问题描述
我正在尝试使用Helm 3和jenkins部署k8s集群. Jenkins和k8s运行在不同的服务器上,我合并了kubeconfig文件,所有信息都放在一个配置文件./kube目录中.我想根据GIT_BRANCH值将我的应用程序部署到相关的环境和名称空间.以下脚本有两个问题.
I am trying to deploy k8s cluster using Helm 3 and jenkins. Jenkins and k8s running on different servers.I merged the kubeconfig files and I had all information in one config file ./kube directory. I would like to deploy my app to the related environment and namespace according to the GIT_BRANCH value. I have two question for below script.
1.我应该存储k8s集群凭证并在管道中使用的最佳方法是什么.我看到了一些插件,例如Kubernetes CLI,但是我不确定它是否可以满足我的要求.如果我使用此插件,则应该手动将k8s文件存储到Jenkins机器中,还是该插件已经可以通过上传配置文件来处理此问题.
1.What is the best way should I store k8s cluster credentials and will use in pipeline. I saw some plugins such as Kubernetes CLI but I can not be sure whether it will cover my requirement. If I use this plugin, should I store k8s file in to Jenkins machine manually or this plugin already handle this with uploading config file.
2.是否应该更改以下脚本中的任何内容以遵循最佳做法?
2.Should I change anything in below script to follow best practices?
stage('Deploy to dev'){
script{
steps{
if(env.GIT_BRANCH.contains("dev")){
def namespace="dev"
def ENV="development"
withCredentials([file(credentialsId: ...)]) {
// change context with related namespace
sh "kubectl config set-context $(kubectl config current-context) --namespace=${namespace}"
//Deploy with Helm
echo "Deploying"
sh "helm upgrade --install road-dashboard -f values.${ENV}.yaml --set tag=$TAG --namespace ${namespace}"
}
}
}
}
stage('Deploy to Test'){
script{
steps{
if(env.GIT_BRANCH.contains("test")){
def namespace="test"
def ENV="test"
withCredentials([file(credentialsId: ...)]) {
// change context with related namespace
sh "kubectl config set-context $(kubectl config current-context) --namespace=${namespace}"
//Deploy with Helm
echo "Deploying"
sh "helm upgrade --install road-dashboard -f values.${ENV}.yaml --set tag=$TAG --namespace ${namespace}"
}
}
}
}
}
stage ('Deploy to Production'){
when {
anyOf{
environment name: 'DEPLOY_TO_PROD' , value: 'true'
}
}
steps{
script{
DEPLOY_PROD = false
def namespace = "production"
withCredentials([file(credentialsId: 'kube-config', variable: 'kubecfg')]){
//Change context with related namespace
sh "kubectl config set-context $(kubectl config current-context) --namespace=${namespace}"
//Deploy with Helm
echo "Deploying to production"
sh "helm upgrade --install road-dashboard -f values.${ENV}.yaml --set tag=$TAG --namespace ${namespace}"
}
}
}
}
推荐答案
我从没有尝试过,但是从理论上讲,凭据变量可以用作环境变量.尝试使用KUBECONFIG
作为变量名
I have never tried this, but in theory the credentials variable is available as environment variable. Try to use KUBECONFIG
as a variable name
withCredentials([file(credentialsId: 'secret', variable: 'KUBECONFIG')]) {
// change context with related namespace
sh "kubectl config set-context $(kubectl config current-context) --namespace=${namespace}"
//Deploy with Helm
echo "Deploying"
sh "helm upgrade --install road-dashboard -f values.${ENV}.yaml --set tag=$TAG --namespace ${namespace}"
}
这篇关于在Jenkins中存储Kubernetes集群凭证并在声明式管道中使用的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!