-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Pablo Moreira Marques
committed
Mar 14, 2022
0 parents
commit 8d90b4a
Showing
4 changed files
with
247 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,13 @@ | ||
| FROM ubuntu:22.04 | ||
|
|
||
| RUN apt-get update -y && \ | ||
| apt-get install unzip curl -y && \ | ||
| curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" && \ | ||
| unzip awscliv2.zip && \ | ||
| ./aws/install && \ | ||
| curl -LO https://dl.k8s.io/release/v1.23.0/bin/linux/amd64/kubectl && \ | ||
| install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl | ||
|
|
||
| COPY entrypoint.sh /entrypoint.sh | ||
|
|
||
| ENTRYPOINT ["/entrypoint.sh"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,147 @@ | ||
| # kubectl-eks | ||
|
|
||
| Action to apply artifacts files in your [EKS](https://aws.amazon.com/pt/eks/) cluster. | ||
|
|
||
| This action enables you to apply kubernetes artifacts files just pointing the path where your file is. | ||
|
|
||
| <br> | ||
|
|
||
| # Example | ||
| ```yml | ||
| name: Build | ||
|
|
||
| on: | ||
| push: | ||
| branches: [ main ] | ||
|
|
||
| deploy: | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - | ||
| name: Checkout | ||
| uses: actions/checkout@v2 | ||
| - | ||
| name: Deployment | ||
| uses: Pablommr/[email protected] | ||
| env: | ||
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | ||
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | ||
| KUBECONFIG: ${{ secrets.KUBECONFIG }} | ||
| KUBE_YAML: path_to_file/file.yml | ||
| ``` | ||
| <br> | ||
| # Usage | ||
| To use this action, you just need a user that have heve permission to apply artifacts in your EKS cluster (More info see in this [link](https://docs.aws.amazon.com/eks/latest/userguide/add-user-role.html)), and setup some ENV's variables listed next. | ||
| <br> | ||
| # ENV's | ||
| ## Required | ||
| ### `AWS_ACCESS_KEY_ID` | ||
|
|
||
| AWS access key id for IAM role. | ||
|
|
||
| ### `AWS_SECRET_ACCESS_KEY` | ||
|
|
||
| AWS secret key for IAM role. | ||
|
|
||
| ### `KUBECONFIG` | ||
|
|
||
| Environment variable name containing base64-encoded kubeconfig data. Need atention with profile name that must be the same in AWS_PROFILE_NAME. | ||
|
|
||
| ### `KUBE_YAML` | ||
|
|
||
| Path to file used to create/update the resource. | ||
|
|
||
| <br> | ||
|
|
||
| ## Optional | ||
|
|
||
| ### `AWS_PROFILE_NAME` | ||
|
|
||
| Profile name to be configured. If not passed, this env assume the value 'default' | ||
|
|
||
| ### `ENVSUBST` | ||
| (boolean) | ||
|
|
||
| Whether to run envsubst to substitute environment variables inside the file in KUBE_YAML. Your variable inside your file need begin with "$". If not passed, this env assume the value 'false' | ||
|
|
||
| ### `KUBE_ROLLOUT` | ||
| (boolean) | ||
|
|
||
| Whether to watch the status of the latest rollout until it's done. The rollout onlly works to deployment/statefulset/daemonset and only be executed if the POD's applyed by KUBE_YAML finalize with unchaged status. | ||
|
|
||
| <br> | ||
|
|
||
| # Use case | ||
|
|
||
| Let's suppose you need apply 3 artifacts in you EKS, one deployment, one service, and one configmap, add all your kubernetes artifacts are inside in folder kubernetes, some like this: | ||
|
|
||
| ``` | ||
| ├── README.md | ||
| ├── app | ||
| | └── files | ||
| ├── kubernetes | ||
| | ├── service.yml | ||
| | ├── configmap.yaml | ||
| | └── deployment.yml | ||
| └── another_files | ||
| ``` | ||
| You already set up your build and just need apply in your kubernetes. You have the premise that always the pipeline run, even that change was in the configmap for exemple, you will need rollout the pods, and you will need too substitute your variables inside deployment.yml for some another value. Let's assume you want to change the image tag, so you can name your tag in image line in deployment.yml with some name, for example $IMAGE_TAG, like this: | ||
|
|
||
| ``` | ||
| image: nginx:$IMAGE_TAG | ||
| ``` | ||
|
|
||
| And then pass the IMAGE_TAG as a env with value wished. | ||
|
|
||
| So, you can configure your pipeline in this way: | ||
|
|
||
|
|
||
|
|
||
| ```yml | ||
| name: Build | ||
| on: | ||
| push: | ||
| branches: [ main ] | ||
| workflow_dispatch: | ||
| env: | ||
| AWS_PROFILE_NAME: default | ||
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | ||
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | ||
| KUBECONFIG: ${{ secrets.KUBECONFIG }} | ||
| deploy: | ||
| runs-on: ubuntu-latest | ||
| needs: build_and_push | ||
| steps: | ||
| - | ||
| name: Checkout | ||
| uses: actions/checkout@v2 | ||
| - | ||
| name: Service | ||
| uses: Pablommr/[email protected] | ||
| env: | ||
| KUBE_YAML: kubernetes/service.yml | ||
| - | ||
| name: Configmap | ||
| uses: Pablommr/[email protected] | ||
| env: | ||
| KUBE_YAML: kubernetes/configmap.yml | ||
| - | ||
| name: Deployment | ||
| uses: Pablommr/[email protected] | ||
| env: | ||
| KUBE_YAML: kubernetes/deployment.yml | ||
| ENVSUBST: true | ||
| KUBE_ROLLOUT: true | ||
| IMAGE_TAG: 1.21.6 | ||
| ``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,10 @@ | ||
|
|
||
| name: kubernetes-eks | ||
| description: "Apply yaml file in kubernetes cluster" | ||
| author: 'Pablo M Marques' | ||
| branding: | ||
| icon: 'anchor' | ||
| color: 'blue' | ||
| runs: | ||
| using: 'docker' | ||
| image: 'Dockerfile' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,77 @@ | ||
| #!/bin/bash | ||
|
|
||
| set -e | ||
|
|
||
| echo "Checking ENVs..." | ||
|
|
||
| #Check if ENVs is fulfiled | ||
| if [ -z "$AWS_ACCESS_KEY_ID" ] | ||
| then | ||
| echo 'Env AWS_ACCESS_KEY_ID is empty! Please, fulfil it with your aws access key...' | ||
| exit 1 | ||
| elif [ -z "$AWS_SECRET_ACCESS_KEY" ] | ||
| then | ||
| echo 'Env AWS_SECRET_ACCESS_KEY is empty! Please, fulfil with your aws access secret...' | ||
| exit 1 | ||
| elif [ -z "$KUBECONFIG" ] | ||
| then | ||
| echo 'Env KUBECONFIG is empty! Please, fulfil it with your kubeconfig in base64...' | ||
| exit 1 | ||
| elif [ ! -e "$(eval echo $KUBE_YAML)" ] | ||
| then | ||
| echo "Env KUBE_YAML is empty or file doesn't exist! Please, fulfil it with full path where your file is..." | ||
| exit 1 | ||
| elif [ -z "$AWS_PROFILE_NAME" ] | ||
| then | ||
| AWS_PROFILE_NAME='default' | ||
| echo 'Env AWS_PROFILE_NAME is empty! Using default.' | ||
| else | ||
| echo 'Envs filled!' | ||
| fi | ||
|
|
||
| echo "" | ||
|
|
||
| mkdir -p ~/.aws | ||
| mkdir -p ~/.kube | ||
|
|
||
| AWS_CREDENTIALS_PATH='~/.aws/credentials' | ||
| KUBECONFIG_PATH='~/.kube/config' | ||
|
|
||
| #fulfiling the files | ||
| echo "[$AWS_PROFILE_NAME]" > $(eval echo $AWS_CREDENTIALS_PATH) | ||
| echo "aws_access_key_id = $AWS_ACCESS_KEY_ID" >> $(eval echo $AWS_CREDENTIALS_PATH) | ||
| echo "aws_secret_access_key = $AWS_SECRET_ACCESS_KEY" >> $(eval echo $AWS_CREDENTIALS_PATH) | ||
|
|
||
| echo "$KUBECONFIG" |base64 -d > $(eval echo $KUBECONFIG_PATH) | ||
|
|
||
| #Unset var to make sure ther are no conflict | ||
| unset KUBECONFIG | ||
|
|
||
| #Alter files if ENVSUBS=true | ||
| if [ "$ENVSUBST" = true ]; then | ||
|
|
||
| for ENV_VAR in $(env |cut -f 1 -d =); do | ||
| VAR_KEY=$ENV_VAR | ||
| VAR_VALUE=$(eval echo \$$ENV_VAR | sed 's/\//\\\//g') | ||
| sed -i "s/\$$VAR_KEY/$VAR_VALUE/g" $KUBE_YAML | ||
| done | ||
|
|
||
| fi | ||
|
|
||
| echo "Applying file:" | ||
|
|
||
| #Applying artifact | ||
| KUBE_APPLY=$(kubectl apply -f $KUBE_YAML) | ||
| echo $KUBE_APPLY | ||
|
|
||
| #Verify and execute rollout | ||
| if [ "$KUBE_ROLLOUT" = true ] && [ "$(echo $KUBE_APPLY |sed 's/.* //')" = unchanged ]; then | ||
| echo "" | ||
| echo "Applying rollout:" | ||
| kubectl rollout restart --filename $KUBE_YAML | ||
| kubectl rollout status --filename $KUBE_YAML | ||
| fi | ||
|
|
||
| echo "" | ||
|
|
||
| echo "All done! =D" |