Comments (26)
Great, thanks for all that information. I'll get a start on implementing this shortly.
(sorry about the unclear PLUGIN_VALUES
mention--Drone turns settings into PLUGIN_SETTINGNAME
env vars when it invokes a plugin)
from drone-helm3.
Taking this out of version 1.0—it turns out drone does that interpolation for us already, so this would only be useful for making them respect the prefix
setting, and none of the .drone.yml
s I've found would need that feature.
from drone-helm3.
Not needed at all—we're dropping the prefix
setting (see #48), so this has no use case.
from drone-helm3.
Hi @ErinCall
I am having a problem with environment variables not being expanded. Example take from my .drone.yml:
settings:
...
values:
- "image.tag=v${DRONE_COMMIT_SHA:0:7}"
- "rails_master_key=${RAILS_MASTER_KEY}"
environment:
...
RAILS_MASTER_KEY:
from_secret: rails_master_key
For some reason DRONE_COMMIT_SHA is expanded but my custom variables like RAILS_MASTER_KEY are not and the values remain empty. Any idea of what I am doing wrong? Thanks!
from drone-helm3.
@vitobotta hm, I'm not sure—Drone should be taking care of it.
IIUC, Drone secrets aren't available on pull-request builds (or at least it didn't in 0.8; I can't find any information one way or the other in the 1.0 docs). Could that be the cause?
from drone-helm3.
Hi @ErinCall I am pushing to master, no PRs. I have just changed plugin, everything was working fine before with the old plugin. Weird
from drone-helm3.
Well heck, maybe we need this after all. Would you be willing to do a run with debug: true
and put the output here? I'm mostly trying to see whether the plugin is getting PLUGIN_VALUES=rails_master_key=${RAILS_MASTER_KEY}
or just PLUGIN_VALUES=rails_master_key=
, but more context is always better :)
from drone-helm3.
With debug: true I can see that all of them are empty apart from the image tag taken from the drone commit sha:
Values:image.tag=vdcda3a3,rails_master_key=,rails_secret_key_base=,lockbox_master_key=,mysql.master_url=,mysql.slave_url=,mail.username=,mail.password=,skylight.authentication=,sentry_dsn=,s3.access_key_id=,s3.secret_access_key=
There's no PLUGIN_VALUES text in the debug output
from drone-helm3.
Here's the whole output:
Generated config: {Command:upgrade DroneEvent:push UpdateDependencies:false AddRepos:[] RepoCAFile: Debug:true Values:image.tag=vdcda3a3,rails_master_key=,rails_secret_key_base=,lockbox_master_key=,mysql.master_url=,mysql.slave_url=,mail.username=,mail.password=,skylight.authentication=,sentry_dsn=,s3.access_key_id=,s3.secret_access_key= StringValues: ValuesFiles:[./helm/values/myapp/staging/values.yaml] Namespace:myapp-staging KubeToken:(redacted) SkipTLSVerify:true Certificate: APIServer:https://kubernetes.default.svc.cluster.local:443 ServiceAccount: ChartVersion: DryRun:false Wait:true ReuseValues:false KeepHistory:false Timeout: Chart:./helm/chart Release:myapp-staging Force:false AtomicUpgrade:false CleanupOnFail:false LintStrictly:false Stdout:0xc0000a8008 Stderr:0xc0000a8010}
calling *run.InitKube.Prepare (step 0)
loading kubeconfig template from /root/.kube/config.tpl
creating kubeconfig file at /root/.kube/config
calling *run.Upgrade.Prepare (step 1)
Generated command: '/usr/bin/helm --debug --namespace myapp-staging upgrade --install --wait --set image.tag=vdcda3a3,rails_master_key=,rails_secret_key_base=,lockbox_master_key=,mysql.master_url=,mysql.slave_url=,mail.username=,mail.password=,skylight.authentication=,sentry_dsn=,s3.access_key_id=,s3.secret_access_key= --values ./helm/values/myapp/staging/values.yaml myapp-staging ./helm/chart'
calling *run.InitKube.Execute (step 0)
writing kubeconfig file to /root/.kube/config
calling *run.Upgrade.Execute (step 1)
history.go:52: [debug] getting history for release myapp-staging
upgrade.go:79: [debug] preparing upgrade for myapp-staging
upgrade.go:87: [debug] performing update for myapp-staging
upgrade.go:225: [debug] creating upgraded release for myapp-staging
client.go:222: [debug] Starting delete for "myapp-config" ConfigMap
client.go:89: [debug] creating 1 resource(s)
client.go:222: [debug] Starting delete for "myapp-secrets" Secret
client.go:89: [debug] creating 1 resource(s)
client.go:89: [debug] creating 1 resource(s)
upgrade.go:280: [debug] warning: Upgrade "myapp-staging" failed: pre-upgrade hooks failed: warning: Hook pre-upgrade myapp/templates/migrate_job.yaml failed: jobs.batch "myapp-db-migrate" already exists
Error: UPGRADE FAILED: pre-upgrade hooks failed: warning: Hook pre-upgrade myapp/templates/migrate_job.yaml failed: jobs.batch "myapp-db-migrate" already exists
helm.go:76: [debug] pre-upgrade hooks failed: warning: Hook pre-upgrade myapp/templates/migrate_job.yaml failed: jobs.batch "myapp-db-migrate" already exists
UPGRADE FAILED
main.newUpgradeCmd.func1
/home/circleci/helm.sh/helm/cmd/helm/upgrade.go:136
github.com/spf13/cobra.(*Command).execute
/go/pkg/mod/github.com/spf13/[email protected]/command.go:826
github.com/spf13/cobra.(*Command).ExecuteC
/go/pkg/mod/github.com/spf13/[email protected]/command.go:914
github.com/spf13/cobra.(*Command).Execute
/go/pkg/mod/github.com/spf13/[email protected]/command.go:864
main.main
/home/circleci/helm.sh/helm/cmd/helm/helm.go:75
runtime.main
/usr/local/go/src/runtime/proc.go:203
runtime.goexit
/usr/local/go/src/runtime/asm_amd64.s:1357
while executing *run.Upgrade step: exit status 1
from drone-helm3.
And this is the deploy step in drone.yml:
- name: deploy-staging
image: pelotech/drone-helm3
settings:
mode: upgrade
chart: ./helm/chart
release: myapp-staging
namespace: myapp-staging
debug: true
wait_for_upgrade: true
skip_tls_verify: true
values_files:
- ./helm/values/myapp/staging/values.yaml
values:
- "image.tag=v${DRONE_COMMIT_SHA:0:7}"
- "rails_master_key=${RAILS_MASTER_KEY}"
- "rails_secret_key_base=${RAILS_SECRET_KEY_BASE}"
- "lockbox_master_key=${LOCKBOX_MASTER_KEY}"
- "mysql.master_url=${MYSQL_MASTER_URL}"
- "mysql.slave_url=${MYSQL_SLAVE_URL}"
- "mail.username=${MAIL_USERNAME}"
- "mail.password=${MAIL_PASSWORD}"
- "skylight.authentication=${SKYLIGHT_AUTHENTICATION}"
- "sentry_dsn=${SENTRY_DSN}"
- "s3.access_key_id=${S3_ACCESS_KEY_ID}"
- "s3.secret_access_key=${S3_SECRET_ACCESS_KEY}"
environment:
KUBE_API_SERVER: https://kubernetes.default.svc.cluster.local:443
SKYLIGHT_ENABLED: "true"
KUBE_TOKEN:
from_secret: kubernetes_token
RAILS_MASTER_KEY:
from_secret: rails_master_key
RAILS_SECRET_KEY_BASE:
from_secret: rails_secret_key_base
LOCKBOX_MASTER_KEY:
from_secret: lockbox_master_key
MYSQL_MASTER_URL:
from_secret: staging_mysql_master_url
MYSQL_SLAVE_URL:
from_secret: staging_mysql_slave_url
MAIL_USERNAME:
from_secret: staging_smtp_user
MAIL_PASSWORD:
from_secret: staging_smtp_password
SKYLIGHT_AUTHENTICATION:
from_secret: staging_skylight_authentication
SENTRY_DSN: ""
S3_ACCESS_KEY_ID:
from_secret: s3_access_key_id
S3_SECRET_ACCESS_KEY:
from_secret: s3_secret_access_key
from drone-helm3.
@ErinCall anything else that might be useful? Thanks!
from drone-helm3.
Thanks a lot, I am stuck so I appreciate a lot! :)
from drone-helm3.
Er...I said the exact opposite of what I should have. Drone is turning the ${...}
s into empty strings before it invokes the plugin, so the plugin never gets to see which environment variables to look up. Sorry about that 😞
It's strange that it worked with the old plugin, though. Can you show what your drone.yml looked like before you switched to this plugin?
Also, you're using Drone 1.0, right?
from drone-helm3.
@ErinCall 1.6.4 to be precise. The drone.yml was identical apart from the plugin used and a couple of settings that have been renamed. Everything else was the same :)
from drone-helm3.
Why the DRONE_COMMIT_SHA variable is being expanded though?
from drone-helm3.
Well heck, I'm not sure what the problem might be. I'll do some digging and see what I can find out.
from drone-helm3.
Thanks! @ErinCall
from drone-helm3.
Ok, well, I don't know why it was working in drone-helm, but I have enough to go on.
DRONE_COMMIT_SHA
is showing up because Drone only allows interpolating values from a specific list of variables, including that one.- The other variables expanding to empty strings is expected behavior. In order to pass them into the plugin, they'll need to be escaped with a second dollar sign (
rails_master_key=$${RAILS_MASTER_KEY}
) or listed without the curly braces (rails_master_key=$RAILS_MASTER_KEY
). - We do need to implement this feature.
Thanks for bringing this up and for all the helpful context! I'll get it ready for you shortly :)
from drone-helm3.
@ErinCall You're awesome :) So you are going to publish an update? Or should I add the second dollar sign for now?
from drone-helm3.
@vitobotta both :) I've created #77, which can do string interpolation as long as you avoid Drone's syntax—the entries in values
should look like either $${RAILS_MASTER_KEY}
or $RAILS_MASTER_KEY
.
I built an image from that branch and pushed it to docker-hub, if you'd like to try it out.
from drone-helm3.
@ErinCall Testing it now. :)
from drone-helm3.
@ErinCall I think the env variables are being replaced now but I get this:
Error: UPGRADE FAILED: query: failed to query with labels: Unauthorized
--
27 | helm.go:76: [debug] Unauthorized
28 | query: failed to query with labels
helm.sh/helm/v3/pkg/storage/driver.(*Secrets).Query
--
31 | /home/circleci/helm.sh/helm/pkg/storage/driver/secrets.go:121
32 | helm.sh/helm/v3/pkg/storage.(*Storage).DeployedAll
33 | /home/circleci/helm.sh/helm/pkg/storage/storage.go:133
34 | helm.sh/helm/v3/pkg/storage.(*Storage).Deployed
35 | /home/circleci/helm.sh/helm/pkg/storage/storage.go:113
36 | helm.sh/helm/v3/pkg/action.(*Upgrade).prepareUpgrade
37 | /home/circleci/helm.sh/helm/pkg/action/upgrade.go:122
38 | helm.sh/helm/v3/pkg/action.(*Upgrade).Run
39 | /home/circleci/helm.sh/helm/pkg/action/upgrade.go:80
40 | main.newUpgradeCmd.func1
41 | /home/circleci/helm.sh/helm/cmd/helm/upgrade.go:134
42 | github.com/spf13/cobra.(*Command).execute
43 | /go/pkg/mod/github.com/spf13/[email protected]/command.go:826
44 | github.com/spf13/cobra.(*Command).ExecuteC
45 | /go/pkg/mod/github.com/spf13/[email protected]/command.go:914
46 | github.com/spf13/cobra.(*Command).Execute
47 | /go/pkg/mod/github.com/spf13/[email protected]/command.go:864
48 | main.main
49 | /home/circleci/helm.sh/helm/cmd/helm/helm.go:75
50 | runtime.main
51 | /usr/local/go/src/runtime/proc.go:203
52 | runtime.goexit
53 | /usr/local/go/src/runtime/asm_amd64.s:1357
54 | UPGRADE FAILED
55 | main.newUpgradeCmd.func1
56 | /home/circleci/helm.sh/helm/cmd/helm/upgrade.go:136
57 | github.com/spf13/cobra.(*Command).execute
58 | /go/pkg/mod/github.com/spf13/[email protected]/command.go:826
59 | github.com/spf13/cobra.(*Command).ExecuteC
60 | /go/pkg/mod/github.com/spf13/[email protected]/command.go:914
61 | github.com/spf13/cobra.(*Command).Execute
62 | /go/pkg/mod/github.com/spf13/[email protected]/command.go:864
63 | main.main
64 | /home/circleci/helm.sh/helm/cmd/helm/helm.go:75
65 | runtime.main
66 | /usr/local/go/src/runtime/proc.go:203
67 | runtime.goexit
68 | /usr/local/go/src/runtime/asm_amd64.s:1357
69 | while executing *run.Upgrade step: exit status 1
from drone-helm3.
I'm not sure what would cause that one. It sounds like it's just a problem with the RBAC for the helm
k8s user, except that the error you posted earlier showed helm getting farther along than it did this time.
Are you able to run helm upgrade
directly from the command line?
from drone-helm3.
@ErinCall My bad! I migrated to a new cluster and when I restored my Drone setup with Velero I forgot to update the Kubernetes token secret. All is working with that image, thanks! :) Do you mind updating this thread when the final image is out? :)
from drone-helm3.
@vitobotta The PR is merged and published as version 0.14.0!
from drone-helm3.
@ErinCall wonderful, thanks!
from drone-helm3.
Related Issues (20)
- Add a new parameter "create_namespace" please
- Upgrade command seems to not use my kube_service_account parameter HOT 2
- Support for private repositories
- How to rollback?
- Update to Helm 3.8.0
- helm test supported?
- exec /bin/drone-helm: no such file or directory HOT 3
- Allow cluster across helm deployment by chart name
- Repo chart name treated as file name on upgrade
- open /root/.kube/config.tpl: permission denie HOT 1
- Does it support publishing of the Helm charts? HOT 5
- error converting YAML to JSON: yaml: line 29: did not find expected key HOT 7
- Question: Help needed on understanding this error HOT 1
- Support for publish to Helm Registry
- force_upgrade is being ignored HOT 2
- Remove build/drone-helm from the repo HOT 1
- Add a comment explaining the purpose env.settingAliases
- Support setting values from files using the --set-file flag
- Support for automatic migrations from v2 using 2to3 HOT 2
- drone-helm3 upgrade failed HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from drone-helm3.