From 1f3371ca47192e808f9f999309afeb4873d7a7bb Mon Sep 17 00:00:00 2001 From: Giles Bradshaw Date: Fri, 14 Aug 2020 13:03:03 +0100 Subject: [PATCH] ci: jsonnet deploy function --- .drone/drone-home.jsonnet | 100 ++++------------------------------- .drone/drone-home.yml | 4 +- .drone/lib/build.libsonnet | 10 ++-- .drone/lib/deploy.libsonnet | 101 ++++++++++++++++++++++++++++++++++++ login.sh | 1 + logout.sh | 1 + 6 files changed, 118 insertions(+), 99 deletions(-) create mode 100644 .drone/lib/deploy.libsonnet create mode 100644 login.sh create mode 100644 logout.sh diff --git a/.drone/drone-home.jsonnet b/.drone/drone-home.jsonnet index bce0357..c4dbc7b 100644 --- a/.drone/drone-home.jsonnet +++ b/.drone/drone-home.jsonnet @@ -5,97 +5,15 @@ local compose = import 'node_modules/@sigyl/jsonnet-compose/compose.libsonnet'; local secretSecrets = import 'lib/secret-secrets.libsonnet'; local publicSecrets = import 'lib/public-secrets.libsonnet'; local util = import 'lib/util.libsonnet'; +local deploy = import 'lib/deploy.libsonnet'; [ - { - kind: 'pipeline', - type: 'docker', - name: 'build', - clone: { - disable: false, - depth: 0, - }, - /*trigger: { - event: [ - 'tag', - ], - },*/ - services: [ - images.docker { - privileged: true, - volumes: [ - { - name: 'dockersock', - path: '/var/run', - }, - { - name: 'ca', - path: '/etc/docker/certs.d', - }, - ], - }, + deploy( + 'guacamole', + [ + 'LOCAL_DOCKER_REGISTRY', + 'REGISTRY_PASSWORD', ], - volumes: [ - { - name: 'dockersock', - temp: {}, - }, - { - name: 'ca', - host: { - path: '/etc/docker/certs.d', - }, - }, - ], - steps:[ - compose( - std.map( - function(secret) util.printEnv('env-guacamole', secret), - publicSecrets, - ) - ) - ( - images.ssh { - settings +: { - script: [ - 'rm -f env-guacamole', - ], - }, - }, - ) { - name: 'print env', - }, - images.scp( - '/stack/guacamole' - ), - images.wait(15), - build, - compose( - std.map( - function(secret) environment.envSet(secret), - publicSecrets + secretSecrets, - ), - )( - images.ssh { - name: 'deploy stack', - settings +: { - script +: - std.map( - function(secret) - 'export %(env)s=$${%(env)s}' % { - env: environment.environment(secret) - }, - secretSecrets + publicSecrets, - ) + - [ - 'set -e', - "cd /stack/guacamole", - 'docker login $${LOCAL_DOCKER_REGISTRY} --username client --password "$${REGISTRY_PASSWORD}"', - 'sh pull.sh', - 'sh deploy.sh', - ] - } - }, - ), - ], - } + publicSecrets, + secretSecrets + ), ] diff --git a/.drone/drone-home.yml b/.drone/drone-home.yml index e4baed3..c85b69e 100644 --- a/.drone/drone-home.yml +++ b/.drone/drone-home.yml @@ -66,10 +66,10 @@ steps: image: docker:dind commands: - set -e - - docker login $${LOCAL_DOCKER_REGISTRY} --username client --password "$${REGISTRY_PASSWORD}" + - sh login.sh - sh build.sh - sh push.sh - - docker logout $${LOCAL_DOCKER_REGISTRY} + - sh logout.sh environment: LOCAL_DOCKER_REGISTRY: from_secret: local-docker-registry diff --git a/.drone/lib/build.libsonnet b/.drone/lib/build.libsonnet index 339609d..f9cc21f 100644 --- a/.drone/lib/build.libsonnet +++ b/.drone/lib/build.libsonnet @@ -1,12 +1,10 @@ local images = import 'images.libsonnet'; local environment = import '../node_modules/@sigyl/jsonnet-drone-environment/environment.libsonnet'; +function(secrets) images.docker { name +: 'build:', - environment +: environment.environmentSecrets([ - 'LOCAL_DOCKER_REGISTRY', - 'REGISTRY_PASSWORD', - ]), + environment +: environment.environmentSecrets(secrets), volumes: [ { name: 'dockersock', @@ -15,9 +13,9 @@ local environment = import '../node_modules/@sigyl/jsonnet-drone-environment/env ], commands: [ 'set -e', - 'docker login $${LOCAL_DOCKER_REGISTRY} --username client --password "$${REGISTRY_PASSWORD}"', + 'sh login.sh', 'sh build.sh', 'sh push.sh', - 'docker logout $${LOCAL_DOCKER_REGISTRY}', + 'sh logout.sh', ], } \ No newline at end of file diff --git a/.drone/lib/deploy.libsonnet b/.drone/lib/deploy.libsonnet new file mode 100644 index 0000000..7643fe3 --- /dev/null +++ b/.drone/lib/deploy.libsonnet @@ -0,0 +1,101 @@ +local build = import 'build.libsonnet'; +local images = import 'images.libsonnet'; +local environment = import '../node_modules/@sigyl/jsonnet-drone-environment/environment.libsonnet'; +local compose = import '../node_modules/@sigyl/jsonnet-compose/compose.libsonnet'; +local util = import 'util.libsonnet'; + +function( + name, + buildSecrets, + publicSecrets, + secretSecrets +) + { + kind: 'pipeline', + type: 'docker', + name: 'deploy', + clone: { + disable: false, + depth: 0, + }, + services: [ + images.docker { + privileged: true, + volumes: [ + { + name: 'dockersock', + path: '/var/run', + }, + { + name: 'ca', + path: '/etc/docker/certs.d', + }, + ], + }, + ], + volumes: [ + { + name: 'dockersock', + temp: {}, + }, + { + name: 'ca', + host: { + path: '/etc/docker/certs.d', + }, + }, + ], + steps:[ + compose( + std.map( + function(secret) util.printEnv('env-guacamole', secret), + publicSecrets, + ) + ) + ( + images.ssh { + settings +: { + script: [ + 'rm -f env-guacamole', + ], + }, + }, + ) { + name: 'print env', + }, + images.scp( + '/stack/guacamole' + ), + images.wait(15), + build(buildSecrets), + compose( + std.map( + function(secret) environment.envSet(secret), + publicSecrets + secretSecrets, + ), + )( + images.ssh { + name: 'deploy stack', + settings +: { + script +: + std.map( + function(secret) + 'export %(env)s=$${%(env)s}' % { + env: environment.environment(secret) + }, + secretSecrets + publicSecrets, + ) + + [ + 'set -e', + "cd /stack/guacamole", + 'docker login $${LOCAL_DOCKER_REGISTRY} --username client --password "$${REGISTRY_PASSWORD}"', + 'sh pull.sh', + 'sh deploy.sh', + ] + } + }, + ), + ], + } + + diff --git a/login.sh b/login.sh new file mode 100644 index 0000000..c8ffffc --- /dev/null +++ b/login.sh @@ -0,0 +1 @@ +docker login ${LOCAL_DOCKER_REGISTRY} --username client --password "${REGISTRY_PASSWORD}" \ No newline at end of file diff --git a/logout.sh b/logout.sh new file mode 100644 index 0000000..4bcacf0 --- /dev/null +++ b/logout.sh @@ -0,0 +1 @@ +docker logout ${LOCAL_DOCKER_REGISTRY} \ No newline at end of file