Skip to content

docker image: helm and kubectl binaries with drone.io integration

Notifications You must be signed in to change notification settings

pulsar256/helm-bin

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

HELM Binary

Wraps the helm, kubectl binary and preconfigures the runtime environment with a sevice user for a given kubernetes api server.

Initial motivation: to be used as a part of a CI/CD pipeline, ideally within (but not restricted to) the cluster.

Any arbitrary version of helm and kubectl are supported and will be dowloaded upon execution. Pre-Cached versions of both tools can be baked into the image (see building)

Environment Parameters

  • HELM_VERSION helm version to use, example v3.1.1
  • KUBECTL_VERSION kubectl version to use, example v1.17.3
  • KUBE_MASTER k8s api server endpoint, see kubectl cluster-info
  • KUBE_TOKEN service user auth token
  • SKIP_TLS_VERIFY default: false affects insecure-skip-tls-verify, provide KUBE_CA if set to false
  • KUBE_CA k8s cluster CA
  • DEBUG default: false additional debug output. Will dump the generated kubeconfig file and thus reveal cluste-credentials. Use with caution!

Building

use default build configuration or override the helm and kubectl versions:

ᐅ docker build \
    --build-arg helm_version="v3.1.1" \
    --build-arg kubectl_version="v1.17.3" \
    .

Usage

Standalone

ᐅ docker run \
    -e HELM_VERSION="v3.1.1" \
    -e KUBECTL_VERSION="v1.17.3" \
    -e KUBE_MASTER=$KUBE_MASTER \
    -e KUBE_TOKEN=$KUBE_TOKEN \
    -e KUBE_CA=$KUBE_CA \
    pulsar256/helm-bin ls

Standalone interactive

 ᐅ docker run \
    -e HELM_VERSION="v3.1.1" \
    -e KUBECTL_VERSION="v1.17.3" \
    -e KUBE_MASTER=$KUBE_MASTER \
    -e KUBE_TOKEN=$KUBE_TOKEN \
    -e KUBE_CA=$KUBE_CA \
    --entrypoint="bash" -it \
    pulsar256/helm-bin 

bash-4.4# helm ls
(...)

Within drone.io

kind: pipeline
name: default

steps:
- name: drone-integration-test
  image: pulsar256/helm-bin
  environment:
    HELM_VERSION: "v3.1.1"
    KUBECTL_VERSION: "v1.17.3"
    KUBE_CA: "Base64 CA.crt"
    KUBE_MASTER: "https://example.com:443"
    KUBE_TOKEN: "secrit service account token"
  commands:
    - helm version
    - helm ls
    - kubectl get pods

Within drone.io + drone-kubernetes-secrets

When using a k8s service-account's token & ca.crt data via drone-kubernets-secrets plugin

ᐅ kubectl get secrets
NAME                                      TYPE                                  DATA   AGE
(...)
drone-helm-user-secret                    kubernetes.io/service-account-token   3      2d7h
(...)
kind: pipeline
name: default

- name: deploy-helm-charts
  image: pulsar256/helm-bin:latest
  pull: always
  environment:
    HELM_VERSION: "v3.1.1"
    KUBECTL_VERSION: "v1.17.3"
    KUBE_MASTER: "https://example.com:443"
    KUBE_CA:
      from_secret: drone-helm-user-crt
    KUBE_TOKEN:
      from_secret: drone-helm-user-token
  commands:
    - helm upgrade --install --namespace myNamespace --set buildId=${DRONE_BRANCH/\//-}-${DRONE_COMMIT_SHA:0:8} --recreate-pods myChart charts/MyChart

---
kind: secret
name: drone-helm-user-token
get:
  path: drone-helm-user-secret
  name: token
  
---
kind: secret
name: drone-helm-user-crt
get:
  path: drone-helm-user-secret
  name: ca.crt

About

docker image: helm and kubectl binaries with drone.io integration

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published