Store Kubernetes Cluster Credentials in Jenkins and use in declarative pipeline

会有一股神秘感。 提交于 2020-01-25 09:26:11

问题


I am trying to deploy k8s cluster using Helm 3 and jenkins. Jenkins and k8s running on different servers.I merged the kubeconfig files and I had all information in one config file ./kube directory. I would like to deploy my app to the related environment and namespace according to the GIT_BRANCH value. I have two question for below script.

1.What is the best way should I store k8s cluster credentials and will use in pipeline. I saw some plugins such as Kubernetes CLI but I can not be sure whether it will cover my requirement. If I use this plugin, should I store k8s file in to Jenkins machine manually or this plugin already handle this with uploading config file.

2.Should I change anything in below script to follow best practices?

         stage('Deploy to dev'){
         script{
             steps{
                 if(env.GIT_BRANCH.contains("dev")){

                        def namespace="dev"
                        def ENV="development"

                        withCredentials([file(credentialsId: ...)]) {
                        // change context with related namespace
                        sh "kubectl config set-context $(kubectl config current-context) --namespace=${namespace}"

                        //Deploy with Helm
                        echo "Deploying"
                        sh "helm upgrade --install road-dashboard -f values.${ENV}.yaml --set tag=$TAG --namespace ${namespace}"    
                 }
             }
         }
     }

    stage('Deploy to Test'){
        script{
            steps{
                 if(env.GIT_BRANCH.contains("test")){

                        def namespace="test"
                        def ENV="test"

                        withCredentials([file(credentialsId: ...)]) {
                        // change context with related namespace
                        sh "kubectl config set-context $(kubectl config current-context) --namespace=${namespace}"


                        //Deploy with Helm
                        echo "Deploying"
                        sh "helm upgrade --install road-dashboard -f values.${ENV}.yaml --set tag=$TAG --namespace ${namespace}"
                    }
                }
            }
        }
    }

    stage ('Deploy to Production'){

        when {
            anyOf{
                environment name: 'DEPLOY_TO_PROD' , value: 'true'
            }
        }

        steps{
            script{
                DEPLOY_PROD = false
                def namespace = "production"

                withCredentials([file(credentialsId: 'kube-config', variable: 'kubecfg')]){
                    //Change context with related namespace
                    sh "kubectl config set-context $(kubectl config current-context) --namespace=${namespace}"

                    //Deploy with Helm
                    echo "Deploying to production"
                    sh "helm upgrade --install road-dashboard -f values.${ENV}.yaml --set tag=$TAG --namespace ${namespace}"
                }
            }
        }
    }

回答1:


I have never tried this, but in theory the credentials variable is available as environment variable. Try to use KUBECONFIG as a variable name

withCredentials([file(credentialsId: 'secret', variable: 'KUBECONFIG')]) {

  // change context with related namespace
  sh "kubectl config set-context $(kubectl config current-context) --namespace=${namespace}"

  //Deploy with Helm
  echo "Deploying"
  sh "helm upgrade --install road-dashboard -f values.${ENV}.yaml --set tag=$TAG --namespace ${namespace}"
}


来源:https://stackoverflow.com/questions/59769890/store-kubernetes-cluster-credentials-in-jenkins-and-use-in-declarative-pipeline

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!