diff --git a/.drone-do.star b/.drone-do.star deleted file mode 100644 index 34feb18..0000000 --- a/.drone-do.star +++ /dev/null @@ -1,14 +0,0 @@ - -load("@this//commento:drone.star", "drone") -load("@this//commento:stack-name.star", "stackName") -load("@this//commento:stack-root.star", "stackRoot") - -def main(ctx): - return drone( - ctx, - "do", - stackRoot, - stackName, - [] - ) - \ No newline at end of file diff --git a/.drone-home.star b/.drone-home.star deleted file mode 100644 index dbe593a..0000000 --- a/.drone-home.star +++ /dev/null @@ -1,14 +0,0 @@ - -load("@this//commento:drone.star", "drone") -load("@this//commento:stack-name.star", "stackName") -load("@this//commento:stack-root.star", "stackRoot") - -def main(ctx): - return drone( - ctx, - "home-deploy", - stackRoot, - stackName, - [] - ) - \ No newline at end of file diff --git a/.drone/drone-home.jsonnet b/.drone/drone-home.jsonnet index 8d98a55..a2df069 100644 --- a/.drone/drone-home.jsonnet +++ b/.drone/drone-home.jsonnet @@ -4,19 +4,41 @@ local publicSecrets = import 'lib/public-secrets.libsonnet'; local deploy = import 'node_modules/@sigyl/jsonnet-drone/deploy.libsonnet'; local register = import 'node_modules/@sigyl/jsonnet-drone/register.libsonnet'; +local registry = import 'node_modules/@sigyl/jsonnet-drone/registry.libsonnet'; + +local config = { + registry: '', +}; + [ register, - deploy( + registry( + config { + script: 'sh .drone/scripts/initialise-images.sh', + secrets: [], + }, + ) { + trigger +: { + event +: [ + 'promote', + ], + target +: [ + 'registry', + ], + }, + }, + deploy(config)( 'commento', '/stack/', [], publicSecrets, secretSecrets, [ + 'DOMAIN', 'REGISTRY_DOMAIN', 'REGISTRY_PORT', 'REGISTRY_PASSWORD', - ] + ], ) { trigger +: { event +: [ @@ -26,5 +48,8 @@ local register = import 'node_modules/@sigyl/jsonnet-drone/register.libsonnet'; 'production', ], }, + image_pull_secrets: [ + 'dockerconfigjson', + ], }, ] diff --git a/.drone/drone-home.yml b/.drone/drone-home.yml index fc6b105..63dd670 100644 --- a/.drone/drone-home.yml +++ b/.drone/drone-home.yml @@ -15,6 +15,52 @@ trigger: exclude: - promote +--- +kind: pipeline +type: docker +name: registry + +platform: + os: linux + arch: amd64 + +steps: +- name: "dockerpull and save docker images:" + image: docker:19.03.12-dind@sha256:8dded163e463f4a59bf305b3dca98e312b2cfb89a43da3872e48f95a7554c48f + commands: + - set -e + - export REGISTRY=$${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/ + - sh .drone/scripts/initialise-images.sh $${REGISTRY} "$${REGISTRY_PASSWORD}" + volumes: + - name: dockersock + path: /var/run + +services: +- name: docker + image: docker:19.03.12-dind@sha256:8dded163e463f4a59bf305b3dca98e312b2cfb89a43da3872e48f95a7554c48f + privileged: true + volumes: + - name: dockersock + path: /var/run + - name: ca + path: /etc/docker/certs.d + +volumes: +- name: dockersock + temp: {} +- name: ca + host: + path: /etc/docker/certs.d + +image_pull_secrets: +- dockerconfigjson + +trigger: + event: + - promote + target: + - registry + --- kind: pipeline type: docker @@ -47,10 +93,6 @@ steps: - askimet_key - postgres_password - github_secret - host: ${SSH_HOST} - key: ${SSH_KEY} - passphrase: ${SSH_PASSPHRASE} - port: ${SSH_PORT} script: - rm -f env-commento - "echo \"export ORIGIN='$${ORIGIN}'\" >> env-commento # \"origin\"" @@ -66,7 +108,6 @@ steps: - "echo \"export ASKIMET_KEY='$${ASKIMET_KEY}'\" >> env-commento # \"askimet-key\"" - "echo \"export POSTGRES_PASSWORD='$${POSTGRES_PASSWORD}'\" >> env-commento # \"postgres-password\"" - "echo \"export GITHUB_SECRET='$${GITHUB_SECRET}'\" >> env-commento # \"github-secret\"" - username: ${SSH_USER} environment: ASKIMET_KEY: from_secret: askimet-key @@ -99,14 +140,9 @@ steps: image: appleboy/drone-scp:1.6.2@sha256:bd37a55f4b97e7742b0de7333669b96220b3cc422d366e1fa8c34059b736ab47 settings: command_timeout: 2m - host: ${SSH_HOST} - key: ${SSH_KEY} - passphrase: ${SSH_PASSPHRASE} - port: ${SSH_PORT} source: - . target: /stack/commento - username: ${SSH_USER} - name: wait image: alpine:3.12.0@sha256:90baa0922fe90624b05cb5766fa5da4e337921656c2f8e2b13bd3c052a0baac1 @@ -134,6 +170,7 @@ steps: - drone_build_number - drone_repo_name - drone_repo_namespace + - domain - registry_domain - registry_port - registry_password @@ -150,10 +187,6 @@ steps: - askimet_key - postgres_password - github_secret - host: ${SSH_HOST} - key: ${SSH_KEY} - passphrase: ${SSH_PASSPHRASE} - port: ${SSH_PORT} script: - export SMTP_PASSWORD=$${SMTP_PASSWORD} - export ASKIMET_KEY=$${ASKIMET_KEY} @@ -168,6 +201,7 @@ steps: - export POSTGRES_DB=$${POSTGRES_DB} - export POSTGRES_USER=$${POSTGRES_USER} - export GITHUB_KEY=$${GITHUB_KEY} + - export DOMAIN=$${DOMAIN} - export REGISTRY_DOMAIN=$${REGISTRY_DOMAIN} - export REGISTRY_PORT=$${REGISTRY_PORT} - export REGISTRY_PASSWORD=$${REGISTRY_PASSWORD} @@ -176,7 +210,6 @@ steps: - sh .drone/login.sh - sh .drone/pull.sh - sh .drone/deploy.sh - username: ${SSH_USER} environment: ASKIMET_KEY: from_secret: askimet-key @@ -222,6 +255,9 @@ volumes: host: path: /etc/docker/certs.d +image_pull_secrets: +- dockerconfigjson + trigger: event: - promote diff --git a/.drone/package.json b/.drone/package.json index 22cfdd2..ff93383 100644 --- a/.drone/package.json +++ b/.drone/package.json @@ -4,6 +4,6 @@ "build": "drone jsonnet --source drone-home.jsonnet --target drone-home.yml --stream" }, "dependencies": { - "@sigyl/jsonnet-drone": "^0.1.0" + "@sigyl/jsonnet-drone": "^0.4.0" } } diff --git a/.drone/scripts/initialise-image.sh b/.drone/scripts/initialise-image.sh new file mode 100644 index 0000000..5692e04 --- /dev/null +++ b/.drone/scripts/initialise-image.sh @@ -0,0 +1,15 @@ +n=0 +while : +do + docker pull $2 \ + && docker tag $2 $1$2 \ + && docker push $1$2 && break # substitute your command here + n=$((n+1)) + if [ $n -ge 10 ]; then + echo "initialise failed" + exit 1 + fi + echo "retrying..$n" + sleep 5 +done + diff --git a/.drone/scripts/initialise-images.sh b/.drone/scripts/initialise-images.sh new file mode 100644 index 0000000..bab09ef --- /dev/null +++ b/.drone/scripts/initialise-images.sh @@ -0,0 +1 @@ +sh $(dirname $0)/login.sh $1 "$2" \ No newline at end of file diff --git a/.drone/scripts/login.sh b/.drone/scripts/login.sh new file mode 100644 index 0000000..cc1af90 --- /dev/null +++ b/.drone/scripts/login.sh @@ -0,0 +1,13 @@ +n=0 +while : +do + docker login $1 --username client --password "$2" \ + && break # substitute your command here + n=$((n+1)) + if [ $n -ge 10 ]; then + echo "login failed" + exit 1 + fi + echo "retrying login..$n" + sleep 5 +done diff --git a/.drone/yarn.lock b/.drone/yarn.lock index 44ab354..903f335 100644 --- a/.drone/yarn.lock +++ b/.drone/yarn.lock @@ -12,10 +12,10 @@ resolved "https://registry.yarnpkg.com/@sigyl/jsonnet-drone-environment/-/jsonnet-drone-environment-0.0.5.tgz#9ea85e08904777bd21a3e4b30b0b91461d0285ff" integrity sha512-xVGmdMO1pOyozAWUbJm6mzKBgsLPJ+1hWnGCK3AxPkr7kkDh18hu30+TLzlcQtqq76s5jUfvJUztezsGj/mIcw== -"@sigyl/jsonnet-drone@^0.1.0": - version "0.1.0" - resolved "https://registry.yarnpkg.com/@sigyl/jsonnet-drone/-/jsonnet-drone-0.1.0.tgz#feda1797e8e9ef799cad72e65f7163ca26a9e3a5" - integrity sha512-QY/ngucxFOtLfL8Mt0f2bxN4fQDUOGOFtaRpSH2cNyg84xADkzehT0ORZtbLitr+AwhyF5KN/zAGvzkyNAoqPw== +"@sigyl/jsonnet-drone@^0.4.0": + version "0.4.0" + resolved "https://registry.yarnpkg.com/@sigyl/jsonnet-drone/-/jsonnet-drone-0.4.0.tgz#ebf7bc5e076d7252195fee7be2d1eafd24ee0435" + integrity sha512-96Adxqgo4SIU7skhiD0oPRproK4hy+Gvulym0p0bcSod5bv6b94BcYSfMyJye+sy6oRD0gosJY2uet1rgoB8UA== dependencies: "@sigyl/jsonnet-compose" "^0.0.2" "@sigyl/jsonnet-drone-environment" "0.0.5"