stackoom
  简体   繁体   中英

How to pull secrets from Kubernetes into GitHub action to run Django migrations for AKS deployment?

 原文  2021-06-03 08:59:28       django/ azure/ kubernetes

Question

I have taken up the challenge of automating the deployment of my company's Django-based application that is done with AKS but I am very new to it. My initial idea is to accomplish it by upgrading the steps in a GitHub workflow that acts on the release of a new version.

I have structured it with three jobs. build , migrate and deploy :

  1. build : Simply build the Docker image and push it to the container registry on DockerHub - this step is successfully done.
  2. migrate : Run the migrations in the production database from python manage.py migrate - here lies the problem.
  3. deploy : Deploy the image to the Kubernetes cluster - successfully done.

Step 2 is the problem because we store the Postgres database credentials inside the Kubernetes cluster and to run the migrations I need those secrets to pass them as environment variables before I call the migrate command. So I am stuck on how I can pull those secrets from Kubernetes and use them to run a command in a step in GitHub action like this:

migrate:
    needs: build
    runs-on: ubuntu-latest

    steps:
      - uses: actions/checkout@v2

      - name: Set up Python 3.8
        uses: actions/setup-python@v2
        with:
          python-version: 3.8

      - name: psycopg2 prerequisites
        run: sudo apt-get install python3-dev libpq-dev

      - name: Install dependencies
        run: |
          python3 -m pip install --upgrade pip
          python3 -m pip install -r requirements.txt
      
      - name: Run migrations
        run: |
          POSTGRES_HOST={{ secret_host }} POSTGRES_USER={{ secret_user }} POSTGRES_PASSWORD={{ secret_password }} python manage.py showmigrations --settings settings_production
          POSTGRES_HOST={{ secret_host }} POSTGRES_USER={{ secret_user }} POSTGRES_PASSWORD={{ secret_password }} python manage.py migrate --settings settings_production

Question is, is this even possible? If so, how can I do it? If not, what is another option to run the migrations in production before finishing the deployment?

1 answers

solution1
 2 ACCPTED  2021-06-03 10:51:13

You can rub db migrations from Kubernetes cluster itself.

  1. Create a Kubernetes Job, which basically runs db migration. and
  2. Deploy an init container before main container(application), which periodically checks db migration job completion.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Django Settings and GitHub Action Secrets Django on Kubernetes Deployment: Best practices for DB Migrations How to run Django migrations inside kubernetes and apply changes to the database pod? How to run Django migrations in Google App Engine Flexible deployment step? Applying Django migrations once per deployment application in Kubernetes/Google CloudSQL Django migrations not working from GitHub Actions How to run migrations in a forked django app? How do I run migrations in Dockerized Django? How to run django migrations with one command run migrations in parallel django?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM