Skip to content

C
charts
Commit 04cf311b by Guangbo Chen Committed by Denise Schannon
Options

Bump drone to v2.0.7

parent ea450458
Showing with 686 additions and 174 deletions
charts/drone/v2.0.7/Chart.yaml
apiVersion: v1
name: drone name: drone
home: https://drone.io/ home: https://drone.io/
icon: https://drone.io/apple-touch-icon.png icon: file://../drone.png
version: 1.7.4 version: 2.0.7
appVersion: 0.8.6 appVersion: 1.2
description: Drone is a Continuous Delivery system built on container technology description: Drone is a Continuous Delivery system built on container technology
keywords: keywords:
- continuous-delivery - continuous-delivery
...@@ -17,3 +18,7 @@ sources: ...@@ -17,3 +18,7 @@ sources:
maintainers: maintainers:
- name: christian-roggia - name: christian-roggia
email: christian.roggia@gmail.com email: christian.roggia@gmail.com
- name: paulczar
email: username.taken@gmail.com
- name: zakkg3
email: zakkg3@gmail.com
charts/drone/v2.0.7/OWNERS
approvers: approvers:
- christian-roggia - christian-roggia
- zakkg3
reviewers: reviewers:
- christian-roggia - christian-roggia
- zakkg3
charts/drone/v2.0.7/README.md
# Drone.io
[Drone](http://readme.drone.io/) v1 is a Continuous Integration platform built on container technology with native Kubernetes support.
> It is not recommended to upgrade from earlier (0.8.x) versions of Drone due to the large amount of breaking changes both in the product and in the helm charts.
## Installing the Chart
To install the chart with the release name `my-release`:
```console
helm install --name my-release stable/drone
```
## Settings:
> Note: The chart will not install the drone server until you have configured a source control option. If this is the case it will print out notes on how to configure it in place using `helm upgrade`.
An example (secrets redacted) working install of the chart using github as the source control provider:
```console
helm install --name drone --namespace drone stable/drone
kubectl create secret generic drone-server-secrets \
--namespace=cicd-drone \
--from-literal=clientSecret="XXXXXXXXXXXXXXXXXXXXXXXX"
helm upgrade drone \
--reuse-values --set 'service.type=LoadBalancer' \
--set 'service.loadBalancerIP=2.1.60.3' --set 'sourceControl.provider=github' \
--set 'sourceControl.github.clientID=XXXXXXXX' \
--set 'sourceControl.secret=drone-server-secrets' --set 'server.host=drone.example.com' \
stable/drone
```
## Uninstalling the Chart
To uninstall/delete the `my-release` deployment:
```console
helm delete --purge my-release
```
The command removes nearly all the Kubernetes components associated with the
chart and deletes the release.
## Configuration ## Configuration
The following table lists the configurable parameters of the drone charts and their default values. The following table lists the configurable parameters of the drone charts and their default values.
...@@ -5,10 +49,10 @@ The following table lists the configurable parameters of the drone charts and th ...@@ -5,10 +49,10 @@ The following table lists the configurable parameters of the drone charts and th
| Parameter | Description | Default | | Parameter | Description | Default |
|-----------------------------|-----------------------------------------------------------------------------------------------|-----------------------------| |-----------------------------|-----------------------------------------------------------------------------------------------|-----------------------------|
| `images.server.repository` | Drone **server** image | `docker.io/drone/drone` | | `images.server.repository` | Drone **server** image | `docker.io/drone/drone` |
| `images.server.tag` | Drone **server** image tag | `0.8.6` | | `images.server.tag` | Drone **server** image tag | `1.2` |
| `images.server.pullPolicy` | Drone **server** image pull policy | `IfNotPresent` | | `images.server.pullPolicy` | Drone **server** image pull policy | `IfNotPresent` |
| `images.agent.repository` | Drone **agent** image | `docker.io/drone/agent` | | `images.agent.repository` | Drone **agent** image | `docker.io/drone/agent` |
| `images.agent.tag` | Drone **agent** image tag | `0.8.6` | | `images.agent.tag` | Drone **agent** image tag | `1.2` |
| `images.agent.pullPolicy` | Drone **agent** image pull policy | `IfNotPresent` | | `images.agent.pullPolicy` | Drone **agent** image pull policy | `IfNotPresent` |
| `images.dind.repository` | Docker **dind** image | `docker.io/library/docker` | | `images.dind.repository` | Docker **dind** image | `docker.io/library/docker` |
| `images.dind.tag` | Docker **dind** image tag | `18.06.1-ce-dind` | | `images.dind.tag` | Docker **dind** image tag | `18.06.1-ce-dind` |
...@@ -21,14 +65,30 @@ The following table lists the configurable parameters of the drone charts and th ...@@ -21,14 +65,30 @@ The following table lists the configurable parameters of the drone charts and th
| `ingress.annotations` | Ingress annotations | `{}` | | `ingress.annotations` | Ingress annotations | `{}` |
| `ingress.hosts` | Ingress accepted hostnames | `nil` | | `ingress.hosts` | Ingress accepted hostnames | `nil` |
| `ingress.tls` | Ingress TLS configuration | `[]` | | `ingress.tls` | Ingress TLS configuration | `[]` |
| `server.host` | Drone **server** scheme and hostname | `(internal hostname)` | | `ingress.path` | Ingress path mapping | `` |
| `sourceControl.provider` | name of source control provider [github,gitlab,gitea,gogs,bitbucketCloud,bitbucketServer] | `` |
| `sourceControl.secret` | name of secret containing source control keys and passwords | `` |
| `sourceControl.github` | values to configure github | see values.yaml |
| `sourceControl.gitlab` | values to configure gitlab | see values.yaml |
| `sourceControl.gitea` | values to configure gitea | see values.yaml |
| `sourceControl.gogs` | values to configure gogs | see values.yaml |
| `sourceControl.bitbucketCloud` | values to configure bitbucket cloud | see values.yaml |
| `sourceControl.bitbucketServer` | values to configure bitbucket server (stash) | see values.yaml |
| `server.host` | Drone **server** hostname (should match callback url in oauth config) | `(internal hostname)` |
| `server.protocol` | Drone **server** scheme/protocol [http,https] | `http` |
| `server.env` | Drone **server** environment variables | `(default values)` | | `server.env` | Drone **server** environment variables | `(default values)` |
| `server.envSecrets`        | Drone **server** secret environment variables                                                 | `(default values)`         | | `server.envSecrets`        | Drone **server** secret environment variables                                                 | `(default values)`         |
| `server.adminUser`        | Initial user to create and set as admin                                                 | ``         |
| `server.alwaysAuth`        | whether to authenticate when cloning public repositories                                                 | `false`         |
| `server.kubernetes.enabled`        | whether to use kubernetes to run pipelines (if `false` will run agents instead)                                            | `true`         |
| `server.kubernetes.namespace`        | namespace in which to run pipelines, defaults to release namespace.                                            | ``         |
| `server.kubernetes.pipelineServiceAccount`        | if rbac is enabled, what should name of pipeline service account be?                                            | ``         |
| `server.annotations` | Drone **server** annotations | `{}` | | `server.annotations` | Drone **server** annotations | `{}` |
| `server.resources` | Drone **server** pod resource requests & limits | `{}` | | `server.resources` | Drone **server** pod resource requests & limits | `{}` |
| `server.schedulerName` | Drone **server** alternate scheduler name | `nil` | | `server.schedulerName` | Drone **server** alternate scheduler name | `nil` |
| `server.affinity` | Drone **server** scheduling preferences | `{}` | | `server.affinity` | Drone **server** scheduling preferences | `{}` |
| `server.nodeSelector` | Drone **server** node labels for pod assignment | `{}` | | `server.nodeSelector` | Drone **server** node labels for pod assignment | `{}` |
| `server.tolerations` | Drone **server** node taints to tolerate | `[]` |
| `server.extraContainers` | Additional sidecar containers | `""` | | `server.extraContainers` | Additional sidecar containers | `""` |
| `server.extraVolumes` | Additional volumes for use in extraContainers | `""` | | `server.extraVolumes` | Additional volumes for use in extraContainers | `""` |
| `agent.env` | Drone **agent** environment variables | `(default values)` | | `agent.env` | Drone **agent** environment variables | `(default values)` |
...@@ -38,18 +98,14 @@ The following table lists the configurable parameters of the drone charts and th ...@@ -38,18 +98,14 @@ The following table lists the configurable parameters of the drone charts and th
| `agent.schedulerName` | Drone **agent** alternate scheduler name | `nil` | | `agent.schedulerName` | Drone **agent** alternate scheduler name | `nil` |
| `agent.affinity` | Drone **agent** scheduling preferences | `{}` | | `agent.affinity` | Drone **agent** scheduling preferences | `{}` |
| `agent.nodeSelector` | Drone **agent** node labels for pod assignment | `{}` | | `agent.nodeSelector` | Drone **agent** node labels for pod assignment | `{}` |
| `agent.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | 0 | | `agent.tolerations` | Drone **agent** node taints to tolerate | `[]` |
| `agent.livenessProbe.periodSeconds` | How often to perform the probe | 10 | | `agent.livenessProbe` | Not currently used. | `{}` |
| `agent.livenessProbe.timeoutSeconds` | When the probe times out | 1 | | `agent.readinessProbe` | Not currently used | `{}` |
| `agent.livenessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | 1 | | `agent.volumes` | Additional volumes to make available to agent (shared by dind if used) | `nil` |
| `agent.livenessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | 3 | | `agent.volumeMounts` | Mount points for volumes | `nil` |
| `agent.readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | 0 |
| `agent.readinessProbe.periodSeconds` | How often to perform the probe | 10 |
| `agent.readinessProbe.timeoutSeconds` | When the probe times out | 1 |
| `agent.readinessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | 1 |
| `agent.readinessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | 3 |
| `dind.enabled` | Enable or disable **DinD** | `true` | | `dind.enabled` | Enable or disable **DinD** | `true` |
| `dind.driver` | **DinD** storage driver | `overlay2` | | `dind.driver` | **DinD** storage driver | `overlay2` |
| `dind.volumeMounts` | Mount points for volumes (defined in agent.volumes) | `nil` |
| `dind.resources` | **DinD** pod resource requests & limits | `{}` | | `dind.resources` | **DinD** pod resource requests & limits | `{}` |
| `dind.env` | **DinD** environment variables | `nil` | | `dind.env` | **DinD** environment variables | `nil` |
| `dind.command` | **DinD** custom command instead of default entry point | `nil` | | `dind.command` | **DinD** custom command instead of default entry point | `nil` |
......
charts/drone/v2.0.7/app-readme.md
# Drone.io # Drone.io
[Drone](http://readme.drone.io/) is a Continuous Integration platform built on container technology. [Drone](http://readme.drone.io/) v1 is a Continuous Integration platform built on container technology with native Kubernetes support.
## Installation ## Installing the Chart
If you are installing Drone this is the place to start. Choose you source code management system and we will guide you through a [basic installation](http://readme.drone.io/). Note: The chart will not install the drone server until you have configured a source control option. If this is the case it will print out notes on how to configure it in place using `helm upgrade`.
In order to not expose your secrets in the Helm release, you can create the secrets upfront and select to use it. e.g,
```console
kubectl create secret generic drone-server-secrets \
--namespace=drone \
--from-literal=clientSecret="XXXXXXXXXXXXXXXXXXXXXXXX"
```
Reference the [drone doc](http://readme.drone.io/) for more details.
**WARNING:**
```
It is not recommended to upgrade from earlier (appVersion 0.8.x) versions of Drone due to the large amount of breaking changes both in the product and in the helm charts.
```
charts/drone/v2.0.7/questions.yml
labels:
io.cattle.role: cluster # options are cluster/project
categories: categories:
- CI/CD - CI/CD
questions: questions:
...@@ -10,27 +12,27 @@ questions: ...@@ -10,27 +12,27 @@ questions:
group: "Container Images" group: "Container Images"
subquestions: subquestions:
- variable: images.server.repository - variable: images.server.repository
default: "docker.io/drone/drone" default: "ranchercharts/drone-drone"
description: "Drone Server image name" description: "Drone Server image name"
type: string type: string
label: Drone Server Image Name label: Drone Server Image Name
- variable: images.server.tag - variable: images.server.tag
default: "0.8.6" default: "1.2"
description: "Drone Server image tag" description: "Drone Server image tag"
type: string type: string
label: Drone Server Image Tag label: Drone Server Image Tag
- variable: images.agent.repository - variable: images.agent.repository
default: "docker.io/drone/agent" default: "ranchercharts/drone-agent"
description: "Drone Agent image name" description: "Drone Agent image name"
type: string type: string
label: Drone Agent Image Name label: Drone Agent Image Name
- variable: images.agent.tag - variable: images.agent.tag
default: "0.8.6" default: "1.2"
description: "Drone Agent image tag" description: "Drone Agent image tag"
type: string type: string
label: Drone Agent Image Tag label: Drone Agent Image Tag
- variable: images.dind.repository - variable: images.dind.repository
default: "docker.io/library/docker" default: "ranchercharts/library-docker"
description: "Drone Dind image name" description: "Drone Dind image name"
type: string type: string
label: Drone Dind Image Name label: Drone Dind Image Name
...@@ -39,7 +41,20 @@ questions: ...@@ -39,7 +41,20 @@ questions:
description: "Drone Dind image tag" description: "Drone Dind image tag"
type: string type: string
label: Drone Dind Image Tag label: Drone Dind Image Tag
- variable: server.env.DRONE_PROVIDER - variable: server.host
default: ""
type: string
description: "Set drone server host e.g drone.domain.io, if not set, it will be autofilled with the cluster host."
label: Drone Host Doamin
required: true
group: "Drone Settings"
- variable: server.adminUser
default: ""
type: string
description: "Set to a valid oauth user from your git/oauth server."
label: Set Drone Admin User
group: "Drone Settings"
- variable: sourceControl.provider
default: "github" default: "github"
description: "Choose your server integrations" description: "Choose your server integrations"
type: enum type: enum
...@@ -51,95 +66,107 @@ questions: ...@@ -51,95 +66,107 @@ questions:
- "gitlab" - "gitlab"
- "gitea" - "gitea"
- "gogs" - "gogs"
- "bitbucket" - "bitbucketCloud"
- "coding" - "bitbucketServer"
- variable: server.env.DRONE_GITHUB_CLIENT - variable: sourceControl.secret
default: ""
type: secret
description: "Name of an existing secret to get the drone provider secret values from."
label: Select the Existing Drone Provider Secret
group: "Drone Settings"
# Github config
- variable: sourceControl.github.clientID
default: "" default: ""
description: "Github OAuth2 Client ID" description: "Github oauth client ID"
type: string type: string
required: true required: true
label: Github OAuth2 Client ID label: Github OAuth Client ID
show_if: "server.env.DRONE_PROVIDER=github" show_if: "sourceControl.provider=github"
group: "Drone Settings" group: "Drone Settings"
- variable: server.env.DRONE_GITHUB_SECRET - variable: sourceControl.github.clientSecretValue
default: "" default: ""
description: "Github oauth2 client secret" description: "Github oauth client secret"
type: string type: string
required: true required: true
show_if: "server.env.DRONE_PROVIDER=github" show_if: "sourceControl.provider=github&&sourceControl.secret="
group: "Drone Settings" group: "Drone Settings"
label: Github OAuth2 Client Secret label: Github OAuth Client Secret
- variable: server.env.DRONE_GITLAB_CLIENT # Gitlab config
- variable: sourceControl.gitlab.clientID
default: "" default: ""
description: "GitLab oauth2 client id" description: "GitLab oauth2 client id"
type: string type: string
required: true required: true
label: GitLab OAuth2 Client ID label: GitLab OAuth2 Client ID
show_if: "server.env.DRONE_PROVIDER=gitlab" show_if: "sourceControl.provider=gitlab"
group: "Drone Settings" group: "Drone Settings"
- variable: server.env.DRONE_GITLAB_SECRET - variable: sourceControl.gitlab.server
default: "" default: ""
description: "GitLab oauth2 client secret" description: "GitLab Server Address"
type: string type: string
required: true required: true
label: GitLab OAuth2 Client Secret label: GitLab Server Address
show_if: "server.env.DRONE_PROVIDER=gitlab" show_if: "sourceControl.provider=gitlab"
group: "Drone Settings" group: "Drone Settings"
- variable: server.env.DRONE_GITLAB_URL - variable: sourceControl.gitlab.clientSecretValue
default: "" default: ""
description: "GitLab Server Address" description: "GitLab client secret"
type: string type: string
required: true required: true
label: GitLab Server Address label: GitLab Client Secret
show_if: "server.env.DRONE_PROVIDER=gitlab" show_if: "sourceControl.provider=gitlab&&sourceControl.secret="
group: "Drone Settings" group: "Drone Settings"
- variable: server.env.DRONE_GITEA_URL # Gitea config
- variable: sourceControl.gitea.server
default: "" default: ""
description: "Gitea Server Address" description: "Gitea Server Address"
type: string type: string
required: true required: true
label: Gitea Server Address label: Gitea Server Address
show_if: "server.env.DRONE_PROVIDER=gitea" show_if: "sourceControl.provider=gitea"
group: "Drone Settings" group: "Drone Settings"
- variable: server.env.DRONE_GOGS_URL # Gogs config
- variable: sourceControl.gogs.server
default: "" default: ""
description: "Gogs Server Address" description: "Gogs Server Address"
type: string type: string
required: true required: true
label: Gogs Server Address label: Gogs Server Address
show_if: "server.env.DRONE_PROVIDER=gogs" show_if: "sourceControl.provider=gogs"
group: "Drone Settings" group: "Drone Settings"
- variable: server.env.DRONE_BITBUCKET_CLIENT # BitbucketCloud config
- variable: sourceControl.bitbucketCloud.clientID
default: "" default: ""
description: "Bitbucket oauth2 client id" description: "Bitbucket cloud oauth2 client id"
type: string type: string
required: true required: true
label: Bitbucket OAuth2 Client ID label: Bitbucket Cloud OAuth2 Client ID
show_if: "server.env.DRONE_PROVIDER=bitbucket" show_if: "sourceControl.provider=bitbucketCloud"
group: "Drone Settings" group: "Drone Settings"
- variable: server.env.DRONE_BITBUCKET_SECRET - variable: sourceControl.bitbucketCloud.clientSecretValue
default: "" default: ""
description: "Bitbucket oauth2 client secret" description: "Bitbucket cloud client secret"
type: string type: string
required: true required: true
label: Bitbucket OAuth2 Client Secret label: Bitbucket Cloud Client Secret
show_if: "server.env.DRONE_PROVIDER=bitbucket" show_if: "sourceControl.provider=bitbucketCloud&&sourceControl.secret="
group: "Drone Settings" group: "Drone Settings"
- variable: server.env.DRONE_CODING_CLIENT # BitbucketServer config
- variable: sourceControl.bitbucketServer.server
default: "" default: ""
description: "Coding oauth2 client id" description: "Bitbucket Server Address"
type: string type: string
required: true required: true
label: Coding OAuth2 Client ID label: Bitbucket Server Address
show_if: "server.env.DRONE_PROVIDER=coding" show_if: "sourceControl.provider=bitbucketServer"
group: "Drone Settings" group: "Drone Settings"
- variable: server.env.DRONE_CODING_SECRET - variable: sourceControl.bitbucketServer.username
default: "" default: ""
description: "Coding oauth2 client secret" description: "Bitbucket server username"
type: string type: string
required: true required: true
label: Coding OAuth2 Client Secret label: Bitbucket Server Username
show_if: "server.env.DRONE_PROVIDER=coding" show_if: "sourceControl.provider=bitbucketCloud"
group: "Drone Settings" group: "Drone Settings"
# persistent setting # persistent setting
- variable: persistence.enabled - variable: persistence.enabled
...@@ -166,6 +193,36 @@ questions: ...@@ -166,6 +193,36 @@ questions:
description: "If not empty, uses the specified existing PVC instead of creating new one" description: "If not empty, uses the specified existing PVC instead of creating new one"
type: pvc type: pvc
label: Uses Existing Persistent Volume Cliam label: Uses Existing Persistent Volume Cliam
- variable: server.env.DRONE_LOGS_DEBUG
default: "false"
type: enum
description: "The default log level is INFO. You can enable more detailed debug logging with the following configuration parameter."
label: Enable Drone Server Debugging Logs
group: "Drone Settings"
options:
- "false"
- "true"
# database setting
- variable: server.env.DRONE_DATABASE_DRIVER
default: "sqlite3"
description: "Drone requires the use of a database backend for persistence. Drone uses an embedded sqlite database by default"
type: enum
required: true
label: Select Drone Databse Driver
group: "Database Settings"
options:
- "sqlite3"
- "postgres"
- "mysql"
- variable: server.env.DRONE_DATABASE_DATASOURCE
default: ""
description: "Specify Drone database datasource, e.g., postgres://root:password@1.2.3.4:5432/postgres?sslmode=disable"
type: string
required: true
label: Drone Database Datasource
show_if: "server.env.DRONE_DATABASE_DRIVER!=sqlite3"
group: "Database Settings"
# service & LB settings
- variable: ingress.enabled - variable: ingress.enabled
default: false default: false
description: "Expose app using Layer 7 Load Balancer - ingress" description: "Expose app using Layer 7 Load Balancer - ingress"
......
charts/drone/v2.0.7/templates/NOTES.txt
{{- if hasKey .Values.server.env "DRONE_PROVIDER" }} {{- if eq (include "drone.providerOK" .) "true" }}
********************************************************************************* *********************************************************************************
*** PLEASE BE PATIENT: drone may take a few minutes to install *** *** PLEASE BE PATIENT: drone may take a few minutes to install ***
********************************************************************************* *********************************************************************************
...@@ -6,7 +6,7 @@ ...@@ -6,7 +6,7 @@
{{- if .Values.ingress.enabled }} {{- if .Values.ingress.enabled }}
From outside the cluster, the server URL(s) are: From outside the cluster, the server URL(s) are:
{{- range .Values.ingress.hosts }} {{- range .Values.ingress.hosts }}
http://{{ . }} {{ $.Values.server.protocol }}://{{ . }}
{{- end }} {{- end }}
{{- else if contains "NodePort" .Values.service.type }} {{- else if contains "NodePort" .Values.service.type }}
...@@ -29,7 +29,7 @@ Get the Drone URL by running: ...@@ -29,7 +29,7 @@ Get the Drone URL by running:
Get the Drone URL by running: Get the Drone URL by running:
export POD_NAME=$(kubectl get pods -n {{ .Release.Namespace }} -l "component=server,app={{ template "drone.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") export POD_NAME=$(kubectl get pods -n {{ .Release.Namespace }} -l "component=server,app={{ template "drone.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
echo http://127.0.0.1:8000/ echo http://127.0.0.1:8000/
kubectl -n {{ .Release.Namespace }} port-forward $POD_NAME 8000:8000 kubectl -n {{ .Release.Namespace }} port-forward $POD_NAME 8000:80
{{- end }} {{- end }}
{{- else -}} {{- else -}}
############################################################################## ##############################################################################
...@@ -41,15 +41,13 @@ control provider: ...@@ -41,15 +41,13 @@ control provider:
kubectl create secret generic drone-server-secrets \ kubectl create secret generic drone-server-secrets \
--namespace={{ .Release.Namespace }} \ --namespace={{ .Release.Namespace }} \
--from-literal=DRONE_GITHUB_SECRET="github-oauth2-client-secret" --from-literal=clientSecret="github-oauth2-client-secret"
helm upgrade {{ .Release.Name }} \ helm upgrade {{ .Release.Name }} \
--reuse-values \ --reuse-values \
--set 'server.env.DRONE_PROVIDER="github"' \ --set 'sourceControl.provider=github' \
--set 'server.env.DRONE_GITHUB="true"' \ --set 'sourceControl.github.clientID=github-oauth2-client-id' \
--set 'server.env.DRONE_ORGS="my-github-org"' \ --set 'sourceControl.secret=drone-server-secrets' \
--set 'server.env.DRONE_GITHUB_CLIENT="github-oauth2-client-id"' \
--set 'server.envSecrets.drone-server-secrets[0]=DRONE_GITHUB_SECRET' \
stable/drone stable/drone
Currently supported providers: Currently supported providers:
...@@ -60,10 +58,22 @@ Currently supported providers: ...@@ -60,10 +58,22 @@ Currently supported providers:
- Gogs - Gogs
- Bitbucket Cloud - Bitbucket Cloud
- Bitbucket Server (Stash) - Bitbucket Server (Stash)
- Coding
See the values.yaml file to see what values are required for each provider.
If you are having trouble with the configuration of a provider please visit If you are having trouble with the configuration of a provider please visit
the official documentation: the official documentation:
http://docs.drone.io/installation/ http://docs.drone.io/installation/
{{- end }} {{- end }}
{{ if not .Values.server.kubernetes.enabled }}
##############################################################################
#### WARNING: running drone in kubernetes with legacy pipeline execution ####
##############################################################################
By setting `server.kubernetes.enabled=false` you've disabled kubernetes
pipelines and are instead using the legacy agent method which utilizes
either docker-in-docker or host mounting in the docker socket. This is
not recommended due to the additional security concerns.
{{- end }}
charts/drone/v2.0.7/templates/_helpers.tpl
...@@ -25,18 +25,25 @@ Create the name of the service account to use ...@@ -25,18 +25,25 @@ Create the name of the service account to use
{{- end -}} {{- end -}}
{{- end -}} {{- end -}}
{{- define "drone.server.provider" -}} {{/*
{{- if eq .Values.server.env.DRONE_PROVIDER "github" -}} Create the name of the secret for source control
{{- print "DRONE_GITHUB" -}} */}}
{{- else if eq .Values.server.env.DRONE_PROVIDER "gitlab" -}} {{- define "drone.sourceControlSecret" -}}
{{- print "DRONE_GITLAB" -}} {{- if .Values.sourceControl.secret -}}
{{- else if eq .Values.server.env.DRONE_PROVIDER "gitea" -}} {{ printf "%s" .Values.sourceControl.secret }}
{{- print "DRONE_GITEA" -}} {{- else -}}
{{- else if eq .Values.server.env.DRONE_PROVIDER "gogs" -}} {{ printf "%s-%s" (include "drone.fullname" .) "source-control" | trunc 63 -}}
{{- print "DRONE_GOGS" -}} {{- end -}}
{{- else if eq .Values.server.env.DRONE_PROVIDER "bitbucket" -}} {{- end -}}
{{- print "DRONE_BITBUCKET" -}}
{{- else if eq .Values.server.env.DRONE_PROVIDER "coding" -}} {{/*
{{- print "DRONE_CODING" -}} Create the name of the service account to use for kubernetes pipelines
*/}}
{{- define "drone.pipelineServiceAccount" -}}
{{- if .Values.serviceAccount.create -}}
{{- $psa := printf "%s-%s" (include "drone.serviceAccountName" .) "pipeline" | trunc 63 -}}
{{ default $psa .Values.server.kubernetes.pipelineServiceAccount }}
{{- else -}}
{{ default "default" .Values.server.kubernetes.pipelineServiceAccount }}
{{- end -}} {{- end -}}
{{- end -}} {{- end -}}
charts/drone/v2.0.7/templates/_provider-envs.yaml 0 → 100644
{{- define "drone.providerEnvs" -}}
{{- if eq .Values.sourceControl.provider "github" -}}
- name: DRONE_GITHUB_CLIENT_ID
value: {{ .Values.sourceControl.github.clientID }}
- name: DRONE_GITHUB_SERVER
value: {{ .Values.sourceControl.github.server }}
- name: DRONE_GITHUB_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: {{ template "drone.sourceControlSecret" . }}
key: {{ .Values.sourceControl.github.clientSecretKey }}
{{- end -}}
{{- if eq .Values.sourceControl.provider "gitlab" -}}
- name: DRONE_GITLAB_CLIENT_ID
value: {{ .Values.sourceControl.gitlab.clientID }}
- name: DRONE_GITLAB_SERVER
value: {{ .Values.sourceControl.gitlab.server }}
- name: DRONE_GITLAB_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: {{ template "drone.sourceControlSecret" . }}
key: {{ .Values.sourceControl.gitlab.clientSecretKey }}
{{- end -}}
{{- if eq .Values.sourceControl.provider "gitea" -}}
- name: DRONE_GITEA_SERVER
value: {{ .Values.sourceControl.gitea.server }}
{{- end -}}
{{- if eq .Values.sourceControl.provider "gogs" -}}
- name: DRONE_GOGS_SERVER
value: {{ .Values.sourceControl.gogs.server }}
{{- end -}}
{{- if eq .Values.sourceControl.provider "bitbucketCloud" -}}
- name: DRONE_BITBUCKET_CLIENT_ID
value: {{ .Values.sourceControl.bitbucketCloud.clientID }}
- name: DRONE_BITBUCKET_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: {{ template "drone.sourceControlSecret" . }}
key: {{ .Values.sourceControl.bitbucketCloud.clientSecretKey }}
{{- end -}}
{{- if eq .Values.sourceControl.provider "bitbucketServer" -}}
- name: DRONE_STASH_SERVER
value: {{ .Values.sourceControl.bitbucketServer.server }}
- name: DRONE_GIT_USERNAME
value: {{ .Values.sourceControl.bitbucketServer.username }}
- name: DRONE_GIT_PASSWORD
valueFrom:
secretKeyRef:
name: {{ template "drone.sourceControlSecret" . }}
key: {{ .Values.sourceControl.bitbucketServer.passwordKey }}
- name: DRONE_STASH_CONSUMER_KEY
valueFrom:
secretKeyRef:
name: {{ template "drone.sourceControlSecret" . }}
key: {{ .Values.sourceControl.bitbucketServer.consumerKey }}
- name: DRONE_STASH_PRIVATE_KEY
value: /etc/bitbucket/key.pem
{{- end -}}
{{- end -}}
{{/*
Check if a valid source control provider has been set
*/}}
{{- define "drone.providerOK" -}}
{{- if .Values.sourceControl.provider -}}
{{- if eq .Values.sourceControl.provider "github" -}}
{{- if and .Values.sourceControl.github.server .Values.sourceControl.github.clientID -}}
true
{{- end -}}
{{- else if eq .Values.sourceControl.provider "gitlab" -}}
{{- if and .Values.sourceControl.gitlab.server .Values.sourceControl.gitlab.clientID -}}
true
{{- end -}}
{{- else if eq .Values.sourceControl.provider "gitea" -}}
{{- if .Values.sourceControl.gitea.server -}}
true
{{- end -}}
{{- else if eq .Values.sourceControl.provider "gogs" -}}
{{- if .Values.sourceControl.gogs.server -}}
true
{{- end -}}
{{- else if eq .Values.sourceControl.provider "bitbucketCloud" -}}
{{- if .Values.sourceControl.bitbucketCloud.clientID -}}
true
{{- end -}}
{{- else if eq .Values.sourceControl.provider "bitbucketServer" -}}
{{- if and .Values.sourceControl.bitbucketServer.server .Values.sourceControl.bitbucketServer.username -}}
true
{{- end -}}
{{- end -}}
{{- end -}}
{{- end -}}
charts/drone/v2.0.7/templates/deployment-agent.yaml
apiVersion: extensions/v1beta1 {{- if not .Values.server.kubernetes.enabled -}}
apiVersion: apps/v1
kind: Deployment kind: Deployment
metadata: metadata:
name: {{ template "drone.fullname" . }}-agent name: {{ template "drone.fullname" . }}-agent
...@@ -10,6 +11,11 @@ metadata: ...@@ -10,6 +11,11 @@ metadata:
component: agent component: agent
spec: spec:
replicas: {{ .Values.agent.replicas }} replicas: {{ .Values.agent.replicas }}
selector:
matchLabels:
app: {{ template "drone.name" . }}
release: "{{ .Release.Name }}"
component: agent
template: template:
metadata: metadata:
annotations: annotations:
...@@ -33,9 +39,13 @@ spec: ...@@ -33,9 +39,13 @@ spec:
nodeSelector: nodeSelector:
{{ toYaml .Values.agent.nodeSelector | indent 8 }} {{ toYaml .Values.agent.nodeSelector | indent 8 }}
{{- end }} {{- end }}
{{- with .Values.agent.tolerations }}
tolerations:
{{- toYaml . | nindent 6 }}
{{- end }}
serviceAccountName: {{ template "drone.serviceAccountName" . }} serviceAccountName: {{ template "drone.serviceAccountName" . }}
containers: containers:
- name: {{ template "drone.fullname" . }}-agent - name: agent
image: "{{ .Values.images.agent.repository }}:{{ .Values.images.agent.tag }}" image: "{{ .Values.images.agent.repository }}:{{ .Values.images.agent.tag }}"
imagePullPolicy: {{ .Values.images.agent.pullPolicy }} imagePullPolicy: {{ .Values.images.agent.pullPolicy }}
ports: ports:
...@@ -43,9 +53,9 @@ spec: ...@@ -43,9 +53,9 @@ spec:
containerPort: 3000 containerPort: 3000
protocol: TCP protocol: TCP
env: env:
- name: DRONE_SERVER - name: DRONE_RPC_SERVER
value: {{ template "drone.fullname" . }}:9000 value: http://{{ template "drone.fullname" . }}
- name: DRONE_SECRET - name: DRONE_RPC_SECRET
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: {{ template "drone.fullname" . }} name: {{ template "drone.fullname" . }}
...@@ -58,28 +68,6 @@ spec: ...@@ -58,28 +68,6 @@ spec:
- name: {{ $key }} - name: {{ $key }}
value: {{ $value | quote }} value: {{ $value | quote }}
{{- end }} {{- end }}
{{- if .Values.agent.livenessProbe.enabled }}
livenessProbe:
httpGet:
path: "/healthz"
port: http
initialDelaySeconds: {{ .Values.agent.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.agent.livenessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.agent.livenessProbe.timeoutSeconds }}
successThreshold: {{ .Values.agent.livenessProbe.successThreshold }}
failureThreshold: {{ .Values.agent.livenessProbe.failureThreshold }}
{{- end }}
{{- if .Values.agent.readinessProbe.enabled }}
readinessProbe:
httpGet:
path: "/healthz"
port: http
initialDelaySeconds: {{ .Values.agent.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.agent.readinessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.agent.readinessProbe.timeoutSeconds }}
successThreshold: {{ .Values.agent.readinessProbe.successThreshold }}
failureThreshold: {{ .Values.agent.readinessProbe.failureThreshold }}
{{- end }}
resources: resources:
{{ toYaml .Values.agent.resources | indent 10 }} {{ toYaml .Values.agent.resources | indent 10 }}
{{- if not .Values.dind.enabled }} {{- if not .Values.dind.enabled }}
...@@ -88,12 +76,19 @@ spec: ...@@ -88,12 +76,19 @@ spec:
volumeMounts: volumeMounts:
- mountPath: /var/run/docker.sock - mountPath: /var/run/docker.sock
name: docker-socket name: docker-socket
{{- with .Values.agent.volumeMounts }}
{{- toYaml . | nindent 10 }}
{{- end }}
volumes: volumes:
- name: docker-socket - name: docker-socket
hostPath: hostPath:
path: /var/run/docker.sock path: /var/run/docker.sock
{{- else }} {{- else }}
- name: {{ template "drone.fullname" . }}-dind {{- with .Values.agent.volumeMounts }}
volumeMounts:
{{- toYaml . | nindent 10 }}
{{- end }}
- name: dind
image: "{{ .Values.images.dind.repository }}:{{ .Values.images.dind.tag }}" image: "{{ .Values.images.dind.repository }}:{{ .Values.images.dind.tag }}"
imagePullPolicy: {{ .Values.images.dind.pullPolicy }} imagePullPolicy: {{ .Values.images.dind.pullPolicy }}
{{- if .Values.dind.command }} {{- if .Values.dind.command }}
...@@ -116,7 +111,14 @@ spec: ...@@ -116,7 +111,14 @@ spec:
volumeMounts: volumeMounts:
- name: docker-graph-storage - name: docker-graph-storage
mountPath: /var/lib/docker mountPath: /var/lib/docker
{{- with .Values.dind.volumeMounts }}
{{- toYaml . | nindent 10 }}
{{- end }}
volumes: volumes:
- name: docker-graph-storage - name: docker-graph-storage
emptyDir: {} emptyDir: {}
{{- end }} {{- end }}
{{- with .Values.agent.volumes }}
{{- toYaml . | nindent 6 }}
{{- end }}
{{- end -}}
charts/drone/v2.0.7/templates/deployment-server.yaml
{{- if hasKey .Values.server.env "DRONE_PROVIDER" }} {{- if eq (include "drone.providerOK" .) "true" }}
apiVersion: extensions/v1beta1 apiVersion: apps/v1
kind: Deployment kind: Deployment
metadata: metadata:
name: {{ template "drone.fullname" . }}-server name: {{ template "drone.fullname" . }}-server
...@@ -11,6 +11,11 @@ metadata: ...@@ -11,6 +11,11 @@ metadata:
component: server component: server
spec: spec:
replicas: 1 replicas: 1
selector:
matchLabels:
app: {{ template "drone.name" . }}
release: "{{ .Release.Name }}"
component: server
template: template:
metadata: metadata:
annotations: annotations:
...@@ -38,15 +43,46 @@ spec: ...@@ -38,15 +43,46 @@ spec:
nodeSelector: nodeSelector:
{{ toYaml .Values.server.nodeSelector | indent 8 }} {{ toYaml .Values.server.nodeSelector | indent 8 }}
{{- end }} {{- end }}
{{- with .Values.server.tolerations }}
tolerations:
{{- toYaml . | nindent 6 }}
{{- end }}
serviceAccountName: {{ template "drone.serviceAccountName" . }} serviceAccountName: {{ template "drone.serviceAccountName" . }}
containers: containers:
- name: {{ template "drone.fullname" . }}-server - name: server
image: "{{ .Values.images.server.repository }}:{{ .Values.images.server.tag }}" image: "{{ .Values.images.server.repository }}:{{ .Values.images.server.tag }}"
imagePullPolicy: {{ .Values.images.server.pullPolicy }} imagePullPolicy: {{ .Values.images.server.pullPolicy }}
env: env:
- name: {{ template "drone.server.provider" . }} {{- if .Values.server.kubernetes.enabled }}
- name: DRONE_KUBERNETES_ENABLED
value: "true" value: "true"
- name: DRONE_SECRET - name: DRONE_KUBERNETES_NAMESPACE
value: {{ default .Release.Namespace .Values.server.kubernetes.namespace }}
- name: DRONE_KUBERNETES_SERVICE_ACCOUNT
value: {{ template "drone.pipelineServiceAccount" . }}
{{- else }}
- name: DRONE_AGENTS_ENABLED
value: "true"
{{- end }}
- name: DRONE_GIT_ALWAYS_AUTH
value: {{ .Values.server.alwaysAuth | quote }}
- name: DRONE_SERVER_HOST
{{- if hasKey .Values.server "host" }}
value: "{{ .Values.server.host }}"
{{- else }}
value: "{{ template "drone.fullname" . }}"
{{- end }}
- name: DRONE_RPC_PROTO
value: "{{ .Values.server.rpcProtocol }}"
- name: DRONE_RPC_HOST
value: {{ template "drone.fullname" . }}.{{ .Release.Namespace }}:{{ .Values.service.httpPort }}
- name: DRONE_SERVER_PROTO
value: {{ .Values.server.protocol }}
{{- if .Values.server.adminUser }}
- name: DRONE_USER_CREATE
value: username:{{ .Values.server.adminUser }},machine:false,admin:true
{{- end }}
- name: DRONE_RPC_SECRET
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: {{ template "drone.fullname" . }} name: {{ template "drone.fullname" . }}
...@@ -60,21 +96,17 @@ spec: ...@@ -60,21 +96,17 @@ spec:
key: {{ . | quote }} key: {{ . | quote }}
{{- end }} {{- end }}
{{- end }} {{- end }}
- name: DRONE_HOST
{{- if hasKey .Values.server "host" }}
value: "{{ .Values.server.host }}"
{{- else }}
value: "http://{{ template "drone.fullname" . }}"
{{- end }}
{{- range $key, $value := .Values.server.env }} {{- range $key, $value := .Values.server.env }}
{{- if $value }}
- name: {{ $key }} - name: {{ $key }}
value: {{ $value | quote }} value: {{ $value | quote }}
{{- end }} {{- end }}
{{- end }} {{ template "drone.providerEnvs" . }}
ports: ports:
- name: http - name: http
containerPort: 8000 containerPort: 80
protocol: TCP
- name: https
containerPort: 443
protocol: TCP protocol: TCP
- name: grpc - name: grpc
containerPort: 9000 containerPort: 9000
...@@ -86,12 +118,25 @@ spec: ...@@ -86,12 +118,25 @@ spec:
resources: resources:
{{ toYaml .Values.server.resources | indent 10 }} {{ toYaml .Values.server.resources | indent 10 }}
volumeMounts: volumeMounts:
{{ if eq .Values.sourceControl.provider "bitbucketServer" -}}
- name: bitbucket-private-key
mountPath: /etc/bitbucket
readOnly: true
{{ end }}
- name: data - name: data
mountPath: /var/lib/drone mountPath: /var/lib/drone
{{- with .Values.server.extraContainers }} {{- with .Values.server.extraContainers }}
{{ tpl . $ | indent 6 }} {{ tpl . $ | indent 6 }}
{{- end }} {{- end }}
volumes: volumes:
{{ if eq .Values.sourceControl.provider "bitbucketServer" -}}
- name: bitbucket-private-key
secret:
secretName: {{ template "drone.sourceControlSecret" . }}
items:
- key: {{ .Values.sourceControl.bitbucketServer.privateKey }}
path: key.pem
{{ end -}}
- name: data - name: data
{{- if .Values.persistence.enabled }} {{- if .Values.persistence.enabled }}
persistentVolumeClaim: persistentVolumeClaim:
......
charts/drone/v2.0.7/templates/ingress.yaml
...@@ -20,13 +20,15 @@ spec: ...@@ -20,13 +20,15 @@ spec:
- host: {{ . }} - host: {{ . }}
http: http:
paths: paths:
{{- if index $.Values.ingress "annotations" }} {{- if $.Values.ingress.path }}
{{- if eq (index $.Values.ingress.annotations "kubernetes.io/ingress.class" | default "") "gce" "alb" }} - path: {{ $.Values.ingress.path }}
{{- else if index $.Values.ingress "annotations" }}
{{- if eq (index $.Values.ingress.annotations "kubernetes.io/ingress.class" | default "") "gce" "alb" "istio" }}
- path: /* - path: /*
{{- else }}{{/* Has annotations but ingress class is not "gce" nor "alb" */}} {{- else }}{{/* Has annotations but ingress class is not "gce" nor "alb" nor "istio" */}}
- path: / - path: /
{{- end }} {{- end }}
{{- else}}{{/* Has no annotations */}} {{- else }}{{/* Has no annotations */}}
- path: / - path: /
{{- end }} {{- end }}
backend: backend:
......
charts/drone/v2.0.7/templates/namespace-pipeline.yaml 0 → 100644
{{- if hasKey .Values.server.kubernetes "namespace" -}}
apiVersion: v1
kind: Namespace
metadata:
name: {{ .Values.server.kubernetes.namespace }}
labels:
app: {{ template "drone.name" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
component: server
{{- end -}}
charts/drone/v2.0.7/templates/role-binding-pipeline.yaml 0 → 100644
{{- if and .Values.rbac.create .Values.server.kubernetes.enabled -}}
apiVersion: rbac.authorization.k8s.io/{{ required "A valid .Values.rbac.apiVersion entry required!" .Values.rbac.apiVersion }}
kind: ClusterRoleBinding
metadata:
name: {{ template "drone.fullname" . }}-pipeline
labels:
app: {{ template "drone.name" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
subjects:
- kind: ServiceAccount
name: {{ template "drone.pipelineServiceAccount" . }}
namespace: {{ default .Release.Namespace .Values.server.kubernetes.namespace }}
roleRef:
kind: ClusterRole
name: {{ template "drone.fullname" . }}-pipeline
apiGroup: rbac.authorization.k8s.io
{{- end -}}
charts/drone/v2.0.7/templates/role-pipeline.yaml 0 → 100644
{{- if and .Values.rbac.create .Values.server.kubernetes.enabled -}}
apiVersion: rbac.authorization.k8s.io/{{ required "A valid .Values.rbac.apiVersion entry required!" .Values.rbac.apiVersion }}
kind: ClusterRole
metadata:
name: {{ template "drone.fullname" . }}-pipeline
labels:
app: {{ template "drone.name" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
rules:
- apiGroups:
- extensions
resources:
- deployments
verbs:
- get
- list
- watch
- patch
- update
- apiGroups:
- ""
resources:
- namespaces
- configmaps
- secrets
- pods
- services
verbs:
- create
- delete
- get
- list
- watch
- apiGroups:
- ""
resources:
- pods/log
verbs:
- get
{{ end }}
charts/drone/v2.0.7/templates/role.yaml
...@@ -10,6 +10,12 @@ metadata: ...@@ -10,6 +10,12 @@ metadata:
heritage: "{{ .Release.Service }}" heritage: "{{ .Release.Service }}"
rules: rules:
- apiGroups: - apiGroups:
- batch
resources:
- jobs
verbs:
- "*"
- apiGroups:
- extensions - extensions
resources: resources:
- deployments - deployments
......
charts/drone/v2.0.7/templates/secrets.yaml
...@@ -14,3 +14,26 @@ data: ...@@ -14,3 +14,26 @@ data:
{{ else }} {{ else }}
secret: "{{ randAlphaNum 24 | b64enc }}" secret: "{{ randAlphaNum 24 | b64enc }}"
{{ end }} {{ end }}
---
{{- if not .Values.sourceControl.secret -}}
apiVersion: v1
kind: Secret
metadata:
name: {{ template "drone.sourceControlSecret" . }}
labels:
app: {{ template "drone.name" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
type: Opaque
data:
{{if .Values.sourceControl.provider}}
{{ if eq .Values.sourceControl.provider "github" }}
{{ .Values.sourceControl.github.clientSecretKey }}: {{ .Values.sourceControl.github.clientSecretValue | b64enc | quote }}
{{- else if eq .Values.sourceControl.provider "gitlab" -}}
{{ .Values.sourceControl.gitlab.clientSecretKey }}: {{ .Values.sourceControl.gitlab.clientSecretValue | b64enc | quote }}
{{- else if eq .Values.sourceControl.provider "bitbucketCloud" -}}
{{ .Values.sourceControl.bitbucketCloud.clientSecretKey }}: {{ .Values.sourceControl.bitbucketCloud.clientSecretValue | b64enc | quote }}
{{ end }}
{{ end }}
{{- end -}}
charts/drone/v2.0.7/templates/service-account-pipeline.yaml 0 → 100644
{{ if and .Values.serviceAccount.create .Values.server.kubernetes.enabled -}}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ template "drone.pipelineServiceAccount" . }}
namespace: {{ default .Release.Namespace .Values.server.kubernetes.namespace }}
labels:
app: {{ template "drone.name" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
{{ end }}
charts/drone/v2.0.7/templates/service.yaml
...@@ -13,16 +13,21 @@ metadata: ...@@ -13,16 +13,21 @@ metadata:
heritage: "{{ .Release.Service }}" heritage: "{{ .Release.Service }}"
spec: spec:
type: {{ .Values.service.type }} type: {{ .Values.service.type }}
{{- if and (hasKey .Values.service "loadBalancerIP") (eq .Values.service.type "LoadBalancer") }}
loadBalancerIP: {{ .Values.service.loadBalancerIP }}
{{- end }}
ports: ports:
- name: http - name: http
port: {{ .Values.service.httpPort }} port: {{ .Values.service.httpPort }}
targetPort: 8000 targetPort: 80
{{- if hasKey .Values.service "nodePort" }} {{- if hasKey .Values.service "nodePort" }}
nodePort: {{ .Values.service.nodePort }} nodePort: {{ .Values.service.nodePort }}
{{- end }} {{- end }}
{{- if .Values.service.exposeGRPC }}
- name: grpc - name: grpc
port: 9000 port: 9000
targetPort: 9000 targetPort: 9000
{{- end }}
selector: selector:
app: {{ template "drone.name" . }} app: {{ template "drone.name" . }}
release: {{ .Release.Name | quote }} release: {{ .Release.Name | quote }}
......
charts/drone/v2.0.7/values.yaml
appVersion: "0.8.6"
images: images:
## The official drone (server) image, change tag to use a different version. ## The official drone (server) image, change tag to use a different version.
## ref: https://hub.docker.com/r/drone/drone/tags/ ## ref: https://hub.docker.com/r/drone/drone/tags/
## ##
server: server:
repository: "docker.io/drone/drone" # repository: "docker.io/drone/drone"
tag: 0.8.6 repository: "ranchercharts/drone-drone"
tag: 1.2
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
## The official drone (agent) image, change tag to use a different version. ## The official drone (agent) image, change tag to use a different version.
## ref: https://hub.docker.com/r/drone/agent/tags/ ## ref: https://hub.docker.com/r/drone/agent/tags/
## ##
agent: agent:
repository: "docker.io/drone/agent" # repository: "docker.io/drone/agent"
tag: 0.8.6 repository: "ranchercharts/drone-agent"
tag: 1.2
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
## The official docker (dind) image, change tag to use a different version. ## The official docker (dind) image, change tag to use a different version.
## ref: https://hub.docker.com/r/library/docker/tags/ ## ref: https://hub.docker.com/r/library/docker/tags/
## ##
dind: dind:
repository: "docker.io/library/docker" # repository: "docker.io/library/docker"
repository: "ranchercharts/library-docker"
tag: 18.06.1-ce-dind tag: 18.06.1-ce-dind
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
...@@ -35,7 +36,10 @@ service: ...@@ -35,7 +36,10 @@ service:
## Service type can be set to ClusterIP, NodePort or LoadBalancer. ## Service type can be set to ClusterIP, NodePort or LoadBalancer.
## ##
type: NodePort type: ClusterIP
## Specify a load balancer IP address to use if your provider supports it.
# loadBalancerIP:
## Drone Service annotations ## Drone Service annotations
## ##
...@@ -44,6 +48,9 @@ service: ...@@ -44,6 +48,9 @@ service:
# service.beta.kubernetes.io/aws-load-balancer-ssl-cert: arn:aws:acm:xx-xxxx-x:xxxxxxxxxxx:certificate/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx # service.beta.kubernetes.io/aws-load-balancer-ssl-cert: arn:aws:acm:xx-xxxx-x:xxxxxxxxxxx:certificate/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx
# external-dns.alpha.kubernetes.io/hostname: drone.domain.tld. # external-dns.alpha.kubernetes.io/hostname: drone.domain.tld.
## set to true if you want to expose drone's GRPC via the service (for external access)
exposeGRPC: false
ingress: ingress:
## If true, Drone Ingress will be created. ## If true, Drone Ingress will be created.
## ##
...@@ -68,32 +75,89 @@ ingress: ...@@ -68,32 +75,89 @@ ingress:
# hosts: # hosts:
# - drone.domain.io # - drone.domain.io
sourceControl:
## your source control provider: github,gitlab,gitea,gogs,bitbucketCloud,bitbucketServer
provider:
## secret containing your source control provider secrets, keys provided below.
## if left blank will assume a secret based on the release name of the chart.
secret:
## Fill in the correct values for your chosen source control provider
## Any key in this list with the suffix `Key` will be fetched from the
## secret named above, if not provided the secret it will be created as
## `<fullName>-source-control` using for the key "ClientSecretKey" and
# "clientSecretValue" for the value. Be awere to not leak shis file with your password
github:
clientID:
clientSecretKey: clientSecret
clientSecretValue:
server: https://github.com
gitlab:
clientID:
clientSecretKey: clientSecret
clientSecretValue:
server:
gitea:
server:
gogs:
server:
bitbucketCloud:
clientID:
clientSecretKey: clientSecret
clientSecretValue:
bitbucketServer:
server:
consumerKey: consumerKey
privateKey: privateKey
username:
passwordKey: password
server: server:
## If not set, it will be autofilled with the cluster host. ## If not set, it will be autofilled with the cluster host.
## Host must be in "<scheme>://<hostname>" format. ## Host shoud be just the hostname.
## ##
# host: "https://drone.domain.io" # host: "drone.domain.io"
## protocol should be http or https
protocol: http
## rpcProtocol for rpc connection to the server should be http or https
rpcProtocol: http
## Initial admin user
## Leaving this blank may make it impossible to log into drone.
## Set to a valid oauth user from your git/oauth server
## For more complex user creation you can use env variables below instead.
adminUser:
## Configures Drone to authenticate when cloning public repositories. This is only required
## when your source code management system (e.g. GitHub Enterprise) has private mode enabled.
alwaysAuth: false
## Configures drone to use kubernetes to run pipelines rather than agents, if enabled
## will not deploy any agents.
kubernetes:
## set to true if you want drone to use kubernetes to run pipelines
enabled: true
## you can run pipeline jobs in another namespace, if you choose to do this
## you'll need to create that namespace manually.
# namespace:
## alternative service account to create to create drone pipelines. this account
## will be given cluster-admin rights.
## if not set the rights will be given to the default drone service account name.
# pipelineServiceAccount:
## Drone server configuration. ## Drone server configuration.
## Values in here get injected as environment variables. ## Values in here get injected as environment variables.
## ref: http://readme.drone.io/admin/installation-reference ## You can set up remote database servers etc using environment
## variables.
## ref: https://docs.drone.io/reference/server/
## ##
env: env:
DRONE_DEBUG: "false" DRONE_LOGS_DEBUG: "false"
DRONE_DATABASE_DRIVER: "sqlite3" DRONE_DATABASE_DRIVER: "sqlite3"
DRONE_DATABASE_DATASOURCE: "/var/lib/drone/drone.sqlite" DRONE_DATABASE_DATASOURCE: "/var/lib/drone/drone.sqlite"
## Drone requires some environment variables to bootstrap the
## git service or it won't start up.
## Uncomment this and add your own custom configuration.
##
# DRONE_PROVIDER: "github"
DRONE_OPEN: "true"
# DRONE_GITHUB: "true"
# DRONE_ORGS: "my-github-org,my-other-github-org"
# DRONE_ADMIN:"admin-1,admin-2"
# DRONE_GITHUB_CLIENT: "github-oauth2-client-id"
## Secret environment variables are configured in `server.envSecrets`. ## Secret environment variables are configured in `server.envSecrets`.
## Each item in `server.envSecrets` references a Kubernetes Secret. ## Each item in `server.envSecrets` references a Kubernetes Secret.
## These Secrets should be created before they are referenced. ## These Secrets should be created before they are referenced.
...@@ -134,6 +198,11 @@ server: ...@@ -134,6 +198,11 @@ server:
## ##
nodeSelector: {} nodeSelector: {}
## Node taints to tolerate
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: []
## additional siecar containers, e. g. for a database proxy, such as Google's cloudsql-proxy. ## additional siecar containers, e. g. for a database proxy, such as Google's cloudsql-proxy.
## ex: https://github.com/kubernetes/charts/tree/master/stable/keycloak ## ex: https://github.com/kubernetes/charts/tree/master/stable/keycloak
## ##
...@@ -146,10 +215,10 @@ server: ...@@ -146,10 +215,10 @@ server:
agent: agent:
## Drone agent configuration. ## Drone agent configuration.
## Values in here get injected as environment variables. ## Values in here get injected as environment variables.
## ref: http://readme.drone.io/admin/installation-reference ## ref: https://docs.drone.io/reference/agent/
## ##
env: env:
DRONE_DEBUG: "false" DRONE_LOGS_DEBUG: "false"
## Number of drone agent replicas ## Number of drone agent replicas
replicas: 1 replicas: 1
...@@ -159,6 +228,34 @@ agent: ...@@ -159,6 +228,34 @@ agent:
## ##
annotations: {} annotations: {}
## Additional volumes e.g. for shared caching between agents on different nodes or
## shared cache between agents on the same node when using dind or
## for a global docker login config as per
## Option 2 ref: https://discourse.drone.io/t/how-to-pull-private-images-with-1-0/3155
## Note: Option 2 also requires DRONE_DOCKER_CONFIG: /root/.docker/config.json env var in agent
## NB: This will make the credentials available globally to all builds and all repositories
# volumes:
# - name: docker-config
# secret:
# defaultMode: 420
# items:
# - key: .dockerconfigjson
# path: config.json
# secretName: drone-docker-config
# - name: persistent-data
# persistentVolumeClaim:
# claimName: drone-agent-pvc
# - name: cache
# hostPath:
# path: /drone-cache
# type: Directory
## Volume mount into agent container
# volumeMounts:
# - name: docker-config
# mountPath: /root/.docker
# readOnly: true
## CPU and memory limits for drone agent ## CPU and memory limits for drone agent
## ##
resources: {} resources: {}
...@@ -171,20 +268,9 @@ agent: ...@@ -171,20 +268,9 @@ agent:
## Liveness and readiness probe values ## Liveness and readiness probe values
## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
livenessProbe: ## drone agent does not currently have a health endpoint to check against.
enabled: true livenessProbe: {}
failureThreshold: 3 readinessProbe: {}
initialDelaySeconds: 0
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
readinessProbe:
enabled: true
failureThreshold: 3
initialDelaySeconds: 0
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
## Use an alternate scheduler, e.g. "stork". ## Use an alternate scheduler, e.g. "stork".
## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ ## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
...@@ -201,6 +287,11 @@ agent: ...@@ -201,6 +287,11 @@ agent:
## ##
nodeSelector: {} nodeSelector: {}
## Node taints to tolerate
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: []
dind: dind:
## Enable or disable DinD ## Enable or disable DinD
## If disabled, the drone agent will spawn docker containers on the host. Pay ## If disabled, the drone agent will spawn docker containers on the host. Pay
...@@ -226,6 +317,15 @@ dind: ...@@ -226,6 +317,15 @@ dind:
## ##
driver: overlay2 driver: overlay2
## Volume mount into dind container
## Volumes are defined under agent values.
# volumeMounts:
# - mountPath: /root/.docker
# name: docker-config
# readOnly: true
# - name: persistent-data
# mountPath: /mnt/drone-cache
## CPU and memory limits for dind ## CPU and memory limits for dind
## ##
resources: {} resources: {}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment