Deploy Kubernetes Manifest

Property	Type	Description
manifest	any	YAML or JSON manifest for the Kubernetes resource to be applied
authToken	string	Bearer token to authenticate with the Kubernetes API
clusterUrl	string	URL of the Kubernetes API

Deploy a Deployment and Service to a dev namespace

Applies a multi-document manifest that creates a dev namespace, a Deployment, and a Service. Use this after generating app metadata with fetch:template.

Copy

steps:
  - id: deploy-dev-workload
    action: deploy:kubernetes
    input:
      clusterUrl: https://dev.k8s.example.com
      authToken: ${{ secrets.k8sToken }}
      manifest: |-
        apiVersion: v1
        kind: Namespace
        metadata:
          name: dev

        ---
        apiVersion: apps/v1
        kind: Deployment
        metadata:
          name: ${{ parameters.serviceName }}
          namespace: dev
          labels:
            app: ${{ parameters.serviceName }}
        spec:
          replicas: 2
          selector:
            matchLabels:
              app: ${{ parameters.serviceName }}
          template:
            metadata:
              labels:
                app: ${{ parameters.serviceName }}
            spec:
              containers:
                - name: ${{ parameters.serviceName }}
                  image: ghcr.io/example/${{ parameters.serviceName }}:${{ parameters.imageTag }}
                  ports:
                    - containerPort: 8080
                  env:
                    - name: LOG_LEVEL
                      value: info

        ---
        apiVersion: v1
        kind: Service
        metadata:
          name: ${{ parameters.serviceName }}
          namespace: dev
        spec:
          type: ClusterIP
          selector:
            app: ${{ parameters.serviceName }}
          ports:
            - port: 80
              targetPort: 8080

Apply a parameterized ConfigMap to a specific namespace

Creates a ConfigMap using values from template parameters. Use this to configure your app at deploy time without rebuilding images.

Copy

steps:
  - id: deploy-configmap
    action: deploy:kubernetes
    input:
      clusterUrl: ${{ parameters.clusterUrl }}
      authToken: ${{ secrets.k8sToken }}
      manifest:
        apiVersion: v1
        kind: ConfigMap
        metadata:
          name: ${{ parameters.appId }}-config
          namespace: ${{ parameters.namespace }}
          labels:
            app.kubernetes.io/name: ${{ parameters.appId }}
            app.kubernetes.io/part-of: ${{ parameters.appId }}
        data:
          APPLICATION_ENV: ${{ parameters.env }}
          FEATURE_FLAG_X: "true"
          SERVICE_ENDPOINT: https://api.${{ parameters.env }}.example.com

Run a one-off Job for a database migration

Applies a Job that runs a migration command with image and secrets provided by parameters. Use this after building and publishing your image.

Copy

steps:
  - id: deploy-db-migration
    action: deploy:kubernetes
    input:
      clusterUrl: https://ops.k8s.example.com
      authToken: ${{ secrets.k8sToken }}
      manifest:
        apiVersion: batch/v1
        kind: Job
        metadata:
          name: ${{ parameters.appId }}-migrate
          namespace: ${{ parameters.namespace }}
        spec:
          backoffLimit: 3
          template:
            spec:
              restartPolicy: Never
              containers:
                - name: migrate
                  image: ${{ parameters.image }}
                  command: ["sh", "-c", "npm run migrate"]
                  env:
                    - name: DATABASE_URL
                      valueFrom:
                        secretKeyRef:
                          name: ${{ parameters.appId }}-secrets
                          key: databaseUrl

Create an Ingress to expose a service

Applies an Ingress resource to route traffic to your service. Use this when exposing an internal service via your cluster ingress controller.

Copy

steps:
  - id: deploy-ingress
    action: deploy:kubernetes
    input:
      clusterUrl: https://prod.k8s.example.com
      authToken: ${{ secrets.k8sToken }}
      manifest:
        apiVersion: networking.k8s.io/v1
        kind: Ingress
        metadata:
          name: ${{ parameters.serviceName }}-ingress
          namespace: ${{ parameters.namespace }}
          annotations:
            kubernetes.io/ingress.class: nginx
        spec:
          rules:
            - host: ${{ parameters.host }}
              http:
                paths:
                  - path: /
                    pathType: Prefix
                    backend:
                      service:
                        name: ${{ parameters.serviceName }}
                        port:
                          number: 80
          tls:
            - hosts:
                - ${{ parameters.host }}
              secretName: ${{ parameters.serviceName }}-tls

Apply a cert-manager Certificate custom resource

Applies a cert-manager Certificate to request TLS for a host. Use this to provision certificates after deploying your Ingress.

Copy

steps:
  - id: deploy-certificate
    action: deploy:kubernetes
    input:
      clusterUrl: ${{ parameters.clusterUrl }}
      authToken: ${{ secrets.k8sToken }}
      manifest: |-
        {
          "apiVersion": "cert-manager.io/v1",
          "kind": "Certificate",
          "metadata": {
            "name": "${{ parameters.serviceName }}-tls",
            "namespace": "${{ parameters.namespace }}"
          },
          "spec": {
            "secretName": "${{ parameters.serviceName }}-tls",
            "issuerRef": {
              "name": "letsencrypt-prod",
              "kind": "ClusterIssuer"
            },
            "dnsNames": [
              "${{ parameters.host }}"
            ]
          }
        }

Input Schema

Output Schema

Usage Examples

Deploy a Deployment and Service to a dev namespace

Apply a parameterized ConfigMap to a specific namespace

Run a one-off Job for a database migration

Create an Ingress to expose a service

Apply a cert-manager Certificate custom resource