.gitlab-ci.yml

 include:
-  - project: 'to-be-continuous/tools/gitlab-ci'
-    ref: 'master'
-    file: '/templates/extract.yml'
-  - project: 'to-be-continuous/tools/gitlab-ci'
-    ref: 'master'
-    file: '/templates/validation.yml'
-  - project: 'to-be-continuous/kicker'
-    ref: 'master'
-    file: '/templates/validation.yml'
-  - project: 'to-be-continuous/bash'
-    ref: '3.4'
-    file: '/templates/gitlab-ci-bash.yml'
-  - project: 'to-be-continuous/semantic-release'
-    ref: '3.8'
-    file: '/templates/gitlab-ci-semrel.yml'
+  - component: git.code.tecnalia.com/smartdatalab/public/ci-cd-components/gitlab-ci/extract@master
+    inputs:
+      extract-script-job-tags: ["docker"]
+  - component: git.code.tecnalia.com/smartdatalab/public/ci-cd-components/gitlab-ci/validation@master
+    inputs:
+      check-links-job-tags: ["docker"]
+      tbc-check-job-tags: ["docker"]
+      tbc-check-image: cicd-docker-dev.artifact.tecnalia.com/tbc-check:master
+      gitlab-ci-lint-job-tags: ["docker"]
+  - component: git.code.tecnalia.com/smartdatalab/public/ci-cd-components/kicker/validation@master
+    inputs:
+      kicker-validation-job-tags: ["docker"]
+      schema-base-url: "https://git.code.tecnalia.com/api/v4/projects/smartdatalab%2Fpublic%2Fci-cd-components%2Fkicker/repository/files"
+  - component: git.code.tecnalia.com/smartdatalab/public/ci-cd-components/bash/gitlab-ci-bash@master
+    inputs:
+      bash-shellcheck-job-tags: ["docker"]
+  - component: git.code.tecnalia.com/smartdatalab/public/ci-cd-components/semantic-release/gitlab-ci-semrel@master
+    inputs:
+      semantic-release-job-tags: ["docker"]
 
 stages:
   - build

CHANGELOG.md

+## [6.1.4](https://git.code.tecnalia.com/smartdatalab/public/ci-cd-components/kubernetes/compare/6.1.3...6.1.4) (2024-06-05)
+
+
+### Bug Fixes
+
+* skip k8s-jobs when *_SPACE variables are empty ([83404bf](https://git.code.tecnalia.com/smartdatalab/public/ci-cd-components/kubernetes/commit/83404bf4cccfd113b3e7daf7adb657e70e0c3b1a))
+
+## [6.1.4](https://gitlab.com/to-be-continuous/kubernetes/compare/6.1.3...6.1.4) (2024-06-02)
+
+
+### Bug Fixes
+
+* skip k8s-jobs when *_SPACE variables are empty ([83404bf](https://gitlab.com/to-be-continuous/kubernetes/commit/83404bf4cccfd113b3e7daf7adb657e70e0c3b1a))
+
 ## [6.1.3](https://gitlab.com/to-be-continuous/kubernetes/compare/6.1.2...6.1.3) (2024-05-05)
 
 

README.md

@@ -16,7 +16,7 @@ Add the following to your `gitlab-ci.yml`:
 ```yaml
 include:
   # 1: include the component
-  - component: gitlab.com/to-be-continuous/kubernetes/gitlab-ci-k8s@6.1.3
+  - component: gitlab.com/to-be-continuous/kubernetes/gitlab-ci-k8s@6.1.4
     # 2: set/override component inputs
     inputs:
       # ⚠ this is only an example
@@ -35,7 +35,7 @@ Add the following to your `gitlab-ci.yml`:
 include:
   # 1: include the template
   - project: 'to-be-continuous/kubernetes'
-    ref: '6.1.3'
+    ref: '6.1.4'
     file: '/templates/gitlab-ci-k8s.yml'
 
 variables:
@@ -417,6 +417,8 @@ Here are variables supported to configure review environments:
 | :lock: `K8S_REVIEW_CA_CERT`     | the Kubernetes server certificate authority for `review` env _(only define if using exploded kubeconfig parameters and if different from default)_ | `$K8S_CA_CERT` |
 | :lock: `K8S_REVIEW_TOKEN`| service account token for `review` env _(only define if using exploded kubeconfig parameters and if different from default)_ | `$K8S_TOKEN` |
 | `review-autostop-duration` / `K8S_REVIEW_AUTOSTOP_DURATION` | The amount of time before GitLab will automatically stop `review` environments | `4 hours` |
+| `k8s-review-job-tags` / `K8S_REVIEW_JOB_TAGS` | Tags to be used for selecting runners for the job | `[]`            |
+| `k8s-cleanup-review-job-tags` / `K8S_CLEANUP_REVIEW_JOB_TAGS` | Tags to be used for selecting runners for the job | `[]`            |
 
 ### Integration environment configuration
 
@@ -435,6 +437,7 @@ Here are variables supported to configure the integration environment:
 | `integ-url` / `K8S_INTEG_URL` | Kubernetes API url for `integration` env  _(only define if using exploded kubeconfig parameters and if different from default)_ | `$K8S_URL` |
 | :lock: `K8S_INTEG_CA_CERT`      | the Kubernetes server certificate authority for `integration` env _(only define if using exploded kubeconfig parameters and if different from default)_ | `$K8S_CA_CERT` |
 | :lock: `K8S_INTEG_TOKEN` | service account token for `integration` env _(only define if using exploded kubeconfig parameters and if different from default)_ | `$K8S_TOKEN` |
+| `k8s-integ-job-tags` / `K8S_INTEG_JOB_TAGS` | Tags to be used for selecting runners for the job | `[]`            |
 
 ### Staging environment configuration
 
@@ -453,6 +456,7 @@ Here are variables supported to configure the staging environment:
 | `staging-url` / `K8S_STAGING_URL` | Kubernetes API url for `staging` env  _(only define if using exploded kubeconfig parameters and if different from default)_   | `$K8S_URL` |
 | :lock: `K8S_STAGING_CA_CERT`    | the Kubernetes server certificate authority for `staging` env _(only define if using exploded kubeconfig parameters and if different from default)_ | `$K8S_CA_CERT` |
 | :lock: `K8S_STAGING_TOKEN`| service account token for `staging` env _(only define if using exploded kubeconfig parameters and if different from default)_ | `$K8S_TOKEN` |
+| `k8s-staging-job-tags` / `K8S_STAGING_JOB_TAGS` | Tags to be used for selecting runners for the job | `[]`            |
 
 ### Production environment configuration
 
@@ -472,6 +476,7 @@ Here are variables supported to configure the production environment:
 | :lock: `K8S_PROD_CA_CERT`       | the Kubernetes server certificate authority for `production` env _(only define if using exploded kubeconfig parameters and if different from default)_ | `$K8S_CA_CERT` |
 | :lock: `K8S_PROD_TOKEN`  | service account token for `production` env _(only define if using exploded kubeconfig parameters and if different from default)_ | `$K8S_TOKEN` |
 | `prod-deploy-strategy` / `K8S_PROD_DEPLOY_STRATEGY` | Defines the deployment to production strategy. One of `manual` (i.e. _one-click_) or `auto`. | `manual` |
+| `k8s-prod-job-tags` / `K8S_PROD_JOB_TAGS` | Tags to be used for selecting runners for the job | `[]`            |
 
 ### kube-score job
 
@@ -485,6 +490,7 @@ Here are its parameters:
 | `kube-score-image` / `K8S_KUBE_SCORE_IMAGE` | Docker image to run [kube-score](https://github.com/zegl/kube-score) | `registry.hub.docker.com/zegl/kube-score:latest` **it is recommended to set a tool version compatible with your Kubernetes cluster** |
 | `score-disabled` / `K8S_SCORE_DISABLED` | Set to `true` to disable the `kube-score` analysis                             | _none_ (enabled) |
 | `score-extra-opts` / `K8S_SCORE_EXTRA_OPTS` | [Additional options](https://github.com/zegl/kube-score#configuration) to `kube-score` command line | _none_ |
+| `k8s-score-job-tags` / `K8S_SCORE_JOB_TAGS` | Tags to be used for selecting runners for the job | `[]`            |
 
 ## Variants
 
@@ -532,12 +538,12 @@ With:
 ```yaml
 include:
   # main template
-  - component: gitlab.com/to-be-continuous/kubernetes/gitlab-ci-k8s@6.1.3
+  - component: gitlab.com/to-be-continuous/kubernetes/gitlab-ci-k8s@6.1.4
     inputs:
       # ⚠ oc-container image (includes required curl)
       kubectl-image: registry.hub.docker.com/docker.io/appuio/oc:v4.14
   # Vault variant
-  - component: gitlab.com/to-be-continuous/kubernetes/gitlab-ci-k8s-vault@6.1.3
+  - component: gitlab.com/to-be-continuous/kubernetes/gitlab-ci-k8s-vault@6.1.4
     inputs:
       # audience claim for JWT
       vault-oidc-aud: "https://vault.acme.host"

kicker.json

@@ -58,6 +58,13 @@
       "name": "K8S_KUSTOMIZE_ARGS",
       "description": "Additional [`kubectl kustomize` options](https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands#kustomize)\n\n_For example: `--enable-helm`_",
       "advanced": true
+    },
+    {
+      "name": "K8S_K8S_SCORE_JOB_TAGS",
+      "description": "Tags to be used for selecting runners for the job",
+      "type": "array",
+      "default": [],
+      "advanced": true
     }
   ],
   "features": [
@@ -125,6 +132,20 @@
           "name": "K8S_REVIEW_CA_CERT",
           "description": "Kubernetes cluster server certificate authority for review env (only define if using exploded kubeconfig parameters and if different from global)",
           "secret": true
+        },
+        {
+          "name": "K8S_K8S_REVIEW_JOB_TAGS",
+          "description": "Tags to be used for selecting runners for the job",
+          "type": "array",
+          "default": [],
+          "advanced": true
+        },
+        {
+          "name": "K8S_K8S_CLEANUP_REVIEW_JOB_TAGS",
+          "description": "Tags to be used for selecting runners for the job",
+          "type": "array",
+          "default": [],
+          "advanced": true
         }
       ]
     },
@@ -169,6 +190,13 @@
           "name": "K8S_INTEG_CA_CERT",
           "description": "Kubernetes cluster server certificate authority for integration env (only define if using exploded kubeconfig parameters and if different from global)",
           "secret": true
+        },
+        {
+          "name": "K8S_K8S_INTEG_JOB_TAGS",
+          "description": "Tags to be used for selecting runners for the job",
+          "type": "array",
+          "default": [],
+          "advanced": true
         }
       ]
     },
@@ -213,6 +241,13 @@
           "name": "K8S_STAGING_CA_CERT",
           "description": "Kubernetes cluster server certificate authority for staging env (only define if using exploded kubeconfig parameters and if  different from global)",
           "secret": true
+        },
+        {
+          "name": "K8S_K8S_STAGING_JOB_TAGS",
+          "description": "Tags to be used for selecting runners for the job",
+          "type": "array",
+          "default": [],
+          "advanced": true
         }
       ]
     },
@@ -264,6 +299,13 @@
           "name": "K8S_PROD_CA_CERT",
           "description": "Kubernetes cluster server certificate authority for production env (only define if using exploded kubeconfig parameters and if  different from global)",
           "secret": true
+        },
+        {
+          "name": "K8S_K8S_PROD_JOB_TAGS",
+          "description": "Tags to be used for selecting runners for the job",
+          "type": "array",
+          "default": [],
+          "advanced": true
         }
       ]
     }

templates/gitlab-ci-k8s-vault.yml

@@ -22,7 +22,7 @@ variables:
 .k8s-base:
   services:
     - name: "$TBC_TRACKING_IMAGE"
-      command: ["--service", "--port", "8082", "kubernetes", "6.1.3"]
+      command: ["--service", "--port", "8082", "kubernetes", "6.1.4"]
     - name: "$TBC_VAULT_IMAGE"
       alias: "vault-secrets-provider"
   variables:

templates/gitlab-ci-k8s.yml

@@ -110,6 +110,31 @@ spec:
     prod-url:
       description: Kubernetes API url for production env (only define if using exploded kubeconfig parameters and if different from global)
       default: ''
+    k8s-score-job-tags:
+      description: tags to filter applicable runners for k8s-score job
+      type: array
+      default: []
+    k8s-review-job-tags:
+      description: tags to filter applicable runners for k8s-review job
+      type: array
+      default: []
+    k8s-cleanup-review-job-tags:
+      description: tags to filter applicable runners for k8s-cleanup-review job
+      type: array
+      default: []
+    k8s-integ-job-tags:
+      description: tags to filter applicable runners for k8s-integration job
+      type: array
+      default: []
+    k8s-staging-job-tags:
+      description: tags to filter applicable runners for k8s-staging job
+      type: array
+      default: []
+    k8s-prod-job-tags:
+      description: tags to filter applicable runners for k8s-production job
+      type: array
+      default: []
+
 ---
 # default workflow rules: Merge Request pipelines
 workflow:
@@ -765,7 +790,7 @@ stages:
     entrypoint: [""]
   services:
     - name: "$TBC_TRACKING_IMAGE"
-      command: ["--service", "kubernetes", "6.1.3"]
+      command: ["--service", "kubernetes", "6.1.4"]
   before_script:
     - !reference [.k8s-scripts]
     - install_ca_certs "${CUSTOM_CA_CERTS:-$DEFAULT_CA_CERTS}"
@@ -894,7 +919,8 @@ k8s-review:
     - if: $CI_COMMIT_TAG
       when: never
     # only on non-production, non-integration branches, with $K8S_REVIEW_SPACE set
-    - if: '$K8S_REVIEW_SPACE && $CI_COMMIT_REF_NAME !~ $PROD_REF && $CI_COMMIT_REF_NAME !~ $INTEG_REF'
+    - if: '$K8S_REVIEW_SPACE != "" && $CI_COMMIT_REF_NAME !~ $PROD_REF && $CI_COMMIT_REF_NAME !~ $INTEG_REF'
+  tags: $[[ inputs.k8s-review-job-tags ]]
 
 # stop review env (automatically triggered once branches are deleted)
 k8s-cleanup-review:
@@ -916,9 +942,10 @@ k8s-cleanup-review:
     - if: $CI_COMMIT_TAG
       when: never
     # only on non-production, non-integration branches, with $K8S_REVIEW_SPACE set
-    - if: '$K8S_REVIEW_SPACE && $CI_COMMIT_REF_NAME !~ $PROD_REF && $CI_COMMIT_REF_NAME !~ $INTEG_REF'
+    - if: '$K8S_REVIEW_SPACE != "" && $CI_COMMIT_REF_NAME !~ $PROD_REF && $CI_COMMIT_REF_NAME !~ $INTEG_REF'
       when: manual
       allow_failure: true
+  tags: $[[ inputs.k8s-cleanup-review-job-tags ]]
 
 k8s-integration:
   extends: .k8s-deploy
@@ -936,7 +963,8 @@ k8s-integration:
   resource_group: integration
   rules:
     # only on integration branch(es), with $K8S_INTEG_SPACE set
-    - if: '$K8S_INTEG_SPACE && $CI_COMMIT_REF_NAME =~ $INTEG_REF'
+    - if: '$K8S_INTEG_SPACE != "" && $CI_COMMIT_REF_NAME =~ $INTEG_REF'
+  tags: $[[ inputs.k8s-integ-job-tags ]]
 
 ###############################
 # Staging deploys are disabled by default since
@@ -961,7 +989,8 @@ k8s-staging:
   resource_group: staging
   rules:
     # only on production branch(es), with $K8S_STAGING_SPACE set
-    - if: '$K8S_STAGING_SPACE && $CI_COMMIT_REF_NAME =~ $PROD_REF'
+    - if: '$K8S_STAGING_SPACE != "" && $CI_COMMIT_REF_NAME =~ $PROD_REF'
+  tags: $[[ inputs.k8s-staging-job-tags ]]
 
 k8s-production:
   extends: .k8s-deploy
@@ -989,3 +1018,4 @@ k8s-production:
     - if: '$K8S_PROD_DEPLOY_STRATEGY == "manual"'
       when: manual
     - if: '$K8S_PROD_DEPLOY_STRATEGY == "auto"'
+  tags: $[[ inputs.k8s-prod-job-tags ]]
\ No newline at end of file