A Concourse resource for controlling the Kubernetes cluster.
This resource supports AWS EKS. (kubernetes-sigs/aws-iam-authenticator@v0.4.0)
The version of this resource corresponds to the version of kubectl. We recommend using different version depending on the kubernetes version of the cluster.
zlabjp/kubernetes-resource:1.15
(stable-1.15)zlabjp/kubernetes-resource:1.14
(stable-1.14)zlabjp/kubernetes-resource:1.13
(stable-1.13)zlabjp/kubernetes-resource:latest
(latest)
kubeconfig
: Optional. A kubeconfig file.kubeconfig: | apiVersion: v1 clusters: - cluster: ...
context
: Optional. The context to use when specifying akubeconfig
orkubeconfig_file
server
: Optional. The address and port of the API server.token
: Optional. Bearer token for authentication to the API server.namespace
: Optional. The namespace scope. Defaults todefault
. If set along withkubeconfig
,namespace
will override the namespace in the current-contextcertificate_authority
: Optional. A certificate for the certificate authority.certificate_authority: | -----BEGIN CERTIFICATE----- ... -----END CERTIFICATE-----
certificate_authority_file
: Optional. A file to read the certificate from. Only takes effect whencertificate_authority_file
is not set.certificate_authority_file: ca_certs.crt
insecure_skip_tls_verify
: Optional. If true, the API server's certificate will not be checked for validity. This will make your HTTPS connections insecure. Defaults tofalse
.use_aws_iam_authenticator
: Optional. If true, the aws_iam_authenticator, required for connecting with EKS, is used. Requiresaws_eks_cluster_name
. Defaults tofalse
.aws_eks_cluster_name
: Optional. the AWS EKS cluster name, required whenuse_aws_iam_authenticator
is true.aws_eks_assume_role
: Optional. the AWS IAM role ARN to assume.aws_access_key_id
: Optional. AWS access key to use for iam authenticator.aws_secret_access_key
: Optional. AWS secret key to use for iam authenticator.aws_session_token
: Optional. AWS session token (assumed role) to use for iam authenticator.
Control the Kubernetes cluster like kubectl apply
, kubectl delete
, kubectl label
and so on.
kubectl
: Required. Specify the operation that you want to perform on one or more resources, for exampleapply
,delete
,label
.context
: Optional. The context to use when specifying akubeconfig
orkubeconfig_file
wait_until_ready
: Optional. The number of seconds that waits until all pods are ready. 0 means don't wait. Defaults to30
.wait_until_ready_interval
: Optional. The interval (sec) on which to check whether all pods are ready. Defaults to3
.wait_until_ready_selector
: Optional. A label selector to identify a set of pods which to check whether those are ready. Defaults to every pods in the namespace.kubeconfig_file
: Optional. The path of kubeconfig file. This param has priority over thekubeconfig
of source configuration.namespace
: Optional. The namespace scope. It will override the namespace in other params and source configuration.
resource_types:
- name: kubernetes
type: docker-image
source:
repository: zlabjp/kubernetes-resource
tag: "1.14"
resources:
- name: kubernetes-production
type: kubernetes
source:
server: https://192.168.99.100:8443
namespace: production
token: {{kubernetes-production-token}}
certificate_authority: {{kubernetes-production-cert}}
- name: my-app
type: git
source:
...
jobs:
- name: kubernetes-deploy-production
plan:
- get: my-app
trigger: true
- put: kubernetes-production
params:
kubectl: apply -f my-app/k8s -f my-app/k8s/production
wait_until_ready_selector: app=myapp
jobs:
- name: force-update-deployment
serial: true
plan:
- put: mycluster
params:
kubectl: |
patch deploy nginx -p '{"spec":{"template":{"metadata":{"labels":{"updated_at":"'$(date +%s)'"}}}}}'
wait_until_ready_selector: run=nginx
resources:
- name: k8s-prod
type: kubernetes
- name: kubeconfig-file
type: s3
source:
bucket: mybucket
versioned_file: config
access_key_id: ((s3-access-key))
secret_access_key: ((s3-secret))
- name: my-app
type: git
source:
...
jobs:
- name: k8s-deploy-prod
plan:
- aggregate:
- get: my-app
trigger: true
- get: kubeconfig-file
- put: k8s-prod
params:
kubectl: apply -f my-app/k8s -f my-app/k8s/production
wait_until_ready_selector: app=myapp
kubeconfig_file: kubeconfig-file/config
This software is released under the MIT License.