Skip to content

Instantly share code, notes, and snippets.

@shalkam

shalkam/.gitlab-ci.yml

Created May 20, 2019 08:52
Show Gist options
  • Star 3 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save shalkam/f815cae93e6fa5858c14e0ddf5cd70f6 to your computer and use it in GitHub Desktop.
Save shalkam/f815cae93e6fa5858c14e0ddf5cd70f6 to your computer and use it in GitHub Desktop.
Download ZIP
using service account
Raw
.gitlab-ci.yml
stages:
- deploy
deploy_app:
image: bitnami/kubectl:latest
stage: deploy
environment: production
script:
- USER_TOKEN=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token)
- CERTIFICATE_AUTHORITY_DATA=$(cat /var/run/secrets/kubernetes.io/serviceaccount/ca.crt | base64 -i -w0 -)
- kubectl config set-cluster k8s --server="https://kubernetes.default.svc"
- kubectl config set clusters.k8s.certificate-authority-data ${CERTIFICATE_AUTHORITY_DATA}
- kubectl config set-credentials gitlab --token="${USER_TOKEN}"
- kubectl config set-context default --cluster=k8s --user=gitlab
- kubectl config use-context default
- kubectl set image deployment my-app web=${CI_REGISTRY}/user/repo/${CI_PROJECT_PATH_SLUG}:${CI_COMMIT_SHORT_SHA} --kubeconfig ./config --namespace default
@vbem
Copy link

vbem commented Jan 6, 2021

Cool idea when using kubectl in gitlab-runner in K8S pod. May a one-line way be:

kubectl --server="https://kubernetes.default.svc" --certificate-authority=/var/run/secrets/kubernetes.io/serviceaccount/ca.crt --token=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token) sub-commands

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment