Compare commits
16 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
8dba329407 | ||
|
|
4462307983 | ||
|
cfc59a46ef | ||
|
5b4e3ab2ea | ||
|
|
0e58dde591 | ||
|
1809d7b133 | ||
|
|
70b2a2d0b4 | ||
|
|
03b066bfd7 | ||
|
|
fe0c874815 | ||
|
|
91d4506b37 | ||
|
|
0ab0a7fee4 | ||
|
|
0b17d929a7 | ||
|
|
3fea592040 | ||
|
|
d7a9eccb13 | ||
|
9e3a424a36 | ||
|
|
774bbb74db |
3
.gitignore
vendored
3
.gitignore
vendored
@@ -4,6 +4,7 @@
|
||||
*.dll
|
||||
*.so
|
||||
*.dylib
|
||||
*.swp
|
||||
|
||||
.idea
|
||||
|
||||
@@ -17,3 +18,5 @@
|
||||
# vendor/
|
||||
.env
|
||||
.secrets
|
||||
|
||||
build/*
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
FROM alpine/helm:3.1.1
|
||||
FROM alpine/helm:3.2.4
|
||||
MAINTAINER Erin Call <erin@liffft.com>
|
||||
|
||||
COPY build/drone-helm /bin/drone-helm
|
||||
|
||||
@@ -31,12 +31,14 @@ Installations are triggered when the `mode` setting is "upgrade." They can also
|
||||
|------------------------|----------------|----------|------------------------|---------|
|
||||
| chart | string | yes | | The chart to use for this installation. |
|
||||
| release | string | yes | | The release name for helm to use. |
|
||||
| kube_api_server | string | yes | api_server | API endpoint for the Kubernetes cluster. |
|
||||
| kube_token | string | yes | kubernetes_token | Token for authenticating to Kubernetes. |
|
||||
| kube_service_account | string | | service_account | Service account for authenticating to Kubernetes. Default is `helm`. |
|
||||
| kube_certificate | string | | kubernetes_certificate | Base64 encoded TLS certificate used by the Kubernetes cluster's certificate authority. |
|
||||
| skip_kubeconfig | boolean | | | Whether to skip kubeconfig file creation. |
|
||||
| kube_api_server | string | yes | api_server | API endpoint for the Kubernetes cluster. This is ignored if `skip_kubeconfig` is `true`. |
|
||||
| kube_token | string | yes | kubernetes_token | Token for authenticating to Kubernetes. This is ignored if `skip_kubeconfig` is `true`. |
|
||||
| kube_service_account | string | | service_account | Service account for authenticating to Kubernetes. Default is `helm`. This is ignored if `skip_kubeconfig` is `true`. |
|
||||
| kube_certificate | string | | kubernetes_certificate | Base64 encoded TLS certificate used by the Kubernetes cluster's certificate authority. This is ignored if `skip_kubeconfig` is `true`. |
|
||||
| chart_version | string | | | Specific chart version to install. |
|
||||
| dry_run | boolean | | | Pass `--dry-run` to `helm upgrade`. |
|
||||
| dependencies_action | string | | | Calls `helm dependency build` OR `helm dependency update` before running the main command. Possible values: `build`, `update`. |
|
||||
| wait_for_upgrade | boolean | | wait | Wait until kubernetes resources are in a ready state before marking the installation successful. |
|
||||
| timeout | duration | | | Timeout for any *individual* Kubernetes operation. The installation's full runtime may exceed this duration. |
|
||||
| force_upgrade | boolean | | force | Pass `--force` to `helm upgrade`. |
|
||||
@@ -46,7 +48,8 @@ Installations are triggered when the `mode` setting is "upgrade." They can also
|
||||
| string_values | list\<string\> | | | Chart values to use as the `--set-string` argument to `helm upgrade`. |
|
||||
| values_files | list\<string\> | | | Values to use as `--values` arguments to `helm upgrade`. |
|
||||
| reuse_values | boolean | | | Reuse the values from a previous release. |
|
||||
| skip_tls_verify | boolean | | | Connect to the Kubernetes cluster without checking for a valid TLS certificate. Not recommended in production. |
|
||||
| skip_tls_verify | boolean | | | Connect to the Kubernetes cluster without checking for a valid TLS certificate. Not recommended in production. This is ignored if `skip_kubeconfig` is `true`. |
|
||||
| create_namespace | boolean | | | Pass --create-namespace to `helm upgrade`. |
|
||||
|
||||
## Uninstallation
|
||||
|
||||
@@ -55,14 +58,15 @@ Uninstallations are triggered when the `mode` setting is "uninstall" or "delete.
|
||||
| Param name | Type | Required | Alias | Purpose |
|
||||
|------------------------|----------|----------|------------------------|---------|
|
||||
| release | string | yes | | The release name for helm to use. |
|
||||
| kube_api_server | string | yes | api_server | API endpoint for the Kubernetes cluster. |
|
||||
| kube_token | string | yes | kubernetes_token | Token for authenticating to Kubernetes. |
|
||||
| kube_service_account | string | | service_account | Service account for authenticating to Kubernetes. Default is `helm`. |
|
||||
| kube_certificate | string | | kubernetes_certificate | Base64 encoded TLS certificate used by the Kubernetes cluster's certificate authority. |
|
||||
| skip_kubeconfig | boolean | | | Whether to skip kubeconfig file creation. |
|
||||
| kube_api_server | string | yes | api_server | API endpoint for the Kubernetes cluster. This is ignored if `skip_kubeconfig` is `true`. |
|
||||
| kube_token | string | yes | kubernetes_token | Token for authenticating to Kubernetes. This is ignored if `skip_kubeconfig` is `true`. |
|
||||
| kube_service_account | string | | service_account | Service account for authenticating to Kubernetes. Default is `helm`. This is ignored if `skip_kubeconfig` is `true`. |
|
||||
| kube_certificate | string | | kubernetes_certificate | Base64 encoded TLS certificate used by the Kubernetes cluster's certificate authority. This is ignored if `skip_kubeconfig` is `true`. |
|
||||
| keep_history | boolean | | | Pass `--keep-history` to `helm uninstall`, to retain the release history. |
|
||||
| dry_run | boolean | | | Pass `--dry-run` to `helm uninstall`. |
|
||||
| timeout | duration | | | Timeout for any *individual* Kubernetes operation. The uninstallation's full runtime may exceed this duration. |
|
||||
| skip_tls_verify | boolean | | | Connect to the Kubernetes cluster without checking for a valid TLS certificate. Not recommended in production. |
|
||||
| skip_tls_verify | boolean | | | Connect to the Kubernetes cluster without checking for a valid TLS certificate. Not recommended in production. This is ignored if `skip_kubeconfig` is `true`. |
|
||||
| chart | string | | | Required when the global `update_dependencies` parameter is true. No effect otherwise. |
|
||||
|
||||
### Where to put settings
|
||||
|
||||
15
internal/env/config.go
vendored
15
internal/env/config.go
vendored
@@ -23,7 +23,8 @@ type Config struct {
|
||||
// Configuration for drone-helm itself
|
||||
Command string `envconfig:"mode"` // Helm command to run
|
||||
DroneEvent string `envconfig:"drone_build_event"` // Drone event that invoked this plugin.
|
||||
UpdateDependencies bool `split_words:"true"` // Call `helm dependency update` before the main command
|
||||
UpdateDependencies bool `split_words:"true"` // [Deprecated] Call `helm dependency update` before the main command (deprecated, use dependencies_action: update instead)
|
||||
DependenciesAction string `split_words:"true"` // Call `helm dependency build` or `helm dependency update` before the main command
|
||||
AddRepos []string `split_words:"true"` // Call `helm repo add` before the main command
|
||||
RepoCertificate string `envconfig:"repo_certificate"` // The Helm chart repository's self-signed certificate (must be base64-encoded)
|
||||
RepoCACertificate string `envconfig:"repo_ca_certificate"` // The Helm chart repository CA's self-signed certificate (must be base64-encoded)
|
||||
@@ -32,7 +33,9 @@ type Config struct {
|
||||
StringValues string `split_words:"true"` // Argument to pass to --set-string in applicable helm commands
|
||||
ValuesFiles []string `split_words:"true"` // Arguments to pass to --values in applicable helm commands
|
||||
Namespace string `` // Kubernetes namespace for all helm commands
|
||||
CreateNamespace bool `split_words:"true"` // Pass --create-namespace to `helm upgrade`
|
||||
KubeToken string `split_words:"true"` // Kubernetes authentication token to put in .kube/config
|
||||
SkipKubeconfig bool `envconfig:"skip_kubeconfig"` // Skip kubeconfig creation
|
||||
SkipTLSVerify bool `envconfig:"skip_tls_verify"` // Put insecure-skip-tls-verify in .kube/config
|
||||
Certificate string `envconfig:"kube_certificate"` // The Kubernetes cluster CA's self-signed certificate (must be base64-encoded)
|
||||
APIServer string `envconfig:"kube_api_server"` // The Kubernetes cluster's API endpoint
|
||||
@@ -86,6 +89,12 @@ func NewConfig(stdout, stderr io.Writer) (*Config, error) {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
if cfg.SkipKubeconfig {
|
||||
if cfg.KubeToken != "" || cfg.Certificate != "" || cfg.APIServer != "" || cfg.ServiceAccount != "" || cfg.SkipTLSVerify {
|
||||
fmt.Fprintf(cfg.Stderr, "Warning: skip_kubeconfig is set. The following kubeconfig-related settings will be ignored: kube_config, kube_certificate, kube_api_server, kube_service_account, skip_tls_verify.")
|
||||
}
|
||||
}
|
||||
|
||||
if justNumbers.MatchString(cfg.Timeout) {
|
||||
cfg.Timeout = fmt.Sprintf("%ss", cfg.Timeout)
|
||||
}
|
||||
@@ -143,6 +152,10 @@ func (cfg *Config) deprecationWarn() {
|
||||
}
|
||||
}
|
||||
|
||||
// settingAliases provides alternate environment variable names for certain settings, either because
|
||||
// they were renamed during drone-helm3's lifetime or for backward-compatibility with the original
|
||||
// drone-helm. Most config options don't need to be included here; adding them to the main Config
|
||||
// struct is sufficient.
|
||||
type settingAliases struct {
|
||||
Command string `envconfig:"helm_command"`
|
||||
AddRepos []string `envconfig:"helm_repos"`
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
package helm
|
||||
|
||||
import (
|
||||
"errors"
|
||||
"fmt"
|
||||
"github.com/pelotech/drone-helm3/internal/env"
|
||||
"github.com/pelotech/drone-helm3/internal/run"
|
||||
@@ -30,6 +31,10 @@ func NewPlan(cfg env.Config) (*Plan, error) {
|
||||
cfg: cfg,
|
||||
}
|
||||
|
||||
if cfg.UpdateDependencies && cfg.DependenciesAction != "" {
|
||||
return nil, errors.New("update_dependencies is deprecated and cannot be provided together with dependencies_action")
|
||||
}
|
||||
|
||||
p.steps = (*determineSteps(cfg))(cfg)
|
||||
|
||||
for i, step := range p.steps {
|
||||
@@ -87,13 +92,21 @@ func (p *Plan) Execute() error {
|
||||
|
||||
var upgrade = func(cfg env.Config) []Step {
|
||||
var steps []Step
|
||||
if !cfg.SkipKubeconfig {
|
||||
steps = append(steps, run.NewInitKube(cfg, kubeConfigTemplate, kubeConfigFile))
|
||||
}
|
||||
for _, repo := range cfg.AddRepos {
|
||||
steps = append(steps, run.NewAddRepo(cfg, repo))
|
||||
}
|
||||
|
||||
if cfg.DependenciesAction != "" {
|
||||
steps = append(steps, run.NewDepAction(cfg))
|
||||
}
|
||||
|
||||
if cfg.UpdateDependencies {
|
||||
steps = append(steps, run.NewDepUpdate(cfg))
|
||||
}
|
||||
|
||||
steps = append(steps, run.NewUpgrade(cfg))
|
||||
|
||||
return steps
|
||||
@@ -101,7 +114,9 @@ var upgrade = func(cfg env.Config) []Step {
|
||||
|
||||
var uninstall = func(cfg env.Config) []Step {
|
||||
var steps []Step
|
||||
if !cfg.SkipKubeconfig {
|
||||
steps = append(steps, run.NewInitKube(cfg, kubeConfigTemplate, kubeConfigFile))
|
||||
}
|
||||
if cfg.UpdateDependencies {
|
||||
steps = append(steps, run.NewDepUpdate(cfg))
|
||||
}
|
||||
|
||||
@@ -122,6 +122,12 @@ func (suite *PlanTestSuite) TestUpgrade() {
|
||||
suite.IsType(&run.Upgrade{}, steps[1])
|
||||
}
|
||||
|
||||
func (suite *PlanTestSuite) TestUpgradeWithSkipKubeconfig() {
|
||||
steps := upgrade(env.Config{SkipKubeconfig: true})
|
||||
suite.Require().Equal(1, len(steps), "upgrade should return 1 step")
|
||||
suite.IsType(&run.Upgrade{}, steps[0])
|
||||
}
|
||||
|
||||
func (suite *PlanTestSuite) TestUpgradeWithUpdateDependencies() {
|
||||
cfg := env.Config{
|
||||
UpdateDependencies: true,
|
||||
|
||||
59
internal/run/depaction.go
Normal file
59
internal/run/depaction.go
Normal file
@@ -0,0 +1,59 @@
|
||||
package run
|
||||
|
||||
import (
|
||||
"errors"
|
||||
"fmt"
|
||||
"github.com/pelotech/drone-helm3/internal/env"
|
||||
)
|
||||
|
||||
const (
|
||||
actionBuild = "build"
|
||||
actionUpdate = "update"
|
||||
)
|
||||
|
||||
// DepAction is an execution step that calls `helm dependency update` or `helm dependency build` when executed.
|
||||
type DepAction struct {
|
||||
*config
|
||||
chart string
|
||||
cmd cmd
|
||||
action string
|
||||
}
|
||||
|
||||
// NewDepAction creates a DepAction using fields from the given Config. No validation is performed at this time.
|
||||
func NewDepAction(cfg env.Config) *DepAction {
|
||||
return &DepAction{
|
||||
config: newConfig(cfg),
|
||||
chart: cfg.Chart,
|
||||
action: cfg.DependenciesAction,
|
||||
}
|
||||
}
|
||||
|
||||
// Execute executes the `helm upgrade` command.
|
||||
func (d *DepAction) Execute() error {
|
||||
return d.cmd.Run()
|
||||
}
|
||||
|
||||
// Prepare gets the DepAction ready to execute.
|
||||
func (d *DepAction) Prepare() error {
|
||||
if d.chart == "" {
|
||||
return fmt.Errorf("chart is required")
|
||||
}
|
||||
|
||||
args := d.globalFlags()
|
||||
|
||||
if d.action != actionBuild && d.action != actionUpdate {
|
||||
return errors.New("unknown dependency_action: " + d.action)
|
||||
}
|
||||
|
||||
args = append(args, "dependency", d.action, d.chart)
|
||||
|
||||
d.cmd = command(helmBin, args...)
|
||||
d.cmd.Stdout(d.stdout)
|
||||
d.cmd.Stderr(d.stderr)
|
||||
|
||||
if d.debug {
|
||||
fmt.Fprintf(d.stderr, "Generated command: '%s'\n", d.cmd.String())
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
131
internal/run/depaction_test.go
Normal file
131
internal/run/depaction_test.go
Normal file
@@ -0,0 +1,131 @@
|
||||
package run
|
||||
|
||||
import (
|
||||
"errors"
|
||||
"github.com/golang/mock/gomock"
|
||||
"github.com/pelotech/drone-helm3/internal/env"
|
||||
"github.com/stretchr/testify/suite"
|
||||
"strings"
|
||||
"testing"
|
||||
)
|
||||
|
||||
type DepActionTestSuite struct {
|
||||
suite.Suite
|
||||
ctrl *gomock.Controller
|
||||
mockCmd *Mockcmd
|
||||
originalCommand func(string, ...string) cmd
|
||||
}
|
||||
|
||||
func (suite *DepActionTestSuite) BeforeTest(_, _ string) {
|
||||
suite.ctrl = gomock.NewController(suite.T())
|
||||
suite.mockCmd = NewMockcmd(suite.ctrl)
|
||||
|
||||
suite.originalCommand = command
|
||||
command = func(path string, args ...string) cmd { return suite.mockCmd }
|
||||
}
|
||||
|
||||
func (suite *DepActionTestSuite) AfterTest(_, _ string) {
|
||||
command = suite.originalCommand
|
||||
}
|
||||
|
||||
func TestDepActionTestSuite(t *testing.T) {
|
||||
suite.Run(t, new(DepActionTestSuite))
|
||||
}
|
||||
|
||||
func (suite *DepActionTestSuite) TestNewDepAction() {
|
||||
cfg := env.Config{
|
||||
Chart: "scatterplot",
|
||||
}
|
||||
d := NewDepAction(cfg)
|
||||
suite.Equal("scatterplot", d.chart)
|
||||
}
|
||||
|
||||
func (suite *DepActionTestSuite) TestPrepareAndExecuteBuild() {
|
||||
defer suite.ctrl.Finish()
|
||||
|
||||
stdout := strings.Builder{}
|
||||
stderr := strings.Builder{}
|
||||
cfg := env.Config{
|
||||
Chart: "your_top_songs_2019",
|
||||
Stdout: &stdout,
|
||||
Stderr: &stderr,
|
||||
DependenciesAction: "build",
|
||||
}
|
||||
|
||||
command = func(path string, args ...string) cmd {
|
||||
suite.Equal(helmBin, path)
|
||||
suite.Equal([]string{"dependency", "build", "your_top_songs_2019"}, args)
|
||||
|
||||
return suite.mockCmd
|
||||
}
|
||||
suite.mockCmd.EXPECT().
|
||||
Stdout(&stdout)
|
||||
suite.mockCmd.EXPECT().
|
||||
Stderr(&stderr)
|
||||
suite.mockCmd.EXPECT().
|
||||
Run().
|
||||
Times(1)
|
||||
|
||||
d := NewDepAction(cfg)
|
||||
|
||||
suite.Require().NoError(d.Prepare())
|
||||
suite.NoError(d.Execute())
|
||||
}
|
||||
|
||||
func (suite *DepActionTestSuite) TestPrepareAndExecuteUpdate() {
|
||||
defer suite.ctrl.Finish()
|
||||
|
||||
stdout := strings.Builder{}
|
||||
stderr := strings.Builder{}
|
||||
cfg := env.Config{
|
||||
Chart: "your_top_songs_2019",
|
||||
Stdout: &stdout,
|
||||
Stderr: &stderr,
|
||||
DependenciesAction: "update",
|
||||
}
|
||||
|
||||
command = func(path string, args ...string) cmd {
|
||||
suite.Equal(helmBin, path)
|
||||
suite.Equal([]string{"dependency", "update", "your_top_songs_2019"}, args)
|
||||
|
||||
return suite.mockCmd
|
||||
}
|
||||
suite.mockCmd.EXPECT().
|
||||
Stdout(&stdout)
|
||||
suite.mockCmd.EXPECT().
|
||||
Stderr(&stderr)
|
||||
suite.mockCmd.EXPECT().
|
||||
Run().
|
||||
Times(1)
|
||||
|
||||
d := NewDepAction(cfg)
|
||||
|
||||
suite.Require().NoError(d.Prepare())
|
||||
suite.NoError(d.Execute())
|
||||
}
|
||||
|
||||
func (suite *DepActionTestSuite) TestPrepareAndExecuteUnknown() {
|
||||
defer suite.ctrl.Finish()
|
||||
|
||||
stdout := strings.Builder{}
|
||||
stderr := strings.Builder{}
|
||||
cfg := env.Config{
|
||||
Chart: "your_top_songs_2019",
|
||||
Stdout: &stdout,
|
||||
Stderr: &stderr,
|
||||
DependenciesAction: "downgrade",
|
||||
}
|
||||
|
||||
d := NewDepAction(cfg)
|
||||
suite.Require().Equal(errors.New("unknown dependency_action: downgrade"), d.Prepare())
|
||||
}
|
||||
|
||||
func (suite *DepActionTestSuite) TestPrepareChartRequired() {
|
||||
d := NewDepAction(env.Config{})
|
||||
|
||||
suite.mockCmd.EXPECT().Stdout(gomock.Any()).AnyTimes()
|
||||
suite.mockCmd.EXPECT().Stderr(gomock.Any()).AnyTimes()
|
||||
|
||||
err := d.Prepare()
|
||||
suite.EqualError(err, "chart is required")
|
||||
}
|
||||
@@ -23,6 +23,7 @@ type Upgrade struct {
|
||||
atomic bool
|
||||
cleanupOnFail bool
|
||||
certs *repoCerts
|
||||
createNamespace bool
|
||||
|
||||
cmd cmd
|
||||
}
|
||||
@@ -45,6 +46,7 @@ func NewUpgrade(cfg env.Config) *Upgrade {
|
||||
atomic: cfg.AtomicUpgrade,
|
||||
cleanupOnFail: cfg.CleanupOnFail,
|
||||
certs: newRepoCerts(cfg),
|
||||
createNamespace: cfg.CreateNamespace,
|
||||
}
|
||||
}
|
||||
|
||||
@@ -95,6 +97,9 @@ func (u *Upgrade) Prepare() error {
|
||||
if u.stringValues != "" {
|
||||
args = append(args, "--set-string", u.stringValues)
|
||||
}
|
||||
if u.createNamespace {
|
||||
args = append(args, "--create-namespace")
|
||||
}
|
||||
for _, vFile := range u.valuesFiles {
|
||||
args = append(args, "--values", vFile)
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user