Assuming an app repository with ./deploy/prod/kustomization.yaml
:
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- deployment.yaml
- service.yaml
- ingress.yaml
We define a source in the fleet-infra repo of type gitrepository.source.toolkit.fluxcd.io/v1beta1
that pulls changes from the app repository every 5 minutes inside the cluster:
apiVersion: source.toolkit.fluxcd.io/v1beta1
kind: GitRepository
metadata:
name: my-app
namespace: apps
spec:
interval: 5m
url: https://github.com/my-org/my-app
ref:
branch: main
Then we define a kustomization.kustomize.toolkit.fluxcd.io
that uses the kustomization.yaml
from ./deploy/prod
to determine which resources to create, update or delete:
apiVersion: kustomize.toolkit.fluxcd.io/v1beta1
kind: Kustomization
metadata:
name: my-app
namespace: apps
spec:
targetNamespace: apps
interval: 15m
path: "./deploy/prod"
prune: true
sourceRef:
kind: GitRepository
name: my-app
Having the container images defined in kustomization.kustomize.toolkit.fluxcd.io
allows you to automate the image tag updates without modifying the kustomization.yaml
in the app repository.
First we define the app container image repo:
apiVersion: image.toolkit.fluxcd.io/v1alpha1
kind: ImageRepository
metadata:
name: my-app
namespace: flux-system
spec:
image: my-apps/my-app
We can define a policy that will select the latest app image release using a semver range:
apiVersion: image.toolkit.fluxcd.io/v1alpha1
kind: ImagePolicy
metadata:
name: my-app
namespace: flux-system
spec:
imageRepositoryRef:
name: my-app
policy:
semver:
range: 1.0.x
Then we add a reference to our policy in the Kustomization
manifest:
apiVersion: kustomize.toolkit.fluxcd.io/v1beta1
kind: Kustomization
metadata:
name: my-app
namespace: apps
spec:
# .....
images:
- name: my-apps/my-app
newName: my-apps/my-app
newTag: v1.0.1 # {"$ref": "flux-system:my-app:tag"}
Finally we configure the automation controller to commit the image tag changes to the fleet-repo:
apiVersion: image.toolkit.fluxcd.io/v1alpha1
kind: ImageUpdateAutomation
metadata:
name: my-app
namespace: flux-system
spec:
checkout:
gitRepositoryRef:
name: my-fleet
commit:
authorName: UpdateBot
authorEmail: bot@example.com
You'll need an
ImageRepository
definition too -- the one referred to in the policy.