github.com/ouraigua/jenkins-library@v0.0.0-20231028010029-fbeaf2f3aa9b/resources/metadata/kubernetesDeploy.yaml (about) 1 metadata: 2 name: kubernetesDeploy 3 aliases: 4 - name: deployToKubernetes 5 deprecated: true 6 description: Deployment to Kubernetes test or production namespace within the specified Kubernetes cluster. 7 longDescription: |- 8 Deployment to Kubernetes test or production namespace within the specified Kubernetes cluster. 9 10 !!! note "Deployment supports multiple deployment tools" 11 Currently the following are supported: 12 13 * [Helm](https://helm.sh/) command line tool and [Helm Charts](https://docs.helm.sh/developing_charts/#charts). 14 * [kubectl](https://kubernetes.io/docs/reference/kubectl/overview/) and `kubectl apply` command. 15 16 ## Helm 17 Following helm command will be executed by default: 18 19 ``` 20 helm upgrade <deploymentName> <chartPath> --install --force --namespace <namespace> --wait --timeout <helmDeployWaitSeconds> --set "image.repository=<yourRegistry>/<yourImageName>,image.tag=<yourImageTag>,secret.dockerconfigjson=<dockerSecret>,ingress.hosts[0]=<ingressHosts[0]>,,ingress.hosts[1]=<ingressHosts[1]>,... 21 ``` 22 23 * `yourRegistry` will be retrieved from `containerRegistryUrl` 24 * `yourImageName`, `yourImageTag` will be retrieved from `image` 25 * `dockerSecret` will be calculated with a call to `kubectl create secret generic <containerRegistrySecret> --from-file=.dockerconfigjson=<dockerConfigJson> --type=kubernetes.io/dockerconfigjson --insecure-skip-tls-verify=true --dry-run=client --output=json` 26 spec: 27 inputs: 28 secrets: 29 - name: kubeConfigFileCredentialsId 30 description: Jenkins 'Secret file' credentials ID containing kubeconfig file. Details can be found in the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/organize-cluster-access-kubeconfig/). 31 aliases: 32 - name: kubeCredentialsId 33 deprecated: true 34 type: jenkins 35 - name: kubeTokenCredentialsId 36 description: Jenkins 'Secret text' credentials ID containing token to authenticate to Kubernetes. This is an alternative way to using a kubeconfig file. Details can be found in the [Kubernetes documentation](https://kubernetes.io/docs/reference/access-authn-authz/authentication/). 37 aliases: 38 - name: k8sTokenCredentialsId 39 deprecated: true 40 type: jenkins 41 - name: dockerCredentialsId 42 type: jenkins 43 - name: dockerConfigJsonCredentialsId 44 description: Jenkins 'Secret file' credentials ID containing Docker config.json (with registry credential(s)). 45 type: jenkins 46 - name: githubTokenCredentialsId 47 description: Jenkins credentials ID containing the github token. 48 type: jenkins 49 resources: 50 - name: deployDescriptor 51 type: stash 52 - name: downloadedArtifact 53 type: stash 54 params: 55 - name: additionalParameters 56 aliases: 57 - name: helmDeploymentParameters 58 type: "[]string" 59 description: Defines additional parameters for "helm install" or "kubectl apply" command. 60 scope: 61 - PARAMETERS 62 - STAGES 63 - STEPS 64 - name: apiServer 65 aliases: 66 - name: k8sAPIServer 67 type: string 68 description: Defines the Url of the API Server of the Kubernetes cluster. 69 scope: 70 - GENERAL 71 - PARAMETERS 72 - STAGES 73 - STEPS 74 - name: appTemplate 75 aliases: 76 - name: k8sAppTemplate 77 type: string 78 description: Defines the filename for the kubernetes app template (e.g. k8s_apptemplate.yaml). 79 longDescription: | 80 There are two supported ways for the template rendering: 81 82 1. For a deployments using single image, you can use a placeholder `<image-name>`, which will be replaced with the image GUN. 83 ``` 84 apiVersion: apps/v1 85 kind: Deployment 86 metadata: 87 name: app 88 labels: 89 app: app 90 spec: 91 replicas: 3 92 selector: 93 matchLabels: 94 app: app 95 template: 96 metadata: 97 labels: 98 app: app 99 spec: 100 containers: 101 - name: app 102 image: <image-name> 103 ``` 104 105 2. Helm styled templates, with the support for multi-image deployments. 106 107 ``` 108 apiVersion: apps/v1 109 kind: Deployment 110 metadata: 111 name: app 112 labels: 113 app: app 114 spec: 115 replicas: 3 116 selector: 117 matchLabels: 118 app: app 119 template: 120 metadata: 121 labels: 122 app: app 123 spec: 124 containers: 125 - name: app-1 126 image: "{{ .Values.image.repository}}:{{ .Values.image.tag }}" 127 - name: app-2 128 image: "{{ .Values.image.app_2.repository}}:{{ .Values.image.app_2.tag }}" 129 ``` 130 scope: 131 - PARAMETERS 132 - STAGES 133 - STEPS 134 - name: chartPath 135 aliases: 136 - name: helmChartPath 137 type: string 138 description: Defines the chart path for deployments using helm. It is a mandatory parameter when `deployTool:helm` or `deployTool:helm3`. 139 scope: 140 - GENERAL 141 - PARAMETERS 142 - STAGES 143 - STEPS 144 resourceRef: 145 - name: commonPipelineEnvironment 146 param: custom/localHelmChartPath 147 - name: containerRegistryPassword 148 description: Password for container registry access - typically provided by the CI/CD environment. 149 type: string 150 scope: 151 - PARAMETERS 152 - STAGES 153 - STEPS 154 secret: true 155 resourceRef: 156 - name: dockerCredentialsId 157 type: secret 158 param: password 159 - name: commonPipelineEnvironment 160 param: container/repositoryPassword 161 - name: commonPipelineEnvironment 162 param: custom/repositoryPassword 163 - name: containerImageName 164 aliases: 165 - name: dockerImageName 166 type: string 167 description: Name of the container which will be built - will be used together with `containerImageTag` instead of parameter `containerImage` 168 scope: 169 - GENERAL 170 - PARAMETERS 171 - STAGES 172 - STEPS 173 - name: containerImageTag 174 aliases: 175 - name: artifactVersion 176 type: string 177 description: Tag of the container which will be built - will be used together with `containerImageName` instead of parameter `containerImage` 178 scope: 179 - GENERAL 180 - PARAMETERS 181 - STAGES 182 - STEPS 183 resourceRef: 184 - name: commonPipelineEnvironment 185 param: artifactVersion 186 - name: containerRegistryUrl 187 aliases: 188 - name: dockerRegistryUrl 189 type: string 190 description: http(s) url of the Container registry where the image to deploy is located. 191 resourceRef: 192 - name: commonPipelineEnvironment 193 param: container/registryUrl 194 scope: 195 - GENERAL 196 - PARAMETERS 197 - STAGES 198 - STEPS 199 mandatory: true 200 - name: containerRegistryUser 201 description: Username for container registry access - typically provided by the CI/CD environment. 202 type: string 203 scope: 204 - PARAMETERS 205 - STAGES 206 - STEPS 207 secret: true 208 resourceRef: 209 - name: dockerCredentialsId 210 type: secret 211 param: username 212 - name: commonPipelineEnvironment 213 param: container/repositoryUsername 214 - name: commonPipelineEnvironment 215 param: custom/repositoryUsername 216 - name: containerRegistrySecret 217 description: Name of the container registry secret used for pulling containers from the registry. 218 longDescription: |- 219 Name of the container registry secret used for pulling containers from the registry. 220 221 **For `deployTool: helm/helm3`:**<br /> 222 If `containerRegistryUser` and `containerRegistryPassword` are provided, a secret is created on the fly and the information is passed to the helm template.<br /> 223 224 **For `deployTool: kubectl`:**<br /> 225 If `containerRegistryUser` and `containerRegistryPassword` are provided, a secret with the given name will be created in the Kubernetes cluster. 226 227 If neither `containerRegistryUser` nor `containerRegistryPassword` are provided, it is expected that a secret with the configured name exists in the target Kubernetes cluster.<br /> 228 type: string 229 scope: 230 - PARAMETERS 231 - STAGES 232 - STEPS 233 default: regsecret 234 - name: createDockerRegistrySecret 235 type: bool 236 description: "Only for `deployTool:kubectl`: Toggle to turn on `containerRegistrySecret` creation." 237 scope: 238 - PARAMETERS 239 - STAGES 240 - STEPS 241 default: false 242 - name: deploymentName 243 aliases: 244 - name: helmDeploymentName 245 type: string 246 description: Defines the name of the deployment. It is a mandatory parameter when `deployTool:helm` or `deployTool:helm3`. 247 scope: 248 - PARAMETERS 249 - STAGES 250 - STEPS 251 - name: deployTool 252 type: string 253 description: Defines the tool which should be used for deployment. 254 mandatory: true 255 scope: 256 - PARAMETERS 257 - STAGES 258 - STEPS 259 default: kubectl 260 possibleValues: 261 - kubectl 262 - helm 263 - helm3 264 - name: forceUpdates 265 aliases: 266 - name: force 267 type: bool 268 description: "Adds `--force` flag to a helm resource update command or to a kubectl replace command" 269 mandatory: false 270 scope: 271 - PARAMETERS 272 - STAGES 273 - STEPS 274 default: true 275 - name: helmDeployWaitSeconds 276 type: int 277 description: Number of seconds before helm deploy returns. 278 scope: 279 - PARAMETERS 280 - STAGES 281 - STEPS 282 default: 300 283 - name: helmTestWaitSeconds 284 type: int 285 description: Number of seconds to wait for any individual Kubernetes operation (like Jobs for hooks). See https://helm.sh/docs/helm/helm_test/#options for further details 286 scope: 287 - PARAMETERS 288 - STAGES 289 - STEPS 290 default: 300 291 - name: helmValues 292 type: "[]string" 293 description: List of helm values as YAML file reference or URL (as per helm parameter description for `-f` / `--values`) 294 scope: 295 - PARAMETERS 296 - STAGES 297 - STEPS 298 - name: valuesMapping 299 type: "map[string]interface{}" 300 longDescription: | 301 Mapping of values provided by Piper onto custom paths in format `[custom-path]: [piper-value]` 302 303 Example: 304 ```yaml 305 valuesMapping: 306 subchart.image.tag: image.debug.tag 307 subchart.image.repository: image.debug.repository 308 subchart.image.pullsecret: secret.dockerconfigjson 309 ``` 310 scope: 311 - PARAMETERS 312 - STAGES 313 - STEPS 314 - name: renderSubchartNotes 315 type: bool 316 description: If set, render subchart notes along with the parent. 317 default: true 318 scope: 319 - GENERAL 320 - PARAMETERS 321 - STAGES 322 - STEPS 323 - name: githubToken 324 description: "GitHub personal access token as per 325 https://help.github.com/en/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line" 326 scope: 327 - GENERAL 328 - PARAMETERS 329 - STAGES 330 - STEPS 331 type: string 332 secret: true 333 aliases: 334 - name: access_token 335 resourceRef: 336 - name: githubTokenCredentialsId 337 type: secret 338 - type: vaultSecret 339 default: github 340 name: githubVaultSecretName 341 - name: image 342 aliases: 343 - name: deployImage 344 type: string 345 description: Full name of the image to be deployed. 346 deprecationMessage: This parameter is deprecated, please use [containerImageName](#containerimagename) and [containerImageTag](#containerimagetag) 347 resourceRef: 348 - name: commonPipelineEnvironment 349 param: container/imageNameTag 350 scope: 351 - PARAMETERS 352 - STAGES 353 - STEPS 354 - name: imageNames 355 type: "[]string" 356 description: List of names of the images to be deployed. 357 resourceRef: 358 - name: commonPipelineEnvironment 359 param: container/imageNames 360 scope: 361 - PARAMETERS 362 - STAGES 363 - STEPS 364 - name: imageNameTags 365 type: "[]string" 366 description: List of full names (registry and tag) of the images to be deployed. 367 resourceRef: 368 - name: commonPipelineEnvironment 369 param: container/imageNameTags 370 scope: 371 - PARAMETERS 372 - STAGES 373 - STEPS 374 - name: imageDigests 375 type: "[]string" 376 description: List of image digests of the images to be deployed, in the format `sha256:<hash>`. If provided, image digests will be appended to the image tag, e.g. `<repository>/<name>:<tag>@<digest>` 377 resourceRef: 378 - name: commonPipelineEnvironment 379 param: container/imageDigests 380 scope: 381 - PARAMETERS 382 - STAGES 383 - STEPS 384 - name: ingressHosts 385 type: "[]string" 386 description: (Deprecated) List of ingress hosts to be exposed via helm deployment. 387 longDescription: |- 388 **DEPRECATED**<br /> 389 List of ingress hosts to be exposed via helm deployment.<br /> 390 Host names are passed to helm template via ingress configuration.<br /> 391 This requires a modification to the default helm template, thus it is not recommended. 392 393 Recommendation is to use custom values and pass them via parameter `helmValues`.<br /> 394 Since helm supports multiple files on top of the `values.yaml`, landscape-specific attributes can be passed via a specific file. 395 scope: 396 - PARAMETERS 397 - STAGES 398 - STEPS 399 - name: keepFailedDeployments 400 type: bool 401 description: Defines whether a failed deployment will be purged 402 default: false 403 scope: 404 - GENERAL 405 - PARAMETERS 406 - STAGES 407 - STEPS 408 - name: runHelmTests 409 type: bool 410 description: Defines whether or not to run helm tests against the recently deployed release 411 default: false 412 scope: 413 - GENERAL 414 - PARAMETERS 415 - STAGES 416 - STEPS 417 - name: showTestLogs 418 type: bool 419 description: Defines whether to print the pod logs after running helm tests 420 default: false 421 scope: 422 - GENERAL 423 - PARAMETERS 424 - STAGES 425 - STEPS 426 - name: kubeConfig 427 type: string 428 description: Defines the path to the "kubeconfig" file. 429 scope: 430 - GENERAL 431 - PARAMETERS 432 - STAGES 433 - STEPS 434 secret: true 435 resourceRef: 436 - name: kubeConfigFileCredentialsId 437 type: secret 438 - type: vaultSecretFile 439 name: kubeConfigFileVaultSecretName 440 default: kube-config 441 - name: kubeContext 442 type: string 443 description: Defines the context to use from the "kubeconfig" file. 444 scope: 445 - PARAMETERS 446 - STAGES 447 - STEPS 448 - name: kubeToken 449 type: string 450 description: Contains the id_token used by kubectl for authentication. Consider using kubeConfig parameter instead. 451 scope: 452 - GENERAL 453 - PARAMETERS 454 - STAGES 455 - STEPS 456 secret: true 457 resourceRef: 458 - name: kubeTokenCredentialsId 459 type: secret 460 - name: namespace 461 aliases: 462 - name: helmDeploymentNamespace 463 - name: k8sDeploymentNamespace 464 type: string 465 description: Defines the target Kubernetes namespace for the deployment. 466 scope: 467 - PARAMETERS 468 - STAGES 469 - STEPS 470 default: default 471 - name: tillerNamespace 472 aliases: 473 - name: helmTillerNamespace 474 type: string 475 description: Defines optional tiller namespace for deployments using helm. 476 scope: 477 - PARAMETERS 478 - STAGES 479 - STEPS 480 - name: dockerConfigJSON 481 type: string 482 description: Path to the file `.docker/config.json` - this is typically provided by your CI/CD system. You can find more details about the Docker credentials in the [Docker documentation](https://docs.docker.com/engine/reference/commandline/login/). 483 scope: 484 - PARAMETERS 485 - STAGES 486 - STEPS 487 secret: true 488 default: '.pipeline/docker/config.json' 489 resourceRef: 490 - name: dockerConfigJsonCredentialsId 491 type: secret 492 - type: vaultSecretFile 493 name: dockerConfigFileVaultSecretName 494 default: docker-config 495 - name: deployCommand 496 type: string 497 description: "Only for `deployTool: kubectl`: defines the command `apply` or `replace`. The default is `apply`." 498 mandatory: false 499 scope: 500 - PARAMETERS 501 - STAGES 502 - STEPS 503 default: apply 504 possibleValues: 505 - apply 506 - replace 507 - name: setupScript 508 type: string 509 description: HTTP location of setup script 510 longDescription: | 511 For helm-based deploymens only! 512 HTTP location of setup script. 513 The script will be downloaded from a GitHub location using the `githubToken` and executed before the installation of the helm package. 514 scope: 515 - PARAMETERS 516 - STAGES 517 - STEPS 518 - name: verificationScript 519 type: string 520 description: HTTP location of verification script 521 longDescription: | 522 For helm-based deploymens only! 523 HTTP location of verification script. 524 The script will be downloaded from a GitHub location using the `githubToken` and executed after installation of the helm package. 525 It can be used to verify if all required artifacts are ready before progressing with for example `helmTest` using the step option `runHelmTests: true` 526 scope: 527 - PARAMETERS 528 - STAGES 529 - STEPS 530 - name: teardownScript 531 type: string 532 description: HTTP location of teardown script 533 longDescription: | 534 For helm-based deploymens only! 535 HTTP location of setup script. 536 The script will be downloaded from a GitHub location using the `githubToken` and executed at the end of the step. 537 This can for example be used in order to remove a temporary namespace which was created for the test. 538 scope: 539 - PARAMETERS 540 - STAGES 541 - STEPS 542 containers: 543 - image: dtzar/helm-kubectl:3 544 workingDir: /config 545 options: 546 - name: -u 547 value: "0" 548 conditions: 549 - conditionRef: strings-equal 550 params: 551 - name: deployTool 552 value: helm3 553 - image: dtzar/helm-kubectl:2.17.0 554 workingDir: /config 555 options: 556 - name: -u 557 value: "0" 558 conditions: 559 - conditionRef: strings-equal 560 params: 561 - name: deployTool 562 value: helm 563 - image: dtzar/helm-kubectl:2.17.0 564 workingDir: /config 565 options: 566 - name: -u 567 value: "0" 568 conditions: 569 - conditionRef: strings-equal 570 params: 571 - name: deployTool 572 value: kubectl