Forked and built with the latest kubectl.

drone-kubectl

This Drone plugin allows you to use kubectl without messing around with the authentication.

Usage

# drone 1.0 syntax
kind: pipeline
name: deploy

steps:
  - name: deploy
    image: lushndm/drone-kubectl
    settings:
      kubernetes_server:
        from_secret: k8s_server
      kubernetes_cert:
        from_secret: k8s_cert
      kubernetes_token:
        from_secret: k8s_token
    commands:
      - kubectl create -f job_foo.yaml
      - kubectl wait --for=condition=complete -f job_foo.yaml

How to get the credentials

First, you need to have a service account with proper privileges and service-account-token:

kubectl create sa --namespace kube-system deploy
kubectl create clusterrolebinding deploy --clusterrole cluster-admin --serviceaccount=kube-system:deploy

You can find out your server URL which looks like https://xxx.xxx.xxx.xxx by the command:

kubectl config view -o jsonpath='{range .clusters[*]}{.name}{"\t"}{.cluster.server}{"\n"}{end}'

If the service account is deploy, you would have a secret named deploy-token-xxxx (xxxx is some random characters). You can get your token and certificate by the following commands:

cert:

kubectl get secret deploy-token-xxxx -o jsonpath='{.data.ca\.crt}' && echo

token:

kubectl get secret deploy-token-xxxx -o jsonpath='{.data.token}' | base64 --decode && echo

Special thanks

Inspired by:

• drone-kubernetes
• drone-kubectl