Skip to content
A Concourse resource for controlling the Kubernetes cluster
Branch: master
Clone or download
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.github
assets Allow EKS users to authenticate by assuming a role. (#64) Feb 25, 2019
ci Reduce supported versions to 3 versions which from latest version (#70) Apr 2, 2019
scripts Use kind for integration test (#59) Jan 8, 2019
test Fix typo (#69) Apr 1, 2019
.gitignore
.travis.yml Add support for Kubernetes 1.14 (#68) Apr 1, 2019
AUTHORS Allow EKS users to authenticate by assuming a role. (#64) Feb 25, 2019
CONTRIBUTING.md Lint asset files using shellcheck (#30) Jun 26, 2018
Dockerfile Update the base image to ubuntu:18.04 (#40) Aug 27, 2018
LICENSE Implement kubernetes-resource Jul 20, 2017
Makefile Update the base image to ubuntu:18.04 (#40) Aug 27, 2018
README.md Reduce supported versions to 3 versions which from latest version (#70) Apr 2, 2019

README.md

kubernetes-resource

Build Status

A Concourse resource for controlling the Kubernetes cluster.

This resource supports AWS EKS.

Versions

The version of this resource corresponds to the version of kubectl. We recommend using different version depending on the kubernetes version of the cluster.

Source Configuration

kubeconfig

  • kubeconfig: Optional. A kubeconfig file.
    kubeconfig: |
      apiVersion: v1
      clusters:
      - cluster:
        ...
  • context: Optional. The context to use when specifying a kubeconfig or kubeconfig_file

cluster configs

  • server: Optional. The address and port of the API server.
  • token: Optional. Bearer token for authentication to the API server.
  • namespace: Optional. The namespace scope. Defaults to default. If set along with kubeconfig, namespace will override the namespace in the current-context
  • certificate_authority: Optional. A certificate file for the certificate authority.
    certificate_authority: |
        -----BEGIN CERTIFICATE-----
        ...
        -----END CERTIFICATE-----
  • insecure_skip_tls_verify: Optional. If true, the API server's certificate will not be checked for validity. This will make your HTTPS connections insecure. Defaults to false.
  • use_aws_iam_authenticator: Optional. If true, the aws_iam_authenticator, required for connecting with EKS, is used. Requires aws_eks_cluster_name. Defaults to false.
  • aws_eks_cluster_name: Optional. the AWS EKS cluster name, required when use_aws_iam_authenticator is true.
  • aws_eks_assume_role: Optional. the AWS IAM role ARN to assume.

Behavior

check: Do nothing.

in: Do nothing.

out: Control the Kubernetes cluster.

Control the Kubernetes cluster like kubectl apply, kubectl delete, kubectl label and so on.

Parameters

  • kubectl: Required. Specify the operation that you want to perform on one or more resources, for example apply, delete, label.
  • context: Optional. The context to use when specifying a kubeconfig or kubeconfig_file
  • wait_until_ready: Optional. The number of seconds that waits until all pods are ready. 0 means don't wait. Defaults to 30.
  • wait_until_ready_interval: Optional. The interval (sec) on which to check whether all pods are ready. Defaults to 3.
  • wait_until_ready_selector: Optional. A label selector to identify a set of pods which to check whether those are ready. Defaults to every pods in the namespace.
  • kubeconfig_file: Optional. The path of kubeconfig file. This param has priority over the kubeconfig of source configuration.
  • namespace: Optional. The namespace scope. It will override the namespace in other params and source configuration.

Example

resource_types:
- name: kubernetes
  type: docker-image
  source:
    repository: zlabjp/kubernetes-resource
    tag: "1.14"

resources:
- name: kubernetes-production
  type: kubernetes
  source:
    server: https://192.168.99.100:8443
    namespace: production
    token: {{kubernetes-production-token}}
    certificate_authority: {{kubernetes-production-cert}}
- name: my-app
  type: git
  source:
    ...

jobs:
- name: kubernetes-deploy-production
  plan:
  - get: my-app
    trigger: true
  - put: kubernetes-production
    params:
      kubectl: apply -f my-app/k8s -f my-app/k8s/production
      wait_until_ready_selector: app=myapp

Force update deployment

jobs:
- name: force-update-deployment
  serial: true
  plan:
  - put: mycluster
    params:
      kubectl: |
        patch deploy nginx -p '{"spec":{"template":{"metadata":{"labels":{"updated_at":"'$(date +%s)'"}}}}}'
      wait_until_ready_selector: run=nginx

Use a remote kubeconfig file fetched by s3-resource

resources:
- name: k8s-prod
  type: kubernetes

- name: kubeconfig-file
  type: s3
  source:
    bucket: mybucket
    versioned_file: config
    access_key_id: ((s3-access-key))
    secret_access_key: ((s3-secret))

- name: my-app
  type: git
  source:
    ...

jobs:
- name: k8s-deploy-prod
  plan:
  - aggregate:
    - get: my-app
      trigger: true
    - get: kubeconfig-file
  - put: k8s-prod
    params:
      kubectl: apply -f my-app/k8s -f my-app/k8s/production
      wait_until_ready_selector: app=myapp
      kubeconfig_file: kubeconfig-file/config

License

This software is released under the MIT License.

You can’t perform that action at this time.