mirror of
https://github.com/SAP/jenkins-library.git
synced 2025-01-18 05:18:24 +02:00
b34ea9e335
* downloading ca cert bundle when added as config * adding logging statements * allowing bats test to handle ca cert * adding info message * hard coding file names * including correct http client util bundle * removing logging message not needed * adding cert bundle to commit and push * improving the condition to add ca cert in commit and push * fixing unit test * fixing unit test * fixing unit test * fixing unit test * fixing unit test
231 lines
7.3 KiB
YAML
231 lines
7.3 KiB
YAML
metadata:
|
|
name: gitopsUpdateDeployment
|
|
description: Updates Kubernetes Deployment Manifest in an Infrastructure Git Repository
|
|
longDescription: |
|
|
This step allows you to update the deployment manifest for Kubernetes in a git repository.
|
|
|
|
It can for example be used for GitOps scenarios where the update of the manifests triggers an update of the corresponding deployment in Kubernetes.
|
|
|
|
As of today, it supports the update of deployment yaml files via kubectl patch, update a whole helm template and kustomize.
|
|
|
|
For *kubectl* the container inside the yaml must be described within the following hierarchy: `{"spec":{"template":{"spec":{"containers":[{...}]}}}}`
|
|
For *helm* the whole template is generated into a single file (`filePath`) and uploaded into the repository.
|
|
For *kustomize* the `images` section will be update with the current image.
|
|
|
|
|
|
spec:
|
|
inputs:
|
|
secrets:
|
|
- name: gitHttpsCredentialsId
|
|
description: Jenkins 'Username with password' credentials ID containing username/password for http access to your git repository.
|
|
type: jenkins
|
|
resources:
|
|
- name: deployDescriptor
|
|
type: stash
|
|
params:
|
|
- name: branchName
|
|
description: The name of the branch where the changes should get pushed into.
|
|
scope:
|
|
- PARAMETERS
|
|
- STAGES
|
|
- STEPS
|
|
type: string
|
|
default: master
|
|
mandatory: true
|
|
- name: commitMessage
|
|
description: The commit message of the commit that will be done to do the changes.
|
|
longDescription: If the commit message is empty a default message in the form "Updated _containerName_ to version _containerImage_" will be used.
|
|
scope:
|
|
- PARAMETERS
|
|
- STAGES
|
|
- STEPS
|
|
type: string
|
|
- name: serverUrl
|
|
aliases:
|
|
- name: githubServerUrl
|
|
description: GitHub server url to the repository.
|
|
scope:
|
|
- GENERAL
|
|
- PARAMETERS
|
|
- STAGES
|
|
- STEPS
|
|
type: string
|
|
default: https://github.com
|
|
mandatory: true
|
|
- name: forcePush
|
|
type: bool
|
|
description: Force push to serverUrl
|
|
longDescription: |
|
|
To bypass branch-protections the git push command can be forced.
|
|
|
|
Example:
|
|
```yaml
|
|
steps:
|
|
gitopsUpdateDeployment:
|
|
forcePush: true
|
|
```
|
|
scope:
|
|
- PARAMETERS
|
|
- STAGES
|
|
- STEPS
|
|
mandatory: false
|
|
default: false
|
|
- name: username
|
|
type: string
|
|
description: User name for git authentication
|
|
scope:
|
|
- PARAMETERS
|
|
- STAGES
|
|
- STEPS
|
|
mandatory: true
|
|
secret: true
|
|
resourceRef:
|
|
- name: gitHttpsCredentialsId
|
|
type: secret
|
|
param: username
|
|
- type: vaultSecret
|
|
name: gitHttpsCredentialVaultSecretName
|
|
default: gitHttpsCredential
|
|
- name: password
|
|
type: string
|
|
description: Password/token for git authentication.
|
|
scope:
|
|
- PARAMETERS
|
|
- STAGES
|
|
- STEPS
|
|
mandatory: true
|
|
secret: true
|
|
resourceRef:
|
|
- name: gitHttpsCredentialsId
|
|
type: secret
|
|
param: password
|
|
- type: vaultSecret
|
|
name: gitHttpsCredentialVaultSecretName
|
|
default: gitHttpsCredential
|
|
- name: filePath
|
|
description: |
|
|
Relative path in the git repository to the deployment descriptor file that shall be updated. For different tools this has different semantics:
|
|
|
|
* `kubectl` - path to the `deployment.yaml` that should be patched. Supports globbing.
|
|
* `helm` - path where the helm chart will be generated into. Here no globbing is supported.
|
|
* `kustomize` - path to the `kustomization.yaml`. Supports globbing.
|
|
scope:
|
|
- PARAMETERS
|
|
- STAGES
|
|
- STEPS
|
|
type: string
|
|
mandatory: true
|
|
- name: containerName
|
|
description: The name of the container to update
|
|
scope:
|
|
- PARAMETERS
|
|
- STAGES
|
|
- STEPS
|
|
type: string
|
|
- name: containerRegistryUrl
|
|
aliases:
|
|
- name: dockerRegistryUrl
|
|
type: string
|
|
mandatory: true
|
|
description: http(s) url of the Container registry where the image is located
|
|
scope:
|
|
- GENERAL
|
|
- PARAMETERS
|
|
- STAGES
|
|
- STEPS
|
|
resourceRef:
|
|
- name: commonPipelineEnvironment
|
|
param: container/registryUrl
|
|
- name: containerImageNameTag
|
|
aliases:
|
|
- name: image
|
|
deprecated: true
|
|
- name: containerImage
|
|
type: string
|
|
mandatory: true
|
|
description: Container image name with version tag to annotate in the deployment configuration.
|
|
scope:
|
|
- PARAMETERS
|
|
- STAGES
|
|
- STEPS
|
|
resourceRef:
|
|
- name: commonPipelineEnvironment
|
|
param: container/imageNameTag
|
|
- name: chartPath
|
|
aliases:
|
|
- name: helmChartPath
|
|
type: string
|
|
description: Defines the chart path for deployments using helm. Globbing is supported to merge multiple charts into one resource.yaml that will be commited.
|
|
scope:
|
|
- PARAMETERS
|
|
- STAGES
|
|
- STEPS
|
|
- name: helmValues
|
|
type: "[]string"
|
|
description: List of helm values as YAML file reference or URL (as per helm parameter description for `-f` / `--values`)
|
|
scope:
|
|
- PARAMETERS
|
|
- STAGES
|
|
- STEPS
|
|
- name: deploymentName
|
|
aliases:
|
|
- name: helmDeploymentName
|
|
type: string
|
|
description: Defines the name of the deployment. In case of `kustomize` this is the name or alias of the image in the `kustomization.yaml`
|
|
scope:
|
|
- PARAMETERS
|
|
- STAGES
|
|
- STEPS
|
|
# default: deployment
|
|
- name: tool
|
|
type: string
|
|
description: Defines the tool which should be used to update the deployment description.
|
|
mandatory: true
|
|
scope:
|
|
- PARAMETERS
|
|
- STAGES
|
|
- STEPS
|
|
default: kubectl
|
|
possibleValues:
|
|
- kubectl
|
|
- helm
|
|
- kustomize
|
|
- name: customTlsCertificateLinks
|
|
type: "[]string"
|
|
description: List containing download links of custom TLS certificates. This is required to ensure trusted connections to registries with custom certificates.
|
|
scope:
|
|
- PARAMETERS
|
|
- STAGES
|
|
- STEPS
|
|
containers:
|
|
- image: dtzar/helm-kubectl:3.8.0
|
|
workingDir: /config
|
|
options:
|
|
- name: -u
|
|
value: "0"
|
|
conditions:
|
|
- conditionRef: strings-equal
|
|
params:
|
|
- name: tool
|
|
value: helm
|
|
- image: dtzar/helm-kubectl:3.8.0
|
|
workingDir: /config
|
|
options:
|
|
- name: -u
|
|
value: "0"
|
|
conditions:
|
|
- conditionRef: strings-equal
|
|
params:
|
|
- name: tool
|
|
value: kubectl
|
|
- image: nekottyo/kustomize-kubeval:kustomizev4
|
|
workingDir: /config
|
|
options:
|
|
- name: -u
|
|
value: "0"
|
|
conditions:
|
|
- conditionRef: strings-equal
|
|
params:
|
|
- name: tool
|
|
value: kustomize
|