diff --git a/README.md b/README.md
index 887ab826f52ff252649cbc65865d123ede507872..16244d35f7e1a788679eb8486552e029ebb16d1e 100644
--- a/README.md
+++ b/README.md
@@ -417,6 +417,8 @@ Here are variables supported to configure review environments:
| :lock: `K8S_REVIEW_CA_CERT` | the Kubernetes server certificate authority for `review` env _(only define if using exploded kubeconfig parameters and if different from default)_ | `$K8S_CA_CERT` |
| :lock: `K8S_REVIEW_TOKEN`| service account token for `review` env _(only define if using exploded kubeconfig parameters and if different from default)_ | `$K8S_TOKEN` |
| `review-autostop-duration` / `K8S_REVIEW_AUTOSTOP_DURATION` | The amount of time before GitLab will automatically stop `review` environments | `4 hours` |
+| `k8s-review-job-tags` / `K8S_REVIEW_JOB_TAGS` | Tags to be used for selecting runners for the job | `[]` |
+| `k8s-cleanup-review-job-tags` / `K8S_CLEANUP_REVIEW_JOB_TAGS` | Tags to be used for selecting runners for the job | `[]` |
### Integration environment configuration
@@ -435,6 +437,7 @@ Here are variables supported to configure the integration environment:
| `integ-url` / `K8S_INTEG_URL` | Kubernetes API url for `integration` env _(only define if using exploded kubeconfig parameters and if different from default)_ | `$K8S_URL` |
| :lock: `K8S_INTEG_CA_CERT` | the Kubernetes server certificate authority for `integration` env _(only define if using exploded kubeconfig parameters and if different from default)_ | `$K8S_CA_CERT` |
| :lock: `K8S_INTEG_TOKEN` | service account token for `integration` env _(only define if using exploded kubeconfig parameters and if different from default)_ | `$K8S_TOKEN` |
+| `k8s-integ-job-tags` / `K8S_INTEG_JOB_TAGS` | Tags to be used for selecting runners for the job | `[]` |
### Staging environment configuration
@@ -453,6 +456,7 @@ Here are variables supported to configure the staging environment:
| `staging-url` / `K8S_STAGING_URL` | Kubernetes API url for `staging` env _(only define if using exploded kubeconfig parameters and if different from default)_ | `$K8S_URL` |
| :lock: `K8S_STAGING_CA_CERT` | the Kubernetes server certificate authority for `staging` env _(only define if using exploded kubeconfig parameters and if different from default)_ | `$K8S_CA_CERT` |
| :lock: `K8S_STAGING_TOKEN`| service account token for `staging` env _(only define if using exploded kubeconfig parameters and if different from default)_ | `$K8S_TOKEN` |
+| `k8s-staging-job-tags` / `K8S_STAGING_JOB_TAGS` | Tags to be used for selecting runners for the job | `[]` |
### Production environment configuration
@@ -472,6 +476,7 @@ Here are variables supported to configure the production environment:
| :lock: `K8S_PROD_CA_CERT` | the Kubernetes server certificate authority for `production` env _(only define if using exploded kubeconfig parameters and if different from default)_ | `$K8S_CA_CERT` |
| :lock: `K8S_PROD_TOKEN` | service account token for `production` env _(only define if using exploded kubeconfig parameters and if different from default)_ | `$K8S_TOKEN` |
| `prod-deploy-strategy` / `K8S_PROD_DEPLOY_STRATEGY` | Defines the deployment to production strategy. One of `manual` (i.e. _one-click_) or `auto`. | `manual` |
+| `k8s-prod-job-tags` / `K8S_PROD_JOB_TAGS` | Tags to be used for selecting runners for the job | `[]` |
### kube-score job
@@ -485,6 +490,7 @@ Here are its parameters:
| `kube-score-image` / `K8S_KUBE_SCORE_IMAGE` | Docker image to run [kube-score](https://github.com/zegl/kube-score) | `registry.hub.docker.com/zegl/kube-score:latest` **it is recommended to set a tool version compatible with your Kubernetes cluster** |
| `score-disabled` / `K8S_SCORE_DISABLED` | Set to `true` to disable the `kube-score` analysis | _none_ (enabled) |
| `score-extra-opts` / `K8S_SCORE_EXTRA_OPTS` | [Additional options](https://github.com/zegl/kube-score#configuration) to `kube-score` command line | _none_ |
+| `k8s-score-job-tags` / `K8S_SCORE_JOB_TAGS` | Tags to be used for selecting runners for the job | `[]` |
## Variants
diff --git a/kicker.json b/kicker.json
index 84c7e62bcfd2d1187e2337b0a97a6166bfb7f906..7293e69f97d5fbb543333d3c5978e698d3ebc3c7 100644
--- a/kicker.json
+++ b/kicker.json
@@ -58,6 +58,13 @@
"name": "K8S_KUSTOMIZE_ARGS",
"description": "Additional [`kubectl kustomize` options](https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands#kustomize)\n\n_For example: `--enable-helm`_",
"advanced": true
+ },
+ {
+ "name": "K8S_K8S_SCORE_JOB_TAGS",
+ "description": "Tags to be used for selecting runners for the job",
+ "type": "array",
+ "default": [],
+ "advanced": true
}
],
"features": [
@@ -125,6 +132,20 @@
"name": "K8S_REVIEW_CA_CERT",
"description": "Kubernetes cluster server certificate authority for review env (only define if using exploded kubeconfig parameters and if different from global)",
"secret": true
+ },
+ {
+ "name": "K8S_K8S_REVIEW_JOB_TAGS",
+ "description": "Tags to be used for selecting runners for the job",
+ "type": "array",
+ "default": [],
+ "advanced": true
+ },
+ {
+ "name": "K8S_K8S_CLEANUP_REVIEW_JOB_TAGS",
+ "description": "Tags to be used for selecting runners for the job",
+ "type": "array",
+ "default": [],
+ "advanced": true
}
]
},
@@ -169,6 +190,13 @@
"name": "K8S_INTEG_CA_CERT",
"description": "Kubernetes cluster server certificate authority for integration env (only define if using exploded kubeconfig parameters and if different from global)",
"secret": true
+ },
+ {
+ "name": "K8S_K8S_INTEG_JOB_TAGS",
+ "description": "Tags to be used for selecting runners for the job",
+ "type": "array",
+ "default": [],
+ "advanced": true
}
]
},
@@ -213,6 +241,13 @@
"name": "K8S_STAGING_CA_CERT",
"description": "Kubernetes cluster server certificate authority for staging env (only define if using exploded kubeconfig parameters and if different from global)",
"secret": true
+ },
+ {
+ "name": "K8S_K8S_STAGING_JOB_TAGS",
+ "description": "Tags to be used for selecting runners for the job",
+ "type": "array",
+ "default": [],
+ "advanced": true
}
]
},
@@ -264,6 +299,13 @@
"name": "K8S_PROD_CA_CERT",
"description": "Kubernetes cluster server certificate authority for production env (only define if using exploded kubeconfig parameters and if different from global)",
"secret": true
+ },
+ {
+ "name": "K8S_K8S_PROD_JOB_TAGS",
+ "description": "Tags to be used for selecting runners for the job",
+ "type": "array",
+ "default": [],
+ "advanced": true
}
]
}
diff --git a/templates/gitlab-ci-k8s.yml b/templates/gitlab-ci-k8s.yml
index ad6fd2ad41550a08995aea6aa6ce7ac87cb65ff8..bb88e9014561fef47620aef7892572bf4303ec8e 100644
--- a/templates/gitlab-ci-k8s.yml
+++ b/templates/gitlab-ci-k8s.yml
@@ -110,6 +110,31 @@ spec:
prod-url:
description: Kubernetes API url for production env (only define if using exploded kubeconfig parameters and if different from global)
default: ''
+ k8s-score-job-tags:
+ description: tags to filter applicable runners for k8s-score job
+ type: array
+ default: []
+ k8s-review-job-tags:
+ description: tags to filter applicable runners for k8s-review job
+ type: array
+ default: []
+ k8s-cleanup-review-job-tags:
+ description: tags to filter applicable runners for k8s-cleanup-review job
+ type: array
+ default: []
+ k8s-integ-job-tags:
+ description: tags to filter applicable runners for k8s-integration job
+ type: array
+ default: []
+ k8s-staging-job-tags:
+ description: tags to filter applicable runners for k8s-staging job
+ type: array
+ default: []
+ k8s-prod-job-tags:
+ description: tags to filter applicable runners for k8s-production job
+ type: array
+ default: []
+
---
# default workflow rules: Merge Request pipelines
workflow:
@@ -895,6 +920,7 @@ k8s-review:
when: never
# only on non-production, non-integration branches, with $K8S_REVIEW_SPACE set
- if: '$K8S_REVIEW_SPACE != "" && $CI_COMMIT_REF_NAME !~ $PROD_REF && $CI_COMMIT_REF_NAME !~ $INTEG_REF'
+ tags: $[[ inputs.k8s-review-job-tags ]]
# stop review env (automatically triggered once branches are deleted)
k8s-cleanup-review:
@@ -919,6 +945,7 @@ k8s-cleanup-review:
- if: '$K8S_REVIEW_SPACE != "" && $CI_COMMIT_REF_NAME !~ $PROD_REF && $CI_COMMIT_REF_NAME !~ $INTEG_REF'
when: manual
allow_failure: true
+ tags: $[[ inputs.k8s-cleanup-review-job-tags ]]
k8s-integration:
extends: .k8s-deploy
@@ -937,6 +964,7 @@ k8s-integration:
rules:
# only on integration branch(es), with $K8S_INTEG_SPACE set
- if: '$K8S_INTEG_SPACE != "" && $CI_COMMIT_REF_NAME =~ $INTEG_REF'
+ tags: $[[ inputs.k8s-integ-job-tags ]]
###############################
# Staging deploys are disabled by default since
@@ -962,6 +990,7 @@ k8s-staging:
rules:
# only on production branch(es), with $K8S_STAGING_SPACE set
- if: '$K8S_STAGING_SPACE != "" && $CI_COMMIT_REF_NAME =~ $PROD_REF'
+ tags: $[[ inputs.k8s-staging-job-tags ]]
k8s-production:
extends: .k8s-deploy
@@ -989,3 +1018,4 @@ k8s-production:
- if: '$K8S_PROD_DEPLOY_STRATEGY == "manual"'
when: manual
- if: '$K8S_PROD_DEPLOY_STRATEGY == "auto"'
+ tags: $[[ inputs.k8s-prod-job-tags ]]
\ No newline at end of file