From 5f7a8880dea083c1746cc2b0bbf0cbf899e5cb4f Mon Sep 17 00:00:00 2001 From: Giles Bradshaw Date: Fri, 28 Aug 2020 22:11:43 +0100 Subject: [PATCH] ci: jsonnet-drone@0.1.0 --- .drone/build.sh | 1 + deploy.sh => .drone/deploy.sh | 0 .drone/drone-home.jsonnet | 31 +++++ .drone/drone-home.yml | 201 ++++++++++++++++++++++++++++ .drone/lib/public-secrets.libsonnet | 6 + .drone/lib/secret-secrets.libsonnet | 7 + .drone/login.sh | 1 + .drone/logout.sh | 1 + .drone/package.json | 9 ++ .drone/pull.sh | 1 + .drone/push.sh | 1 + .drone/yarn-error.log | 51 +++++++ .drone/yarn.lock | 21 +++ .gitignore | 2 +- CHANGELOG.md | 2 + build.sh | 1 - docker-compose.yml | 8 +- git-hooks/pre-commit | 3 + gitea/app.ini | 8 +- node_modules/.yarn-integrity | 2 +- package.json | 2 +- 21 files changed, 347 insertions(+), 12 deletions(-) create mode 100644 .drone/build.sh rename deploy.sh => .drone/deploy.sh (100%) create mode 100644 .drone/drone-home.jsonnet create mode 100644 .drone/drone-home.yml create mode 100644 .drone/lib/public-secrets.libsonnet create mode 100644 .drone/lib/secret-secrets.libsonnet create mode 100644 .drone/login.sh create mode 100644 .drone/logout.sh create mode 100644 .drone/package.json create mode 100644 .drone/pull.sh create mode 100644 .drone/push.sh create mode 100644 .drone/yarn-error.log create mode 100644 .drone/yarn.lock delete mode 100644 build.sh create mode 100755 git-hooks/pre-commit diff --git a/.drone/build.sh b/.drone/build.sh new file mode 100644 index 0000000..902ff99 --- /dev/null +++ b/.drone/build.sh @@ -0,0 +1 @@ +docker build gitea -t ${REGISTRY_DOMAIN}:${REGISTRY_PORT}/gitea diff --git a/deploy.sh b/.drone/deploy.sh similarity index 100% rename from deploy.sh rename to .drone/deploy.sh diff --git a/.drone/drone-home.jsonnet b/.drone/drone-home.jsonnet new file mode 100644 index 0000000..98bb080 --- /dev/null +++ b/.drone/drone-home.jsonnet @@ -0,0 +1,31 @@ + +local secretSecrets = import 'lib/secret-secrets.libsonnet'; +local publicSecrets = import 'lib/public-secrets.libsonnet'; + +local deploy = import 'node_modules/@sigyl/jsonnet-drone/deploy.libsonnet'; +local register = import 'node_modules/@sigyl/jsonnet-drone/register.libsonnet'; +[ + register, + deploy( + 'gitea', + '/stack/', + [], + publicSecrets, + secretSecrets, + [ + 'DOMAIN', + 'REGISTRY_DOMAIN', + 'REGISTRY_PORT', + 'REGISTRY_PASSWORD', + ], + ) { + trigger +: { + event +: [ + 'promote', + ], + target +: [ + 'production', + ], + }, + }, +] diff --git a/.drone/drone-home.yml b/.drone/drone-home.yml new file mode 100644 index 0000000..1884f09 --- /dev/null +++ b/.drone/drone-home.yml @@ -0,0 +1,201 @@ +--- +kind: pipeline +type: docker +name: register + +platform: + os: linux + arch: amd64 + +clone: + disable: true + +trigger: + event: + exclude: + - promote + +--- +kind: pipeline +type: docker +name: deploy + +platform: + os: linux + arch: amd64 + +steps: +- name: print env + image: appleboy/drone-ssh:1.6.2@sha256:b801dc2cd238c192b6e99acfa7bc3f5b9a03f312bd2feb1e10b3a7a28a1b80ea + settings: + envs: + - drone_tag + - drone_commit + - drone_build_number + - drone_repo_name + - drone_repo_namespace + - gitea_mailer_host + - gitea_mailer_from + - gitea_mailer_user + - gitea_app_name + - gitea_server_lfs_jwt_secret + - gitea_security_secret_key + - gitea_security_internal_token + - gitea_oauth2_jwt_secret + - gitea_mailer_passwd + host: ${SSH_HOST} + key: ${SSH_KEY} + passphrase: ${SSH_PASSPHRASE} + port: ${SSH_PORT} + script: + - rm -f env-gitea + - "echo \"export GITEA_MAILER_HOST='$${GITEA_MAILER_HOST}'\" >> env-gitea # \"gitea-mailer-host\"" + - "echo \"export GITEA_MAILER_FROM='$${GITEA_MAILER_FROM}'\" >> env-gitea # \"gitea-mailer-from\"" + - "echo \"export GITEA_MAILER_USER='$${GITEA_MAILER_USER}'\" >> env-gitea # \"gitea-mailer-user\"" + - "echo \"export GITEA_APP_NAME='$${GITEA_APP_NAME}'\" >> env-gitea # \"gitea-app-name\"" + - "echo \"export GITEA_SERVER_LFS_JWT_SECRET='$${GITEA_SERVER_LFS_JWT_SECRET}'\" >> env-gitea # \"gitea-server-lfs-jwt-secret\"" + - "echo \"export GITEA_SECURITY_SECRET_KEY='$${GITEA_SECURITY_SECRET_KEY}'\" >> env-gitea # \"gitea-security-secret-key\"" + - "echo \"export GITEA_SECURITY_INTERNAL_TOKEN='$${GITEA_SECURITY_INTERNAL_TOKEN}'\" >> env-gitea # \"gitea-security-internal-token\"" + - "echo \"export GITEA_OAUTH2_JWT_SECRET='$${GITEA_OAUTH2_JWT_SECRET}'\" >> env-gitea # \"gitea-oauth2-jwt-secret\"" + - "echo \"export GITEA_MAILER_PASSWD='$${GITEA_MAILER_PASSWD}'\" >> env-gitea # \"gitea-mailer-passwd\"" + username: ${SSH_USER} + environment: + GITEA_APP_NAME: + from_secret: gitea-app-name + GITEA_MAILER_FROM: + from_secret: gitea-mailer-from + GITEA_MAILER_HOST: + from_secret: gitea-mailer-host + GITEA_MAILER_PASSWD: + from_secret: gitea-mailer-passwd + GITEA_MAILER_USER: + from_secret: gitea-mailer-user + GITEA_OAUTH2_JWT_SECRET: + from_secret: gitea-oauth2-jwt-secret + GITEA_SECURITY_INTERNAL_TOKEN: + from_secret: gitea-security-internal-token + GITEA_SECURITY_SECRET_KEY: + from_secret: gitea-security-secret-key + GITEA_SERVER_LFS_JWT_SECRET: + from_secret: gitea-server-lfs-jwt-secret + +- name: scp + image: appleboy/drone-scp:1.6.2@sha256:bd37a55f4b97e7742b0de7333669b96220b3cc422d366e1fa8c34059b736ab47 + settings: + command_timeout: 2m + host: ${SSH_HOST} + key: ${SSH_KEY} + passphrase: ${SSH_PASSPHRASE} + port: ${SSH_PORT} + source: + - . + target: /stack/gitea + username: ${SSH_USER} + +- name: wait + image: alpine:3.12.0@sha256:90baa0922fe90624b05cb5766fa5da4e337921656c2f8e2b13bd3c052a0baac1 + commands: + - sleep 15 + +- name: "dockerbuild:" + image: docker:19.03.12-dind@sha256:8dded163e463f4a59bf305b3dca98e312b2cfb89a43da3872e48f95a7554c48f + commands: + - set -e + - sh .drone/login.sh + - sh .drone/build.sh + - sh .drone/push.sh + - sh .drone/logout.sh + volumes: + - name: dockersock + path: /var/run + +- name: deploy + image: appleboy/drone-ssh:1.6.2@sha256:b801dc2cd238c192b6e99acfa7bc3f5b9a03f312bd2feb1e10b3a7a28a1b80ea + settings: + envs: + - drone_tag + - drone_commit + - drone_build_number + - drone_repo_name + - drone_repo_namespace + - domain + - registry_domain + - registry_port + - registry_password + - gitea_mailer_host + - gitea_mailer_from + - gitea_mailer_user + - gitea_app_name + - gitea_server_lfs_jwt_secret + - gitea_security_secret_key + - gitea_security_internal_token + - gitea_oauth2_jwt_secret + - gitea_mailer_passwd + host: ${SSH_HOST} + key: ${SSH_KEY} + passphrase: ${SSH_PASSPHRASE} + port: ${SSH_PORT} + script: + - export GITEA_SERVER_LFS_JWT_SECRET=$${GITEA_SERVER_LFS_JWT_SECRET} + - export GITEA_SECURITY_SECRET_KEY=$${GITEA_SECURITY_SECRET_KEY} + - export GITEA_SECURITY_INTERNAL_TOKEN=$${GITEA_SECURITY_INTERNAL_TOKEN} + - export GITEA_OAUTH2_JWT_SECRET=$${GITEA_OAUTH2_JWT_SECRET} + - export GITEA_MAILER_PASSWD=$${GITEA_MAILER_PASSWD} + - export GITEA_MAILER_HOST=$${GITEA_MAILER_HOST} + - export GITEA_MAILER_FROM=$${GITEA_MAILER_FROM} + - export GITEA_MAILER_USER=$${GITEA_MAILER_USER} + - export GITEA_APP_NAME=$${GITEA_APP_NAME} + - export DOMAIN=$${DOMAIN} + - export REGISTRY_DOMAIN=$${REGISTRY_DOMAIN} + - export REGISTRY_PORT=$${REGISTRY_PORT} + - export REGISTRY_PASSWORD=$${REGISTRY_PASSWORD} + - set -e + - cd /stack/gitea + - sh .drone/login.sh + - sh .drone/pull.sh + - sh .drone/deploy.sh + username: ${SSH_USER} + environment: + GITEA_APP_NAME: + from_secret: gitea-app-name + GITEA_MAILER_FROM: + from_secret: gitea-mailer-from + GITEA_MAILER_HOST: + from_secret: gitea-mailer-host + GITEA_MAILER_PASSWD: + from_secret: gitea-mailer-passwd + GITEA_MAILER_USER: + from_secret: gitea-mailer-user + GITEA_OAUTH2_JWT_SECRET: + from_secret: gitea-oauth2-jwt-secret + GITEA_SECURITY_INTERNAL_TOKEN: + from_secret: gitea-security-internal-token + GITEA_SECURITY_SECRET_KEY: + from_secret: gitea-security-secret-key + GITEA_SERVER_LFS_JWT_SECRET: + from_secret: gitea-server-lfs-jwt-secret + +services: +- name: docker + image: docker:19.03.12-dind@sha256:8dded163e463f4a59bf305b3dca98e312b2cfb89a43da3872e48f95a7554c48f + privileged: true + volumes: + - name: dockersock + path: /var/run + - name: ca + path: /etc/docker/certs.d + +volumes: +- name: dockersock + temp: {} +- name: ca + host: + path: /etc/docker/certs.d + +trigger: + event: + - promote + target: + - production + +... diff --git a/.drone/lib/public-secrets.libsonnet b/.drone/lib/public-secrets.libsonnet new file mode 100644 index 0000000..2f8298f --- /dev/null +++ b/.drone/lib/public-secrets.libsonnet @@ -0,0 +1,6 @@ +[ + 'gitea-mailer-host', + 'gitea-mailer-from', + 'gitea-mailer-user', + 'gitea-app-name', +] diff --git a/.drone/lib/secret-secrets.libsonnet b/.drone/lib/secret-secrets.libsonnet new file mode 100644 index 0000000..25bbbba --- /dev/null +++ b/.drone/lib/secret-secrets.libsonnet @@ -0,0 +1,7 @@ +[ + 'gitea-server-lfs-jwt-secret', + 'gitea-security-secret-key', + 'gitea-security-internal-token', + 'gitea-oauth2-jwt-secret', + 'gitea-mailer-passwd', +] diff --git a/.drone/login.sh b/.drone/login.sh new file mode 100644 index 0000000..982ed2d --- /dev/null +++ b/.drone/login.sh @@ -0,0 +1 @@ +docker login ${REGISTRY_DOMAIN}:${REGISTRY_PORT} --username client --password "${REGISTRY_PASSWORD}" \ No newline at end of file diff --git a/.drone/logout.sh b/.drone/logout.sh new file mode 100644 index 0000000..2337c7c --- /dev/null +++ b/.drone/logout.sh @@ -0,0 +1 @@ +docker logout ${REGISTRY_DOMAIN}:${REGISTRY_PORT} \ No newline at end of file diff --git a/.drone/package.json b/.drone/package.json new file mode 100644 index 0000000..22cfdd2 --- /dev/null +++ b/.drone/package.json @@ -0,0 +1,9 @@ +{ + "private": true, + "scripts": { + "build": "drone jsonnet --source drone-home.jsonnet --target drone-home.yml --stream" + }, + "dependencies": { + "@sigyl/jsonnet-drone": "^0.1.0" + } +} diff --git a/.drone/pull.sh b/.drone/pull.sh new file mode 100644 index 0000000..2ac969f --- /dev/null +++ b/.drone/pull.sh @@ -0,0 +1 @@ +docker pull ${REGISTRY_DOMAIN}:${REGISTRY_PORT}/gitea diff --git a/.drone/push.sh b/.drone/push.sh new file mode 100644 index 0000000..97cb137 --- /dev/null +++ b/.drone/push.sh @@ -0,0 +1 @@ +docker push ${REGISTRY_DOMAIN}:${REGISTRY_PORT}/gitea diff --git a/.drone/yarn-error.log b/.drone/yarn-error.log new file mode 100644 index 0000000..3a54e70 --- /dev/null +++ b/.drone/yarn-error.log @@ -0,0 +1,51 @@ +Arguments: + /usr/local/Cellar/node/11.9.0/bin/node /usr/local/Cellar/yarn/1.13.0/libexec/bin/yarn.js + +PATH: + /Users/giles/.cargo/bin:/Users/giles/.local/bin:/Users/giles/Library/Python/3.7/bin:/Library/Frameworks/Python.framework/Versions/3.7/bin:/opt/local/bin:/opt/local/sbin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/share/dotnet:/usr/local/share/dotnet/sdk:/usr/local/share/dotnet/sdk/2.2.101:/opt/X11/bin:~/.dotnet/tools:/usr/local/bin:/usr/local/Cellar/openssl/1.0.2j/bin/openssl + +Yarn version: + 1.13.0 + +Node version: + 12.13.1 + +Platform: + darwin x64 + +Trace: + SyntaxError: /Users/giles/stack/gitea/.drone/package.json: Unexpected token } in JSON at position 191 + at JSON.parse () + at /usr/local/Cellar/yarn/1.13.0/libexec/lib/cli.js:1625:59 + at Generator.next () + at step (/usr/local/Cellar/yarn/1.13.0/libexec/lib/cli.js:304:30) + at /usr/local/Cellar/yarn/1.13.0/libexec/lib/cli.js:315:13 + +npm manifest: + { + "private": true, + "scripts": { + "build": "drone jsonnet --source drone-home.jsonnet --target drone-home.yml --stream" + }, + "dependencies": { + "@sigyl/jsonnet-drone": "^0.0.5", + } + } + +yarn manifest: + No manifest + +Lockfile: + # THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY. + # yarn lockfile v1 + + + "@sigyl/jsonnet-compose@^0.0.2": + version "0.0.2" + resolved "https://registry.yarnpkg.com/@sigyl/jsonnet-compose/-/jsonnet-compose-0.0.2.tgz#8900a21e8cd8109929b6042703f8645aacb9bcda" + integrity sha512-wWS3CgPeNi/o1pcS6n/4pafxlMD0KC9/RKMZr/ySmzeGNRW++sPuKuxajYse2TNd47uNDdeUSnk4aEeEIKL0zA== + + "@sigyl/jsonnet-drone-environment@0.0.5": + version "0.0.5" + resolved "https://registry.yarnpkg.com/@sigyl/jsonnet-drone-environment/-/jsonnet-drone-environment-0.0.5.tgz#9ea85e08904777bd21a3e4b30b0b91461d0285ff" + integrity sha512-xVGmdMO1pOyozAWUbJm6mzKBgsLPJ+1hWnGCK3AxPkr7kkDh18hu30+TLzlcQtqq76s5jUfvJUztezsGj/mIcw== diff --git a/.drone/yarn.lock b/.drone/yarn.lock new file mode 100644 index 0000000..44ab354 --- /dev/null +++ b/.drone/yarn.lock @@ -0,0 +1,21 @@ +# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY. +# yarn lockfile v1 + + +"@sigyl/jsonnet-compose@^0.0.2": + version "0.0.2" + resolved "https://registry.yarnpkg.com/@sigyl/jsonnet-compose/-/jsonnet-compose-0.0.2.tgz#8900a21e8cd8109929b6042703f8645aacb9bcda" + integrity sha512-wWS3CgPeNi/o1pcS6n/4pafxlMD0KC9/RKMZr/ySmzeGNRW++sPuKuxajYse2TNd47uNDdeUSnk4aEeEIKL0zA== + +"@sigyl/jsonnet-drone-environment@0.0.5": + version "0.0.5" + resolved "https://registry.yarnpkg.com/@sigyl/jsonnet-drone-environment/-/jsonnet-drone-environment-0.0.5.tgz#9ea85e08904777bd21a3e4b30b0b91461d0285ff" + integrity sha512-xVGmdMO1pOyozAWUbJm6mzKBgsLPJ+1hWnGCK3AxPkr7kkDh18hu30+TLzlcQtqq76s5jUfvJUztezsGj/mIcw== + +"@sigyl/jsonnet-drone@^0.1.0": + version "0.1.0" + resolved "https://registry.yarnpkg.com/@sigyl/jsonnet-drone/-/jsonnet-drone-0.1.0.tgz#feda1797e8e9ef799cad72e65f7163ca26a9e3a5" + integrity sha512-QY/ngucxFOtLfL8Mt0f2bxN4fQDUOGOFtaRpSH2cNyg84xADkzehT0ORZtbLitr+AwhyF5KN/zAGvzkyNAoqPw== + dependencies: + "@sigyl/jsonnet-compose" "^0.0.2" + "@sigyl/jsonnet-drone-environment" "0.0.5" diff --git a/.gitignore b/.gitignore index 53b5da5..e212594 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,2 @@ -.certificates + node_modules diff --git a/CHANGELOG.md b/CHANGELOG.md index 61a83a1..ce7c755 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,8 @@ All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. +### [0.0.4](https://sigyl.com///compare/v0.0.3...v0.0.4) "chore(release): 0.0.4" (2020-08-19) + ### [0.0.3](https://sigyl.com///compare/v0.0.2...v0.0.3) "chore(release): 0.0.3" (2020-08-12) diff --git a/build.sh b/build.sh deleted file mode 100644 index 9f1fbc1..0000000 --- a/build.sh +++ /dev/null @@ -1 +0,0 @@ -docker build gitea -t ${LOCAL_DOCKER_REGISTRY}gitea diff --git a/docker-compose.yml b/docker-compose.yml index c6dad36..813ac20 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -7,14 +7,14 @@ services: replicas: 1 restart_policy: condition: any - image: ${LOCAL_DOCKER_REGISTRY}gitea + image: ${REGISTRY_DOMAIN}:${REGISTRY_PORT}/gitea environment: - USER_UID=1000 - USER_GID=1000 - - ROOT_URL=https://${GIT_DOMAIN}/git - - SSH_DOMAIN=${GIT_DOMAIN} + - ROOT_URL=https://${DOMAIN}/git + - SSH_DOMAIN=${DOMAIN} - GITEA_APP_NAME=${GITEA_APP_NAME} - - GIT_DOMAIN=${GIT_DOMAIN} + - GIT_DOMAIN=${DOMAIN} - GITEA_SERVER_LFS_JWT_SECRET=$GITEA_SERVER_LFS_JWT_SECRET - GITEA_SECURITY_SECRET_KEY=$GITEA_SECURITY_SECRET_KEY - GITEA_SECURITY_INTERNAL_TOKEN=$GITEA_SECURITY_INTERNAL_TOKEN diff --git a/git-hooks/pre-commit b/git-hooks/pre-commit new file mode 100755 index 0000000..7161ae2 --- /dev/null +++ b/git-hooks/pre-commit @@ -0,0 +1,3 @@ +drone jsonnet --source .drone/drone-home.jsonnet --target .drone/drone-home.yml --stream \ +&& git add .drone/drone-home.yml \ +&& echo "jsonnet built" \ No newline at end of file diff --git a/gitea/app.ini b/gitea/app.ini index 2585bdd..78ec9f5 100644 --- a/gitea/app.ini +++ b/gitea/app.ini @@ -15,15 +15,15 @@ TEMP_PATH = /data/gitea/uploads [server] APP_DATA_PATH = /data/gitea -SSH_DOMAIN = ${GIT_DOMAIN} +SSH_DOMAIN = ${DOMAIN} HTTP_PORT = 3000 -ROOT_URL = https://${GIT_DOMAIN}/git/ +ROOT_URL = https://${DOMAIN}/git/ DISABLE_SSH = false SSH_PORT = 22 SSH_LISTEN_PORT = 22 LFS_START_SERVER = true LFS_CONTENT_PATH = /data/git/lfs -DOMAIN = ${GIT_DOMAIN} +DOMAIN = ${DOMAIN} LFS_JWT_SECRET = ${GITEA_SERVER_LFS_JWT_SECRET} OFFLINE_MODE = false @@ -74,7 +74,7 @@ ENABLE_CAPTCHA = false DEFAULT_KEEP_EMAIL_PRIVATE = false DEFAULT_ALLOW_CREATE_ORGANIZATION = true DEFAULT_ENABLE_TIMETRACKING = true -NO_REPLY_ADDRESS = noreply.${GIT_DOMAIN} +NO_REPLY_ADDRESS = noreply.${DOMAIN} [oauth2] JWT_SECRET = ${GITEA_OAUTH2_JWT_SECRET} diff --git a/node_modules/.yarn-integrity b/node_modules/.yarn-integrity index c018c70..d12e3be 100644 --- a/node_modules/.yarn-integrity +++ b/node_modules/.yarn-integrity @@ -1,5 +1,5 @@ { - "systemParams": "linux-x64-67", + "systemParams": "darwin-x64-72", "modulesFolders": [ "node_modules" ], diff --git a/package.json b/package.json index a45caa6..c094084 100644 --- a/package.json +++ b/package.json @@ -1,7 +1,7 @@ { "private": true, "name": "gitea", - "version": "0.0.3", + "version": "0.0.4", "description": "gitea", "scripts": { "build": "sh build.sh",