DEV Community

loading...

Discussion on: How do you set up your application stack?

Collapse
dietertroy profile image
Troy

Hi,

We deploy using the following process:

DEV commit code to SCM > Pull Request > Webhook in Jenkins > Unit tests, Sonarqube integration > Build Docker Image \ tag it \ push to AWS ECR > Integration tests > Deploy tagged image from AWS ECR to our AWS EKS cluster > Notify of status

Secrets are stored in Ansible playbook in SCM.

YAML files are obviously stored in SCM, which is stored in each repo in a directory called .\kubernetes

Collapse
matthias profile image
Matthias 🤖 Author

Do you use Jenkins or Jenkins X?
I didn't use Jenkins recently. Can you give any tips for using Jenkins in a Kubernetes environment?

Collapse
dietertroy profile image
Troy

Hi,

Jenkins (not X) is used. Something similar to this with environmental variables defined for k8sClusterCredentialName and k8sMasterUrl

withKubeConfig([credentialsId: "${getConfigValue('k8sClusterCredentialName')}", serverUrl: "${getConfigValue('k8sMasterUrl')}"]) {
                    sh 'kubectl apply -f ./kubernetes/'
                }
Collapse
david_j_eddy profile image
David J Eddy

"...Secrets are stored in Ansible playbook in SCM..." We talking API keys / web tokens?

Collapse
dietertroy profile image
Troy

Yes, oAuth & DB connection strings

Collapse
taragrg6 profile image
taragurung

Secrets are stored in Ansible playbook in SCM. What does this really mean?

Collapse
dietertroy profile image
Troy

Misworded, secrets are stored in a yaml file, which is encrypted. ansible-vault is used to encrypt/decrypt. The playbook references the secrets.

Thread Thread
taragrg6 profile image
taragurung

Yes, ansible-vault

Forem Open with the Forem app