See: https://wikitech.wikimedia.org/wiki/Portal:Toolforge/Admin/Kubernetes/Custom_components
We have a growing list of components that deploy to Toolforge kubernetes using this pattern:
- git repository with source code
- checkout on a docker builder host
- build the docker image, tag it, etc
- upload to our internal docker registry
- checkout git repository on k8s control node
- run ./deploy.sh T303931: Decision request - WMCS kubernetes standard deployment code pattern
- [optionally] manage auth things, like certificates etc
This is a very good candidate for automation using spicerack/cookbook or whatever.
Known cases:
- 3 custom admission controllers: https://wikitech.wikimedia.org/wiki/Portal:Toolforge/Admin/Kubernetes/Deploying#custom_admission_controllers
- maintain-kubeusers
- jobs-framework-api
- jobs-framework-emailer