Helm
The example Yaml configurations in this file are using the legacy 0.8 syntax. If you are using Drone 1.0 or Drone Cloud please ensure you use the appropriate 1.0 syntax. Learn more here.
This plugin allows you to run Kubernetes Helm as part of your pipeline.
helm init
helm upgrade --install RELEASE CHART
The plugin initialises helm first, then it issues the install/upgrade command. There are a few settings that
map to the equivalent helm
command.
Basic example:
pipeline:
helm_deploy:
image: quay.io/ipedrazas/drone-helm
skip_tls_verify: true
chart: ./charts/my-chart
release: ${DRONE_BRANCH}
values: secret.password=${SECRET_PASSWORD},image.tag=${TAG}
prefix: STAGING
namespace: development
This block will execute the following command:
helm upgrade --install ${DRONE_BRANCH} ./charts/my-chart --namespace development --set secret.password=${SECRET_PASSWORD},image.tag=${TAG}
There are a few parameters that will help you to manage your deployment the way you want, like enabling debug output or specifying the namespace where you want to initiaise tiller.
pipeline:
helm_deploy:
image: quay.io/ipedrazas/drone-helm
+ skip_tls_verify: true
chart: ./charts/my-chart
release: ${DRONE_BRANCH}
+ values: secret.password=${SECRET_PASSWORD},image.tag=${TAG}
+ prefix: STAGING
+ namespace: development
+ debug: true
+ tiller_ns: system
Parameter Reference
- namespace
- namespace where you want to install your chart. If you don’t specify this parameter,
default
namespace will be used. - chart
- chart that you want to install
- release
- name used in the helm command to specify the release. If you don’t specify the release, helm will generate a random name and you will not be able to upgrade that release.
- values
- values injected in helm command. These are the values you want to overwrite.
- prefix
- defines the prefix of all the secrets used in the plugin. If prefix is
DEV
and your secret should be namedDEV_PASSWORD
and the values would be${PASSWORD}
. Ifprefix
isPROD
the secret should be defined asPROD_PASSWORD
. This allows you to define different secrets for different - tiller_ns
- namespace where
tiller
will be installed. By default,tiller
is installed inkube-system
- debug
- very verbose output. it will display all the ENVVARS passed to the container. Very handy when debugging secrets.
- skip_tls_verify
- if you create your own SSL certificates, youi will need this flag to be true to avoid having connectivity issues.
- api_server
- kubernetes api server
- kubernetes_token
- kubernetes token to connect to the api server
Secret Reference
- There are a few secrets that the plugin expects to be able to connect to a kubernetes cluster
API_SERVER url to connect to the Kubernetes api server
KUBERNETES_TOKEN Kubernetes token used to connect to the api server.