This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
apiVersion: v1 | |
kind: Pod | |
metadata: | |
name: kubia | |
spec: | |
containers: | |
- image: luksa/kubia | |
name: kubia | |
ports: | |
- containerPort: 8080 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
set -o xtrace | |
/etc/eks/bootstrap.sh --apiserver-endpoint '<CLUSTER_ENDPOINT>' --b64-cluster-ca '<CLUSTER_CA>' '<CLUSTER_NAME>' --kubelet-extra-args '--register-with-taints=dedicated=app:NoSchedule --node-labels=kube/nodetype=app' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"Version": "2012-10-17", | |
"Statement": [ | |
{ | |
"Effect": "Allow", | |
"Principal": { | |
"AWS": "arn:aws:iam::<AWS_ACCOUNT_1>:root" | |
}, | |
"Action": "sts:AssumeRole", | |
"Condition": {} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# AWS provider | |
provider "aws" { | |
version = "~> 2.0" | |
region = "<AWS_REGION>" | |
} | |
# Assume role policy | |
resource "aws_iam_policy" "assume-role-<ROLE_NAME>" { | |
name = "Assume-Role-<ROLE_NAME>" | |
description = "Allow assuming <ROLE_NAME> role on <AWS_ACCOUNT_2> account" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#-- External provider ------------------------------------------------------- | |
provider "aws" { | |
version = "~> 2.0" | |
region = "<AWS_REGION>" | |
assume_role { | |
role_arn = "${var.provider_env_roles[terraform.workspace]}" | |
} | |
} | |
#-- var.tf ------------------------------------------------------------------- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
helm repo add gitlab https://charts.gitlab.io | |
helm install --namespace <NAMESPACE> --name gitlab-runner -f <PATH>/values.yaml gitlab/gitlab-runner |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## GitLab Runner Image | |
## ref: https://hub.docker.com/r/gitlab/gitlab-runner/tags/ | |
# image: gitlab/gitlab-runner:alpine-v11.6.0 | |
## Specify a imagePullPolicy | |
imagePullPolicy: IfNotPresent | |
## The GitLab Server URL (with protocol) that want to register the runner against | |
gitlabUrl: https://<GITLAB_URL> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Deployment step | |
deploy: | |
stage: deploy | |
image: alpine/helm:latest | |
script: | |
- helm init --client-only | |
- helm --namespace $NAMESPACE upgrade -i $REPO_NAME --set image.tag=$TAG,env=$ENV,image.repository=$REPO_REGISTRY_URL $PATH_TO_VALUES | |
tags: | |
- k8s | |
- dev |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Pipeline steps list | |
stages: | |
- test | |
- build | |
- deploy | |
# Lint and unit tests | |
lint-test: | |
stage: test | |
image: |