Concourse CI custom resource for kubernetes.
This resource assumes that kubernetes deployment is executed by plain manifests(kubectl apply -f) or Kustomize(kubectl apply -k).
In addition to deploy(kubectl apply) operation, it also supports delete(kubectl delete) and undo(kubectl rollout undo) operations.
This resource has been tested on kubernetes v1.20.1 and concourse v6.7.2.
api_server_url- Kubernetes API Server URL. (e.g.https://172.16.10.11:6443)api_server_cert- Kubernetes api server certificate.client_cert- Client certificate that authenticated to access cluster, if specified,clusterKeyis required.client_key- Client key corresponding toclient_cert.client_token- Kubernetes ServiceAccount token. Required when accessing a cluster with ServiceAccount(neitherclient_certnorclient_key).kubeconfig- Contents of kubecofig(YAML). if specified, other auth settings(includingapi_server_url) are ignored.skip_tls_verify- true if you want to skip TLS verification.namespace- Name of target kubernetes namespace. if not specified,defaultis used.
Triggers when the watched resources is updated.
The Revision consists of namespace, resource name, and revision(Deployment or StatefulSet resource).
Multiple resources are combined with +.
Example version format : dev:app1:100+dev:app2:50+dev:app3:10.
Retrieves the watched resource's version and writes to version file.
Deploys the watched resources to kubernetes using plain manifests or Kustomize overlays. After deployed, wait for the specified time to complete.
paths- kubernetes manifest paths(array). plain manifests path(e.g.k8s/deployment.yaml) or kustomize directory(e.g.repo/overlays/prod)kustomize- true if deploying by kustomize. Default tofalse.status_check_timeout- The time(seconds) to wait for deployment to complete. Default to 5 minutes.command_timeout- The time(seconds) to wait for kubectl apply or delete. Default to unlimited(0).diff- true if usingkubectl diff. Default tofalse.server_dry_run- true if usingkubectl apply --dry-run=server. Default tofalse.delete- true if usingkubectl deleteoperation. Default tofalse.undo- true if usingkubectl rollout undooperation(target resources arewatchedResources). Default tofalse.
See full configuration example here.
resource_types:
- name: k8s
type: docker-image
source:
repository: kudohn/concourse-k8s-resource
tag: 0.0.8resources:
- name: k8s
type: k8s
source:
api_server_url: https://172.16.10.11:6443
api_server_cert: |
-----BEGIN CERTIFICATE-----
....
-----END CERTIFICATE-----
# use client certificate
client_cert: |
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
client_key: |
-----BEGIN PRIVATE KEY-----
...
-----END PRIVATE KEY-----
# or use service account token
client_token: ....
# or use kubeconfig
kubeconfig: |
apiVersion: v1
kind: Config
clusters:
- cluster:
....
contexts:
....
current-context: ...
users:
- name: concourse
user:
...
skip_tls_verify: false
namespace: dev
# watched resources(deployment or statefulset is supported)
watch_resources:
- name: app1
kind: Deployment
- name: app2
kind: Deployment
- name: web
kind: StatefulSetjobs:
- name: deploy-app
plan:
- get: repo
- put: k8s
params:
status_check_timeout: 60
command_timeout: 30
paths:
- repo/test/plain/deploy1.yaml
- repo/test/plain/deploy2.yaml
- repo/test/plain/sts.yamljobs:
- name: deploy-app
plan:
- get: repo
- put: k8s
params:
kustomize: true
status_check_timeout: 60
command_timeout: 30
paths:
- repo/test/kustomize/overlays/prodjobs:
- name: deploy-app
plan:
- get: repo
- put: k8s
params:
undo: truejobs:
- name: deploy-app
plan:
- get: repo
- put: k8s
params:
paths:
- repo/test/kustomize/overlays/prod
server_dry_run: truejobs:
- name: deploy-app
plan:
- get: repo
- put: k8s
params:
paths:
- repo/test/kustomize/overlays/prod
diff: truejobs:
- name: deploy-app
plan:
- get: repo
- put: k8s
params:
delete: true