From 299d4da0f5e91eab79ab637e4b5c6f13df612a29 Mon Sep 17 00:00:00 2001 From: Giles Bradshaw Date: Fri, 25 Sep 2020 09:11:19 +0100 Subject: [PATCH] feat: registry promotion --- .drone-do.star | 14 ------- .drone-home.star | 14 ------- .drone/deploy.sh | 9 +++-- .drone/drone-home.jsonnet | 23 ++++++++++- .drone/drone-home.yml | 61 ++++++++++++++++++++++------- .drone/package.json | 2 +- .drone/scripts/initialise-image.sh | 15 +++++++ .drone/scripts/initialise-images.sh | 3 ++ .drone/scripts/login.sh | 13 ++++++ .drone/yarn.lock | 8 ++-- ghost/Dockerfile | 5 ++- 11 files changed, 112 insertions(+), 55 deletions(-) delete mode 100644 .drone-do.star delete mode 100644 .drone-home.star create mode 100644 .drone/scripts/initialise-image.sh create mode 100644 .drone/scripts/initialise-images.sh create mode 100644 .drone/scripts/login.sh diff --git a/.drone-do.star b/.drone-do.star deleted file mode 100644 index d9b56fd..0000000 --- a/.drone-do.star +++ /dev/null @@ -1,14 +0,0 @@ - -load("@this//ghost:drone.star", "drone") -load("@this//ghost:stack-name.star", "stackName") -load("@this//ghost:stack-root.star", "stackRoot") - -def main(ctx): - return drone( - ctx, - "do", - stackRoot, - stackName, - [] - ) - \ No newline at end of file diff --git a/.drone-home.star b/.drone-home.star deleted file mode 100644 index c70afdf..0000000 --- a/.drone-home.star +++ /dev/null @@ -1,14 +0,0 @@ - -load("@this//ghost:drone.star", "drone") -load("@this//ghost:stack-name.star", "stackName") -load("@this//ghost:stack-root.star", "stackRoot") - -def main(ctx): - return drone( - ctx, - "home-deploy", - stackRoot, - stackName, - [] - ) - \ No newline at end of file diff --git a/.drone/deploy.sh b/.drone/deploy.sh index e3e22ed..08ad99d 100644 --- a/.drone/deploy.sh +++ b/.drone/deploy.sh @@ -1,4 +1,5 @@ -docker stack rm ghost -echo 'sleeping...zzz' -sleep 60 -docker stack deploy -c docker-compose.yml ghost +export LOCAL_DOCKER_REGISTRY=${REGISTRY_DOMAIN}:${REGISTRY_PORT}/ \ +&& docker stack rm ghost \ +&& echo 'sleeping...zzz' \ +&& sleep 60 \ +&& docker stack deploy -c docker-compose.yml ghost diff --git a/.drone/drone-home.jsonnet b/.drone/drone-home.jsonnet index 1756f05..e290111 100644 --- a/.drone/drone-home.jsonnet +++ b/.drone/drone-home.jsonnet @@ -4,9 +4,30 @@ local publicSecrets = import 'lib/public-secrets.libsonnet'; local deploy = import 'node_modules/@sigyl/jsonnet-drone/deploy.libsonnet'; local register = import 'node_modules/@sigyl/jsonnet-drone/register.libsonnet'; +local registry = import 'node_modules/@sigyl/jsonnet-drone/registry.libsonnet'; + +local config = { + registry: '', +}; + [ register, - deploy( + registry( + config { + script: 'sh .drone/scripts/initialise-images.sh', + secrets: [], + }, + ) { + trigger +: { + event +: [ + 'promote', + ], + target +: [ + 'registry', + ], + }, + }, + deploy(config)( 'ghost', '/stack/', [], diff --git a/.drone/drone-home.yml b/.drone/drone-home.yml index 72c0e81..1223f13 100644 --- a/.drone/drone-home.yml +++ b/.drone/drone-home.yml @@ -15,6 +15,52 @@ trigger: exclude: - promote +--- +kind: pipeline +type: docker +name: registry + +platform: + os: linux + arch: amd64 + +steps: +- name: "dockerpull and save docker images:" + image: docker:19.03.12-dind@sha256:8dded163e463f4a59bf305b3dca98e312b2cfb89a43da3872e48f95a7554c48f + commands: + - set -e + - export REGISTRY=$${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/ + - sh .drone/scripts/initialise-images.sh $${REGISTRY} $${REGISTRY_PASSWORD} + volumes: + - name: dockersock + path: /var/run + +services: +- name: docker + image: docker:19.03.12-dind@sha256:8dded163e463f4a59bf305b3dca98e312b2cfb89a43da3872e48f95a7554c48f + privileged: true + volumes: + - name: dockersock + path: /var/run + - name: ca + path: /etc/docker/certs.d + +volumes: +- name: dockersock + temp: {} +- name: ca + host: + path: /etc/docker/certs.d + +image_pull_secrets: +- dockerconfigjson + +trigger: + event: + - promote + target: + - registry + --- kind: pipeline type: docker @@ -38,17 +84,12 @@ steps: - mail_user - commento_origin - mysql_root_password - host: ${SSH_HOST} - key: ${SSH_KEY} - passphrase: ${SSH_PASSPHRASE} - port: ${SSH_PORT} script: - rm -f env-ghost - "echo \"export MAIL_SERVICE='$${MAIL_SERVICE}'\" >> env-ghost # \"mail-service\"" - "echo \"export MAIL_USER='$${MAIL_USER}'\" >> env-ghost # \"mail-user\"" - "echo \"export COMMENTO_ORIGIN='$${COMMENTO_ORIGIN}'\" >> env-ghost # \"commento-origin\"" - "echo \"export MYSQL_ROOT_PASSWORD='$${MYSQL_ROOT_PASSWORD}'\" >> env-ghost # \"mysql-root-password\"" - username: ${SSH_USER} environment: COMMENTO_ORIGIN: from_secret: commento-origin @@ -63,14 +104,9 @@ steps: image: appleboy/drone-scp:1.6.2@sha256:bd37a55f4b97e7742b0de7333669b96220b3cc422d366e1fa8c34059b736ab47 settings: command_timeout: 2m - host: ${SSH_HOST} - key: ${SSH_KEY} - passphrase: ${SSH_PASSPHRASE} - port: ${SSH_PORT} source: - . target: /stack/ghost - username: ${SSH_USER} - name: wait image: alpine:3.12.0@sha256:90baa0922fe90624b05cb5766fa5da4e337921656c2f8e2b13bd3c052a0baac1 @@ -106,10 +142,6 @@ steps: - mail_user - commento_origin - mysql_root_password - host: ${SSH_HOST} - key: ${SSH_KEY} - passphrase: ${SSH_PASSPHRASE} - port: ${SSH_PORT} script: - export MYSQL_ROOT_PASSWORD=$${MYSQL_ROOT_PASSWORD} - export MAIL_SERVICE=$${MAIL_SERVICE} @@ -124,7 +156,6 @@ steps: - sh .drone/login.sh - sh .drone/pull.sh - sh .drone/deploy.sh - username: ${SSH_USER} environment: COMMENTO_ORIGIN: from_secret: commento-origin diff --git a/.drone/package.json b/.drone/package.json index a484d06..1cdf966 100644 --- a/.drone/package.json +++ b/.drone/package.json @@ -1,6 +1,6 @@ { "private": true, "dependencies": { - "@sigyl/jsonnet-drone": "^0.1.0" + "@sigyl/jsonnet-drone": "^0.3.1" } } diff --git a/.drone/scripts/initialise-image.sh b/.drone/scripts/initialise-image.sh new file mode 100644 index 0000000..5692e04 --- /dev/null +++ b/.drone/scripts/initialise-image.sh @@ -0,0 +1,15 @@ +n=0 +while : +do + docker pull $2 \ + && docker tag $2 $1$2 \ + && docker push $1$2 && break # substitute your command here + n=$((n+1)) + if [ $n -ge 10 ]; then + echo "initialise failed" + exit 1 + fi + echo "retrying..$n" + sleep 5 +done + diff --git a/.drone/scripts/initialise-images.sh b/.drone/scripts/initialise-images.sh new file mode 100644 index 0000000..36f5ab6 --- /dev/null +++ b/.drone/scripts/initialise-images.sh @@ -0,0 +1,3 @@ +sh $(dirname $0)/login.sh $1 "$2" \ +&& sh $(dirname $0)/initialise-image.sh $1 alpine/git:v2.26.2 \ +&& sh $(dirname $0)/initialise-image.sh $1 ghost:3.14.0 \ No newline at end of file diff --git a/.drone/scripts/login.sh b/.drone/scripts/login.sh new file mode 100644 index 0000000..730a4c8 --- /dev/null +++ b/.drone/scripts/login.sh @@ -0,0 +1,13 @@ +n=0 +while : +do + docker login $1 --username client --password $2 \ + && break # substitute your command here + n=$((n+1)) + if [ $n -ge 10 ]; then + echo "login failed" + exit 1 + fi + echo "retrying login..$n" + sleep 5 +done diff --git a/.drone/yarn.lock b/.drone/yarn.lock index 44ab354..f9b7ae3 100644 --- a/.drone/yarn.lock +++ b/.drone/yarn.lock @@ -12,10 +12,10 @@ resolved "https://registry.yarnpkg.com/@sigyl/jsonnet-drone-environment/-/jsonnet-drone-environment-0.0.5.tgz#9ea85e08904777bd21a3e4b30b0b91461d0285ff" integrity sha512-xVGmdMO1pOyozAWUbJm6mzKBgsLPJ+1hWnGCK3AxPkr7kkDh18hu30+TLzlcQtqq76s5jUfvJUztezsGj/mIcw== -"@sigyl/jsonnet-drone@^0.1.0": - version "0.1.0" - resolved "https://registry.yarnpkg.com/@sigyl/jsonnet-drone/-/jsonnet-drone-0.1.0.tgz#feda1797e8e9ef799cad72e65f7163ca26a9e3a5" - integrity sha512-QY/ngucxFOtLfL8Mt0f2bxN4fQDUOGOFtaRpSH2cNyg84xADkzehT0ORZtbLitr+AwhyF5KN/zAGvzkyNAoqPw== +"@sigyl/jsonnet-drone@^0.3.1": + version "0.3.1" + resolved "https://registry.yarnpkg.com/@sigyl/jsonnet-drone/-/jsonnet-drone-0.3.1.tgz#790a83f45556cc613f07fbc98ca760027fa936e7" + integrity sha512-FiSyunjR0Udc20I2gA6gkzX3sCB2dPq/ZODrXcm7ROQFKF2Wr4b+xhpovjEdnjKGy8G4d+rRcdN+Jyhp7WQLEg== dependencies: "@sigyl/jsonnet-compose" "^0.0.2" "@sigyl/jsonnet-drone-environment" "0.0.5" diff --git a/ghost/Dockerfile b/ghost/Dockerfile index 0900d9e..310ed9e 100644 --- a/ghost/Dockerfile +++ b/ghost/Dockerfile @@ -1,9 +1,10 @@ -FROM alpine/git as git +ARG REGISTRY +FROM ${REGISTRY}alpine/git:v2.26.2 as git WORKDIR /themes RUN git clone https://sigyl.com/git/themes/casper.git -FROM ghost:3.14.0 +FROM ${REGISTRY}ghost:3.14.0 # USER root RUN apt-get update RUN apt-get install -y gettext