metadata: name: gitopsUpdateDeployment description: Updates Kubernetes Deployment Manifest in an Infrastructure Git Repository longDescription: | This step allows you to update the deployment manifest for Kubernetes in a git repository. It can for example be used for GitOps scenarios where the update of the manifests triggers an update of the corresponding deployment in Kubernetes. As of today, it supports the update of deployment yaml files via kubectl patch, update a whole helm template and kustomize. For *kubectl* the container inside the yaml must be described within the following hierarchy: `{"spec":{"template":{"spec":{"containers":[{...}]}}}}` For *helm* the whole template is generated into a single file (`filePath`) and uploaded into the repository. For *kustomize* the `images` section will be update with the current image. spec: inputs: secrets: - name: gitHttpsCredentialsId description: Jenkins 'Username with password' credentials ID containing username/password for http access to your git repository. type: jenkins resources: - name: deployDescriptor type: stash params: - name: branchName description: The name of the branch where the changes should get pushed into. scope: - PARAMETERS - STAGES - STEPS type: string default: master mandatory: true - name: commitMessage description: The commit message of the commit that will be done to do the changes. longDescription: If the commit message is empty a default message in the form "Updated _containerName_ to version _containerImage_" will be used. scope: - PARAMETERS - STAGES - STEPS type: string - name: serverUrl aliases: - name: githubServerUrl description: GitHub server url to the repository. scope: - GENERAL - PARAMETERS - STAGES - STEPS type: string default: https://github.com mandatory: true - name: forcePush type: bool description: Force push to serverUrl longDescription: | To bypass branch-protections the git push command can be forced. Example: ```yaml steps: gitopsUpdateDeployment: forcePush: true ``` scope: - PARAMETERS - STAGES - STEPS mandatory: false default: false - name: username type: string description: User name for git authentication scope: - PARAMETERS - STAGES - STEPS mandatory: true secret: true resourceRef: - name: gitHttpsCredentialsId type: secret param: username - type: vaultSecret name: gitHttpsCredentialVaultSecretName default: gitHttpsCredential - name: password type: string description: Password/token for git authentication. scope: - PARAMETERS - STAGES - STEPS mandatory: true secret: true resourceRef: - name: gitHttpsCredentialsId type: secret param: password - type: vaultSecret name: gitHttpsCredentialVaultSecretName default: gitHttpsCredential - name: filePath description: | Relative path in the git repository to the deployment descriptor file that shall be updated. For different tools this has different semantics: * `kubectl` - path to the `deployment.yaml` that should be patched. Supports globbing. * `helm` - path where the helm chart will be generated into. Here no globbing is supported. * `kustomize` - path to the `kustomization.yaml`. Supports globbing. scope: - PARAMETERS - STAGES - STEPS type: string mandatory: true - name: containerName description: The name of the container to update scope: - PARAMETERS - STAGES - STEPS type: string - name: containerRegistryUrl aliases: - name: dockerRegistryUrl type: string mandatory: true description: http(s) url of the Container registry where the image is located scope: - GENERAL - PARAMETERS - STAGES - STEPS resourceRef: - name: commonPipelineEnvironment param: container/registryUrl - name: containerImageNameTag aliases: - name: image deprecated: true - name: containerImage type: string mandatory: true description: Container image name with version tag to annotate in the deployment configuration. scope: - PARAMETERS - STAGES - STEPS resourceRef: - name: commonPipelineEnvironment param: container/imageNameTag - name: chartPath aliases: - name: helmChartPath type: string description: Defines the chart path for deployments using helm. Globbing is supported to merge multiple charts into one resource.yaml that will be commited. scope: - PARAMETERS - STAGES - STEPS - name: helmValues type: "[]string" description: List of helm values as YAML file reference or URL (as per helm parameter description for `-f` / `--values`) scope: - PARAMETERS - STAGES - STEPS - name: deploymentName aliases: - name: helmDeploymentName type: string description: Defines the name of the deployment. In case of `kustomize` this is the name or alias of the image in the `kustomization.yaml` scope: - PARAMETERS - STAGES - STEPS # default: deployment - name: tool type: string description: Defines the tool which should be used to update the deployment description. mandatory: true scope: - PARAMETERS - STAGES - STEPS default: kubectl possibleValues: - kubectl - helm - kustomize - name: customTlsCertificateLinks type: "[]string" description: List containing download links of custom TLS certificates. This is required to ensure trusted connections to registries with custom certificates. scope: - PARAMETERS - STAGES - STEPS containers: - image: dtzar/helm-kubectl:3.8.0 workingDir: /config options: - name: -u value: "0" conditions: - conditionRef: strings-equal params: - name: tool value: helm - image: dtzar/helm-kubectl:3.8.0 workingDir: /config options: - name: -u value: "0" conditions: - conditionRef: strings-equal params: - name: tool value: kubectl - image: nekottyo/kustomize-kubeval:kustomizev4 workingDir: /config options: - name: -u value: "0" conditions: - conditionRef: strings-equal params: - name: tool value: kustomize