This plugin allows to deploy a Helm chart into a Kubernetes cluster.
- Current
helmversion: 2.2.2 - Current
kubectlversion: 1.5.3
For example, this configuration will deploy my-app using a chart located in the repo called my-chart
pipeline:
helm_deploy:
image: quay.io/ipedrazas/drone-helm
skip_tls_verify: true
chart: ./charts/my-chart
release: ${DRONE_BRANCH}
values: secret.password=${SECRET_PASSWORD},image.tag=${DRONE_BRANCH}-${DRONE_COMMIT_SHA:0:7}
prefix: STAGING
debug: true
wait: true
when:
branch: [master]Last update of Drone expect you to declare the secrets you want to use:
helm_deploy:
image: quay.io/ipedrazas/drone-helm
chart: ./chart/blog
release: ${DRONE_BRANCH}-blog
values: image.tag=${DRONE_BRANCH}-${DRONE_COMMIT_SHA:0:7}
prefix: PROD
secrets: [ prod_api_server, prod_kubernetes_token ]
when:
branch: [master]Values can be passed using the values_files key. Use this option to define your values in a set of files
and pass them to helm. This option trigger the -f or --values flag in helm:
--values valueFiles specify values in a YAML file (can specify multiple) (default [])
For example:
pipeline:
helm_deploy:
image: quay.io/ipedrazas/drone-helm
skip_tls_verify: true
chart: ./charts/my-chart
release: ${DRONE_BRANCH}
values_files: ["global-values.yaml", "myenv-values.yaml"]
when:
branch: [master]There are two secrets you have to create (Note that if you specify the prefix, your secrets have to be created using that prefix):
drone secret add --image=quay.io/ipedrazas/drone-helm \
your-user/your-repo STAGING_API_SERVER https://mykubernetesapiserver
drone secret add --image=quay.io/ipedrazas/drone-helm \
your-user/your-repo STAGING_KUBERNETES_TOKEN eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJrdWJ...
drone secret add --image=quay.io/ipedrazas/drone-helm \
your-user/your-repo STAGING_SECRET_PASSWORD Sup3rS3cr3tPrefix helps you to use the same block in different environments:
pipeline:
helm_deploy_staging:
image: quay.io/ipedrazas/drone-helm
skip_tls_verify: true
chart: ./charts/my-chart
release: ${DRONE_BRANCH}
values: secret.password=${SECRET_PASSWORD},image.tag=${DRONE_BRANCH}-${DRONE_COMMIT_SHA:0:7}
prefix: STAGING
debug: true
wait: true
when:
branch:
exclude: [ master ]
pipeline_production:
helm_deploy:
image: quay.io/ipedrazas/drone-helm
skip_tls_verify: true
chart: ./charts/my-chart
release: ${DRONE_BRANCH}
values: secret.password=${SECRET_PASSWORD},image.tag=${DRONE_BRANCH}-${DRONE_COMMIT_SHA:0:7}
prefix: PROD
debug: true
wait: true
when:
branch: [master]This last block defines how the plugin will deploy
To test the plugin, you can run minikube and just run the docker image as follows:
docker run --rm \
-e PLUGIN_API_SERVER=https://192.168.64.5:8443 \
-e PLUGIN_TOKEN="" \
-e PLUGIN_NAMESPACE=default \
-e PLUGIN_SKIP_TLS_VERIFY=true \
-e PLUGIN_RELEASE=my-release \
-e PLUGIMN_CHART=stable/redis \
-e PLUGIN_VALUES="tag=TAG,api=API" \
-e PLUGIN_DEBUG=true \
-e PLUGIN_DRY_RUN=true \
-e DRONE_BUILD_EVENT=push \
quay.io/ipedrazas/drone-helmThis plugin installs Tiller in the cluster, if you want to specify the namespace where tiller ins installed, use the tiller_ns attribute.
The following example will install tiller in the operations namespace:
pipeline_production:
helm_deploy:
image: quay.io/ipedrazas/drone-helm
skip_tls_verify: true
chart: ./charts/my-chart
release: ${DRONE_BRANCH}
values: image.tag=${DRONE_BRANCH}-${DRONE_COMMIT_SHA:0:7}
prefix: PROD
tiller_ns: operations
when:
branch: [master]There's an option to do a dry-run in case you want to verify that the secrets and envvars are replaced correctly. Just add the attribute dry-run to true:
pipeline_production:
helm_deploy:
image: quay.io/ipedrazas/drone-helm
skip_tls_verify: true
chart: ./charts/my-chart
release: ${DRONE_BRANCH}
values: image.tag=${DRONE_BRANCH}-${DRONE_COMMIT_SHA:0:7}
prefix: STAGING
dry-run:true
when:
branch: [master]Happy Helming!