Introduction
Architecture
Onboard
Introduction
Users
Teams
Introduction
IntroductionPromote an image in Amazon ECRDownload a file from JFrog ArtifactoryMove or copy an image from JFrog ArtifactoryUpload a file to JFrog ArtifactoryRegister a build artifactRegister a deployed environment artifactStore an object on Amazon S3Retrieve an object from Amazon S3
IntroductionCreate or update a functionInvoke a function
IntroductionRun an AWS CodePipelineRun a Bamboo projectRun a Bitbucket pipelineRun a CloudBees CI jobRun a CircleCI workflowRun a GitHub Actions workflowRun a GitLab pipelineRun a Harness pipelineRun a Jenkins® jobRun a JFrog pipelineRun a TeamCity project
Check out a Git repository
IntroductionAWS credentialsECR credentialsEKS credentialsGit global credentialsOCI credentials
IntroductionRun Ansible PlaybookRun Argo WorkflowsDeploy with AWS CodeDeployCopy a remote image with CraneDeploy a binary with EC2Deploy to ECSRender an ECS task definitionDeploy with AWS Elastic BeanstalkDeploy with HerokuBuild a container image with KanikoDeploy with OctopusDeploy with OpenShiftDeploy with SpinnakerDeploy with Tosca
Publish evidence items
IntroductionHelm chart installHelm chart packageHelm chart publishHelm chart uninstall
IntroductionCreate a Kubernetes namespaceCreate/update a Kubernetes resourceDeploy to a Kubernetes cluster
IntroductionVerify with NewRelic
Execute remote commands via SSH
IntroductionAnchoreAquasecJFrog XraySnyk ContainerSonatype (Nexus) ContainerTrivy
IntroductionStackhawkZAP
IntroductionCheckmarxCoverity on PolarisFind Security BugsGitHub Security ScannerGosecMendNexus IQSnykSonarQube bundledSonarQube
IntroductionBlack DuckMendSnyk
IntroductionTruffleHog ContainerTruffleHog CodeTruffleHog S3
IntroductionCreate a change requestUpdate or close a change requestGet a change request current stateQuery a change request approval
Publish test results
Multi-workflows dispatch
Introduction
Introduction`cloudbees` and other context objectsenvnameonjobs.<job_id>.delegates.<job_id>.env.<job_id>.environment.<job_id>.if.<job_id>.needs.<job_id>.outputs.<job_id>.permissionsjobs.<job_id>.uses.<job_id>.services.<job_id>.services.<service_id>.services.<service_id>.args.services.<service_id>.env.services.<service_id>.imagejobs.<job_id>.steps.<job_id>.steps[*].id.<job_id>.steps[*].env.<job_id>.steps[*].if.<job_id>.steps[*].name.<job_id>.steps[*].run.<job_id>.steps[*].shell.<job_id>.steps[*].uses.<job_id>.steps[*].with.<job_id>.steps[*].with.args.<job_id>.steps[*].with.entrypoint.<job_id>.steps[*].timeout-minutesjobs.<job_id>.timeout-minutes
An example workflow
Manage workflows
Reusable workflows
Personal access tokens
Trigger a workflow remotely
IntroductionManual approval
Artifacts
IntroductionJob logsService logsEvidenceTest resultsBuild artifactsDeployments
CI insights for Jenkins
Introduction
API examples
API reference

CloudBees action: Deploy to a Kubernetes cluster using a Kustomize configuration

2 minute read

Use this action to customize Kubernetes configurations and resources with Kustomize, which uses overlays to change base YAML manifests without directly modifying them.

Prerequisites

Make sure to initialize the connection using your Amazon Web Services (AWS) credentials, by adding the following to your YAML file:

      - name: Configure AWS credentials
        uses: https://github.com/cloudbees-io/configure-aws-credentials@v1
        with:
          aws-access-key-id: ${{ secrets.AWS_KEY_ID }}
          aws-secret-access-key: ${{ secrets.AWS_SECRET_KEY }}
          aws-region: ap-south-1

Refer to CloudBees action: Configure AWS credentials for more information.

All CloudBees action repositories are listed at CloudBees, Inc. on GitHub.

Inputs

Kustomize ConfigMap literals and files are not encrypted, so store only non-confidential data with kustomize-configmap-literal and kustomize-configmap-file. To store data that must be encrypted, use kustomize-secret-file.
Table 1. Input details
Input name Data type Required? Description

kustomization-base-dir

String

Yes

Set the path to the Kustomize base directory.

kustomization-overlays-dir

String

Yes

Set the path to the Kustomize overlay directory.

kustomize-annotation

JSON

No

Add, update, or remove Kustomize annotations. Valid objects are add, set, and remove.

kustomize-label

JSON

No

Add, update, or remove Kustomize labels. Valid objects are add, set, and remove.

kustomize-configmap-literal

JSON

No

Refer to non-sensitive data as literals on a ConfigMap resource. Valid value is add.

kustomize-configmap-file

JSON

No

Refer to non-sensitive data as files on a ConfigMap resource. Valid value is add.

kustomize-secret-file

JSON

No

Refer to sensitive data as secrets files on a Secrets resource. Valid value is add.

kustomize-buildmetadata

JSON

No

Specify build information options in Kustomize labels and annotations. Valid options are originAnnotations, managedByLabel, and transformerAnnotations.

kustomize-image

JSON

No

Set container image names, tags and/or digests without creating patches. Valid options are name, newName, and newTag.

kustomize-nameprefix

String

No

Add a prefix to names in defined YAML files.

kustomize-namesuffix

String

No

Add a suffix to names in defined YAML files. The suffix is appended before the content hash if the resource type is ConfigMap or Secret.

kustomize-namespace

String

No

Add a namespace, or override an existing namespace, on a resource.

kustomize-replicas

JSON

No

Set the number of replicas for a resource.

Usage examples

The example payload below does the following:

  • Adds annotations.

  • Updates existing labels.

  • Updates the build metadata options.

  • Overrides the namespace.

  • Adds a custom prefix.

      - id: k8s-kustomize-deploy
        name: Add Kustomize labels and annotations
        uses: https://github.com/cloudbees-io/kustomize-deploy@v2
        with:
          kustomization-base-dir: ${{ cloudbees.workspace }}/testdata/base
          kustomization-overlays-dir: ${{ cloudbees.workspace }}/testdata/overlays/dev
          kustomize-annotation: '{"add":{"nam1":"val1","nam2":"val2"}}'
          kustomize-label: '{"set":{"nam1":"val1","nam2":"val2"}}'
          kustomize-buildmetadata: '{"add":["originAnnotations"],"set":["managedByLabel"],"remove":["transformerAnnotations"]}'
          kustomize-namespace: 'dev'
          kustomize-nameprefix: 'dev-'

The example payload below does the following:

  • Stores non-sensitive data as literals in a ConfigMap.

  • Stores non-sensitive data as files in a ConfigMap.

  • Adds container image information without creating patches.

      - id: k8s-kustomize-deploy
        name: Store non-sensitive data
        uses: https://github.com/cloudbees-io/kustomize-deploy@v2
        with:
          kustomization-base-dir: ${{ cloudbees.workspace }}/testdata/base
          kustomization-overlays-dir: ${{ cloudbees.workspace }}/testdata/overlays/dev
          kustomize-configmap-literal: '{"name":"example-config","add":{"nam1":"val1","nam2":"val2"}}'
          kustomize-configmap-file: '{"name":"my-config","add":"config.properties"}'
          kustomize-image: '{"name":"nginx:1.7.9","newName":"nginx","newTag":"1.7.9-alpine"}'

The example payload below does the following:

  • Stores sensitive data encrypted as Secrets.

  • Sets the number of replicas for the hello resource.

      - id: k8s-kustomize-deploy
        name: Store secrets and set replicas
        uses: https://github.com/cloudbees-io/kustomize-deploy@v2
        with:
          kustomization-base-dir: ${{ cloudbees.workspace }}/testdata/base
          kustomization-overlays-dir: ${{ cloudbees.workspace }}/testdata/overlays/dev
          kustomize-secret-file: '{"name":"my-secret","namespace":"dev","add":"secrets.properties"}'
          kustomize-replicas: '["hello:5"]'
Create/update a Kubernetes resource