Commit 60d3fe58 authored by Kamil Trzciński's avatar Kamil Trzciński

Merge branch 'force-redeploy-on-updated-secrets' into 'master'

Force Auto DevOps redeployment when application secrets are updated

Closes #55540

See merge request gitlab-org/gitlab-ce!24498
parents 91d7e387 338f4b69
---
title: Redeploy Auto DevOps deployment on variable updates
merge_request: 24498
author: walkafwalka
type: added
......@@ -611,16 +611,16 @@ rollout 100%:
track="${1-stable}"
export APPLICATION_SECRET_NAME=$(application_secret_name "$track")
bash -c '
function k8s_prefixed_variables() {
env | sed -n "s/^K8S_SECRET_\(.*\)$/\1/p"
}
kubectl create secret \
-n "$KUBE_NAMESPACE" generic "$APPLICATION_SECRET_NAME" \
--from-env-file <(k8s_prefixed_variables) -o yaml --dry-run |
kubectl replace -n "$KUBE_NAMESPACE" --force -f -
'
env | sed -n "s/^K8S_SECRET_\(.*\)$/\1/p" > k8s_prefixed_variables
kubectl create secret \
-n "$KUBE_NAMESPACE" generic "$APPLICATION_SECRET_NAME" \
--from-env-file k8s_prefixed_variables -o yaml --dry-run |
kubectl replace -n "$KUBE_NAMESPACE" --force -f -
export APPLICATION_SECRET_CHECKSUM=$(cat k8s_prefixed_variables | sha256sum | cut -d ' ' -f 1)
rm k8s_prefixed_variables
}
function deploy_name() {
......@@ -688,6 +688,7 @@ rollout 100%:
--set application.track="$track" \
--set application.database_url="$DATABASE_URL" \
--set application.secretName="$APPLICATION_SECRET_NAME" \
--set application.secretChecksum="$APPLICATION_SECRET_CHECKSUM" \
--set service.url="$CI_ENVIRONMENT_URL" \
--set service.additionalHosts="$additional_hosts" \
--set replicaCount="$replicas" \
......@@ -722,6 +723,7 @@ rollout 100%:
--set application.track="$track" \
--set application.database_url="$DATABASE_URL" \
--set application.secretName="$APPLICATION_SECRET_NAME" \
--set application.secretChecksum="$APPLICATION_SECRET_CHECKSUM" \
--set service.url="$CI_ENVIRONMENT_URL" \
--set service.additionalHosts="$additional_hosts" \
--set replicaCount="$replicas" \
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment