI to enable continuous integration ⚡️ on your product
Stars: ✭ 88 (-23.48%)
Mutual labels:  drone, deployment
Doctr
A tool for automatically deploying docs from Travis CI to GitHub pages.
Stars: ✭ 110 (-4.35%)
Mutual labels:  deployment
Phploy
PHPloy - Incremental Git (S)FTP deployment tool that supports multiple servers, submodules and rollbacks.
Stars: ✭ 1,365 (+1086.96%)
Mutual labels:  deployment
Laravel Deployer
🚀 Zero-downtime deployment out-of-the-box
Stars: ✭ 1,536 (+1235.65%)
Mutual labels:  deployment
Flight review
web application for flight log analysis & review
Stars: ✭ 101 (-12.17%)
Mutual labels:  drone
Seldon Server
Machine Learning Platform and Recommendation Engine built on Kubernetes
Stars: ✭ 1,435 (+1147.83%)
Mutual labels:  deployment
Nitro Demo
nuxt nitro preview
Stars: ✭ 100 (-13.04%)
Mutual labels:  deployment
Ecs Formation
Tool to build Docker cluster composition for Amazon EC2 Container Service(ECS)
Stars: ✭ 114 (-0.87%)
Mutual labels:  deployment
Json Serverless
Transform a JSON file into a serverless REST API in AWS cloud
Stars: ✭ 108 (-6.09%)
Mutual labels:  deployment
Deliverybot
Fast, safe and secure Continous Delivery pipelines you can setup in minutes.
Stars: ✭ 107 (-6.96%)
Mutual labels:  deployment
Terraform Multienv
A template for maintaining a multiple environments infrastructure with Terraform. This template includes a CI/CD process, that applies the infrastructure in an AWS account.
Stars: ✭ 107 (-6.96%)
Mutual labels:  drone
Gaas
Generalized Aviation: Open source autonomous aviation software platform, designed for fully autonomous drones and flying cars.
Stars: ✭ 1,377 (+1097.39%)
Mutual labels:  drone
Snowflake
Graphical SFTP client and terminal emulator with helpful utilities
Stars: ✭ 1,676 (+1357.39%)
Mutual labels:  deployment
Windowsagent
OCS Inventory NG Agent for Windows
Stars: ✭ 100 (-13.04%)
Mutual labels:  deployment
Paratrooper
Library for creating tasks that deploy to Heroku
Stars: ✭ 110 (-4.35%)
Mutual labels:  deployment
Team Container
A collection of containers to prepare a server for collaboration.
Stars: ✭ 100 (-13.04%)
Mutual labels:  deployment
Psykube
A faster way to deploy to Kubernetes!
Stars: ✭ 104 (-9.57%)
Mutual labels:  deployment
Github Pages Deploy Action
Automatically deploy your project to GitHub Pages using GitHub Actions. This action can be configured to push your production-ready code into any branch you'd like.
Stars: ✭ 2,507 (+2080%)
Mutual labels:  deployment
Installer
A modular, a-la-carte installer for Istio components. MOVED to https://github.com/istio/istio/tree/master/manifests
Stars: ✭ 115 (+0%)
Mutual labels:  deployment
Ezmomi
cli tool for common VMware vSphere tasks
Stars: ✭ 112 (-2.61%)
Mutual labels:  deployment

Kubernetes plugin for drone.io Docker Repository on Quay

This plugin allows to update a Kubernetes deployment.

Usage

This pipeline will update the my-deployment deployment with the image tagged DRONE_COMMIT_SHA:0:8

    pipeline:
        deploy:
            image: quay.io/honestbee/drone-kubernetes
            deployment: my-deployment
            repo: myorg/myrepo
            container: my-container
            tag: 
                - mytag
                - latest

Deploying containers across several deployments, eg in a scheduler-worker setup. Make sure your container name in your manifest is the same for each pod.

    pipeline:
        deploy:
            image: quay.io/honestbee/drone-kubernetes
            deployment: [server-deploy, worker-deploy]
            repo: myorg/myrepo
            container: my-container
            tag:                 
                - mytag
                - latest

Deploying multiple containers within the same deployment.

    pipeline:
        deploy:
            image: quay.io/honestbee/drone-kubernetes
            deployment: my-deployment
            repo: myorg/myrepo
            container: [container1, container2]
            tag:                 
                - mytag
                - latest

NOTE: Combining multi container deployments across multiple deployments is not recommended

This more complex example demonstrates how to deploy to several environments based on the branch, in a app namespace

    pipeline:
        deploy-staging:
            image: quay.io/honestbee/drone-kubernetes
            kubernetes_server: ${KUBERNETES_SERVER_STAGING}
            kubernetes_cert: ${KUBERNETES_CERT_STAGING}
            kubernetes_token: ${KUBERNETES_TOKEN_STAGING}
            deployment: my-deployment
            repo: myorg/myrepo
            container: my-container
            namespace: app
            tag:                 
                - mytag
                - latest
            when:
                branch: [ staging ]

        deploy-prod:
            image: quay.io/honestbee/drone-kubernetes
            kubernetes_server: ${KUBERNETES_SERVER_PROD}
            kubernetes_token: ${KUBERNETES_TOKEN_PROD}
            # notice: no tls verification will be done, warning will is printed
            deployment: my-deployment
            repo: myorg/myrepo
            container: my-container
            namespace: app
            tag:                 
                - mytag
                - latest
            when:
                branch: [ master ]

Required secrets

    drone secret add --image=honestbee/drone-kubernetes \
        your-user/your-repo KUBERNETES_SERVER https://mykubernetesapiserver

    drone secret add --image=honestbee/drone-kubernetes \
        your-user/your-repo KUBERNETES_CERT <base64 encoded CA.crt>

    drone secret add --image=honestbee/drone-kubernetes \
        your-user/your-repo KUBERNETES_TOKEN eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJrdWJ...

When using TLS Verification, ensure Server Certificate used by kubernetes API server is signed for SERVER url ( could be a reason for failures if using aliases of kubernetes cluster )

How to get token

  1. After deployment inspect you pod for name of (k8s) secret with token and ca.crt
kubectl describe po/[ your pod name ] | grep SecretName | grep token

(When you use default service account)

  1. Get data from you (k8s) secret
kubectl get secret [ your default secret name ] -o yaml | egrep 'ca.crt:|token:'
  1. Copy-paste contents of ca.crt into your drone's KUBERNETES_CERT secret
  2. Decode base64 encoded token
echo [ your k8s base64 encoded token ] | base64 -d && echo''
  1. Copy-paste decoded token into your drone's KUBERNETES_TOKEN secret

RBAC

When using a version of kubernetes with RBAC (role-based access control) enabled, you will not be able to use the default service account, since it does not have access to update deployments. Instead, you will need to create a custom service account with the appropriate permissions (Role and RoleBinding, or ClusterRole and ClusterRoleBinding if you need access across namespaces using the same service account).

As an example (for the web namespace):

apiVersion: v1
kind: ServiceAccount
metadata:
  name: drone-deploy
  namespace: web

---

apiVersion: rbac.authorization.k8s.io/v1beta1
kind: Role
metadata:
  name: drone-deploy
  namespace: web
rules:
  - apiGroups: ["extensions"]
    resources: ["deployments"]
    verbs: ["get","list","patch","update"]

---

apiVersion: rbac.authorization.k8s.io/v1beta1
kind: RoleBinding
metadata:
  name: drone-deploy
  namespace: web
subjects:
  - kind: ServiceAccount
    name: drone-deploy
    namespace: web
roleRef:
  kind: Role
  name: drone-deploy
  apiGroup: rbac.authorization.k8s.io

Once the service account is created, you can extract the ca.cert and token parameters as mentioned for the default service account above:

kubectl -n web get secrets
# Substitute XXXXX below with the correct one from the above command
kubectl -n web get secret/drone-deploy-token-XXXXX -o yaml | egrep 'ca.crt:|token:'

To do

Replace the current kubectl bash script with a go implementation.

Special thanks

Inspired by drone-helm.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].