Skip to content

Continuous Deployment

Set k8s_ci_repository_arn and k8s_ci_vault_password_arn in deploy/host_vars/k8s.yml to the specific environment's AWS ARNs:

# file: group_vars/k8s.yaml
# Continuous integration:
k8s_ci_aws_profile: "{{ aws_profile }}"
k8s_ci_username: "{{ app_name }}-ci-user"
# aws ecr describe-repositories | grep Arn
k8s_ci_repository_arn: ""
# aws secretsmanager list-secrets
k8s_ci_vault_password_arn: ""

Run this playbook:

# file: deploy-cd-iam-user.yaml
- hosts: k8s
  gather_facts: false
  tasks:
    - name: configure CD IAM user
      import_role:
        name: caktus.django-k8s
        tasks_from: aws_ci

Example:

inv staging deploy.playbook -n deploy-cd-iam-user.yaml

Access "{{ app_name }}-ci-user" in the IAM section of AWS console and generate accesses keys for use with GitHub actions.

Last update: 2024-11-18