kube-workflow
Advanced tools
Changelog
Readme
socialgouv/kube-workflow 🚀Deploy application over kubernetes
- uses: SocialGouv/kube-workflow@master
with:
environment: "dev"
token: ${{ secrets.GITHUB_TOKEN }}
kubeconfig: ${{ secrets.KUBECONFIG }}
rancherProjectId: ${{ secrets.RANCHER_PROJECT_ID }}
rancherProjectName: ${{ secrets.RANCHER_PROJECT_NAME }}
imagePackage: app
# imageName: fabrique/www
You can configure your project by adding .kube-workflow/common/values.yaml and .kube-workflow/$ENVIRONMENT/values.yaml.
# here you define variables shared by all helm subcharts/components
global: {}
# here you can configure components values, key same name as in `components` sections
app:
enabled: true
containerPort: 80
Here is the order, the last in the list is the last applied:
$KUBEWORKFLOW_ACTION/chart/values.yaml (the defaults).kube-workflow/common/values.yaml (the common project's config).kube-workflow/$ENVIRONMENT/values.yamlEvery yaml file in .kube-workflow/templates will be merged with the helm Chart templates folder before the build.
All theses files can use the Helm templating syntax (or not if you don't need it, helm template is a superset of yaml).
Both extensions yaml and yml are accepted.
Every yaml files in .kube-workflow/env/$ENVIRONMENT/templates will be merged with the helm Chart templates folder before the build, according to the environment input (dev | preprod | prod).
All theses files can use the Helm templating syntax.
Usually, that's where you put your ConfigMap and SealedSecrets ressources.
Everything is overridable using filesystem merging.
The .kube-workflow directoty of your project will be merged and eventually overwrite content of this repository chart directory.
Chart.yaml in the directory .kube-workflow. More often, you can use kustomize to adjust the manifests.The kustomization patches are applied after Helm template rendering.
The kustomization entrypoint is $KUBEWORKFLOW_ACTION/env/$ENVIRONMENT/kustomization.yaml.
To override it, create a file called .kube-workflow/env/$ENVIRONMENT/kustomization.yaml in your project and containing:
resources:
- ../../common
patches:
# ... put your patches here
By doing this way you just optouted from generic kustomization for the selected environment.
If you want (and more often you want) to keep the generic kustomization, containing some infra logic defined by the advised SRE team, you can extends it like this.
resources:
- ../../common.autodevops
patches:
# ... put your patches here
You can do it as well for the common base file called by environment kustomizations, just add a file called .kube-workflow/common/kustomization.yaml in your project and containing:
resources:
# - ../base # here is if you want to optout
- ../common.autodevops # here is if you want to extends from autodevops default settings
patches:
- target:
kind: Ingress
patch: |
- op: add
path: "/metadata/annotations~1nginx.ingress.kubernetes.io~1configuration-snippet"
value: |
more_set_headers "Content-Security-Policy: default-src 'none'; connect-src 'self' https://*.gouv.fr; font-src 'self'; img-src 'self'; prefetch-src 'self' https://*.gouv.fr; script-src 'self' https://*.gouv.fr; frame-src 'self' https://*.gouv.fr; style-src 'self' 'unsafe-inline'";
more_set_headers "X-Frame-Options: deny";
more_set_headers "X-XSS-Protection: 1; mode=block";
more_set_headers "X-Content-Type-Options: nosniff";
- target:
kind: Deployment
path: patches/kapp-delete-orphan.yaml
- target:
kind: Service
path: patches/kapp-delete-orphan.yaml
- target:
kind: Ingress
path: patches/kapp-delete-orphan.yaml
# - target:
# kind: Service
# path: patches/kapp.yaml
If you think you patches can be reused by other project, contribute to chart/patches folder of the action by sharing them.
curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash
curl -s "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh" | bash
npx kube-workflow b
# get kube-workflow
export KUBEWORKFLOW_PATH=$PWD/kube-workflow
git clone https://github.com/SocialGouv/kube-workflow $KUBEWORKFLOW_PATH
yarn --cwd $KUBEWORKFLOW_PATH
# get the project repository, here template for example
export WORKSPACE_PATH=$PWD/template
git clone https://github.com/SocialGouv/template $WORKSPACE_PATH
# run manifest generation as snapshots using symlink to tests
REPOSITORY_NAME=$(basename $WORKSPACE_PATH)
ln -s $WORKSPACE_PATH/.kube-workflow $KUBEWORKFLOW_PATH/tests/samples/$REPOSITORY_NAME
cd $KUBEWORKFLOW_PATH
yarn test -t $REPOSITORY_NAME
then check content of
to enable correct syntax recognition and coloration of yaml helm templates in vscode, enable Kubenernetes extension
Resources:
FAQs
Unknown package
The npm package kube-workflow receives a total of 5 weekly downloads. As such, kube-workflow popularity was classified as not popular.
We found that kube-workflow demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
The JavaScript community has launched the e18e initiative to improve ecosystem performance by cleaning up dependency trees, speeding up critical parts of the ecosystem, and documenting lighter alternatives to established tools.
Product
Socket now supports four distinct alert actions instead of the previous two, and alert triaging allows users to override the actions taken for all individual alerts.
Security News
Polyfill.io has been serving malware for months via its CDN, after the project's open source maintainer sold the service to a company based in China.