From 3292d347040741a82cd782c5d04521d5dc628c51 Mon Sep 17 00:00:00 2001 From: Giles Bradshaw Date: Fri, 28 Aug 2020 21:45:23 +0100 Subject: [PATCH] Squashed commit of the following: commit 99ed34c5a23c047f6f16d4373ef7ff87973043c0 Author: Giles Bradshaw Date: Fri Aug 28 13:44:28 2020 +0100 domain commit 7b495fa21774553d40eed855a37d187540468616 Author: Giles Bradshaw Date: Fri Aug 28 13:26:56 2020 +0100 . commit 94e7d7fa5b92e7300b2e78a5243759b932d79a40 Author: Giles Bradshaw Date: Fri Aug 28 13:17:20 2020 +0100 . commit 246dff312fb37072f54c29603e281f19437e7baa Author: Giles Bradshaw Date: Thu Aug 27 19:50:21 2020 +0100 fix: hostname commit e44ab46af24c592fc5ba5baad5d429ab01f5add9 Author: Giles Bradshaw Date: Thu Aug 27 18:45:55 2020 +0100 fix: image digests commit f76f87d9b0c93627a4e3986710dbe1f2aa821c8d Author: Giles Bradshaw Date: Thu Aug 27 17:45:23 2020 +0100 fix: remove smallfiles commit 59963d55ddc20f0cc4db2e6aff7ec64acd91684e Author: Giles Bradshaw Date: Thu Aug 27 17:18:23 2020 +0100 ci: promote to production to deploy --- .drone-home.star | 16 ----- .drone/drone-home.jsonnet | 21 ++++-- .drone/drone-home.yml | 107 +++++++++++++--------------- .drone/lib/public-secrets.libsonnet | 1 - .drone/login.sh | 2 +- .drone/logout.sh | 2 +- .drone/package.json | 2 +- .drone/yarn.lock | 22 +++++- .gitignore | 3 +- README.md | 15 ++++ docker-compose.yml | 10 +-- 11 files changed, 112 insertions(+), 89 deletions(-) delete mode 100644 .drone-home.star diff --git a/.drone-home.star b/.drone-home.star deleted file mode 100644 index 04ca74d..0000000 --- a/.drone-home.star +++ /dev/null @@ -1,16 +0,0 @@ - -load("@this//chat:drone.star", "drone") -load("@this//chat:stack-name.star", "stackName") -load("@this//chat:stack-root.star", "stackRoot") - -def main(ctx): - return drone( - ctx, - "home-deploy", - stackRoot, - stackName, - [ - "docker service scale {name}_chat=1".format(name=stackName), - ] - ) - \ No newline at end of file diff --git a/.drone/drone-home.jsonnet b/.drone/drone-home.jsonnet index 1b822f4..9f8e14a 100644 --- a/.drone/drone-home.jsonnet +++ b/.drone/drone-home.jsonnet @@ -3,15 +3,28 @@ local secretSecrets = import 'lib/secret-secrets.libsonnet'; local publicSecrets = import 'lib/public-secrets.libsonnet'; local deploy = import 'node_modules/@sigyl/jsonnet-drone/deploy.libsonnet'; +local register = import 'node_modules/@sigyl/jsonnet-drone/register.libsonnet'; [ + register, deploy( 'chat', '/stack/', + [], + publicSecrets, + secretSecrets, [ - 'LOCAL_DOCKER_REGISTRY', + 'REGISTRY_DOMAIN', + 'REGISTRY_PORT', 'REGISTRY_PASSWORD', ], - publicSecrets, - secretSecrets - ), + ) { + trigger +: { + event +: [ + 'promote', + ], + target +: [ + 'production', + ], + }, + }, ] diff --git a/.drone/drone-home.yml b/.drone/drone-home.yml index 42443d6..ee9ba95 100644 --- a/.drone/drone-home.yml +++ b/.drone/drone-home.yml @@ -1,3 +1,20 @@ +--- +kind: pipeline +type: docker +name: register + +platform: + os: linux + arch: amd64 + +clone: + disable: true + +trigger: + event: + exclude: + - promote + --- kind: pipeline type: docker @@ -9,7 +26,7 @@ platform: steps: - name: print env - image: appleboy/drone-ssh:1.6.2 + image: appleboy/drone-ssh:1.6.2@sha256:b801dc2cd238c192b6e99acfa7bc3f5b9a03f312bd2feb1e10b3a7a28a1b80ea settings: envs: - drone_tag @@ -17,28 +34,19 @@ steps: - drone_build_number - drone_repo_name - drone_repo_namespace - - local_docker_registry - - registry_password - - git_domain - chat_admin_name - chat_admin_email - chat_admin_password - host: - from_secret: ssh-host - key: - from_secret: ssh-key - port: - from_secret: ssh-port + host: ${SSH_HOST} + key: ${SSH_KEY} + passphrase: ${SSH_PASSPHRASE} + port: ${SSH_PORT} script: - rm -f env-chat - - "echo \"export LOCAL_DOCKER_REGISTRY='$${LOCAL_DOCKER_REGISTRY}'\" >> env-chat # \"local-docker-registry\"" - - "echo \"export REGISTRY_PASSWORD='$${REGISTRY_PASSWORD}'\" >> env-chat # \"registry-password\"" - - "echo \"export GIT_DOMAIN='$${GIT_DOMAIN}'\" >> env-chat # \"git-domain\"" - "echo \"export CHAT_ADMIN_NAME='$${CHAT_ADMIN_NAME}'\" >> env-chat # \"chat-admin-name\"" - "echo \"export CHAT_ADMIN_EMAIL='$${CHAT_ADMIN_EMAIL}'\" >> env-chat # \"chat-admin-email\"" - "echo \"export CHAT_ADMIN_PASSWORD='$${CHAT_ADMIN_PASSWORD}'\" >> env-chat # \"chat-admin-password\"" - username: - from_secret: ssh-user + username: ${SSH_USER} environment: CHAT_ADMIN_EMAIL: from_secret: chat-admin-email @@ -46,53 +54,39 @@ steps: from_secret: chat-admin-name CHAT_ADMIN_PASSWORD: from_secret: chat-admin-password - GIT_DOMAIN: - from_secret: git-domain - LOCAL_DOCKER_REGISTRY: - from_secret: local-docker-registry - REGISTRY_PASSWORD: - from_secret: registry-password - name: scp - image: appleboy/drone-scp:1.6.2 + image: appleboy/drone-scp:1.6.2@sha256:bd37a55f4b97e7742b0de7333669b96220b3cc422d366e1fa8c34059b736ab47 settings: command_timeout: 2m - host: - from_secret: ssh-host - key: - from_secret: ssh-key - port: - from_secret: ssh-port + host: ${SSH_HOST} + key: ${SSH_KEY} + passphrase: ${SSH_PASSPHRASE} + port: ${SSH_PORT} source: - . target: /stack/chat - username: - from_secret: ssh-user + username: ${SSH_USER} - name: wait - image: alpine + image: alpine:3.12.0@sha256:90baa0922fe90624b05cb5766fa5da4e337921656c2f8e2b13bd3c052a0baac1 commands: - sleep 15 - name: "dockerbuild:" - image: docker:dind + image: docker:19.03.12-dind@sha256:8dded163e463f4a59bf305b3dca98e312b2cfb89a43da3872e48f95a7554c48f commands: - set -e - sh .drone/login.sh - sh .drone/build.sh - sh .drone/push.sh - sh .drone/logout.sh - environment: - LOCAL_DOCKER_REGISTRY: - from_secret: local-docker-registry - REGISTRY_PASSWORD: - from_secret: registry-password volumes: - name: dockersock path: /var/run - name: deploy - image: appleboy/drone-ssh:1.6.2 + image: appleboy/drone-ssh:1.6.2@sha256:b801dc2cd238c192b6e99acfa7bc3f5b9a03f312bd2feb1e10b3a7a28a1b80ea settings: envs: - drone_tag @@ -100,32 +94,29 @@ steps: - drone_build_number - drone_repo_name - drone_repo_namespace - - git_domain + - registry_domain + - registry_port + - registry_password - chat_admin_name - chat_admin_email - chat_admin_password - - local_docker_registry - - registry_password - host: - from_secret: ssh-host - key: - from_secret: ssh-key - port: - from_secret: ssh-port + host: ${SSH_HOST} + key: ${SSH_KEY} + passphrase: ${SSH_PASSPHRASE} + port: ${SSH_PORT} script: - export CHAT_ADMIN_PASSWORD=$${CHAT_ADMIN_PASSWORD} - - export GIT_DOMAIN=$${GIT_DOMAIN} - export CHAT_ADMIN_NAME=$${CHAT_ADMIN_NAME} - export CHAT_ADMIN_EMAIL=$${CHAT_ADMIN_EMAIL} - - export LOCAL_DOCKER_REGISTRY=$${LOCAL_DOCKER_REGISTRY} + - export REGISTRY_DOMAIN=$${REGISTRY_DOMAIN} + - export REGISTRY_PORT=$${REGISTRY_PORT} - export REGISTRY_PASSWORD=$${REGISTRY_PASSWORD} - set -e - cd /stack/chat - sh .drone/login.sh - sh .drone/pull.sh - sh .drone/deploy.sh - username: - from_secret: ssh-user + username: ${SSH_USER} environment: CHAT_ADMIN_EMAIL: from_secret: chat-admin-email @@ -133,16 +124,10 @@ steps: from_secret: chat-admin-name CHAT_ADMIN_PASSWORD: from_secret: chat-admin-password - GIT_DOMAIN: - from_secret: git-domain - LOCAL_DOCKER_REGISTRY: - from_secret: local-docker-registry - REGISTRY_PASSWORD: - from_secret: registry-password services: - name: docker - image: docker:dind + image: docker:19.03.12-dind@sha256:8dded163e463f4a59bf305b3dca98e312b2cfb89a43da3872e48f95a7554c48f privileged: true volumes: - name: dockersock @@ -157,4 +142,10 @@ volumes: host: path: /etc/docker/certs.d +trigger: + event: + - promote + target: + - production + ... diff --git a/.drone/lib/public-secrets.libsonnet b/.drone/lib/public-secrets.libsonnet index b417319..b81819b 100644 --- a/.drone/lib/public-secrets.libsonnet +++ b/.drone/lib/public-secrets.libsonnet @@ -1,5 +1,4 @@ [ - 'git-domain', 'chat-admin-name', 'chat-admin-email', ] diff --git a/.drone/login.sh b/.drone/login.sh index c8ffffc..982ed2d 100644 --- a/.drone/login.sh +++ b/.drone/login.sh @@ -1 +1 @@ -docker login ${LOCAL_DOCKER_REGISTRY} --username client --password "${REGISTRY_PASSWORD}" \ No newline at end of file +docker login ${REGISTRY_DOMAIN}:${REGISTRY_PORT} --username client --password "${REGISTRY_PASSWORD}" \ No newline at end of file diff --git a/.drone/logout.sh b/.drone/logout.sh index 4bcacf0..2337c7c 100644 --- a/.drone/logout.sh +++ b/.drone/logout.sh @@ -1 +1 @@ -docker logout ${LOCAL_DOCKER_REGISTRY} \ No newline at end of file +docker logout ${REGISTRY_DOMAIN}:${REGISTRY_PORT} \ No newline at end of file diff --git a/.drone/package.json b/.drone/package.json index 2609cd8..22cfdd2 100644 --- a/.drone/package.json +++ b/.drone/package.json @@ -4,6 +4,6 @@ "build": "drone jsonnet --source drone-home.jsonnet --target drone-home.yml --stream" }, "dependencies": { - "@sigyl/jsonnet-drone": "^0.0.8" + "@sigyl/jsonnet-drone": "^0.1.0" } } diff --git a/.drone/yarn.lock b/.drone/yarn.lock index ec747fa..44ab354 100644 --- a/.drone/yarn.lock +++ b/.drone/yarn.lock @@ -1 +1,21 @@ -null \ No newline at end of file +# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY. +# yarn lockfile v1 + + +"@sigyl/jsonnet-compose@^0.0.2": + version "0.0.2" + resolved "https://registry.yarnpkg.com/@sigyl/jsonnet-compose/-/jsonnet-compose-0.0.2.tgz#8900a21e8cd8109929b6042703f8645aacb9bcda" + integrity sha512-wWS3CgPeNi/o1pcS6n/4pafxlMD0KC9/RKMZr/ySmzeGNRW++sPuKuxajYse2TNd47uNDdeUSnk4aEeEIKL0zA== + +"@sigyl/jsonnet-drone-environment@0.0.5": + version "0.0.5" + resolved "https://registry.yarnpkg.com/@sigyl/jsonnet-drone-environment/-/jsonnet-drone-environment-0.0.5.tgz#9ea85e08904777bd21a3e4b30b0b91461d0285ff" + integrity sha512-xVGmdMO1pOyozAWUbJm6mzKBgsLPJ+1hWnGCK3AxPkr7kkDh18hu30+TLzlcQtqq76s5jUfvJUztezsGj/mIcw== + +"@sigyl/jsonnet-drone@^0.1.0": + version "0.1.0" + resolved "https://registry.yarnpkg.com/@sigyl/jsonnet-drone/-/jsonnet-drone-0.1.0.tgz#feda1797e8e9ef799cad72e65f7163ca26a9e3a5" + integrity sha512-QY/ngucxFOtLfL8Mt0f2bxN4fQDUOGOFtaRpSH2cNyg84xADkzehT0ORZtbLitr+AwhyF5KN/zAGvzkyNAoqPw== + dependencies: + "@sigyl/jsonnet-compose" "^0.0.2" + "@sigyl/jsonnet-drone-environment" "0.0.5" diff --git a/.gitignore b/.gitignore index b512c09..ab05030 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ -node_modules \ No newline at end of file +node_modules +*.log \ No newline at end of file diff --git a/README.md b/README.md index 46fa0a4..c033cc0 100644 --- a/README.md +++ b/README.md @@ -1,9 +1,24 @@ # chat ## secrets + * chat-admin-name * chat-admin-password * git-domain * local-docker-registry * registry-password +## initialise mongo + +https://docs.rocket.chat/installation/manual-installation/mongo-replicas + +```shell +docker exec -it [mongo container id] mongo +rs.initiate() +``` + +## scale chat + +```shell +docker service scale chat_chat=1 +``` diff --git a/docker-compose.yml b/docker-compose.yml index 5dfcc63..340f2dc 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -7,13 +7,13 @@ services: replicas: 0 # will scale after mongo initated restart_policy: condition: any - image: rocketchat/rocket.chat:3.5.4 + image: rocketchat/rocket.chat:3.5.4@sha256:f5978d325f9b63abe42adebecb9a3b891fa5ffaf9840ea252c134ed9ac6c09b8 networks: - appnet - externalnet environment: - MONGO_OPLOG_URL=mongodb://chat-mongo:27017/local - - ROOT_URL=https://${GIT_DOMAIN}/chat + - ROOT_URL=https://${DOMAIN}/chat - PORT=3000 - MONGO_URL=mongodb://chat-mongo:27017/rocketchat - ADMIN_USERNAME=${CHAT_ADMIN_NAME} @@ -28,7 +28,8 @@ services: replicas: 1 restart_policy: condition: any - image: mongo:4.4 + hostname: chat-mongo + image: mongo:4.4.0@sha256:ebd31eaac273a9544a33387aa859b0a8676565340a40fc824fa7bda686f462f1 networks: - appnet environment: @@ -36,7 +37,7 @@ services: - MONGO_LOG_DIR=/dev/null volumes: - mongo-chat:/data/db - command: mongod --smallfiles --replSet rs0 --oplogSize 128 + command: mongod --replSet rs0 --oplogSize 128 volumes: mongo-chat: chat-uploads: @@ -44,7 +45,6 @@ volumes: networks: appnet: driver: overlay - #external: true externalnet: driver: overlay external: true