kjuulh/dagger
Archived
1
0
Fork 0
Code Issues 1 Pull Requests 1 Projects Releases Wiki Activity

Merge pull request #1005 from TomChv/feat/kubernetes-secret-kubeconfig

Browse Source 
Support secret in kubernetes package
This commit is contained in:
Sam Alba 2021-09-22 15:13:00 -07:00 committed by GitHub
commit 7aed34f270
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 50 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
docs/reference/kubernetes/README.md
View File

@ -37,7 +37,7 @@ Apply Kubernetes resources
|*url* | `*null \| string` |Kubernetes manifest url to deploy remote configuration | |*url* | `*null \| string` |Kubernetes manifest url to deploy remote configuration |
|*namespace* | `*"default" \| string` |Kubernetes Namespace to deploy to | |*namespace* | `*"default" \| string` |Kubernetes Namespace to deploy to |
|*version* | `*"v1.19.9" \| string` |Version of kubectl client | |*version* | `*"v1.19.9" \| string` |Version of kubectl client |
|*kubeconfig* | `string` |Kube config file | |*kubeconfig* | `dagger.#Secret` |Kube config file |
### kubernetes.#Resources Outputs ### kubernetes.#Resources Outputs

5
docs/reference/kubernetes/helm.md
View File

@ -19,12 +19,15 @@ Install a Helm chart
| Name | Type | Description | | Name | Type | Description |
| ------------- |:-------------: |:-------------: | | ------------- |:-------------: |:-------------: |
|*name* | `string` |Helm deployment name | |*name* | `string` |Helm deployment name |
|*chart* | `*null \| string` |Helm chart to install from repository |
|*repository* | `*null \| string` |Helm chart repository |
|*values* | `*null \| string` |Helm values (either a YAML string or a Cue structure) |
|*namespace* | `string` |Kubernetes Namespace to deploy to | |*namespace* | `string` |Kubernetes Namespace to deploy to |
|*action* | `*"installOrUpgrade" \| "install" \| "upgrade"` |Helm action to apply | |*action* | `*"installOrUpgrade" \| "install" \| "upgrade"` |Helm action to apply |
|*timeout* | `*"5m" \| string` |time to wait for any individual Kubernetes operation (like Jobs for hooks) | |*timeout* | `*"5m" \| string` |time to wait for any individual Kubernetes operation (like Jobs for hooks) |
|*wait* | `*true \| bool` |if set, will wait until all Pods, PVCs, Services, and minimum number of Pods of a Deployment, StatefulSet, or ReplicaSet are in a ready state before marking the release as successful. It will wait for as long as timeout | |*wait* | `*true \| bool` |if set, will wait until all Pods, PVCs, Services, and minimum number of Pods of a Deployment, StatefulSet, or ReplicaSet are in a ready state before marking the release as successful. It will wait for as long as timeout |
|*atomic* | `*true \| bool` |if set, installation process purges chart on fail. The wait option will be set automatically if atomic is used | |*atomic* | `*true \| bool` |if set, installation process purges chart on fail. The wait option will be set automatically if atomic is used |
|*kubeconfig* | `string` |Kube config file | |*kubeconfig* | `dagger.#Secret` |Kube config file |
|*version* | `*"3.5.2" \| string` |Helm version | |*version* | `*"3.5.2" \| string` |Helm version |
|*kubectlVersion* | `*"v1.19.9" \| string` |Kubectl version | |*kubectlVersion* | `*"v1.19.9" \| string` |Kubectl version |

6
stdlib/.dagger/env/git-commit/values.yaml vendored
View File

@ -3,7 +3,7 @@ plan:
name: git-commit name: git-commit
inputs: inputs:
TestAuthToken: TestAuthToken:
secret: ENC[AES256_GCM,data:OB4CfijwCnsvmvVhbV9BNlkhmuWtv1hu/nd7+E8+5tCBcXLbwOaMYQ==,iv:6+U+r/mmO07moQoitAr8Fm7bdTErJ5Ij3J21xIbEqIg=,tag:gmWLMFrVU+5l2O2pvb4Rug==,type:str] secret: ENC[AES256_GCM,data:LiafjwWyVhTLpUEk8DXRN7xqWx7jcSH7yIZrTCkLV4P/yJeYu9G1rg==,iv:U0yksHX9AtVsHXZV08kmxa7IgVV6W+UltDfSYczsiP0=,tag:fTz9Bjq1mbE6ZX4ii7O7wg==,type:str]
sops: sops:
kms: [] kms: []
gcp_kms: [] gcp_kms: []
@ -19,8 +19,8 @@ sops:
M3RnUDF5QlhhZUV4NHF5ZWhkcHVrNmcKUJIummOk3FX1Bert7gaMtbMpbosIf/d3 M3RnUDF5QlhhZUV4NHF5ZWhkcHVrNmcKUJIummOk3FX1Bert7gaMtbMpbosIf/d3
HBATJRng4VNmcSimSh14pDRxyW0NdIPA+oL4tidwLVbQQv/74+IGKg== HBATJRng4VNmcSimSh14pDRxyW0NdIPA+oL4tidwLVbQQv/74+IGKg==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2021-09-02T10:18:20Z" lastmodified: "2021-09-22T19:38:08Z"
mac: ENC[AES256_GCM,data:RoWci1iCDYMxmK5BIoB822G6U9bcffOGIxMkvY560N8qxjItEb/Syvboa9MOjzDUhNPwxpaUIklzra0sy3u57iRBVZPfJ8tH9WKSQYeQv0ObtBXLAOVv1o8VJQbAd0WFNzZ7K0SSP8hUKQieDRvvIOlCFlNzJs6atrY9q/GEj4o=,iv:MOWALgh400eQSateXVDKY1Xrq/HFaVN+B0yoJxD4X4o=,tag:L0Bz7tD6gUOr9LsPPA4Plw==,type:str] mac: ENC[AES256_GCM,data:AL3/BLYy8fCfkwqZsEc3m5tW5VIM17nS9KbL+ww3rnvxzr+mtzrRDxEZZhzQ5b/JR8VW3v+veSX1yFEWpMs1EK/SXuvIZYRTe0JdBGBs+l4Rn5CWeflQ5gJKsTGv2OYaQ46/mVucDlia0CX+W+Skn9591fzkopTE4sGJYAEnUR0=,iv:lJ+d/4CmH5ElP470OaDiDTloYoS0NXzDIosCYZqi+fk=,tag:DqXqsEAcuLSFAfZiSbWxcg==,type:str]
pgp: [] pgp: []
encrypted_suffix: secret encrypted_suffix: secret
version: 3.7.1 version: 3.7.1

49
stdlib/kubernetes/helm/helm.cue
View File

@ -13,47 +13,47 @@ import (
#Chart: { #Chart: {
// Helm deployment name // Helm deployment name
name: string @dagger(input) name: dagger.#Input & {string}
// Helm chart to install from source // Helm chart to install from source
chartSource?: dagger.#Artifact @dagger(input) chartSource: *null | dagger.#Artifact
// Helm chart to install from repository // Helm chart to install from repository
chart?: string @dagger(input) chart: dagger.#Input & {*null | string}
// Helm chart repository // Helm chart repository
repository?: string @dagger(input) repository: dagger.#Input & {*null | string}
// Helm values (either a YAML string or a Cue structure) // Helm values (either a YAML string or a Cue structure)
values?: string @dagger(input) values: dagger.#Input & {*null | string}
// Kubernetes Namespace to deploy to // Kubernetes Namespace to deploy to
namespace: string @dagger(input) namespace: dagger.#Input & {string}
// Helm action to apply // Helm action to apply
action: *"installOrUpgrade" | "install" | "upgrade" @dagger(input) action: dagger.#Input & {*"installOrUpgrade" | "install" | "upgrade"}
// time to wait for any individual Kubernetes operation (like Jobs for hooks) // time to wait for any individual Kubernetes operation (like Jobs for hooks)
timeout: string | *"5m" @dagger(input) timeout: dagger.#Input & {string | *"5m"}
// if set, will wait until all Pods, PVCs, Services, and minimum number of // if set, will wait until all Pods, PVCs, Services, and minimum number of
// Pods of a Deployment, StatefulSet, or ReplicaSet are in a ready state // Pods of a Deployment, StatefulSet, or ReplicaSet are in a ready state
// before marking the release as successful. // before marking the release as successful.
// It will wait for as long as timeout // It will wait for as long as timeout
wait: *true | bool @dagger(input) wait: dagger.#Input & {*true | bool}
// if set, installation process purges chart on fail. // if set, installation process purges chart on fail.
// The wait option will be set automatically if atomic is used // The wait option will be set automatically if atomic is used
atomic: *true | bool @dagger(input) atomic: dagger.#Input & {*true | bool}
// Kube config file // Kube config file
kubeconfig: string @dagger(input) kubeconfig: dagger.#Input & {string | dagger.#Secret}
// Helm version // Helm version
version: *"3.5.2" | string @dagger(input) version: dagger.#Input & {*"3.5.2" | string}
// Kubectl version // Kubectl version
kubectlVersion: *"v1.19.9" | string @dagger(input) kubectlVersion: dagger.#Input & {*"v1.19.9" | string}
#up: [ #up: [
op.#Load & { op.#Load & {
@ -86,18 +86,22 @@ import (
dest: "/entrypoint.sh" dest: "/entrypoint.sh"
content: #code content: #code
}, },
op.#WriteFile & {
dest: "/kubeconfig" if (kubeconfig & string) != _|_ {
content: kubeconfig op.#WriteFile & {
mode: 0o600 dest: "/kubeconfig"
content: kubeconfig
mode: 0o600
}
}, },
if chart != _|_ {
if chart != null {
op.#WriteFile & { op.#WriteFile & {
dest: "/helm/chart" dest: "/helm/chart"
content: chart content: chart
} }
}, },
if (values & string) != _|_ { if values != null {
op.#WriteFile & { op.#WriteFile & {
dest: "/helm/values.yaml" dest: "/helm/values.yaml"
content: values content: values
@ -117,7 +121,7 @@ import (
KUBECONFIG: "/kubeconfig" KUBECONFIG: "/kubeconfig"
KUBE_NAMESPACE: namespace KUBE_NAMESPACE: namespace
if repository != _|_ { if repository != null {
HELM_REPO: repository HELM_REPO: repository
} }
HELM_NAME: name HELM_NAME: name
@ -127,9 +131,12 @@ import (
HELM_ATOMIC: strconv.FormatBool(atomic) HELM_ATOMIC: strconv.FormatBool(atomic)
} }
mount: { mount: {
if chartSource != _|_ && chart == _|_ { if chartSource != null && chart == null {
"/helm/chart": from: chartSource "/helm/chart": from: chartSource
} }
if (kubeconfig & dagger.#Secret) != _|_ {
"/kubeconfig": secret: kubeconfig
}
} }
}, },
] ]

4
stdlib/kubernetes/helm/tests/helm.cue
View File

@ -7,9 +7,9 @@ import (
// We assume that a kinD cluster is running locally // We assume that a kinD cluster is running locally
// To deploy a local KinD cluster, follow this link : https://kind.sigs.k8s.io/docs/user/quick-start/ // To deploy a local KinD cluster, follow this link : https://kind.sigs.k8s.io/docs/user/quick-start/
TestKubeconfig: string @dagger(input) TestKubeconfig: dagger.#Input & {string}
TestChartSource: dagger.#Artifact @dagger(input) TestChartSource: dagger.#Input & {dagger.#Artifact}
// Deploy user local chart // Deploy user local chart
TestHelmSimpleChart: { TestHelmSimpleChart: {

17
stdlib/kubernetes/kubernetes.cue
View File

@ -65,7 +65,7 @@ import (
version: dagger.#Input & {*"v1.19.9" | string} version: dagger.#Input & {*"v1.19.9" | string}
// Kube config file // Kube config file
kubeconfig: dagger.#Input & {string} kubeconfig: dagger.#Input & {string | dagger.#Secret}
#code: #""" #code: #"""
kubectl create namespace "$KUBE_NAMESPACE" > /dev/null 2>&1 || true kubectl create namespace "$KUBE_NAMESPACE" > /dev/null 2>&1 || true
@ -89,11 +89,15 @@ import (
dest: "/entrypoint.sh" dest: "/entrypoint.sh"
content: #code content: #code
}, },
op.#WriteFile & {
dest: "/kubeconfig" if (kubeconfig & string) != _|_ {
content: kubeconfig op.#WriteFile & {
mode: 0o600 dest: "/kubeconfig"
content: kubeconfig
mode: 0o600
}
}, },
if manifest != null { if manifest != null {
op.#WriteFile & { op.#WriteFile & {
dest: "/source" dest: "/source"
@ -120,6 +124,9 @@ import (
if manifest == null && source != null { if manifest == null && source != null {
mount: "/source": from: source mount: "/source": from: source
} }
if (kubeconfig & dagger.#Secret) != _|_ {
mount: "/kubeconfig": secret: kubeconfig
}
}, },
] ]
} }