Skip to content
Snippets Groups Projects

Compare revisions

Changes are shown as if the source revision was being merged into the target revision. Learn more about comparing revisions.

Source

Select target project
No results found
Select Git revision
Loading items

Target

Select target project
  • smartdatalab/public/ci-cd-components/kubernetes
1 result
Select Git revision
Loading items
Show changes
Commits on Source (8)
include:
- project: 'to-be-continuous/tools/gitlab-ci'
ref: 'master'
file: '/templates/extract.yml'
- project: 'to-be-continuous/tools/gitlab-ci'
ref: 'master'
file: '/templates/validation.yml'
- project: 'to-be-continuous/kicker'
ref: 'master'
file: '/templates/validation.yml'
- project: 'to-be-continuous/bash'
ref: '3.4'
file: '/templates/gitlab-ci-bash.yml'
- project: 'to-be-continuous/semantic-release'
ref: '3.8'
file: '/templates/gitlab-ci-semrel.yml'
- component: git.code.tecnalia.com/smartdatalab/public/ci-cd-components/gitlab-ci/extract@master
inputs:
extract-script-job-tags: ["docker"]
- component: git.code.tecnalia.com/smartdatalab/public/ci-cd-components/gitlab-ci/validation@master
inputs:
check-links-job-tags: ["docker"]
tbc-check-job-tags: ["docker"]
tbc-check-image: cicd-docker-dev.artifact.tecnalia.com/tbc-check:master
gitlab-ci-lint-job-tags: ["docker"]
- component: git.code.tecnalia.com/smartdatalab/public/ci-cd-components/kicker/validation@master
inputs:
kicker-validation-job-tags: ["docker"]
schema-base-url: "https://git.code.tecnalia.com/api/v4/projects/smartdatalab%2Fpublic%2Fci-cd-components%2Fkicker/repository/files"
- component: git.code.tecnalia.com/smartdatalab/public/ci-cd-components/bash/gitlab-ci-bash@master
inputs:
bash-shellcheck-job-tags: ["docker"]
- component: git.code.tecnalia.com/smartdatalab/public/ci-cd-components/semantic-release/gitlab-ci-semrel@master
inputs:
semantic-release-job-tags: ["docker"]
stages:
- build
......
## [6.1.4](https://git.code.tecnalia.com/smartdatalab/public/ci-cd-components/kubernetes/compare/6.1.3...6.1.4) (2024-06-05)
### Bug Fixes
* skip k8s-jobs when *_SPACE variables are empty ([83404bf](https://git.code.tecnalia.com/smartdatalab/public/ci-cd-components/kubernetes/commit/83404bf4cccfd113b3e7daf7adb657e70e0c3b1a))
## [6.1.4](https://gitlab.com/to-be-continuous/kubernetes/compare/6.1.3...6.1.4) (2024-06-02)
### Bug Fixes
* skip k8s-jobs when *_SPACE variables are empty ([83404bf](https://gitlab.com/to-be-continuous/kubernetes/commit/83404bf4cccfd113b3e7daf7adb657e70e0c3b1a))
## [6.1.3](https://gitlab.com/to-be-continuous/kubernetes/compare/6.1.2...6.1.3) (2024-05-05)
......
......@@ -16,7 +16,7 @@ Add the following to your `gitlab-ci.yml`:
```yaml
include:
# 1: include the component
- component: gitlab.com/to-be-continuous/kubernetes/gitlab-ci-k8s@6.1.3
- component: gitlab.com/to-be-continuous/kubernetes/gitlab-ci-k8s@6.1.4
# 2: set/override component inputs
inputs:
# ⚠ this is only an example
......@@ -35,7 +35,7 @@ Add the following to your `gitlab-ci.yml`:
include:
# 1: include the template
- project: 'to-be-continuous/kubernetes'
ref: '6.1.3'
ref: '6.1.4'
file: '/templates/gitlab-ci-k8s.yml'
variables:
......@@ -417,6 +417,8 @@ Here are variables supported to configure review environments:
| :lock: `K8S_REVIEW_CA_CERT` | the Kubernetes server certificate authority for `review` env _(only define if using exploded kubeconfig parameters and if different from default)_ | `$K8S_CA_CERT` |
| :lock: `K8S_REVIEW_TOKEN`| service account token for `review` env _(only define if using exploded kubeconfig parameters and if different from default)_ | `$K8S_TOKEN` |
| `review-autostop-duration` / `K8S_REVIEW_AUTOSTOP_DURATION` | The amount of time before GitLab will automatically stop `review` environments | `4 hours` |
| `k8s-review-job-tags` / `K8S_REVIEW_JOB_TAGS` | Tags to be used for selecting runners for the job | `[]` |
| `k8s-cleanup-review-job-tags` / `K8S_CLEANUP_REVIEW_JOB_TAGS` | Tags to be used for selecting runners for the job | `[]` |
### Integration environment configuration
......@@ -435,6 +437,7 @@ Here are variables supported to configure the integration environment:
| `integ-url` / `K8S_INTEG_URL` | Kubernetes API url for `integration` env _(only define if using exploded kubeconfig parameters and if different from default)_ | `$K8S_URL` |
| :lock: `K8S_INTEG_CA_CERT` | the Kubernetes server certificate authority for `integration` env _(only define if using exploded kubeconfig parameters and if different from default)_ | `$K8S_CA_CERT` |
| :lock: `K8S_INTEG_TOKEN` | service account token for `integration` env _(only define if using exploded kubeconfig parameters and if different from default)_ | `$K8S_TOKEN` |
| `k8s-integ-job-tags` / `K8S_INTEG_JOB_TAGS` | Tags to be used for selecting runners for the job | `[]` |
### Staging environment configuration
......@@ -453,6 +456,7 @@ Here are variables supported to configure the staging environment:
| `staging-url` / `K8S_STAGING_URL` | Kubernetes API url for `staging` env _(only define if using exploded kubeconfig parameters and if different from default)_ | `$K8S_URL` |
| :lock: `K8S_STAGING_CA_CERT` | the Kubernetes server certificate authority for `staging` env _(only define if using exploded kubeconfig parameters and if different from default)_ | `$K8S_CA_CERT` |
| :lock: `K8S_STAGING_TOKEN`| service account token for `staging` env _(only define if using exploded kubeconfig parameters and if different from default)_ | `$K8S_TOKEN` |
| `k8s-staging-job-tags` / `K8S_STAGING_JOB_TAGS` | Tags to be used for selecting runners for the job | `[]` |
### Production environment configuration
......@@ -472,6 +476,7 @@ Here are variables supported to configure the production environment:
| :lock: `K8S_PROD_CA_CERT` | the Kubernetes server certificate authority for `production` env _(only define if using exploded kubeconfig parameters and if different from default)_ | `$K8S_CA_CERT` |
| :lock: `K8S_PROD_TOKEN` | service account token for `production` env _(only define if using exploded kubeconfig parameters and if different from default)_ | `$K8S_TOKEN` |
| `prod-deploy-strategy` / `K8S_PROD_DEPLOY_STRATEGY` | Defines the deployment to production strategy. One of `manual` (i.e. _one-click_) or `auto`. | `manual` |
| `k8s-prod-job-tags` / `K8S_PROD_JOB_TAGS` | Tags to be used for selecting runners for the job | `[]` |
### kube-score job
......@@ -485,6 +490,7 @@ Here are its parameters:
| `kube-score-image` / `K8S_KUBE_SCORE_IMAGE` | Docker image to run [kube-score](https://github.com/zegl/kube-score) | `registry.hub.docker.com/zegl/kube-score:latest` **it is recommended to set a tool version compatible with your Kubernetes cluster** |
| `score-disabled` / `K8S_SCORE_DISABLED` | Set to `true` to disable the `kube-score` analysis | _none_ (enabled) |
| `score-extra-opts` / `K8S_SCORE_EXTRA_OPTS` | [Additional options](https://github.com/zegl/kube-score#configuration) to `kube-score` command line | _none_ |
| `k8s-score-job-tags` / `K8S_SCORE_JOB_TAGS` | Tags to be used for selecting runners for the job | `[]` |
## Variants
......@@ -532,12 +538,12 @@ With:
```yaml
include:
# main template
- component: gitlab.com/to-be-continuous/kubernetes/gitlab-ci-k8s@6.1.3
- component: gitlab.com/to-be-continuous/kubernetes/gitlab-ci-k8s@6.1.4
inputs:
# ⚠ oc-container image (includes required curl)
kubectl-image: registry.hub.docker.com/docker.io/appuio/oc:v4.14
# Vault variant
- component: gitlab.com/to-be-continuous/kubernetes/gitlab-ci-k8s-vault@6.1.3
- component: gitlab.com/to-be-continuous/kubernetes/gitlab-ci-k8s-vault@6.1.4
inputs:
# audience claim for JWT
vault-oidc-aud: "https://vault.acme.host"
......
......@@ -58,6 +58,13 @@
"name": "K8S_KUSTOMIZE_ARGS",
"description": "Additional [`kubectl kustomize` options](https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands#kustomize)\n\n_For example: `--enable-helm`_",
"advanced": true
},
{
"name": "K8S_K8S_SCORE_JOB_TAGS",
"description": "Tags to be used for selecting runners for the job",
"type": "array",
"default": [],
"advanced": true
}
],
"features": [
......@@ -125,6 +132,20 @@
"name": "K8S_REVIEW_CA_CERT",
"description": "Kubernetes cluster server certificate authority for review env (only define if using exploded kubeconfig parameters and if different from global)",
"secret": true
},
{
"name": "K8S_K8S_REVIEW_JOB_TAGS",
"description": "Tags to be used for selecting runners for the job",
"type": "array",
"default": [],
"advanced": true
},
{
"name": "K8S_K8S_CLEANUP_REVIEW_JOB_TAGS",
"description": "Tags to be used for selecting runners for the job",
"type": "array",
"default": [],
"advanced": true
}
]
},
......@@ -169,6 +190,13 @@
"name": "K8S_INTEG_CA_CERT",
"description": "Kubernetes cluster server certificate authority for integration env (only define if using exploded kubeconfig parameters and if different from global)",
"secret": true
},
{
"name": "K8S_K8S_INTEG_JOB_TAGS",
"description": "Tags to be used for selecting runners for the job",
"type": "array",
"default": [],
"advanced": true
}
]
},
......@@ -213,6 +241,13 @@
"name": "K8S_STAGING_CA_CERT",
"description": "Kubernetes cluster server certificate authority for staging env (only define if using exploded kubeconfig parameters and if different from global)",
"secret": true
},
{
"name": "K8S_K8S_STAGING_JOB_TAGS",
"description": "Tags to be used for selecting runners for the job",
"type": "array",
"default": [],
"advanced": true
}
]
},
......@@ -264,6 +299,13 @@
"name": "K8S_PROD_CA_CERT",
"description": "Kubernetes cluster server certificate authority for production env (only define if using exploded kubeconfig parameters and if different from global)",
"secret": true
},
{
"name": "K8S_K8S_PROD_JOB_TAGS",
"description": "Tags to be used for selecting runners for the job",
"type": "array",
"default": [],
"advanced": true
}
]
}
......
......@@ -22,7 +22,7 @@ variables:
.k8s-base:
services:
- name: "$TBC_TRACKING_IMAGE"
command: ["--service", "--port", "8082", "kubernetes", "6.1.3"]
command: ["--service", "--port", "8082", "kubernetes", "6.1.4"]
- name: "$TBC_VAULT_IMAGE"
alias: "vault-secrets-provider"
variables:
......
......@@ -110,6 +110,31 @@ spec:
prod-url:
description: Kubernetes API url for production env (only define if using exploded kubeconfig parameters and if different from global)
default: ''
k8s-score-job-tags:
description: tags to filter applicable runners for k8s-score job
type: array
default: []
k8s-review-job-tags:
description: tags to filter applicable runners for k8s-review job
type: array
default: []
k8s-cleanup-review-job-tags:
description: tags to filter applicable runners for k8s-cleanup-review job
type: array
default: []
k8s-integ-job-tags:
description: tags to filter applicable runners for k8s-integration job
type: array
default: []
k8s-staging-job-tags:
description: tags to filter applicable runners for k8s-staging job
type: array
default: []
k8s-prod-job-tags:
description: tags to filter applicable runners for k8s-production job
type: array
default: []
---
# default workflow rules: Merge Request pipelines
workflow:
......@@ -765,7 +790,7 @@ stages:
entrypoint: [""]
services:
- name: "$TBC_TRACKING_IMAGE"
command: ["--service", "kubernetes", "6.1.3"]
command: ["--service", "kubernetes", "6.1.4"]
before_script:
- !reference [.k8s-scripts]
- install_ca_certs "${CUSTOM_CA_CERTS:-$DEFAULT_CA_CERTS}"
......@@ -894,7 +919,8 @@ k8s-review:
- if: $CI_COMMIT_TAG
when: never
# only on non-production, non-integration branches, with $K8S_REVIEW_SPACE set
- if: '$K8S_REVIEW_SPACE && $CI_COMMIT_REF_NAME !~ $PROD_REF && $CI_COMMIT_REF_NAME !~ $INTEG_REF'
- if: '$K8S_REVIEW_SPACE != "" && $CI_COMMIT_REF_NAME !~ $PROD_REF && $CI_COMMIT_REF_NAME !~ $INTEG_REF'
tags: $[[ inputs.k8s-review-job-tags ]]
# stop review env (automatically triggered once branches are deleted)
k8s-cleanup-review:
......@@ -916,9 +942,10 @@ k8s-cleanup-review:
- if: $CI_COMMIT_TAG
when: never
# only on non-production, non-integration branches, with $K8S_REVIEW_SPACE set
- if: '$K8S_REVIEW_SPACE && $CI_COMMIT_REF_NAME !~ $PROD_REF && $CI_COMMIT_REF_NAME !~ $INTEG_REF'
- if: '$K8S_REVIEW_SPACE != "" && $CI_COMMIT_REF_NAME !~ $PROD_REF && $CI_COMMIT_REF_NAME !~ $INTEG_REF'
when: manual
allow_failure: true
tags: $[[ inputs.k8s-cleanup-review-job-tags ]]
k8s-integration:
extends: .k8s-deploy
......@@ -936,7 +963,8 @@ k8s-integration:
resource_group: integration
rules:
# only on integration branch(es), with $K8S_INTEG_SPACE set
- if: '$K8S_INTEG_SPACE && $CI_COMMIT_REF_NAME =~ $INTEG_REF'
- if: '$K8S_INTEG_SPACE != "" && $CI_COMMIT_REF_NAME =~ $INTEG_REF'
tags: $[[ inputs.k8s-integ-job-tags ]]
###############################
# Staging deploys are disabled by default since
......@@ -961,7 +989,8 @@ k8s-staging:
resource_group: staging
rules:
# only on production branch(es), with $K8S_STAGING_SPACE set
- if: '$K8S_STAGING_SPACE && $CI_COMMIT_REF_NAME =~ $PROD_REF'
- if: '$K8S_STAGING_SPACE != "" && $CI_COMMIT_REF_NAME =~ $PROD_REF'
tags: $[[ inputs.k8s-staging-job-tags ]]
k8s-production:
extends: .k8s-deploy
......@@ -989,3 +1018,4 @@ k8s-production:
- if: '$K8S_PROD_DEPLOY_STRATEGY == "manual"'
when: manual
- if: '$K8S_PROD_DEPLOY_STRATEGY == "auto"'
tags: $[[ inputs.k8s-prod-job-tags ]]
\ No newline at end of file