metadata: name: kubernetesDeploy aliases: - name: deployToKubernetes deprecated: true description: Deployment to Kubernetes test or production namespace within the specified Kubernetes cluster. longDescription: |- Deployment to Kubernetes test or production namespace within the specified Kubernetes cluster. !!! note "Deployment supports multiple deployment tools" Currently the following are supported: * [Helm](https://helm.sh/) command line tool and [Helm Charts](https://docs.helm.sh/developing_charts/#charts). * [kubectl](https://kubernetes.io/docs/reference/kubectl/overview/) and `kubectl apply` command. ## Helm Following helm command will be executed by default: ``` helm upgrade --install --force --namespace --wait --timeout --set "image.repository=/,image.tag=,secret.dockerconfigjson=,ingress.hosts[0]=,,ingress.hosts[1]=,... ``` * `yourRegistry` will be retrieved from `containerRegistryUrl` * `yourImageName`, `yourImageTag` will be retrieved from `image` * `dockerSecret` will be calculated with a call to `kubectl create secret docker-registry regsecret --docker-server= --docker-username= --docker-password= --dry-run=true --output=json'` spec: inputs: secrets: - name: kubeConfigFileCredentialsId description: Jenkins 'Secret file' credentials ID containing kubeconfig file. Details can be found in the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/organize-cluster-access-kubeconfig/). aliases: - name: kubeCredentialsId deprecated: true type: jenkins - name: kubeTokenCredentialsId description: Jenkins 'Secret text' credentials ID containing token to authenticate to Kubernetes. This is an alternative way to using a kubeconfig file. Details can be found in the [Kubernetes documentation](https://kubernetes.io/docs/reference/access-authn-authz/authentication/). aliases: - name: k8sTokenCredentialsId deprecated: true type: jenkins - name: dockerCredentialsId type: jenkins - name: dockerConfigJsonCredentialsId description: Jenkins 'Secret file' credentials ID containing Docker config.json (with registry credential(s)). type: jenkins resources: - name: deployDescriptor type: stash params: - name: additionalParameters aliases: - name: helmDeploymentParameters type: "[]string" description: Defines additional parameters for \"helm install\" or \"kubectl apply\" command. scope: - PARAMETERS - STAGES - STEPS - name: apiServer aliases: - name: k8sAPIServer type: string description: Defines the Url of the API Server of the Kubernetes cluster. scope: - GENERAL - PARAMETERS - STAGES - STEPS - name: appTemplate aliases: - name: k8sAppTemplate type: string description: Defines the filename for the kubernetes app template (e.g. k8s_apptemplate.yaml) scope: - PARAMETERS - STAGES - STEPS - name: chartPath aliases: - name: helmChartPath type: string description: Defines the chart path for deployments using helm. It is a mandatory parameter when `deployTool:helm` or `deployTool:helm3`. scope: - PARAMETERS - STAGES - STEPS - name: containerRegistryPassword description: Password for container registry access - typically provided by the CI/CD environment. type: string scope: - PARAMETERS - STAGES - STEPS secret: true resourceRef: - name: dockerCredentialsId type: secret param: password - name: containerRegistryUrl aliases: - name: dockerRegistryUrl type: string description: http(s) url of the Container registry where the image to deploy is located. resourceRef: - name: commonPipelineEnvironment param: container/registryUrl scope: - GENERAL - PARAMETERS - STAGES - STEPS mandatory: true - name: containerRegistryUser description: Username for container registry access - typically provided by the CI/CD environment. type: string scope: - PARAMETERS - STAGES - STEPS secret: true resourceRef: - name: dockerCredentialsId type: secret param: username - name: containerRegistrySecret description: Name of the container registry secret used for pulling containers from the registry. longDescription: |- Name of the container registry secret used for pulling containers from the registry. **For `deployTool: helm/helm3`:**
If `containerRegistryUser` and `containerRegistryPassword` are provided, a secret is created on the fly and the information is passed to the helm template.
Note: the secret will not be persisted in the Kubernetes cluster. If neither `containerRegistryUser` nor `containerRegistryPassword` are provided, it is expected that a secret with the configured name exists in the target Kubernetes cluster.
**For `deployTool: kubectl`:**
If `createDockerRegistrySecret: true` and `containerRegistryUser` and `containerRegistryPassword` are provided, a secret with the given name will be created in the Kubernetes cluster unless a secret with the name already exists. type: string scope: - PARAMETERS - STAGES - STEPS default: regsecret - name: createDockerRegistrySecret type: bool description: "Only for `deployTool:kubectl`: Toggle to turn on `containerRegistrySecret` creation." scope: - PARAMETERS - STAGES - STEPS default: false - name: deploymentName aliases: - name: helmDeploymentName type: string description: Defines the name of the deployment. It is a mandatory parameter when `deployTool:helm` or `deployTool:helm3`. scope: - PARAMETERS - STAGES - STEPS - name: deployTool type: string description: Defines the tool which should be used for deployment. mandatory: true scope: - PARAMETERS - STAGES - STEPS default: kubectl possibleValues: - kubectl - helm - helm3 - name: forceUpdates type: bool description: "Helm only: force resource updates with helm parameter `--force`" mandatory: false scope: - PARAMETERS - STAGES - STEPS default: true - name: helmDeployWaitSeconds type: int description: Number of seconds before helm deploy returns. scope: - PARAMETERS - STAGES - STEPS default: 300 - name: helmValues type: "[]string" description: List of helm values as YAML file reference or URL (as per helm parameter description for `-f` / `--values`) scope: - PARAMETERS - STAGES - STEPS - name: image aliases: - name: deployImage type: string description: Full name of the image to be deployed. resourceRef: - name: commonPipelineEnvironment param: container/imageNameTag mandatory: true scope: - PARAMETERS - STAGES - STEPS - name: ingressHosts type: "[]string" description: (Deprecated) List of ingress hosts to be exposed via helm deployment. longDescription: |- **DEPRECATED**
List of ingress hosts to be exposed via helm deployment.
Host names are passed to helm template via ingress configuration.
This requires a modification to the default helm template, thus it is not recommended. Recommendation is to use custom values and pass them via parameter `helmValues`.
Since helm supports multiple files on top of the `values.yaml`, landscape-specific attributes can be passed via a specific file. scope: - PARAMETERS - STAGES - STEPS - name: keepFailedDeployments type: bool description: Defines whether a failed deployment will be purged default: false scope: - GENERAL - PARAMETERS - STAGES - STEPS - name: kubeConfig type: string description: Defines the path to the \"kubeconfig\" file. scope: - GENERAL - PARAMETERS - STAGES - STEPS secret: true resourceRef: - name: kubeConfigFileCredentialsId type: secret - type: vaultSecretFile paths: - $(vaultPath)/kube-config - $(vaultBasePath)/$(vaultPipelineName)/kube-config - $(vaultBasePath)/GROUP-SECRETS/kube-config - name: kubeContext type: string description: Defines the context to use from the \"kubeconfig\" file. scope: - PARAMETERS - STAGES - STEPS - name: kubeToken type: string description: Contains the id_token used by kubectl for authentication. Consider using kubeConfig parameter instead. scope: - GENERAL - PARAMETERS - STAGES - STEPS secret: true resourceRef: - name: kubeTokenCredentialsId type: secret - name: namespace aliases: - name: helmDeploymentNamespace - name: k8sDeploymentNamespace type: string description: Defines the target Kubernetes namespace for the deployment. scope: - PARAMETERS - STAGES - STEPS default: default - name: tillerNamespace aliases: - name: helmTillerNamespace type: string description: Defines optional tiller namespace for deployments using helm. scope: - PARAMETERS - STAGES - STEPS - name: dockerConfigJSON type: string description: Path to the file `.docker/config.json` - this is typically provided by your CI/CD system. You can find more details about the Docker credentials in the [Docker documentation](https://docs.docker.com/engine/reference/commandline/login/). scope: - PARAMETERS secret: true resourceRef: - name: commonPipelineEnvironment param: custom/dockerConfigJSON - name: dockerConfigJsonCredentialsId type: secret - type: vaultSecretFile paths: - $(vaultPath)/docker-config - $(vaultBasePath)/$(vaultPipelineName)/docker-config - $(vaultBasePath)/GROUP-SECRETS/docker-config containers: - image: dtzar/helm-kubectl:3.4.1 workingDir: /config options: - name: -u value: "0" conditions: - conditionRef: strings-equal params: - name: deployTool value: helm3 - image: dtzar/helm-kubectl:2.17.0 workingDir: /config options: - name: -u value: "0" conditions: - conditionRef: strings-equal params: - name: deployTool value: helm - image: dtzar/helm-kubectl:2.17.0 workingDir: /config options: - name: -u value: "0" conditions: - conditionRef: strings-equal params: - name: deployTool value: kubectl