diff options
author | Thong Kuah <tkuah@gitlab.com> | 2018-12-12 13:18:50 +1300 |
---|---|---|
committer | Thong Kuah <tkuah@gitlab.com> | 2019-01-04 10:26:38 +1300 |
commit | 4b92b5500b8d9cdbaa6e612b8f9a061624266cc4 (patch) | |
tree | 6c5a4df38f8ac32712b0fcd9bc44f504abaf02b5 /lib | |
parent | a4833f6fe0b725a4ee312367a311ec075352fba2 (diff) | |
download | gitlab-ce-4b92b5500b8d9cdbaa6e612b8f9a061624266cc4.tar.gz |
Create K8S_SECRET_* CI variables as a K8s Secret
Find any CI variables from `env` which has a prefix. If there are any
such CI variables, strip prefix from variable name then create a generic
Kubernetes secret containing all these CI variables as key-value pairs.
Also, Pass in secretname to application container
The secretname may be present, if nil, the chart does nothing. If
present, the chart will load the key-value pairs from the secret into
the application container. See
https://gitlab.com/charts/auto-deploy-app/blob/master/README.md#configuration
Diffstat (limited to 'lib')
-rw-r--r-- | lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml b/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml index a9e361b0b32..1b55a6b12cd 100644 --- a/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml +++ b/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml @@ -595,6 +595,15 @@ rollout 100%: fi } + # Finds any variables prefixed with `K8S_SECRET_`, and exports them as the + # global $K8S_VARIABLES with prefix removed. + function extract_prefixed_variables() { + prefix="K8S_SECRET_" + k8s_variables=$(env | (grep "^${prefix}" || [[ $? == 1 ]]) | sed "s/^${prefix}//") + + export K8S_VARIABLES=$k8s_variables + } + function deploy() { track="${1-stable}" percentage="${2:-100}" @@ -620,6 +629,23 @@ rollout 100%: secret_name='' fi + extract_prefixed_variables + if [[ -n "$K8S_VARIABLES" ]]; then + echo "Prefixed CI variables found, creating secret..." + application_secret_name="${name}-secret" + fromLiteralArgs="" + + for k8s_variable in ${K8S_VARIABLES}; do + fromLiteralArgs="${fromLiteralArgs:+${fromLiteralArgs} }--from-literal=${k8s_variable}" + done + + # We want fromLiteralArgs to be interpreted as args, so don't quote it! + kubectl create secret -n "$KUBE_NAMESPACE" \ + generic "$application_secret_name" \ + ${fromLiteralArgs} \ + -o yaml --dry-run | kubectl replace -n "$KUBE_NAMESPACE" --force -f - + fi + if [[ -n "$DB_INITIALIZE" && -z "$(helm ls -q "^$name$")" ]]; then echo "Deploying first release with database initialization..." helm upgrade --install \ @@ -632,6 +658,7 @@ rollout 100%: --set image.secrets[0].name="$secret_name" \ --set application.track="$track" \ --set application.database_url="$DATABASE_URL" \ + --set application.secretName="$application_secret_name" \ --set service.url="$CI_ENVIRONMENT_URL" \ --set replicaCount="$replicas" \ --set postgresql.enabled="$postgres_enabled" \ @@ -664,6 +691,7 @@ rollout 100%: --set image.secrets[0].name="$secret_name" \ --set application.track="$track" \ --set application.database_url="$DATABASE_URL" \ + --set application.secretName="$application_secret_name" \ --set service.url="$CI_ENVIRONMENT_URL" \ --set replicaCount="$replicas" \ --set postgresql.enabled="$postgres_enabled" \ |