In order to use these pipelines, you must have:
- a running Concourse setup
- a Kubernetes cluster with relevant credentials (k8s secrets) setup
- a container registry and credentials that are reachable from both the Kubernetes cluster and Concourse.
- a git repo and the related SSH key for housing a file for semantic version management
- a valid git repo for this project (e.g., a github fork or similar) and related private SSH key.
To use the pipeline, you must fill out a params.yaml file by copying a template from examples and updating the variables therein to match your environment. The variables should be relatively self-explanitory; this is not meant to be a tutorial on Concourse.
Generally, you will 'fly login' and execute 00_set-pipeline.sh
, which will
create/update the pipeline in concourse. Thereafter, unpause the newly created
(or updated) pipeline to let it build the project and run it in Kubernetes.
Start a cluster that has access (one way or another) to the concourse CI engine and vice versa.
Both the Kubernetes cluster you use and Concourse require access to a container registry, such as Harbor. There are a myriad of ways to start or obtain access to the registry; the key for this project is that you have sufficient credentials and network access to fill out the params.yaml file.
There are a number of pipeline variables that params.yml needs in order to complete pipeline runs. These include:
- docker-registry-repo: the docker repo/container to use for push / pull
- docker-registry-user: the docker registry login user
- docker-registry-passwd: the docker registry login passwd
- docker-registry-email: the docker registry login e-mail
In addition, there are a number of variables that params.yml needs to specify that must be base64 encoded. These are:
- k8s-cluster-url: Kubernetes API address; something of the form https://192.168.64.55:8443
- k8s-cluster-ca: base64 encoded certificate authority for the target cluster
- k8s-admin-cert: base64 encoded user cert for the target cluster
- k8s-admin-key: base64 encoded user key for the target cluster
In order to help out a bit with the base64 encoding, a script exists in the hack directory that will attempt to form the appropriate values from your ~/.kube/config and append the variables with their values to the file "params.yaml". The script may need modifications to set other internal variables, which are documented directly within.
Once a Kubernetes cluster is up and running, copy and edit the examples/params.yaml file params.yml, for example:
cp examples/params.yaml params.yaml
vi params.yaml
The copied version should be ignored by git to help prevent potential commits of your changes. Finally, run:
./00_set-pipeline.sh