This repository has been archived on 2024-09-11. You can view files and clone it, but cannot push or open issues or pull requests.
k8s-cluster-config/.drone.yml
Nikolai Rodionov c1b3933f22 revert 0f56b9d028
revert Remove a leaked secret and remove Kubeconfig
2023-05-21 10:08:53 +00:00

109 lines
2.5 KiB
YAML

---
# ----------------------------------------------
# -- Helmfile diff changes
# ----------------------------------------------
kind: pipeline
type: docker
name: Show helmfile diffs
platform:
os: linux
arch: amd64
trigger:
branch:
exclude:
- main
event:
- push
steps:
- name: Diff badhouseplants
image: ghcr.io/helmfile/helmfile:canary
environment:
KUBECONFIG_CONTENT:
from_secret: KUBECONFIG_CONTENT
SOPS_AGE_KEY:
from_secret: SOPS_AGE_KEY
commands:
- mkdir $HOME/.kube
- echo $KUBECONFIG_CONTENT | base64 -d > $HOME/.kube/config
- helmfile -e badhouseplants diff --suppress-secrets
- name: Diff eterosoft
image: ghcr.io/helmfile/helmfile:canary
environment:
SOPS_AGE_KEY:
from_secret: SOPS_AGE_KEY
KUBECONFIG_CONTENT:
from_secret: KUBECONFIG_CONTENT
commands:
- mkdir $HOME/.kube
- echo $KUBECONFIG_CONTENT | base64 -d > $HOME/.kube/config
- helmfile -e etersoft diff --suppress-secrets
---
# ----------------------------------------------
# -- Helmfile apply changes
# ----------------------------------------------
kind: pipeline
type: docker
name: Apply helmfile changes
platform:
os: linux
arch: amd64
trigger:
branch:
- main
event:
- push
steps:
- name: Apply badhouseplants
image: ghcr.io/helmfile/helmfile:canary
environment:
KUBECONFIG_CONTENT:
from_secret: KUBECONFIG_CONTENT
SOPS_AGE_KEY:
from_secret: SOPS_AGE_KEY
commands:
- mkdir $HOME/.kube
- echo $KUBECONFIG_CONTENT | base64 -d > $HOME/.kube/config
- helmfile -e badhouseplants apply --suppress-secrets
- name: Apply eterosoft
image: ghcr.io/helmfile/helmfile:canary
environment:
KUBECONFIG_CONTENT:
from_secret: KUBECONFIG_CONTENT
SOPS_AGE_KEY:
from_secret: SOPS_AGE_KEY
commands:
- mkdir $HOME/.kube
- echo $KUBECONFIG_CONTENT | base64 -d > $HOME/.kube/config
- helmfile -e etersoft apply --suppress-secrets
---
# ----------------------------------------------
# -- Check da helm pipeline
# ----------------------------------------------
kind: pipeline
type: docker
name: Check helmfiles
trigger:
event:
- cron
cron:
- daily
steps:
- name: Check badhouseplants
image: ghcr.io/allanger/check-da-helm-helmfile-secrets:stable
environment:
RUST_LOG: info
SOPS_AGE_KEY:
from_secret: SOPS_AGE_KEY
commands:
- cdh --kind helmfile -p $DRONE_WORKSPACE/helmfile.yaml --helmfile-environment badhouseplants -o