2020-01-24 14:30:27 +01:00
metadata :
name : kubernetesDeploy
2020-07-29 11:21:32 +02:00
aliases :
- name : deployToKubernetes
deprecated : true
2020-01-24 14:30:27 +01:00
description : Deployment to Kubernetes test or production namespace within the specified Kubernetes cluster.
longDescription : |-
Deployment to Kubernetes test or production namespace within the specified Kubernetes cluster.
!!! note "Deployment supports multiple deployment tools"
Currently the following are supported :
* [ Helm](https://helm.sh/) command line tool and [Helm Charts](https://docs.helm.sh/developing_charts/#charts).
* [ kubectl](https://kubernetes.io/docs/reference/kubectl/overview/) and `kubectl apply` command.
## Helm
Following helm command will be executed by default :
```
helm upgrade <deploymentName> <chartPath> --install --force --namespace <namespace> --wait --timeout <helmDeployWaitSeconds> --set "image.repository=<yourRegistry>/<yourImageName>,image.tag=<yourImageTag>,secret.dockerconfigjson=<dockerSecret>,ingress.hosts[0]=<ingressHosts[0]>,,ingress.hosts[1]=<ingressHosts[1]>,...
```
* `yourRegistry` will be retrieved from `containerRegistryUrl`
* `yourImageName`, `yourImageTag` will be retrieved from `image`
2022-01-11 11:30:40 +01:00
* `dockerSecret` will be calculated with a call to `kubectl create secret generic <containerRegistrySecret> --from-file=.dockerconfigjson=<dockerConfigJson> --type=kubernetes.io/dockerconfigjson --insecure-skip-tls-verify=true --dry-run=client --output=json`
2020-01-24 14:30:27 +01:00
spec :
inputs :
secrets :
- name : kubeConfigFileCredentialsId
2020-09-23 13:22:51 +02:00
description : Jenkins 'Secret file' credentials ID containing kubeconfig file. Details can be found in the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/organize-cluster-access-kubeconfig/).
2020-08-06 11:23:36 +02:00
aliases :
- name : kubeCredentialsId
deprecated : true
2020-01-24 14:30:27 +01:00
type : jenkins
- name : kubeTokenCredentialsId
2020-09-23 13:22:51 +02:00
description : Jenkins 'Secret text' credentials ID containing token to authenticate to Kubernetes. This is an alternative way to using a kubeconfig file. Details can be found in the [Kubernetes documentation](https://kubernetes.io/docs/reference/access-authn-authz/authentication/).
2020-08-06 11:23:36 +02:00
aliases :
- name : k8sTokenCredentialsId
deprecated : true
2020-01-24 14:30:27 +01:00
type : jenkins
- name : dockerCredentialsId
type : jenkins
2021-06-11 10:41:03 +02:00
- name : dockerConfigJsonCredentialsId
description : Jenkins 'Secret file' credentials ID containing Docker config.json (with registry credential(s)).
type : jenkins
2022-06-29 12:00:37 +02:00
- name : githubTokenCredentialsId
description : Jenkins credentials ID containing the github token.
type : jenkins
2020-01-24 14:30:27 +01:00
resources :
- name : deployDescriptor
type : stash
2022-09-23 17:46:05 +06:00
- name : downloadedArtifact
type : stash
2020-01-24 14:30:27 +01:00
params :
- name : additionalParameters
aliases :
- name : helmDeploymentParameters
2020-08-31 16:10:28 +02:00
type : "[]string"
2021-10-05 00:24:26 +02:00
description : Defines additional parameters for "helm install" or "kubectl apply" command.
2020-01-24 14:30:27 +01:00
scope :
- PARAMETERS
- STAGES
- STEPS
- name : apiServer
aliases :
- name : k8sAPIServer
type : string
description : Defines the Url of the API Server of the Kubernetes cluster.
scope :
- GENERAL
- PARAMETERS
- STAGES
- STEPS
- name : appTemplate
aliases :
- name : k8sAppTemplate
type : string
2022-03-08 14:52:43 +01:00
description : Defines the filename for the kubernetes app template (e.g. k8s_apptemplate.yaml).
longDescription : |
There are two supported ways for the template rendering :
1 . For a deployments using single image, you can use a placeholder `<image-name>`, which will be replaced with the image GUN.
```
apiVersion : apps/v1
kind : Deployment
metadata :
name : app
labels :
app : app
spec :
replicas : 3
selector :
matchLabels :
app : app
template :
metadata :
labels :
app : app
spec :
containers :
- name : app
image : <image-name>
```
2 . Helm styled templates, with the support for multi-image deployments.
```
apiVersion : apps/v1
kind : Deployment
metadata :
name : app
labels :
app : app
spec :
replicas : 3
selector :
matchLabels :
app : app
template :
metadata :
labels :
app : app
spec :
containers :
- name : app-1
image : "{{ .Values.image.repository}}:{{ .Values.image.tag }}"
- name : app-2
image : "{{ .Values.image.app_2.repository}}:{{ .Values.image.app_2.tag }}"
```
2020-01-24 14:30:27 +01:00
scope :
- PARAMETERS
- STAGES
- STEPS
- name : chartPath
aliases :
- name : helmChartPath
type : string
2021-03-25 12:26:44 +01:00
description : Defines the chart path for deployments using helm. It is a mandatory parameter when `deployTool:helm` or `deployTool:helm3`.
2020-01-24 14:30:27 +01:00
scope :
2023-09-07 11:36:59 +02:00
- GENERAL
2020-01-24 14:30:27 +01:00
- PARAMETERS
- STAGES
- STEPS
2022-08-25 17:12:13 +06:00
resourceRef :
- name : commonPipelineEnvironment
param : custom/localHelmChartPath
2020-01-24 14:30:27 +01:00
- name : containerRegistryPassword
description : Password for container registry access - typically provided by the CI/CD environment.
type : string
scope :
- PARAMETERS
- STAGES
- STEPS
2020-04-16 14:37:45 +02:00
secret : true
2020-08-28 15:38:15 +02:00
resourceRef :
- name : dockerCredentialsId
type : secret
param : password
2022-03-17 08:01:00 +01:00
- name : commonPipelineEnvironment
param : container/repositoryPassword
2021-12-02 12:18:21 +01:00
- name : commonPipelineEnvironment
param : custom/repositoryPassword
2021-10-08 14:58:32 +02:00
- name : containerImageName
aliases :
- name : dockerImageName
type : string
description : Name of the container which will be built - will be used together with `containerImageTag` instead of parameter `containerImage`
scope :
- GENERAL
- PARAMETERS
- STAGES
- STEPS
- name : containerImageTag
aliases :
- name : artifactVersion
type : string
description : Tag of the container which will be built - will be used together with `containerImageName` instead of parameter `containerImage`
scope :
- GENERAL
- PARAMETERS
- STAGES
- STEPS
resourceRef :
- name : commonPipelineEnvironment
param : artifactVersion
2020-01-24 14:30:27 +01:00
- name : containerRegistryUrl
aliases :
- name : dockerRegistryUrl
type : string
2020-07-29 15:48:55 +02:00
description : http(s) url of the Container registry where the image to deploy is located.
resourceRef :
2020-08-31 16:10:28 +02:00
- name : commonPipelineEnvironment
param : container/registryUrl
2020-01-24 14:30:27 +01:00
scope :
- GENERAL
- PARAMETERS
- STAGES
- STEPS
mandatory : true
- name : containerRegistryUser
description : Username for container registry access - typically provided by the CI/CD environment.
type : string
scope :
- PARAMETERS
- STAGES
- STEPS
2020-04-16 14:37:45 +02:00
secret : true
2020-08-28 15:38:15 +02:00
resourceRef :
- name : dockerCredentialsId
type : secret
param : username
2022-03-17 08:01:00 +01:00
- name : commonPipelineEnvironment
param : container/repositoryUsername
2021-12-02 12:18:21 +01:00
- name : commonPipelineEnvironment
param : custom/repositoryUsername
2020-01-24 14:30:27 +01:00
- name : containerRegistrySecret
description : Name of the container registry secret used for pulling containers from the registry.
2020-08-18 07:32:36 +02:00
longDescription : |-
Name of the container registry secret used for pulling containers from the registry.
**For `deployTool : helm/helm3`:**<br />
If `containerRegistryUser` and `containerRegistryPassword` are provided, a secret is created on the fly and the information is passed to the helm template.<br />
**For `deployTool : kubectl`:**<br />
2022-01-11 11:30:40 +01:00
If `containerRegistryUser` and `containerRegistryPassword` are provided, a secret with the given name will be created in the Kubernetes cluster.
If neither `containerRegistryUser` nor `containerRegistryPassword` are provided, it is expected that a secret with the configured name exists in the target Kubernetes cluster.<br />
2020-01-24 14:30:27 +01:00
type : string
scope :
- PARAMETERS
- STAGES
- STEPS
default : regsecret
- name : createDockerRegistrySecret
type : bool
2020-08-18 07:32:36 +02:00
description : "Only for `deployTool:kubectl`: Toggle to turn on `containerRegistrySecret` creation."
2020-01-24 14:30:27 +01:00
scope :
- PARAMETERS
- STAGES
- STEPS
default : false
- name : deploymentName
aliases :
- name : helmDeploymentName
type : string
2021-03-25 12:26:44 +01:00
description : Defines the name of the deployment. It is a mandatory parameter when `deployTool:helm` or `deployTool:helm3`.
2020-01-24 14:30:27 +01:00
scope :
- PARAMETERS
- STAGES
- STEPS
- name : deployTool
type : string
description : Defines the tool which should be used for deployment.
mandatory : true
scope :
- PARAMETERS
- STAGES
- STEPS
default : kubectl
2020-04-24 04:37:11 -03:00
possibleValues :
- kubectl
- helm
- helm3
2021-01-07 16:52:16 +01:00
- name : forceUpdates
2021-11-04 14:11:31 +01:00
aliases :
- name : force
2021-01-07 16:52:16 +01:00
type : bool
2021-11-04 14:11:31 +01:00
description : "Adds `--force` flag to a helm resource update command or to a kubectl replace command"
2021-01-07 16:52:16 +01:00
mandatory : false
scope :
- PARAMETERS
- STAGES
- STEPS
default : true
2020-01-24 14:30:27 +01:00
- name : helmDeployWaitSeconds
type : int
description : Number of seconds before helm deploy returns.
scope :
- PARAMETERS
- STAGES
- STEPS
default : 300
2023-04-24 14:58:24 +02:00
- name : helmTestWaitSeconds
type : int
description : Number of seconds to wait for any individual Kubernetes operation (like Jobs for hooks). See https://helm.sh/docs/helm/helm_test/#options for further details
scope :
- PARAMETERS
- STAGES
- STEPS
default : 300
2020-08-18 07:32:36 +02:00
- name : helmValues
2020-08-31 16:10:28 +02:00
type : "[]string"
2020-08-18 07:32:36 +02:00
description : List of helm values as YAML file reference or URL (as per helm parameter description for `-f` / `--values`)
scope :
- PARAMETERS
- STAGES
- STEPS
2022-02-28 10:43:55 +01:00
- name : valuesMapping
type : "map[string]interface{}"
longDescription : |
Mapping of values provided by Piper onto custom paths in format `[custom-path] : [ piper-value]`
Example :
```yaml
valuesMapping :
subchart.image.tag : image.debug.tag
subchart.image.repository : image.debug.repository
subchart.image.pullsecret : secret.dockerconfigjson
```
scope :
- PARAMETERS
- STAGES
- STEPS
2023-05-05 14:23:11 +02:00
- name : renderSubchartNotes
type : bool
description : If set, render subchart notes along with the parent.
default : true
scope :
- GENERAL
- PARAMETERS
- STAGES
- STEPS
2022-06-29 12:00:37 +02:00
- name : githubToken
description : "GitHub personal access token as per
https://help.github.com/en/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line"
scope :
- GENERAL
- PARAMETERS
- STAGES
- STEPS
type : string
secret : true
aliases :
- name : access_token
resourceRef :
- name : githubTokenCredentialsId
type : secret
- type : vaultSecret
default : github
name : githubVaultSecretName
2020-01-24 14:30:27 +01:00
- name : image
aliases :
- name : deployImage
type : string
description : Full name of the image to be deployed.
2022-06-20 14:43:05 +02:00
deprecationMessage : This parameter is deprecated, please use [containerImageName](#containerimagename) and [containerImageTag](#containerimagetag)
2020-01-29 16:03:18 +01:00
resourceRef :
- name : commonPipelineEnvironment
2020-07-29 15:48:55 +02:00
param : container/imageNameTag
2020-01-24 14:30:27 +01:00
scope :
- PARAMETERS
- STAGES
- STEPS
2022-02-24 12:01:36 +01:00
- name : imageNames
type : "[]string"
description : List of names of the images to be deployed.
resourceRef :
- name : commonPipelineEnvironment
param : container/imageNames
scope :
- PARAMETERS
- STAGES
- STEPS
- name : imageNameTags
type : "[]string"
description : List of full names (registry and tag) of the images to be deployed.
resourceRef :
- name : commonPipelineEnvironment
param : container/imageNameTags
scope :
- PARAMETERS
- STAGES
- STEPS
2022-03-09 09:48:19 +01:00
- name : imageDigests
type : "[]string"
description : List of image digests of the images to be deployed, in the format `sha256:<hash>`. If provided, image digests will be appended to the image tag, e.g. `<repository>/<name>:<tag>@<digest>`
resourceRef :
- name : commonPipelineEnvironment
param : container/imageDigests
scope :
- PARAMETERS
- STAGES
- STEPS
2020-01-24 14:30:27 +01:00
- name : ingressHosts
2020-08-31 16:10:28 +02:00
type : "[]string"
2020-08-18 07:32:36 +02:00
description : (Deprecated) List of ingress hosts to be exposed via helm deployment.
longDescription : |-
**DEPRECATED**<br />
List of ingress hosts to be exposed via helm deployment.<br />
Host names are passed to helm template via ingress configuration.<br />
This requires a modification to the default helm template, thus it is not recommended.
Recommendation is to use custom values and pass them via parameter `helmValues`.<br />
Since helm supports multiple files on top of the `values.yaml`, landscape-specific attributes can be passed via a specific file.
2020-01-24 14:30:27 +01:00
scope :
- PARAMETERS
- STAGES
- STEPS
2020-11-10 15:43:19 +01:00
- name : keepFailedDeployments
type : bool
description : Defines whether a failed deployment will be purged
default : false
scope :
- GENERAL
- PARAMETERS
- STAGES
- STEPS
2022-01-25 10:42:42 +01:00
- name : runHelmTests
type : bool
description : Defines whether or not to run helm tests against the recently deployed release
default : false
scope :
- GENERAL
- PARAMETERS
- STAGES
- STEPS
- name : showTestLogs
type : bool
description : Defines whether to print the pod logs after running helm tests
default : false
scope :
- GENERAL
- PARAMETERS
- STAGES
- STEPS
2020-01-24 14:30:27 +01:00
- name : kubeConfig
type : string
2021-10-05 00:24:26 +02:00
description : Defines the path to the "kubeconfig" file.
2020-01-24 14:30:27 +01:00
scope :
- GENERAL
- PARAMETERS
- STAGES
- STEPS
2020-08-28 15:38:15 +02:00
secret : true
resourceRef :
- name : kubeConfigFileCredentialsId
type : secret
2020-11-06 18:06:19 +01:00
- type : vaultSecretFile
2021-12-02 12:18:21 +01:00
name : kubeConfigFileVaultSecretName
2021-09-21 14:06:32 +03:00
default : kube-config
2020-01-24 14:30:27 +01:00
- name : kubeContext
type : string
2021-10-05 00:24:26 +02:00
description : Defines the context to use from the "kubeconfig" file.
2020-01-24 14:30:27 +01:00
scope :
- PARAMETERS
- STAGES
- STEPS
- name : kubeToken
type : string
description : Contains the id_token used by kubectl for authentication. Consider using kubeConfig parameter instead.
scope :
- GENERAL
- PARAMETERS
- STAGES
- STEPS
2020-04-16 14:37:45 +02:00
secret : true
2020-08-28 15:38:15 +02:00
resourceRef :
- name : kubeTokenCredentialsId
type : secret
2020-01-24 14:30:27 +01:00
- name : namespace
aliases :
- name : helmDeploymentNamespace
- name : k8sDeploymentNamespace
type : string
description : Defines the target Kubernetes namespace for the deployment.
scope :
- PARAMETERS
- STAGES
- STEPS
default : default
- name : tillerNamespace
aliases :
- name : helmTillerNamespace
type : string
description : Defines optional tiller namespace for deployments using helm.
scope :
- PARAMETERS
- STAGES
- STEPS
2021-06-11 10:41:03 +02:00
- name : dockerConfigJSON
type : string
description : Path to the file `.docker/config.json` - this is typically provided by your CI/CD system. You can find more details about the Docker credentials in the [Docker documentation](https://docs.docker.com/engine/reference/commandline/login/).
scope :
- PARAMETERS
2021-09-29 15:01:40 +02:00
- STAGES
- STEPS
2021-06-11 10:41:03 +02:00
secret : true
2022-01-11 11:30:40 +01:00
default : '.pipeline/docker/config.json'
2021-06-11 10:41:03 +02:00
resourceRef :
- name : dockerConfigJsonCredentialsId
type : secret
- type : vaultSecretFile
2021-09-21 14:06:32 +03:00
name : dockerConfigFileVaultSecretName
2021-09-29 07:55:26 +02:00
default : docker-config
2021-11-04 14:11:31 +01:00
- name : deployCommand
type : string
description : "Only for `deployTool: kubectl`: defines the command `apply` or `replace`. The default is `apply`."
mandatory : false
scope :
- PARAMETERS
- STAGES
- STEPS
default : apply
possibleValues :
- apply
- replace
2022-06-29 12:00:37 +02:00
- name : setupScript
type : string
description : HTTP location of setup script
longDescription : |
For helm-based deploymens only!
HTTP location of setup script.
The script will be downloaded from a GitHub location using the `githubToken` and executed before the installation of the helm package.
scope :
- PARAMETERS
- STAGES
- STEPS
- name : verificationScript
type : string
description : HTTP location of verification script
longDescription : |
For helm-based deploymens only!
HTTP location of verification script.
The script will be downloaded from a GitHub location using the `githubToken` and executed after installation of the helm package.
It can be used to verify if all required artifacts are ready before progressing with for example `helmTest` using the step option `runHelmTests : true `
scope :
- PARAMETERS
- STAGES
- STEPS
- name : teardownScript
type : string
description : HTTP location of teardown script
longDescription : |
For helm-based deploymens only!
HTTP location of setup script.
The script will be downloaded from a GitHub location using the `githubToken` and executed at the end of the step.
This can for example be used in order to remove a temporary namespace which was created for the test.
scope :
- PARAMETERS
- STAGES
- STEPS
2020-01-24 14:30:27 +01:00
containers :
2023-03-01 09:26:26 +01:00
- image : dtzar/helm-kubectl:3
2020-08-31 16:10:28 +02:00
workingDir : /config
options :
- name : -u
value : "0"
conditions :
- conditionRef : strings-equal
params :
- name : deployTool
value : helm3
2021-07-05 13:07:22 +03:00
- image : dtzar/helm-kubectl:2.17.0
2020-08-31 16:10:28 +02:00
workingDir : /config
options :
- name : -u
value : "0"
conditions :
- conditionRef : strings-equal
params :
- name : deployTool
value : helm
2021-07-05 13:07:22 +03:00
- image : dtzar/helm-kubectl:2.17.0
2020-08-31 16:10:28 +02:00
workingDir : /config
options :
- name : -u
value : "0"
conditions :
- conditionRef : strings-equal
params :
- name : deployTool
value : kubectl