drone-kubernetes/update.sh

#!/bin/bash
set -euo pipefail

if [ ! -z ${PLUGIN_KUBERNETES_USER} ]; then
  KUBERNETES_USER=${PLUGIN_KUBERNETES_USER:-default}
fi

if [ ! -z ${PLUGIN_KUBERNETES_ENV} ]; then
  KUBERNETES_ENV=${PLUGIN_KUBERNETES_ENV}

  KUBERNETES_SERVER_VAR=KUBERNETES_SERVER_${KUBERNETES_ENV}
  KUBERNETES_CERT_VAR=KUBERNETES_SERVER_CERT_${KUBERNETES_ENV}

  KUBERNETES_SERVER=${!KUBERNETES_SERVER_VAR}
  KUBERNETES_CERT=${!KUBERNETES_CERT_VAR}

  if [[ -z "${KUBERNETES_SERVER}" ]]; then
    echo "ERROR: drone secret ${KUBERNETES_SERVER_VAR} not added!"
    exit 1
  fi

  if [[ -z "${KUBERNETES_CERT}" ]]; then
    echo "ERROR: drone secret ${KUBERNETES_CERT_VAR} not added!"
    echo "Inscure connection to the cluster will be used."
  fi
else
  echo "ERROR: kubernetes_env not provided"
  exit 1
fi

if [ -z ${PLUGIN_NAMESPACE} ]; then
  PLUGIN_NAMESPACE="default"
fi

if [[ ! -z "${KUBERNETES_CLIENT_CERT}" ]] && [[ ! -z "${KUBERNETES_CLIENT_KEY}" ]]; then
  echo "INFO: Setting client credentials with signed-certificate and key."
  echo ${KUBERNETES_CLIENT_CERT} | base64 -d > client.crt
  echo ${KUBERNETES_CLIENT_KEY} | base64 -d > client.key
  kubectl config set-credentials ${KUBERNETES_USER} --client-certificate=client.crt --client-key=client.key
else
  echo "ERROR: Provide the following authentication params:"
  echo " - kubernetes_client_cert"
  echo " - kubernetes_client_key"
  echo "as drone secrets"
  exit 1
fi

if [ ! -z "${KUBERNETES_CERT}" ]; then
  echo "INFO: Using secure connection with tls-certificate."
  echo ${KUBERNETES_CERT} | base64 -d > ca.crt
  kubectl config set-cluster default --server=${KUBERNETES_SERVER} --certificate-authority=ca.crt
else
  echo "WARNING: Using insecure connection to cluster"
  kubectl config set-cluster default --server=${KUBERNETES_SERVER} --insecure-skip-tls-verify=true
fi

kubectl config set-context default --cluster=default --user=${KUBERNETES_USER}
kubectl config use-context default

# kubectl version
IFS=',' read -r -a DEPLOYMENTS <<< "${PLUGIN_DEPLOYMENT}"
IFS=',' read -r -a CONTAINERS <<< "${PLUGIN_CONTAINER}"
for DEPLOY in ${DEPLOYMENTS[@]}; do
  echo Deploying to ${KUBERNETES_ENV}
  for CONTAINER in ${CONTAINERS[@]}; do
    kubectl -n ${PLUGIN_NAMESPACE} set image deployment/${DEPLOY} \
      ${CONTAINER}=${PLUGIN_REPO}:${PLUGIN_TAG} --record
  done
done
Use bash 2017-02-08 06:04:53 +00:00			`#!/bin/bash`
adds bash flags 2017-12-11 10:10:44 +00:00			`set -euo pipefail`
First version 2017-01-13 10:07:48 +00:00
script: update: drops base64 enc of certs, fixes bash errs 2018-01-09 22:32:29 +00:00			`if [ ! -z ${PLUGIN_KUBERNETES_USER} ]; then`
			`KUBERNETES_USER=${PLUGIN_KUBERNETES_USER:-default}`
Add namespace option 2017-01-16 02:00:29 +00:00			`fi`

script: update: drops base64 enc of certs, fixes bash errs 2018-01-09 22:32:29 +00:00			`if [ ! -z ${PLUGIN_KUBERNETES_ENV} ]; then`
			`KUBERNETES_ENV=${PLUGIN_KUBERNETES_ENV}`

			`KUBERNETES_SERVER_VAR=KUBERNETES_SERVER_${KUBERNETES_ENV}`
			`KUBERNETES_CERT_VAR=KUBERNETES_SERVER_CERT_${KUBERNETES_ENV}`
Add handling environments 2017-02-07 06:09:44 +00:00
script: update: drops base64 enc of certs, fixes bash errs 2018-01-09 22:32:29 +00:00			`KUBERNETES_SERVER=${!KUBERNETES_SERVER_VAR}`
			`KUBERNETES_CERT=${!KUBERNETES_CERT_VAR}`

			`if [[ -z "${KUBERNETES_SERVER}" ]]; then`
			`echo "ERROR: drone secret ${KUBERNETES_SERVER_VAR} not added!"`
			`exit 1`
			`fi`

			`if [[ -z "${KUBERNETES_CERT}" ]]; then`
			`echo "ERROR: drone secret ${KUBERNETES_CERT_VAR} not added!"`
			`echo "Inscure connection to the cluster will be used."`
			`fi`
adds more verbosity 2017-12-11 11:55:48 +00:00			`else`
script: update: drops base64 enc of certs, fixes bash errs 2018-01-09 22:32:29 +00:00			`echo "ERROR: kubernetes_env not provided"`
			`exit 1`
Fix logic for Cert usage 2017-02-20 10:06:46 +00:00			`fi`

script: update: drops base64 enc of certs, fixes bash errs 2018-01-09 22:32:29 +00:00			`if [ -z ${PLUGIN_NAMESPACE} ]; then`
			`PLUGIN_NAMESPACE="default"`
adds: k8s-user, client-cert/key based auth 2017-12-09 10:18:31 +00:00			`fi`

script: update: drops base64 enc of certs, fixes bash errs 2018-01-09 22:32:29 +00:00			`if [[ ! -z "${KUBERNETES_CLIENT_CERT}" ]] && [[ ! -z "${KUBERNETES_CLIENT_KEY}" ]]; then`
adds execution step messages 2017-12-09 11:38:57 +00:00			`echo "INFO: Setting client credentials with signed-certificate and key."`
readded base64 decode 2018-01-09 23:05:00 +00:00			`echo ${KUBERNETES_CLIENT_CERT} \| base64 -d > client.crt`
			`echo ${KUBERNETES_CLIENT_KEY} \| base64 -d > client.key`
adds: k8s-user, client-cert/key based auth 2017-12-09 10:18:31 +00:00			`kubectl config set-credentials ${KUBERNETES_USER} --client-certificate=client.crt --client-key=client.key`
adds more verbosity 2017-12-11 11:55:48 +00:00			`else`
script: update: drops base64 enc of certs, fixes bash errs 2018-01-09 22:32:29 +00:00			`echo "ERROR: Provide the following authentication params:"`
			`echo " - kubernetes_client_cert"`
			`echo " - kubernetes_client_key"`
			`echo "as drone secrets"`
adds more verbosity 2017-12-11 11:55:48 +00:00			`exit 1`
adds: k8s-user, client-cert/key based auth 2017-12-09 10:18:31 +00:00			`fi`

script: update: drops base64 enc of certs, fixes bash errs 2018-01-09 22:32:29 +00:00			`if [ ! -z "${KUBERNETES_CERT}" ]; then`
adds execution step messages 2017-12-09 11:38:57 +00:00			`echo "INFO: Using secure connection with tls-certificate."`
readded base64 decode 2018-01-09 23:05:00 +00:00			`echo ${KUBERNETES_CERT} \| base64 -d > ca.crt`
Add support for TLS Verification 2017-02-20 09:22:24 +00:00			`kubectl config set-cluster default --server=${KUBERNETES_SERVER} --certificate-authority=ca.crt`
			`else`
Clarify TLS Verfication impact 2017-02-20 10:20:47 +00:00			`echo "WARNING: Using insecure connection to cluster"`
Add support for TLS Verification 2017-02-20 09:22:24 +00:00			`kubectl config set-cluster default --server=${KUBERNETES_SERVER} --insecure-skip-tls-verify=true`
			`fi`

script: update: drops base64 enc of certs, fixes bash errs 2018-01-09 22:32:29 +00:00			`kubectl config set-context default --cluster=default --user=${KUBERNETES_USER}`
First version 2017-01-13 10:07:48 +00:00			`kubectl config use-context default`
Clarify TLS Verfication impact 2017-02-20 10:20:47 +00:00
Remove erroneous -O flag for curl 2017-02-20 11:08:45 +00:00			`# kubectl version`
Add loop on containers 2017-03-07 09:53:50 +00:00			`IFS=',' read -r -a DEPLOYMENTS <<< "${PLUGIN_DEPLOYMENT}"`
			`IFS=',' read -r -a CONTAINERS <<< "${PLUGIN_CONTAINER}"`
Fix for 2017-02-08 06:22:54 +00:00			`for DEPLOY in ${DEPLOYMENTS[@]}; do`
readded base64 decode 2018-01-09 23:05:00 +00:00			`echo Deploying to ${KUBERNETES_ENV}`
Add loop on containers 2017-03-07 09:53:50 +00:00			`for CONTAINER in ${CONTAINERS[@]}; do`
			`kubectl -n ${PLUGIN_NAMESPACE} set image deployment/${DEPLOY} \`
show detail image rolling update detail in rolling back easy to know which version I should apply 2017-05-10 02:50:51 +00:00			`${CONTAINER}=${PLUGIN_REPO}:${PLUGIN_TAG} --record`
Add loop on containers 2017-03-07 09:53:50 +00:00			`done`
Handle arrays in deployment 2017-02-08 05:45:22 +00:00			`done`