Continuous Deployment to Kubernetes using GitLab triggered spinnaker pipelines

CD to Kubernetes using GitLab triggered Spinnaker pipelines

This blog explains how to configure Spinnaker v1.16.1 to trigger pipelines based on commits to a Gitlab repository and inject changed Gitlab files as artifacts into a pipeline

  1. Prerequisites
  2. Configure GitLab webhooks
  3. Configure a GitLab artifact account
  4. Configure Spinnaker Pipeline Trigger
  5. Verification

1. Prerequisites

1.1.  GitLab account

Create a new Project and then add some sample artifact file to the Repository.

Artifact file(manifest.yaml) should not include the tag details for Docker image.

1.2.  A running Spinnaker instance

2.  Configure GitLab Webhook

      Steps to configure GitLab Webhook:

               1.  Navigate to the Settings page of a repository

               2.  Choose the Integrations menu

               3.  Fill out the fields:

                     3.1. URL: http://<Public-IP>:8084/webhooks/webhook/gitlab

The Payload URL should be $ENDPOINT/webhooks/webhook/gitlab

We need Spinnaker’s API running on an endpoint that is publicly reachable. This is required to allow GitLab’s webhooks to reach Spinnaker.

If you’re unsure of what your Spinnaker API endpoint is, check the value of services.gate.baseUrl in ~/.hal/$DEPLOYMENT/staging/spinnaker.yml.

The value of $DEPLOYMENT is typically default.



                   3.2. Secret Token: Spinnaker validates the source of the requests with the Secret Token

              4.  Select Trigger options like, ‘Push events’, ‘Tag Push events’, etc.

              5.  Check/Uncheck ‘Enable SSL verification’ according to Spinnaker server SSL configuration

              6.  Click ‘Add webhook’

3.  Configure a GitLab Artifact Account

Spinnaker can be configured to listen to changes to a repository in GitLab. These steps show you how to configure a GitLab artifact account so that Spinnaker can download files from GitLab.

      3.1.  Downloading Credentials

                   Start by generating an access token for GitLab. The token requires the repo scope. Here Create an access token for GitLab by following the below link:


Generate Access token for GitLab account and downloaded credentials are saved in a file called, ‘gitlab_token_file’.


        3.2.  Editing Artifact Settings in Spinnaker Config

  Enable GitLab artifact support and add an artifact account(Ex: dvr-gitlab-artifact-act):



                 $ hal config features edit --artifacts true

                 $ hal config artifact gitlab enable

                 $ hal config artifact gitlab account add $ARTIFACT_ACCOUNT_NAME --token-file $TOKEN_FILE

                 $ hal deploy apply

4Configure Spinnaker Pipeline Trigger

   Configure Spinnaker pipeline to be triggered by a GitLab commit:

      4.1.  Configuration Stage

             Create a new pipeline that we want it to be triggered on changes to GitLab Repository/artifacts.

                 1.  In Pipeline configuration, click the Configuration stage on the far left of the pipeline diagram.

                 2.  Click on Add Artifact under Expected Artifacts

                 3.  Select an artifact account that was added earlier (3.2) from Account drop down list and enter the File Path field with a manifest file.

                 4.  Select ‘Use Default Artifact’ and specify the artifact account that was added earlier (3.2) from Account drop down list and the ‘Content URL’.

                      Here the ‘Content URL’ is used as:<Project-ID>/repository/files/manifest%2Eyaml/raw

                  5.  Add one more Artifact Account for Docker-Registry as an account and the Docker image name that we want to trigger on changes to.


                 6.  Click Automated Triggers.

                 7.  In the Type field, select Webhook.

                 8.  In the Source field, select gitlab. This input determines the target URL required to trigger this pipeline, as well as how the payload can be transformed into artifacts.

       4.2.  Deploy Kubernetes Manifests

               Select the Deploy (Manifest) stage by specifying the manifests. Add manifest configuration to read manifest file content from an artifact created upstream and the expected artifact must be referenced here, and will be bound at run time.

              Select the Display name of Expected artifact account for Manifest Artifact. The artifact that is to be applied to the Kubernetes account for this stage. The artifact should represent a valid Kubernetes manifest.

             Select the Display name of docker-registry account for ‘Required Artifacts to Bind’.

5.  Verification

1. Make a change into the repository, and ensure Spinnaker’s pipeline is auto triggered.

This can also be verified under Settings -> Integrations -> Webhooks -> Test -> Push events by checking the response for Hook executed successfully: HTTP 200, which means GitLab event has been processed successfully.

 2. Ensure the Deploy(manifest) stage is executed successfully as shown below:

And click on Tasks Status for checking the status on tasks of Google Cloud Build.

   3. And see the subsequent result in kubernetes cluster as below:


Leave a Comment

Your email address will not be published.

You may like