retpolanne/spinup-gocd.md

Last active April 16, 2021 04:43

Star (1) You must be signed in to star a gist
Fork (0) You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/retpolanne/737b4b27c9f318046226e43064259f20.js"></script>
Save retpolanne/737b4b27c9f318046226e43064259f20 to your computer and use it in GitHub Desktop.

Download ZIP

Spin up GoCD on Kubernetes

Raw

spinup-gocd.md

kubectl create ns gocd
helm repo add stable https://kubernetes-charts.storage.googleapis.com
helm install gocd-app --namespace gocd stable/gocd
Get the ingress IP and hit it
Get the ca and the token generated from the service account

secret_name=$(kubectl get serviceaccount gocd-app --namespace=gocd  -o jsonpath="{.secrets[0].name}")
kubectl get secret $secret_name --namespace=gocd -o jsonpath="{.data['token']}" | base64 --decode
kubectl get secret $secret_name --namespace=gocd  -o jsonpath="{.data['ca\.crt']}" | base64 --decode

Create the docker secret

kubectl create secret docker-registry \
	my-docker-registry \
	--namespace gocd \
	--docker-server=<docker_server_url> \
	--docker-username=<username> \
	--docker-password=<password> \
	--docker-email=<email>

Create an ssh key for using with Github

ssh-keygen -t rsa -b 4096 -C "[email protected]" -f gocd-agent-ssh -P ''
kubectl create secret generic gocd-agent-ssh \
    --from-file=id_rsa=gocd-agent-ssh \
    --from-file=id_rsa.pub=gocd-agent-ssh.pub \
    --namespace gocd

Add this to the pod spec on Elastic Profiles

containers:
- ...
  volumeMounts:
  - name: ssh-secrets
    readOnly: true
    mountPath: /home/go/.ssh
volumes:
- name: ssh-secrets
  secret:
    defaultMode: 420
    secretName: gocd-agent-ssh

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment