Managing Spinnaker programmatically: Options as of August 2019

Hello,

I’d like to understand what options there are when it comes to managing Spinnaker with code (declaratively, if possible) so I can pick the most appropriate one for my use case, but I’m confused by the number of options available and the lack of (up-to-date) documentation.

Things I’d like to manage this way include: Pipelines, applications and Kubernetes accounts.

For pipelines, options are:

  • Armory’s proprietary Pipelines As Code feature (dinghy). I don’t like the vendor lock-in, but this seems like the most convenient option. The language functionality seems a bit basic, but I suppose I could use something like Jsonnet to generate the dinghyfile if we ever something more powerful.
  • (Managed) Pipeline Templates (MPT) v2. I believe this is officially the way to go. Not declarative though, as I still have to write scripts to use them.
  • Sponnet. Seems like the future successor to MPT v2? I don’t really understand the status of this project or its relationship with MPT v2.
  • Terraform, which uses the deprecated(?) dcd-spec, so I’m guessing it shouldn’t be used going forward?
  • A combination of a generic tool like Kapitan to generate the pipelines and scripts to wrap spin pipeline calls.

For applications, options are:

  • The Terraform provider above.
  • Use Kapitan along with custom scripts to wrap calls to spin application.

For Kubernetes accounts, options are:

  • Use Armory halyard GitOps along with custom scripts to wrap calls to hal config provider kubernetes account.
  • Use Kapitan along with custom scripts to wrap calls to hal config provider kubernetes account and manage the ~/.hal/config and associated credentials securely.

Any I missing any options or best practices?

Thanks!

PS: See also:

2 Likes

I can add some more detail on MPTv2:

MPTv1 supported template composition and inheritance by relying on server side templating. For MPTv2 this responsibility was lifted out of Spinnaker. Instead, Sponnet can be used to achieve template composition and the resulting templates can be persisted to Spinnaker via Spin CLI. Automating this process would still require some external tooling.

There is a walkthrough on creating templates and pipelines under “User How-Tos

Additionally, there is a set of questions that came up during the Spinnaker As Code SIG with answers related to MPTv2 here

Hope this is helpful, I’m happy to answer any further questions as well.

1 Like

Hey @louisjimenez! :wave:

Thank you so much for getting back to me and sharing more info on MPTv2 and Sponnet.

BTW, is it OK to make that Google Doc public so others can read it?

Cheers.

Also, if MPTv2 (+ Sponnet) is officially the way to go, but some external tooling is still required, how are folks managing this in the real world?

Anyone using Spinnaker to manage Spinnaker pipelines? (Or would that discouraged for some reason?)

Hey folks,

I wanted to report back on how I’m managing Spinnaker programmatically in the end, in case this helps anyone or there are better ways to do what I’m doing (or planning to do).

I’m using sponnet to generate the pipelines configuration. And by using jsonnet along with Kapitan, I can easily make the code modular so I can define the building blocks for the different pipelines and environments we have. I’m also planning to generate the application config with sponnet.

I considered using sponnet to generate MPTs (v2) but I found the process to be more complicated, and honestly, I couldn’t identify any benefit. Unless I’m missing something, MPTv2 only allows you to add parameters to your JSON config (no conditionals/loops/etc), which is something you can do pretty easily with jsonnet anyway. Especially if you write modular jsonnet code.

And to have the JSON generated by sponnet applied, I’m running spin via Cloud Build. Spinnaker is hosted on GCP and it’s behind an Identity-Aware Proxy, so spin uses a service account to connect to Gate.

Cheers.

1 Like

Hey,

I made a public version of the document available here.

Thanks for sharing your workflow, great to hear that Sponnet and Spin CLI are helping with your use case. MPTv2 can add value if you are looking to version templates, share them across teams, manage them in the UI, or configure variables and inheritance on a per pipeline basis in Deck. Some of these things are possible with Sponnet and a bit of tooling. All three tools are being developed to integrate nicely and support a templated pipeline workflow.