22aa1df894
While testing this I discovered the secrets are revealed anyway, since the lint/upgrade jobs' debug output includes the command they generated. Might as well make the code a little simpler. |
||
---|---|---|
.github | ||
assets | ||
cmd/drone-helm | ||
docs | ||
internal | ||
.drone.yml | ||
.gitignore | ||
CODE_OF_CONDUCT.md | ||
Dockerfile | ||
go.mod | ||
go.sum | ||
LICENSE | ||
README.md |
Drone plugin for Helm 3
This plugin provides an interface between Drone and Helm 3:
- Lint your charts
- Deploy your service
- Delete your service
The plugin is inpsired by drone-helm, which fills the same role for Helm 2. It provides a comparable feature-set and the configuration settings are backward-compatible.
Example configuration
The examples below give a minimal and sufficient configuration for each use-case. For a full description of each command's settings, see docs/parameter_reference.md.
Linting
steps:
- name: lint
image: pelotech/drone-helm3
settings:
mode: lint
chart: ./
Installation
steps:
- name: deploy
image: pelotech/drone-helm3
settings:
mode: upgrade
chart: ./
release: my-project
environment:
KUBE_API_SERVER: https://my.kubernetes.installation/clusters/a-1234
KUBE_TOKEN:
from_secret: kubernetes_token
Uninstallation
steps:
- name: uninstall
image: pelotech/drone-helm3
settings:
mode: uninstall
release: my-project
environment:
KUBE_API_SERVER: https://my.kubernetes.installation/clusters/a-1234
KUBE_TOKEN:
from_secret: kubernetes_token
Upgrading from drone-helm
drone-helm3 is largely backward-compatible with drone-helm. There are some known differences:
- You'll need to migrate the deployments in the cluster helm-v2-to-helm-v3.
- EKS is not supported. See #5 for more information.
- The
prefix
setting is no longer supported. If you were relying on theprefix
setting withsecrets: [...]
, you'll need to switch to thefrom_secret
syntax. - During uninstallations, the release history is purged by default. Use
keep_history: true
to return to the old behavior. - Several settings no longer have any effect. The plugin will produce warnings if any of these are present:
purge
-- this is the default behavior in Helm 3recreate_pods
tiller_ns
upgrade
canary_image
client_only
stable_repo_url
- Several settings have been renamed, to clarify their purpose and provide a more consistent naming scheme. For backward-compatibility, the old names are still available as aliases. If the old and new names are both present, the updated form takes priority. Conflicting settings will make your
.drone.yml
harder to understand, so we recommend updating to the new names:helm_command
is nowmode
°helm_repos
is nowadd_repos
api_server
is nowkube_api_server
service_account
is nowkube_service_account
kubernetes_token
is nowkube_token
kubernetes_certificate
is nowkube_certificate
wait
is nowwait_for_upgrade
force
is nowforce_upgrade
Since helm 3 does not require Tiller, we also recommend switching to a service account with less-expansive permissions.
Contributing
This repo is setup in a way that if you enable a personal drone server to build your fork it will build and publish your image (makes it easier to test PRs and use the image till the contributions get merged)
- Build local
DRONE_REPO_OWNER=josmo DRONE_REPO_NAME=drone-ecs drone exec
- on your server (or cloud.drone.io) just make sure you have DOCKER_USERNAME, DOCKER_PASSWORD, and PLUGIN_REPO set as secrets