From 3b16cdebe5a7212bc5823927f5bfb8cf8b7a567f Mon Sep 17 00:00:00 2001 From: Giles Bradshaw Date: Fri, 25 Sep 2020 10:08:40 +0100 Subject: [PATCH] feat: registry promotion --- .drone/build.sh | 4 +- .drone/deploy.sh | 9 +++-- .drone/drone-home.jsonnet | 24 +++++++++++- .drone/drone-home.yml | 61 ++++++++++++++++++++++------- .drone/package.json | 2 +- .drone/scripts/initialise-image.sh | 15 +++++++ .drone/scripts/initialise-images.sh | 4 ++ .drone/scripts/login.sh | 13 ++++++ .drone/yarn.lock | 8 ++-- docker-compose.yml | 7 ++-- guacamole-postgresql/Dockerfile | 4 +- init-postgresql.sh | 2 + 12 files changed, 122 insertions(+), 31 deletions(-) create mode 100644 .drone/scripts/initialise-image.sh create mode 100644 .drone/scripts/initialise-images.sh create mode 100644 .drone/scripts/login.sh create mode 100644 init-postgresql.sh diff --git a/.drone/build.sh b/.drone/build.sh index 5974aa7..82f6787 100644 --- a/.drone/build.sh +++ b/.drone/build.sh @@ -1 +1,3 @@ -docker build guacamole-postgresql -t ${REGISTRY_DOMAIN}:${REGISTRY_PORT}/guacamole-postgresql +docker build guacamole-postgresql \ + -t ${REGISTRY_DOMAIN}:${REGISTRY_PORT}/guacamole-postgresql \ + --build-arg REGISTRY=${REGISTRY_DOMAIN}:${REGISTRY_PORT}/ diff --git a/.drone/deploy.sh b/.drone/deploy.sh index 172bacc..039c9d0 100644 --- a/.drone/deploy.sh +++ b/.drone/deploy.sh @@ -1,4 +1,5 @@ -docker stack rm guacamole -echo 'sleeping...zzz' -sleep 60 -docker stack deploy -c docker-compose.yml guacamole +export LOCAL_DOCKER_REGISTRY=${REGISTRY_DOMAIN}:${REGISTRY_PORT}/ \ +&& docker stack rm guacamole \ +&& echo 'sleeping...zzz' \ +&& sleep 60 \ +&& docker stack deploy -c docker-compose.yml guacamole \ diff --git a/.drone/drone-home.jsonnet b/.drone/drone-home.jsonnet index b09938e..9d98589 100644 --- a/.drone/drone-home.jsonnet +++ b/.drone/drone-home.jsonnet @@ -1,12 +1,32 @@ - local secretSecrets = import 'lib/secret-secrets.libsonnet'; local publicSecrets = import 'lib/public-secrets.libsonnet'; local deploy = import 'node_modules/@sigyl/jsonnet-drone/deploy.libsonnet'; local register = import 'node_modules/@sigyl/jsonnet-drone/register.libsonnet'; +local registry = import 'node_modules/@sigyl/jsonnet-drone/registry.libsonnet'; + +local config = { + registry: '', +}; + [ register, - deploy( + registry( + config { + script: 'sh .drone/scripts/initialise-images.sh', + secrets: [], + }, + ) { + trigger +: { + event +: [ + 'promote', + ], + target +: [ + 'registry', + ], + }, + }, + deploy(config)( 'guacamole', '/stack/', [], diff --git a/.drone/drone-home.yml b/.drone/drone-home.yml index 2993a17..81ca826 100644 --- a/.drone/drone-home.yml +++ b/.drone/drone-home.yml @@ -15,6 +15,52 @@ trigger: exclude: - promote +--- +kind: pipeline +type: docker +name: registry + +platform: + os: linux + arch: amd64 + +steps: +- name: "dockerpull and save docker images:" + image: docker:19.03.12-dind@sha256:8dded163e463f4a59bf305b3dca98e312b2cfb89a43da3872e48f95a7554c48f + commands: + - set -e + - export REGISTRY=$${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/ + - sh .drone/scripts/initialise-images.sh $${REGISTRY} $${REGISTRY_PASSWORD} + volumes: + - name: dockersock + path: /var/run + +services: +- name: docker + image: docker:19.03.12-dind@sha256:8dded163e463f4a59bf305b3dca98e312b2cfb89a43da3872e48f95a7554c48f + privileged: true + volumes: + - name: dockersock + path: /var/run + - name: ca + path: /etc/docker/certs.d + +volumes: +- name: dockersock + temp: {} +- name: ca + host: + path: /etc/docker/certs.d + +image_pull_secrets: +- dockerconfigjson + +trigger: + event: + - promote + target: + - registry + --- kind: pipeline type: docker @@ -37,16 +83,11 @@ steps: - postgres_db - postgres_user - postgres_password - host: ${SSH_HOST} - key: ${SSH_KEY} - passphrase: ${SSH_PASSPHRASE} - port: ${SSH_PORT} script: - rm -f env-guacamole - "echo \"export POSTGRES_DB='$${POSTGRES_DB}'\" >> env-guacamole # \"postgres-db\"" - "echo \"export POSTGRES_USER='$${POSTGRES_USER}'\" >> env-guacamole # \"postgres-user\"" - "echo \"export POSTGRES_PASSWORD='$${POSTGRES_PASSWORD}'\" >> env-guacamole # \"postgres-password\"" - username: ${SSH_USER} environment: POSTGRES_DB: from_secret: postgres-db @@ -59,14 +100,9 @@ steps: image: appleboy/drone-scp:1.6.2@sha256:bd37a55f4b97e7742b0de7333669b96220b3cc422d366e1fa8c34059b736ab47 settings: command_timeout: 2m - host: ${SSH_HOST} - key: ${SSH_KEY} - passphrase: ${SSH_PASSPHRASE} - port: ${SSH_PORT} source: - . target: /stack/guacamole - username: ${SSH_USER} - name: wait image: alpine:3.12.0@sha256:90baa0922fe90624b05cb5766fa5da4e337921656c2f8e2b13bd3c052a0baac1 @@ -100,10 +136,6 @@ steps: - postgres_db - postgres_user - postgres_password - host: ${SSH_HOST} - key: ${SSH_KEY} - passphrase: ${SSH_PASSPHRASE} - port: ${SSH_PORT} script: - export POSTGRES_PASSWORD=$${POSTGRES_PASSWORD} - export POSTGRES_DB=$${POSTGRES_DB} @@ -116,7 +148,6 @@ steps: - sh .drone/login.sh - sh .drone/pull.sh - sh .drone/deploy.sh - username: ${SSH_USER} environment: POSTGRES_DB: from_secret: postgres-db diff --git a/.drone/package.json b/.drone/package.json index 22cfdd2..0f0cc55 100644 --- a/.drone/package.json +++ b/.drone/package.json @@ -4,6 +4,6 @@ "build": "drone jsonnet --source drone-home.jsonnet --target drone-home.yml --stream" }, "dependencies": { - "@sigyl/jsonnet-drone": "^0.1.0" + "@sigyl/jsonnet-drone": "^0.3.1" } } diff --git a/.drone/scripts/initialise-image.sh b/.drone/scripts/initialise-image.sh new file mode 100644 index 0000000..5692e04 --- /dev/null +++ b/.drone/scripts/initialise-image.sh @@ -0,0 +1,15 @@ +n=0 +while : +do + docker pull $2 \ + && docker tag $2 $1$2 \ + && docker push $1$2 && break # substitute your command here + n=$((n+1)) + if [ $n -ge 10 ]; then + echo "initialise failed" + exit 1 + fi + echo "retrying..$n" + sleep 5 +done + diff --git a/.drone/scripts/initialise-images.sh b/.drone/scripts/initialise-images.sh new file mode 100644 index 0000000..5b7fc9b --- /dev/null +++ b/.drone/scripts/initialise-images.sh @@ -0,0 +1,4 @@ +sh $(dirname $0)/login.sh $1 "$2" \ +&& sh $(dirname $0)/initialise-image.sh $1 postgres:12.4 \ +&& sh $(dirname $0)/initialise-image.sh $1 guacamole/guacd:1.2.0 \ +&& sh $(dirname $0)/initialise-image.sh $1 guacamole/guacamole:1.2.0 diff --git a/.drone/scripts/login.sh b/.drone/scripts/login.sh new file mode 100644 index 0000000..730a4c8 --- /dev/null +++ b/.drone/scripts/login.sh @@ -0,0 +1,13 @@ +n=0 +while : +do + docker login $1 --username client --password $2 \ + && break # substitute your command here + n=$((n+1)) + if [ $n -ge 10 ]; then + echo "login failed" + exit 1 + fi + echo "retrying login..$n" + sleep 5 +done diff --git a/.drone/yarn.lock b/.drone/yarn.lock index 44ab354..f9b7ae3 100644 --- a/.drone/yarn.lock +++ b/.drone/yarn.lock @@ -12,10 +12,10 @@ resolved "https://registry.yarnpkg.com/@sigyl/jsonnet-drone-environment/-/jsonnet-drone-environment-0.0.5.tgz#9ea85e08904777bd21a3e4b30b0b91461d0285ff" integrity sha512-xVGmdMO1pOyozAWUbJm6mzKBgsLPJ+1hWnGCK3AxPkr7kkDh18hu30+TLzlcQtqq76s5jUfvJUztezsGj/mIcw== -"@sigyl/jsonnet-drone@^0.1.0": - version "0.1.0" - resolved "https://registry.yarnpkg.com/@sigyl/jsonnet-drone/-/jsonnet-drone-0.1.0.tgz#feda1797e8e9ef799cad72e65f7163ca26a9e3a5" - integrity sha512-QY/ngucxFOtLfL8Mt0f2bxN4fQDUOGOFtaRpSH2cNyg84xADkzehT0ORZtbLitr+AwhyF5KN/zAGvzkyNAoqPw== +"@sigyl/jsonnet-drone@^0.3.1": + version "0.3.1" + resolved "https://registry.yarnpkg.com/@sigyl/jsonnet-drone/-/jsonnet-drone-0.3.1.tgz#790a83f45556cc613f07fbc98ca760027fa936e7" + integrity sha512-FiSyunjR0Udc20I2gA6gkzX3sCB2dPq/ZODrXcm7ROQFKF2Wr4b+xhpovjEdnjKGy8G4d+rRcdN+Jyhp7WQLEg== dependencies: "@sigyl/jsonnet-compose" "^0.0.2" "@sigyl/jsonnet-drone-environment" "0.0.5" diff --git a/docker-compose.yml b/docker-compose.yml index b6c9931..bb266a9 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -8,7 +8,7 @@ services: replicas: 1 restart_policy: condition: any - image: ${REGISTRY_DOMAIN}:${REGISTRY_PORT}/guacamole-postgresql:latest + image: ${LOCAL_DOCKER_REGISTRY}guacamole-postgresql:latest environment: POSTGRES_PASSWORD: ${POSTGRES_PASSWORD} POSTGRES_DB: guacamole_db @@ -24,7 +24,7 @@ services: replicas: 1 restart_policy: condition: any - image: guacamole/guacd:latest + image: ${LOCAL_DOCKER_REGISTRY}guacamole/guacd:1.2.0 networks: - appnet @@ -35,7 +35,8 @@ services: replicas: 1 restart_policy: condition: any - image: guacamole/guacamole:1.2.0@sha256:6eb0b854e8e145df8f9220b92e51d52e9ff18c4262de20d56ccc62a4dad835b9 + image: ${LOCAL_DOCKER_REGISTRY}guacamole/guacamole:1.2.0 + #@sha256:6eb0b854e8e145df8f9220b92e51d52e9ff18c4262de20d56ccc62a4dad835b9 environment: - POSTGRES_HOSTNAME=guacamole-postgresql - POSTGRES_PORT=5432 diff --git a/guacamole-postgresql/Dockerfile b/guacamole-postgresql/Dockerfile index cb1507c..475dec5 100644 --- a/guacamole-postgresql/Dockerfile +++ b/guacamole-postgresql/Dockerfile @@ -1,2 +1,4 @@ -FROM postgres:12.4@sha256:b0cfe264cb1143c7c660ddfd5c482464997d62d6bc9f97f8fdf3deefce881a8c +ARG REGISTRY +FROM ${REGISTRY}postgres:12.4 +# @sha256:b0cfe264cb1143c7c660ddfd5c482464997d62d6bc9f97f8fdf3deefce881a8c COPY *.sql / \ No newline at end of file diff --git a/init-postgresql.sh b/init-postgresql.sh new file mode 100644 index 0000000..ac780e2 --- /dev/null +++ b/init-postgresql.sh @@ -0,0 +1,2 @@ +docker exec -it $1 psql -U postgres -d $POSTGRES_DB -f /initdb.sql +docker exec -it $1 psql -U postgres -d $POSTGRES_DB -f /init-user.sql -v password=$POSTGRES_PASSWORD -v user=$POSTGRES_USER \ No newline at end of file