Pass variables from deployment project services to CI runner
This commit introduces the concept of deployment variables - variables that are collected from deployment services and passed to CI runner during a deployment build. Deployment services specify the variables by overriding "predefined_variables" method. This commit also configures variables for KubernetesService
This commit is contained in:
parent
45bd226369
commit
c945a0a714
|
@ -155,7 +155,7 @@ module Ci
|
|||
end
|
||||
|
||||
def has_environment?
|
||||
self.environment.present?
|
||||
environment.present?
|
||||
end
|
||||
|
||||
def starts_environment?
|
||||
|
@ -221,6 +221,7 @@ module Ci
|
|||
variables += pipeline.predefined_variables
|
||||
variables += runner.predefined_variables if runner
|
||||
variables += project.container_registry_variables
|
||||
variables += project.deployment_variables if has_environment?
|
||||
variables += yaml_variables
|
||||
variables += user_variables
|
||||
variables += project.secret_variables
|
||||
|
|
|
@ -1229,6 +1229,12 @@ class Project < ActiveRecord::Base
|
|||
end
|
||||
end
|
||||
|
||||
def deployment_variables
|
||||
return [] unless deployment_service
|
||||
|
||||
deployment_service.predefined_variables
|
||||
end
|
||||
|
||||
def append_or_update_attribute(name, value)
|
||||
old_values = public_send(name.to_s)
|
||||
|
||||
|
|
|
@ -8,4 +8,8 @@ class DeploymentService < Service
|
|||
def supported_events
|
||||
[]
|
||||
end
|
||||
|
||||
def predefined_variables
|
||||
[]
|
||||
end
|
||||
end
|
||||
|
|
|
@ -83,6 +83,16 @@ class KubernetesService < DeploymentService
|
|||
{ success: false, result: err }
|
||||
end
|
||||
|
||||
def predefined_variables
|
||||
variables = [
|
||||
{ key: 'KUBE_URL', value: api_url, public: true },
|
||||
{ key: 'KUBE_TOKEN', value: token, public: false },
|
||||
{ key: 'KUBE_NAMESPACE', value: namespace, public: true }
|
||||
]
|
||||
variables << { key: 'KUBE_CA_PEM', value: ca_pem, public: true } if ca_pem.present?
|
||||
variables
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def build_kubeclient(api_path = '/api', api_version = 'v1')
|
||||
|
|
|
@ -0,0 +1,4 @@
|
|||
---
|
||||
title: Pass variables from deployment project services to CI runner
|
||||
merge_request: 8107
|
||||
author:
|
|
@ -13,6 +13,7 @@ this order:
|
|||
1. [Secret variables](#secret-variables)
|
||||
1. YAML-defined [job-level variables](../yaml/README.md#job-variables)
|
||||
1. YAML-defined [global variables](../yaml/README.md#variables)
|
||||
1. [Deployment variables](#deployment-variables)
|
||||
1. [Predefined variables](#predefined-variables-environment-variables) (are the
|
||||
lowest in the chain)
|
||||
|
||||
|
@ -148,6 +149,20 @@ Secret variables can be added by going to your project's
|
|||
|
||||
Once you set them, they will be available for all subsequent builds.
|
||||
|
||||
## Deployment variables
|
||||
|
||||
>**Note:**
|
||||
This feature requires GitLab CI 8.15 or higher.
|
||||
|
||||
[Project services](../../project_services/project_services.md) that are
|
||||
responsible for deployment configuration may define their own variables that
|
||||
are set in the build environment. These variables are only defined for
|
||||
[deployment builds](../environments.md). Please consult the documentation of
|
||||
the project services that you are using to learn which variables they define.
|
||||
|
||||
An example project service that defines deployment variables is
|
||||
[Kubernetes Service](../../project_services/kubernetes.md).
|
||||
|
||||
## Debug tracing
|
||||
|
||||
> Introduced in GitLab Runner 1.7.
|
||||
|
|
|
@ -36,3 +36,14 @@ to create one. You can also view or create service tokens in the
|
|||
Fill in the service token and namespace according to the values you just got.
|
||||
If the API is using a self-signed TLS certificate, you'll also need to include
|
||||
the `ca.crt` contents as the `Custom CA bundle`.
|
||||
|
||||
## Deployment variables
|
||||
|
||||
The Kubernetes service exposes following
|
||||
[deployment variables](../ci/variables/README.md#deployment-variables) in the
|
||||
GitLab CI build environment:
|
||||
|
||||
- `KUBE_URL` - equal to the API URL
|
||||
- `KUBE_TOKEN`
|
||||
- `KUBE_NAMESPACE`
|
||||
- `KUBE_CA_PEM` - only if a custom CA bundle was specified
|
||||
|
|
|
@ -506,6 +506,17 @@ describe Ci::Build, models: true do
|
|||
it { is_expected.to include({ key: 'CI_RUNNER_TAGS', value: 'docker, linux', public: true }) }
|
||||
end
|
||||
|
||||
context 'when build is for a deployment' do
|
||||
let(:deployment_variable) { { key: 'KUBERNETES_TOKEN', value: 'TOKEN', public: false } }
|
||||
|
||||
before do
|
||||
build.environment = 'production'
|
||||
allow(project).to receive(:deployment_variables).and_return([deployment_variable])
|
||||
end
|
||||
|
||||
it { is_expected.to include(deployment_variable) }
|
||||
end
|
||||
|
||||
context 'returns variables in valid order' do
|
||||
before do
|
||||
allow(build).to receive(:predefined_variables) { ['predefined'] }
|
||||
|
|
|
@ -123,4 +123,37 @@ describe KubernetesService, models: true do
|
|||
end
|
||||
end
|
||||
end
|
||||
|
||||
describe '#predefined_variables' do
|
||||
before do
|
||||
subject.api_url = 'https://kube.domain.com'
|
||||
subject.token = 'token'
|
||||
subject.namespace = 'my-project'
|
||||
subject.ca_pem = 'CA PEM DATA'
|
||||
end
|
||||
|
||||
it 'sets KUBE_URL' do
|
||||
expect(subject.predefined_variables).to include(
|
||||
{ key: 'KUBE_URL', value: 'https://kube.domain.com', public: true }
|
||||
)
|
||||
end
|
||||
|
||||
it 'sets KUBE_TOKEN' do
|
||||
expect(subject.predefined_variables).to include(
|
||||
{ key: 'KUBE_TOKEN', value: 'token', public: false }
|
||||
)
|
||||
end
|
||||
|
||||
it 'sets KUBE_NAMESPACE' do
|
||||
expect(subject.predefined_variables).to include(
|
||||
{ key: 'KUBE_NAMESPACE', value: 'my-project', public: true }
|
||||
)
|
||||
end
|
||||
|
||||
it 'sets KUBE_CA_PEM' do
|
||||
expect(subject.predefined_variables).to include(
|
||||
{ key: 'KUBE_CA_PEM', value: 'CA PEM DATA', public: true }
|
||||
)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -1696,6 +1696,26 @@ describe Project, models: true do
|
|||
end
|
||||
end
|
||||
|
||||
describe '#deployment_variables' do
|
||||
context 'when project has no deployment service' do
|
||||
let(:project) { create(:empty_project) }
|
||||
|
||||
it 'returns an empty array' do
|
||||
expect(project.deployment_variables).to eq []
|
||||
end
|
||||
end
|
||||
|
||||
context 'when project has a deployment service' do
|
||||
let(:project) { create(:kubernetes_project) }
|
||||
|
||||
it 'returns variables from this service' do
|
||||
expect(project.deployment_variables).to include(
|
||||
{ key: 'KUBE_TOKEN', value: project.kubernetes_service.token, public: false }
|
||||
)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
def enable_lfs
|
||||
allow(Gitlab.config.lfs).to receive(:enabled).and_return(true)
|
||||
end
|
||||
|
|
Loading…
Reference in New Issue