Kube commands #245

alexey-igrychev · 2017-05-30T12:26:02Z

kube secret generate command: hidden user typing
kube secret file encrypt command
kube deploy command
- create temporary chart
- copy user chart from .helm
- decode user secrets if DAPP_SECRET_KEY environment variable exist
  - .helm/secret-values.yaml ;
  - .helm/secret/**/*.
- generate chart helper
  - dapp_secret_file method to work with secrets files.
```
...
    env:
      name: secret
      value: {{ printf "!binary | \n%s" (tuple "secret_file" . | include "dapp_secret_file" | indent 8) }}

...
data:
  tls.crt: {{ tuple (print .Values.global.env "/backend-saml/tls.crt") . | include "dapp_secret_file" | b64enc }}
  tls.key: {{ tuple (print .Values.global.env "/backend-saml/tls.key") . | include "dapp_secret_file" | b64enc }}
```
- flush hooks jobs
  - helm upgrade --dry-run --debug ;
  - parse output ;
  - ignore jobs with 'helm.sh/resource-policy' == 'keep' annotation.
- deploy temporary chart
  - create namespace if namespace doesn't exist ;
  - helm upgrade.
- features
  - user get encrypted data if DAPP_SECRET_KEY environment variable doesn't exist ;
  - user can save temporary chart in dev_mode.
kube dismiss command

* create temporary chart * copy user chart from `.helm` * decode user secrets if `DAPP_SECRET_KEY` environment variable exist * `.helm/secret-values.yaml` ; * `.helm/secret/**/*`. * generate chart helper * dapp_secret_file method to work with secrets files. ``` ... env: name: secret value: {{ printf "!binary | \n%s" (tuple "secret_file" . | include "dapp_secret_file" | indent 8) }} ... data: tls.crt: {{ tuple (print .Values.global.env "/backend-saml/tls.crt") . | include "dapp_secret_file" | b64enc }} tls.key: {{ tuple (print .Values.global.env "/backend-saml/tls.key") . | include "dapp_secret_file" | b64enc }} ``` * flush hooks jobs * helm upgrade --dry-run --debug ; * parse output ; * ignore jobs with `'helm.sh/resource-policy' == 'keep'` annotation. * deploy temporary chart * create namespace if namespace doesn't exist ; * helm upgrade. * features * user get encrypted data if `DAPP_SECRET_KEY` environment variable doesn't exist ; * user can save temporary chart in `dev_mode`.

distorhead and others added 9 commits May 16, 2017 17:49

GitRepo unit test fix

77b0f33

change deployment apply command info

8c2beb9

fix cli output formatting (left indent)

187353d

create kube module

efe88c5

secrets from deployment to kube module

bac3755

kube secret generate command: hidden user typing

e3b9046

kube secret file encrypt command

6eba21b

kube dismiss command

076bcd8

alexey-igrychev self-assigned this May 30, 2017

alexey-igrychev requested review from diafour and distorhead May 30, 2017 12:26

distorhead merged commit 67254d0 into werf:master May 30, 2017

alexey-igrychev deleted the helm_commands branch June 1, 2017 11:53

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Kube commands #245

Kube commands #245

alexey-igrychev commented May 30, 2017

Kube commands #245

Kube commands #245

Conversation

alexey-igrychev commented May 30, 2017