From 1b3c6e0e451d8ef7a6d60f2d13e31d8bbcbdb444 Mon Sep 17 00:00:00 2001 From: walkafwalka Date: Thu, 17 Jan 2019 18:16:11 -0800 Subject: [PATCH 1/2] Force Auto DevOps redeployment when application secrets are updated --- .../unreleased/force-redeploy-on-updated-secrets.yml | 5 +++++ lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml | 8 ++++++++ 2 files changed, 13 insertions(+) create mode 100644 changelogs/unreleased/force-redeploy-on-updated-secrets.yml diff --git a/changelogs/unreleased/force-redeploy-on-updated-secrets.yml b/changelogs/unreleased/force-redeploy-on-updated-secrets.yml new file mode 100644 index 00000000000..3b727c99dd5 --- /dev/null +++ b/changelogs/unreleased/force-redeploy-on-updated-secrets.yml @@ -0,0 +1,5 @@ +--- +title: Redeploy Auto DevOps deployment on variable updates +merge_request: 24498 +author: walkafwalka +type: added diff --git a/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml b/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml index 95160e1432f..d2a1f944c56 100644 --- a/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml +++ b/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml @@ -621,6 +621,12 @@ rollout 100%: --from-env-file <(k8s_prefixed_variables) -o yaml --dry-run | kubectl replace -n "$KUBE_NAMESPACE" --force -f - ' + + function k8s_prefixed_variables() { + env | sed -n "s/^K8S_SECRET_\(.*\)$/\1/p" + } + + APPLICATION_SECRET_CHECKSUM=$(k8s_prefixed_variables | sha256sum | cut -d ' ' -f 1) } function deploy_name() { @@ -688,6 +694,7 @@ rollout 100%: --set application.track="$track" \ --set application.database_url="$DATABASE_URL" \ --set application.secretName="$APPLICATION_SECRET_NAME" \ + --set application.secretChecksum="$APPLICATION_SECRET_CHECKSUM" \ --set service.url="$CI_ENVIRONMENT_URL" \ --set service.additionalHosts="$additional_hosts" \ --set replicaCount="$replicas" \ @@ -722,6 +729,7 @@ rollout 100%: --set application.track="$track" \ --set application.database_url="$DATABASE_URL" \ --set application.secretName="$APPLICATION_SECRET_NAME" \ + --set application.secretChecksum="$APPLICATION_SECRET_CHECKSUM" \ --set service.url="$CI_ENVIRONMENT_URL" \ --set service.additionalHosts="$additional_hosts" \ --set replicaCount="$replicas" \ From 338f4b699494baca5b30c8c644db4cadf2afa99f Mon Sep 17 00:00:00 2001 From: walkafwalka Date: Sat, 19 Jan 2019 09:12:33 -0800 Subject: [PATCH 2/2] Changed AutoDevops function k8s_prefixed_variables to temp file --- .../ci/templates/Auto-DevOps.gitlab-ci.yml | 22 +++++++------------ 1 file changed, 8 insertions(+), 14 deletions(-) diff --git a/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml b/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml index d2a1f944c56..9362596eb60 100644 --- a/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml +++ b/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml @@ -611,22 +611,16 @@ rollout 100%: track="${1-stable}" export APPLICATION_SECRET_NAME=$(application_secret_name "$track") - bash -c ' - function k8s_prefixed_variables() { - env | sed -n "s/^K8S_SECRET_\(.*\)$/\1/p" - } + env | sed -n "s/^K8S_SECRET_\(.*\)$/\1/p" > k8s_prefixed_variables + + kubectl create secret \ + -n "$KUBE_NAMESPACE" generic "$APPLICATION_SECRET_NAME" \ + --from-env-file k8s_prefixed_variables -o yaml --dry-run | + kubectl replace -n "$KUBE_NAMESPACE" --force -f - - kubectl create secret \ - -n "$KUBE_NAMESPACE" generic "$APPLICATION_SECRET_NAME" \ - --from-env-file <(k8s_prefixed_variables) -o yaml --dry-run | - kubectl replace -n "$KUBE_NAMESPACE" --force -f - - ' + export APPLICATION_SECRET_CHECKSUM=$(cat k8s_prefixed_variables | sha256sum | cut -d ' ' -f 1) - function k8s_prefixed_variables() { - env | sed -n "s/^K8S_SECRET_\(.*\)$/\1/p" - } - - APPLICATION_SECRET_CHECKSUM=$(k8s_prefixed_variables | sha256sum | cut -d ' ' -f 1) + rm k8s_prefixed_variables } function deploy_name() {