voidspace/drone-infisical-kubectl-helm
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
No description
8 commits 1 branch 0 tags 32 KiB
Find a file
Exact
Cristian Colosimo e5cad57841 Add README.md for Drone Infisical Kubectl Helm with usage instructions and environment variables
2025-01-07 02:03:17 +01:00
.drone.yml Update Drone configuration to tag version 0.1.8 and clean up entrypoint.sh 2025-01-07 01:42:17 +01:00
Dockerfile Update Dockerfile to use CMD instead of ENTRYPOINT and modify entrypoint.sh to set KUBECONFIG environment variable 2025-01-07 01:27:03 +01:00
entrypoint.sh Update Drone configuration to tag version 0.1.8 and clean up entrypoint.sh 2025-01-07 01:42:17 +01:00
LICENSE init 2025-01-07 01:10:13 +01:00
README.md Add README.md for Drone Infisical Kubectl Helm with usage instructions and environment variables 2025-01-07 02:03:17 +01:00

README.md

Drone Infisical Kubectl Helm

This Docker image is designed for CI/CD pipelines, specifically for use with Drone CI. It provides a pre-configured environment with kubectl and helm for managing Kubernetes deployments. The kubeconfig is securely loaded via Infisical, ensuring sensitive configuration data remains protected.

Features

  • kubectl: Kubernetes CLI tool for cluster management.
  • helm: Package manager for Kubernetes.
  • Infisical Integration: Securely loads the kubeconfig using environment variables.
  • Drone CI Compatibility: Tailored for use in Drone CI pipelines.

Environment Variables

The following environment variables must be set for the image to function correctly:

Variable Description
CLIENT_ID The client ID for Infisical authentication.
CLIENT_SECRET The client secret for Infisical authentication.
PROJECT_ID The Infisical project ID containing the secrets.
PROJECT_ENV The environment (e.g., dev, stg, prod) within the Infisical project.
KUBECONFIG_NAME The name of the kubeconfig secret in Infisical (default: KUBECONFIG).
INFISICAL_API_URL The URL of the Infisical API (optional, for self-hosted instances).

Usage

Example Drone Pipeline

Below is an example of how to use this Docker image in a Drone CI pipeline:

kind: pipeline
type: docker
name: default

steps:
- name: deploy
  image: docker.io/criscolosimo04/drone-infisical-kubectl-helm:0.1.8
  environment:
    CLIENT_ID:
      from_secret: client_id
    CLIENT_SECRET:
      from_secret: client_secret
    PROJECT_ID:
      from_secret: project_id
    INFISICAL_API_URL:
      from_secret: infisical_api_url
    PROJECT_ENV: stg
  commands:
   - /entrypoint.sh
   - kubectl get pod
   - helm install nginx

/entrypoint.sh

The entrypoint.sh script is required and must be run before executing kubectl or helm commands. It handles the following:

  1. Fetches the kubeconfig from Infisical using the provided environment variables.
  2. Exports the kubeconfig so it is accessible to kubectl and helm.

Requirements

  • An Infisical machine account with the required secrets configured.
  • Kubernetes cluster access properly set up in the kubeconfig file.
  • Drone CI secrets configured to securely provide the environment variables.

License

This project is licensed under the MIT License.