120 lines
2.9 KiB
Plaintext
120 lines
2.9 KiB
Plaintext
local build = import 'lib/build.libsonnet';
|
|
local images = import 'lib/images.libsonnet';
|
|
local environment = import 'lib/node_modules/@sigyl/jsonnet-drone-environment/environment.libsonnet';
|
|
local compose = import 'lib/node_modules/@sigyl/jsonnet-compose/compose.libsonnet';
|
|
local util = import 'lib/util.libsonnet';
|
|
|
|
|
|
function(config)
|
|
function(
|
|
name,
|
|
root,
|
|
buildSecrets,
|
|
publicSecrets,
|
|
secretSecrets,
|
|
droneSecrets,
|
|
)
|
|
{
|
|
kind: 'pipeline',
|
|
type: 'docker',
|
|
name: 'deploy',
|
|
clone: {
|
|
disable: false,
|
|
depth: 0,
|
|
},
|
|
services: [
|
|
images(config).docker {
|
|
privileged: true,
|
|
volumes: [
|
|
{
|
|
name: 'dockersock',
|
|
path: '/var/run',
|
|
},
|
|
{
|
|
name: 'ca',
|
|
path: '/etc/docker/certs.d',
|
|
},
|
|
{
|
|
name: 'daemonjson',
|
|
path: '/etc/docker/daemon.json',
|
|
},
|
|
],
|
|
},
|
|
],
|
|
volumes: [
|
|
{
|
|
name: 'dockersock',
|
|
temp: {},
|
|
},
|
|
{
|
|
name: 'ca',
|
|
host: {
|
|
path: '/etc/docker/certs.d',
|
|
},
|
|
},
|
|
{
|
|
name: 'daemonjson',
|
|
host: {
|
|
path: '/etc/docker/daemon.json',
|
|
},
|
|
},
|
|
],
|
|
steps:[
|
|
compose(
|
|
std.map(
|
|
function(secret) util.printEnv('env-%s' % name, secret),
|
|
buildSecrets +
|
|
publicSecrets +
|
|
secretSecrets
|
|
)
|
|
)
|
|
(
|
|
images(config).ssh {
|
|
settings +: {
|
|
script +: [
|
|
'rm -f env-%s' % name,
|
|
],
|
|
},
|
|
},
|
|
) {
|
|
name: 'print env',
|
|
},
|
|
images(config).scp(
|
|
'%(root)s%(name)s' % { root: root, name: name }
|
|
),
|
|
images(config).wait(15),
|
|
build(config)(buildSecrets),
|
|
compose(
|
|
std.map(
|
|
function(secret) environment.envSet(secret),
|
|
publicSecrets + secretSecrets + buildSecrets,
|
|
),
|
|
)(
|
|
images(config).ssh{
|
|
name: 'deploy',
|
|
settings +: {
|
|
envs +: std.map(
|
|
environment.env,
|
|
droneSecrets,
|
|
),
|
|
script +:
|
|
std.map(
|
|
function(secret)
|
|
'export %(env)s=$${%(env)s}' % {
|
|
env: environment.environment(secret)
|
|
},
|
|
secretSecrets + publicSecrets + buildSecrets + droneSecrets,
|
|
) +
|
|
[
|
|
'set -e',
|
|
'cd %(root)s%(name)s' % { root: root, name: name },
|
|
'sh .drone/login.sh',
|
|
'sh .drone/pull.sh',
|
|
'sh .drone/deploy.sh',
|
|
]
|
|
}
|
|
},
|
|
),
|
|
],
|
|
}
|