A Concourse resource for controlling the Kubernetes cluster.
This resource supports AWS EKS.
The version of this resource corresponds to the version of kubectl. We recommend using different version depending on the kubernetes version of the cluster.
zlabjp/kubernetes-resource:1.12
(stable-1.12)zlabjp/kubernetes-resource:1.11
(stable-1.11)zlabjp/kubernetes-resource:1.10
(stable-1.10)zlabjp/kubernetes-resource:1.9
(stable-1.9)zlabjp/kubernetes-resource:1.8
(stable-1.8)zlabjp/kubernetes-resource:1.7
(stable-1.7)zlabjp/kubernetes-resource:1.6
(stable-1.6)zlabjp/kubernetes-resource:latest
(latest)
kubeconfig
: Optional. A kubeconfig file.kubeconfig: | apiVersion: v1 clusters: - cluster: ...
context
: Optional. The context to use when specifying akubeconfig
orkubeconfig_file
server
: Optional. The address and port of the API server.token
: Optional. Bearer token for authentication to the API server.namespace
: Optional. The namespace scope. Defaults todefault
. If set along withkubeconfig
,namespace
will override the namespace in the current-contextcertificate_authority
: Optional. A certificate file for the certificate authority.certificate_authority: | -----BEGIN CERTIFICATE----- ... -----END CERTIFICATE-----
insecure_skip_tls_verify
: Optional. If true, the API server's certificate will not be checked for validity. This will make your HTTPS connections insecure. Defaults tofalse
.use_aws_iam_authenticator
: Optional. If true, the aws_iam_authenticator, required for connecting with EKS, is used. Requiresaws_eks_cluster_name
. Defaults tofalse
.aws_eks_cluster_name
: Optional. the AWS EKS cluster name, required whenuse_aws_iam_authenticator
is true.
Control the Kubernetes cluster like kubectl apply
, kubectl delete
, kubectl label
and so on.
kubectl
: Required. Specify the operation that you want to perform on one or more resources, for exampleapply
,delete
,label
.context
: Optional. The context to use when specifying akubeconfig
orkubeconfig_file
wait_until_ready
: Optional. The number of seconds that waits until all pods are ready. 0 means don't wait. Defaults to30
.wait_until_ready_interval
: Optional. The interval (sec) on which to check whether all pods are ready. Defaults to3
.wait_until_ready_selector
: Optional. A label selector to identify a set of pods which to check whether those are ready. Defaults to every pods in the namespace.kubeconfig_file
: Optional. The path of kubeconfig file. This param has priority over thekubeconfig
of source configuration.namespace
: Optional. The namespace scope. It will override the namespace in other params and source configuration.
resource_types:
- name: kubernetes
type: docker-image
source:
repository: zlabjp/kubernetes-resource
tag: "1.12"
resources:
- name: kubernetes-production
type: kubernetes
source:
server: https://192.168.99.100:8443
namespace: production
token: {{kubernetes-production-token}}
certificate_authority: {{kubernetes-production-cert}}
- name: my-app
type: git
source:
...
jobs:
- name: kubernetes-deploy-production
plan:
- get: my-app
trigger: true
- put: kubernetes-production
params:
kubectl: apply -f my-app/k8s -f my-app/k8s/production
wait_until_ready_selector: app=myapp
jobs:
- name: force-update-deployment
serial: true
plan:
- put: mycluster
params:
kubectl: |
patch deploy nginx -p '{"spec":{"template":{"metadata":{"labels":{"updated_at":"'$(date +%s)'"}}}}}'
wait_until_ready_selector: run=nginx
resources:
- name: k8s-prod
type: kubernetes
- name: kubeconfig-file
type: s3
source:
bucket: mybucket
versioned_file: config
access_key_id: ((s3-access-key))
secret_access_key: ((s3-secret))
- name: my-app
type: git
source:
...
jobs:
- name: k8s-deploy-prod
plan:
- aggregate:
- get: my-app
trigger: true
- get: kubeconfig-file
- put: k8s-prod
params:
kubectl: apply -f my-app/k8s -f my-app/k8s/production
wait_until_ready_selector: app=myapp
kubeconfig_file: kubeconfig-file/config
This software is released under the MIT License.