Skip to content

Latest commit

 

History

History
51 lines (39 loc) · 1.35 KB

README.md

File metadata and controls

51 lines (39 loc) · 1.35 KB

drone-kubectl

This Drone plugin allows you to use kubectl without messing around with the authentication

Usage

# drone 1.0 syntax
kind: pipeline
name: deploy

steps:
  - name: deploy
    image: sinlead/drone-kubectl
    settings:
      kubernetes_server:
        from_secret: k8s_server
      kubernetes_cert:
        from_secret: k8s_cert
      kubernetes_token:
        from_secret: k8s_token
    commands:
      - kubectl create -f job_foo.yaml
      - kubectl wait --for=condition=complete -f job_foo.yaml

How to get the credentials

First, you need to have a service account with proper privileges and service-account-token.

You can find out your server URL which looks like https://xxx.xxx.xxx.xxx by the command:

kubectl config view -o jsonpath='{range .clusters[*]}{.name}{"\t"}{.cluster.server}{"\n"}{end}'

If the service account is deploy, you would have a secret named deploy-token-xxxx (xxxx is some random characters). You can get your token and certificate by the following commands:

cert:

kubectl get secret deploy-token-xxxx -o jsonpath='{.data.ca\.crt}' && echo

token:

kubectl get secret deploy-token-xxxx -o jsonpath='{.data.token}' | base64 --decode && echo

Special thanks

Inspired by drone-kubernetes.