diff --git a/.drone/drone.jsonnet b/.drone/drone.jsonnet new file mode 100644 index 0000000..f5fe82e --- /dev/null +++ b/.drone/drone.jsonnet @@ -0,0 +1,21 @@ + +local secretSecrets = import 'lib/secret-secrets.libsonnet'; +local publicSecrets = import 'lib/public-secrets.libsonnet'; + +local deploy = import 'node_modules/@sigyl/jsonnet-drone/deploy.libsonnet'; +local register = import 'node_modules/@sigyl/jsonnet-drone/register.libsonnet'; +[ + register, + deploy( + 'drone', + '/stack/', + [ + 'REGISTRY_DOMAIN', + 'REGISTRY_PORT', + 'REGISTRY_PASSWORD', + ], + publicSecrets, + secretSecrets, + [], + ), +] diff --git a/.drone/drone.yml b/.drone/drone.yml new file mode 100644 index 0000000..c5c8ab4 --- /dev/null +++ b/.drone/drone.yml @@ -0,0 +1,226 @@ +--- +kind: pipeline +type: docker +name: register + +platform: + os: linux + arch: amd64 + +clone: + disable: true + +trigger: + event: + exclude: + - promote + +--- +kind: pipeline +type: docker +name: deploy + +platform: + os: linux + arch: amd64 + +steps: +- name: print env + image: appleboy/drone-ssh:1.6.2@sha256:b801dc2cd238c192b6e99acfa7bc3f5b9a03f312bd2feb1e10b3a7a28a1b80ea + settings: + envs: + - drone_tag + - drone_commit + - drone_build_number + - drone_repo_name + - drone_repo_namespace + - registry_domain + - registry_port + - registry_password + - domain + - drone_gitea_client_id + - drone_gitea_server + - drone_server_host + - ssh_host + - ssh_user + - ssh_port + - drone_gitea_client_secret + - drone_rpc_secret + - ssh_key + host: ${SSH_HOST} + key: ${SSH_KEY} + passphrase: ${SSH_PASSPHRASE} + port: ${SSH_PORT} + script: + - rm -f env-drone + - "echo \"export REGISTRY_DOMAIN='$${REGISTRY_DOMAIN}'\" >> env-drone # \"registry-domain\"" + - "echo \"export REGISTRY_PORT='$${REGISTRY_PORT}'\" >> env-drone # \"registry-port\"" + - "echo \"export REGISTRY_PASSWORD='$${REGISTRY_PASSWORD}'\" >> env-drone # \"registry-password\"" + - "echo \"export DOMAIN='$${DOMAIN}'\" >> env-drone # \"domain\"" + - "echo \"export DRONE_GITEA_CLIENT_ID='$${DRONE_GITEA_CLIENT_ID}'\" >> env-drone # \"drone-gitea-client-id\"" + - "echo \"export DRONE_GITEA_SERVER='$${DRONE_GITEA_SERVER}'\" >> env-drone # \"drone-gitea-server\"" + - "echo \"export DRONE_SERVER_HOST='$${DRONE_SERVER_HOST}'\" >> env-drone # \"drone-server-host\"" + - "echo \"export SSH_HOST='$${SSH_HOST}'\" >> env-drone # \"ssh-host\"" + - "echo \"export SSH_USER='$${SSH_USER}'\" >> env-drone # \"ssh-user\"" + - "echo \"export SSH_PORT='$${SSH_PORT}'\" >> env-drone # \"ssh-port\"" + - "echo \"export DRONE_GITEA_CLIENT_SECRET='$${DRONE_GITEA_CLIENT_SECRET}'\" >> env-drone # \"drone-gitea-client-secret\"" + - "echo \"export DRONE_RPC_SECRET='$${DRONE_RPC_SECRET}'\" >> env-drone # \"drone-rpc-secret\"" + - "echo \"export SSH_KEY='$${SSH_KEY}'\" >> env-drone # \"ssh-key\"" + username: ${SSH_USER} + environment: + DOMAIN: + from_secret: domain + DRONE_GITEA_CLIENT_ID: + from_secret: drone-gitea-client-id + DRONE_GITEA_CLIENT_SECRET: + from_secret: drone-gitea-client-secret + DRONE_GITEA_SERVER: + from_secret: drone-gitea-server + DRONE_RPC_SECRET: + from_secret: drone-rpc-secret + DRONE_SERVER_HOST: + from_secret: drone-server-host + REGISTRY_DOMAIN: + from_secret: registry-domain + REGISTRY_PASSWORD: + from_secret: registry-password + REGISTRY_PORT: + from_secret: registry-port + SSH_HOST: + from_secret: ssh-host + SSH_KEY: + from_secret: ssh-key + SSH_PORT: + from_secret: ssh-port + SSH_USER: + from_secret: ssh-user + +- name: scp + image: appleboy/drone-scp:1.6.2@sha256:bd37a55f4b97e7742b0de7333669b96220b3cc422d366e1fa8c34059b736ab47 + settings: + command_timeout: 2m + host: ${SSH_HOST} + key: ${SSH_KEY} + passphrase: ${SSH_PASSPHRASE} + port: ${SSH_PORT} + source: + - . + target: /stack/drone + username: ${SSH_USER} + +- name: wait + image: alpine:3.12.0@sha256:90baa0922fe90624b05cb5766fa5da4e337921656c2f8e2b13bd3c052a0baac1 + commands: + - sleep 15 + +- name: "dockerbuild:" + image: docker:19.03.12-dind@sha256:8dded163e463f4a59bf305b3dca98e312b2cfb89a43da3872e48f95a7554c48f + commands: + - set -e + - sh .drone/login.sh + - sh .drone/build.sh + - sh .drone/push.sh + - sh .drone/logout.sh + environment: + REGISTRY_DOMAIN: + from_secret: registry-domain + REGISTRY_PASSWORD: + from_secret: registry-password + REGISTRY_PORT: + from_secret: registry-port + volumes: + - name: dockersock + path: /var/run + +- name: deploy + image: appleboy/drone-ssh:1.6.2@sha256:b801dc2cd238c192b6e99acfa7bc3f5b9a03f312bd2feb1e10b3a7a28a1b80ea + settings: + envs: + - drone_tag + - drone_commit + - drone_build_number + - drone_repo_name + - drone_repo_namespace + - domain + - drone_gitea_client_id + - drone_gitea_server + - drone_server_host + - ssh_host + - ssh_user + - ssh_port + - drone_gitea_client_secret + - drone_rpc_secret + - ssh_key + - registry_domain + - registry_port + - registry_password + host: ${SSH_HOST} + key: ${SSH_KEY} + passphrase: ${SSH_PASSPHRASE} + port: ${SSH_PORT} + script: + - export DRONE_GITEA_CLIENT_SECRET=$${DRONE_GITEA_CLIENT_SECRET} + - export DRONE_RPC_SECRET=$${DRONE_RPC_SECRET} + - export SSH_KEY=$${SSH_KEY} + - export DOMAIN=$${DOMAIN} + - export DRONE_GITEA_CLIENT_ID=$${DRONE_GITEA_CLIENT_ID} + - export DRONE_GITEA_SERVER=$${DRONE_GITEA_SERVER} + - export DRONE_SERVER_HOST=$${DRONE_SERVER_HOST} + - export SSH_HOST=$${SSH_HOST} + - export SSH_USER=$${SSH_USER} + - export SSH_PORT=$${SSH_PORT} + - export REGISTRY_DOMAIN=$${REGISTRY_DOMAIN} + - export REGISTRY_PORT=$${REGISTRY_PORT} + - export REGISTRY_PASSWORD=$${REGISTRY_PASSWORD} + - set -e + - cd /stack/drone + - sh .drone/login.sh + - sh .drone/pull.sh + - sh .drone/deploy.sh + username: ${SSH_USER} + environment: + DOMAIN: + from_secret: domain + DRONE_GITEA_CLIENT_ID: + from_secret: drone-gitea-client-id + DRONE_GITEA_CLIENT_SECRET: + from_secret: drone-gitea-client-secret + DRONE_GITEA_SERVER: + from_secret: drone-gitea-server + DRONE_RPC_SECRET: + from_secret: drone-rpc-secret + DRONE_SERVER_HOST: + from_secret: drone-server-host + REGISTRY_DOMAIN: + from_secret: registry-domain + REGISTRY_PASSWORD: + from_secret: registry-password + REGISTRY_PORT: + from_secret: registry-port + SSH_HOST: + from_secret: ssh-host + SSH_KEY: + from_secret: ssh-key + SSH_PORT: + from_secret: ssh-port + SSH_USER: + from_secret: ssh-user + +services: +- name: docker + image: docker:19.03.12-dind@sha256:8dded163e463f4a59bf305b3dca98e312b2cfb89a43da3872e48f95a7554c48f + privileged: true + volumes: + - name: dockersock + path: /var/run + - name: ca + path: /etc/docker/certs.d + +volumes: +- name: dockersock + temp: {} +- name: ca + host: + path: /etc/docker/certs.d + +... diff --git a/git-hooks/build.sh b/git-hooks/build.sh new file mode 100644 index 0000000..02a4c0b --- /dev/null +++ b/git-hooks/build.sh @@ -0,0 +1,3 @@ +drone jsonnet --source .drone/$1.jsonnet --target .drone/$1.yml --stream \ +&& git add .drone/$1.yml \ +&& echo .drone/$1.yml \ diff --git a/git-hooks/pre-commit b/git-hooks/pre-commit index 7161ae2..687a4dc 100755 --- a/git-hooks/pre-commit +++ b/git-hooks/pre-commit @@ -1,3 +1,3 @@ -drone jsonnet --source .drone/drone-home.jsonnet --target .drone/drone-home.yml --stream \ -&& git add .drone/drone-home.yml \ +sh git-hooks/build.sh drone \ +&& sh git-hooks/build.sh drone-home \ && echo "jsonnet built" \ No newline at end of file