In this tutorial, we'll walk through the process of creating a GitHub Action to deploy Teleport on Kubernetes at scale. This automation will streamline your deployment process and ensure consistency across your infrastructure.
Before we begin, make sure you have the following:
teleport.yaml
)First, create a new file in your repository at
.github/workflows/deploy-teleport.yml
. This file will define our GitHub Action
workflow.
name: Deploy Teleport Kube Agent
run-name: Deploy Teleport Kube Agent [${{ inputs.job_id && inputs.job_id || '' }}]
on:
workflow_dispatch:
inputs:
job_id:
description: "Job ID"
required: true
jobs:
deploy:
runs-on: ubuntu-latest
permissions:
contents: "read"
id-token: "write"
steps:
- name: Checkout repository
uses: actions/checkout@v4
- id: ctrlplane
uses: ctrlplanedev/ctrlplane/github/get-job-inputs@main
with:
base_url: https://ctrlplane.wandb.io
job_id: ${{ inputs.job_id }}
api_key: ${{ secrets.CTRLPLANE_API_KEY }}
required_outputs: |
target_config_auth_method
target_config_server_endpoint
target_config_server_certificateAuthorityData
release_version
- name: Connect to Cluster
uses: ./github/connect-to-k8s
with:
auth_method: ${{ steps.ctrlplane.outputs.target_config_auth_method }}
endpoint: ${{ steps.ctrlplane.outputs.target_config_server_endpoint }}
certificate_authority_data: ${{ steps.ctrlplane.outputs.target_config_server_certificateAuthorityData }}
- name: Set up Helm
uses: azure/setup-helm@v4.2.0
- name: Add Teleport Helm Repository
run: |
helm repo add teleport https://charts.releases.teleport.dev
helm repo update
- name: Create values.yaml
run: |
cat << EOF > values.yaml
roles: kube
authToken: ${{ secrets.TELEPORT_AUTH_TOKEN }}
proxyAddr: wandb.teleport.sh:443
kubeClusterName: ${{ steps.ctrlplane.outputs.target_config_name }}
labels:
teleport.internal/resource-id: c61c780e-16aa-4bdd-a410-208a4bf5b108
enterprise: true
updater:
enabled: true
releaseChannel: "stable/cloud"
highAvailability:
replicaCount: 5
requireAntiAffinity: true
podDisruptionBudget:
enabled: true
minAvailable: 5
EOF
- name: Helm Apply Teleport Kube Agent
run: |
helm upgrade --install teleport-agent teleport/teleport-kube-agent \
-f values.yaml \
--version ${{ steps.ctrlplane.outputs.release_version }} \
--create-namespace \
--namespace teleport
Developers
GitHub