Use ConfigMap created as part of step when adding config map environment variables in k8s deploy containers step

(zackery parkhurst) #1

Hello,

We are in need of the deploy container feature to allow us to choose to use the configmap created as part of this step when adding configmap environment variables during the k8s deploy container step. Currently, the configmap created as part of this step has version appended to the configmap name. Which makes it impossible to map environment variables from it. We need the ability to pick individually which keys from the configmap to add as environment variables and be able to just add all of them as environment variables very similar to the way envfrom works Example:

apiVersion: v1
kind: Pod
metadata:
  name: dapi-test-pod
spec:
  containers:
    - name: test-container
      image: k8s.gcr.io/busybox
      command: [ "/bin/sh", "-c", "env" ]
      envFrom:
      - configMapRef:
          name: special-config
  restartPolicy: Never

We need this because it is very important that we use the deployContainer step to deploy the CM needed by the application because this step auto-versions them. Without this ability we would have to create the CM in a separate step. Which then if a deployment fails on the pod step but the configmaps have been updated then it can affect the older, running pods. So you can’t guarantee that the old ones will keep running if they need to be restarted since the configmap could have changed.

**UPDATE If we could also get the same abilities for Secret Environment Variables too. Same problem exist where there is no option to choose “Secret created as part of this step”

(Rob Pearson) #3

Hi @zackeryddparkhurst,

Thanks for getting in touch and great question. I’m happy to report that there is a solution for this which was unfortunately undocumented. In this scenario, you can use the following variables to obtain the correct computed config map/secret values.

#{Octopus.Action.KubernetesContainers.ComputedConfigMapName}
and
#{Octopus.Action.KubernetesContainers.ComputedSecretName}

These variables go in the ‘Name’ field for each appropriate section.

Hope this helps!

Thanks

Rob

(zackery parkhurst) #4

Hello @robpearson,

Thank you for your quick response. That is awesome I will try that out.

Is there a way to have all of the values in CM and/or Secret mapped to environment variables without having to specify every one? Very similar to the way envFrom works in code snippet above?

(Rob Pearson) #5

Hi @zackeryddparkhurst,

Thanks for the reply. Unfortunately, Octopus doesn’t currently support that behaviour but our team agrees it would be helpful and we’ll consider adding it.

Thanks

Rob

(Andrie) #6

Hi would like to create a configmap for container environment variables by using Octopus tenant variables. Is this possible? I need to use 20+ variables, which is quite tedious to configure in the configmap step.

Set-Content -Path configmap.yml -Value @”

apiVersion: v1
kind: ConfigMap
metadata:
name: my-env
data:
Build_Id: $OctopusParameters[“Octopus.Action.Package[incidentlog].PackageVersion”]
Logging__ServiceBusConnectionString: $OctopusParameters[“Tenant.ServiceBus.ConnectionString”]
Logging__LogTopicPath: $OctopusParameters[“Tenant.LiveLogging.TopicPath”]
firebase__ProjectUid: $OctopusParameters[“Tenant.Firebase.ProjectUid”]
firebase__BucketName: $OctopusParameters[“Tenant.Firebase.BucketName”]
firebase__RealTimeQueue: $OctopusParameters[“Tenant.Firebase.RealTimeQueue”]
azure__StorageConnection: $OctopusParameters[“Tenant.BlobStorage.ConnectionString”]
azure__StorageContainer: $OctopusParameters[“Tenant.BlobStorage.Container”]
“@

kubectl apply -f configmap.yml

upon inspecting my configmap i am only getting or similar values.

System.Collections.Generic.Dictionary`2[System.String,System.String][“Tenant.LiveLogging.TopicPath”]

(Michael Richardson) #9

Hi Andrie,

What you are trying is certainly possible, and I believe your example is very close.

I think your powershell syntax is just slightly off. I think the dictionary lookups need to be:

$($OctopusParameters[“Tenant.LiveLogging.TopicPath”])

You can also the Octopus variable syntax if you prefer. e.g.

#{Tenant.LiveLogging.TopicPath}

I hope that helps.

(Andrie) #10

Thanks for the response.
Will try it out and give feedback

(Andrie) #11

Hi there,

Thanks for this.

I would like some advice on getting my domain wildcard certificate into nginx-ingress.

I know the process of using cert-manager with Let’s encrypt. However I have a PFX file from godaddy with our wildcard cert.

I have extracted this and created a certificate chain in base64 .pem file

How do I deploy this with octopus (do I just need it in my ingress step with deploy a container or during the helm deploy of nginx-ingress)

Regards

(Octopus Support) #12

Hi Andrie,

Thanks for getting in touch! The easiest way to configure this is in the Ingress TLS field of your Kubernetes step as highlighted below.

ingress_tls.png

Note that this field was introduced in 2018.11.2 as it was previously not exposed by the UI. If you’re running a version prior to this, you can still deploy the certificate in the built-in Ingress Resource step (or the Deploy Kubernetes Containers step) as an Ingress Annotation where the value is the certificate variable.

I hope this helps get you going! Don’t hesitate to reach out if we can assist in anything else. :slight_smile:

Best regards,

Kenneth Bates

support@octopus.comOctopus Logo

{#HS:916430414-47897#}