Search code examples
kubernetesgitlabyamlvarcicd

how to pass custom cicd variable into yml file

I'm quite new in GitLab cicd. I have created simple nginx deployment including namespace,configmap,svc,deployment configmap contains simple custom index.html with cicd variable:

apiVersion: v1
kind: ConfigMap
metadata:
  name: index-html-configmap
  namespace: lazzio
data:
  index.html: |
    <html>
    <h1>Welcomee</h1>
    </br>
    <h1>Hi! This is a configmap Index file for test-tepl+ingress </h1>
    <h2> and this ---> $PW_TEST  <--- is a password from gitlab cicd variable</h2>
    </html>

custom variable PW_TEST is set under cicd/variables section in UI without protected branch

#pipeline :
stages:
    - build
variables:
  ENV_NAME:
    value: "int"
1st-build:
  environment: 
    name: ${ENV_NAME}
  variables:
    PW_TEST: $PW_TEST
  image: alpine
  stage: build
  before_script:
    - apk add bash
    - apk add curl
  script:
    - echo $PW_TEST
    - curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
    - install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl
    - kubectl --kubeconfig $CONF_INT_JK --insecure-skip-tls-verify apply -f nm.yml
    - kubectl --kubeconfig $CONF_INT_JK --insecure-skip-tls-verify apply -f index.yml
    - kubectl --kubeconfig $CONF_INT_JK --insecure-skip-tls-verify apply -f depl.yml
    - kubectl --kubeconfig $CONF_INT_JK --insecure-skip-tls-verify apply -f svc.yml
    - kubectl --kubeconfig $CONF_INT_JK --insecure-skip-tls-verify apply -f test_ingress_int.yml

but when i log into the cluster and make a curl i got same index file as defined within the index.yml.

I know its a stupid useless variable in index, but I'm just testing if variable is passing stored as a custom variable in cicd into the deployments on k3s. within another pipeline where is installing eg. any database or k3s cluster via ansible where password or other secrets are needed, so i want to use cicd variables instead of clear text secrets in a files within GitLab repository.

Thanks for any hint.

Solution

  • you have actually few ways to do it.

    1. Personally like envsubst, it's easy to implement and has a little weight. But you have to install it (in e.g. gitlab runner) to avoid downloading it each time pipeline runs.

    2. There is also nice/simple solution using shellscript to basically just replace string with var's value. Disadvantage here is you have to write SanityChecks on your own.

          sed "s/\${PY_VERSION}/${PY_VERSION}/g; s/\${JQ_VERSION}/${JQ_VERSION}/g" "${FILE}yaml.in" > "${FILE}.yaml"

    3. In complicated dynamic deployments(if you have huge amount of variables) you can use helm to extract variables with option debug. Disadvantage here is you have basically all manifest's declarations in one file in the end.

      helm --values ci-variables/api-variables.yaml
     --debug template ./deployment/api-name > apply_file.yaml