feat: save parameter

Info on openssh keys

.drone-do.star

@@ -1,14 +0,0 @@
-
-load("@this//guacamole:drone.star", "drone")
-load("@this//guacamole:stack-name.star", "stackName")
-load("@this//guacamole:stack-root.star", "stackRoot")
-
-def main(ctx):
-  return drone(
-    ctx,
-    "do",
-    stackRoot,
-    stackName,
-    []
-  )
-  

.drone-home.star

@@ -1,14 +0,0 @@
-
-load("@this//guacamole:drone.star", "drone")
-load("@this//guacamole:stack-name.star", "stackName")
-load("@this//guacamole:stack-root.star", "stackRoot")
-
-def main(ctx):
-  return drone(
-    ctx,
-    "home-deploy",
-    stackRoot,
-    stackName,
-    []
-  )
-  

.drone/build.sh

@@ -0,0 +1,3 @@
+docker build guacamole-postgresql \
+ -t ${REGISTRY_DOMAIN}:${REGISTRY_PORT}/${ROOT}/${NAME}/guacamole-postgresql \
+ --build-arg REGISTRY=${REGISTRY_DOMAIN}:${REGISTRY_PORT}/${ROOT}/${NAME}/

.drone/deploy.sh

@@ -0,0 +1,5 @@
+export LOCAL_DOCKER_REGISTRY=${REGISTRY_DOMAIN}:${REGISTRY_PORT}/${ROOT}/${NAME}/ \
+&& docker stack rm guacamole \
+&& echo 'sleeping...zzz' \
+&& sleep 60 \
+&& docker stack deploy -c docker-compose.yml guacamole  --with-registry-auth

.drone/drone-home.jsonnet

@@ -0,0 +1,64 @@
+local secretSecrets = import 'lib/secret-secrets.libsonnet';
+local publicSecrets = import 'lib/public-secrets.libsonnet';
+
+local deploy = import 'node_modules/@sigyl/jsonnet-drone/deploy.libsonnet';
+local register = import 'node_modules/@sigyl/jsonnet-drone/register.libsonnet';
+local registry = import 'node_modules/@sigyl/jsonnet-drone/registry.libsonnet';
+local save = import 'node_modules/@sigyl/jsonnet-drone/save.libsonnet';
+local build = import 'node_modules/@sigyl/jsonnet-drone/build.libsonnet';
+local print = import 'node_modules/@sigyl/jsonnet-drone/print.libsonnet';
+
+local config = {
+  registry: '',
+  root: 'stack',
+  name: 'guacamole',
+};
+
+local defs = [
+  {
+    load: 'postgres:12.4@sha256:c713cbd0e39ee3450bec6fa44e0f6236879b3dac79adc2d0417582785b8776b2',
+    save: 'postgres:12.4'
+  },
+  {
+    load: 'guacamole/guacd:1.2.0@sha256:6ba0abac865bd7efd55dd52085ba8eb4f57910e33cea5ae6c4135a84f6a8bcdf',
+    save: 'guacamole/guacd:1.2.0',
+  },
+  {
+    load: 'guacamole/guacamole:1.2.0@sha256:6eb0b854e8e145df8f9220b92e51d52e9ff18c4262de20d56ccc62a4dad835b9',
+    save: 'guacamole/guacamole:1.2.0',
+  },
+];
+[
+  register,
+  registry(
+    config {
+      // script: 'sh .drone/scripts/initialise-images.sh',
+      secrets: [],
+      images: defs,
+    },
+  ),
+  save(config)(
+    defs,
+    [
+      'guacamole-postgresql',
+    ],
+  ),
+  print(config)(
+    [],
+    publicSecrets,
+    secretSecrets,
+  ),
+  build(config)(
+    [],
+  ),
+  deploy(config)(
+    [],
+    publicSecrets,
+    secretSecrets,
+    [
+      'REGISTRY_DOMAIN',
+      'REGISTRY_PORT',
+      'REGISTRY_PASSWORD',
+    ],
+  ),
+]

.drone/drone-home.yml

@@ -0,0 +1,342 @@
+---
+kind: pipeline
+type: docker
+name: register
+
+platform:
+  os: linux
+  arch: amd64
+
+clone:
+  disable: true
+
+trigger:
+  event:
+    exclude:
+    - promote
+
+---
+kind: pipeline
+type: docker
+name: registry
+
+platform:
+  os: linux
+  arch: amd64
+
+clone:
+  disable: true
+
+steps:
+- name: postgres:12.4
+  image: docker:19.03.12-dind@sha256:8dded163e463f4a59bf305b3dca98e312b2cfb89a43da3872e48f95a7554c48f
+  commands:
+  - set -e
+  - "n=0\nwhile :\ndo\n  docker login $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/ --username client --password \"$${REGISTRY_PASSWORD}\" \\\\\n    && break  # substitute your command here\n  n=$((n+1))\n      if [ $n -ge 10 ]; then\n      echo \"login failed\"\n      exit 1\n  fi\n  echo \"retrying login..$n\"\n  sleep 5\ndone\n"
+  - "n=0\nwhile :\ndo\n  docker pull postgres:12.4@sha256:c713cbd0e39ee3450bec6fa44e0f6236879b3dac79adc2d0417582785b8776b2 \\\\\n    && docker tag postgres:12.4@sha256:c713cbd0e39ee3450bec6fa44e0f6236879b3dac79adc2d0417582785b8776b2 $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/guacamole/postgres:12.4 \\\\\n    && docker push $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/guacamole/postgres:12.4 && break\n  n=$((n+1))\n      if [ $n -ge 10 ]; then\n      echo \"initialise failed\"\n      exit 1\n  fi\n  echo \"retrying..$n\"\n  sleep 5\ndone\n"
+  volumes:
+  - name: dockersock
+    path: /var/run
+
+- name: guacamole/guacd:1.2.0
+  image: docker:19.03.12-dind@sha256:8dded163e463f4a59bf305b3dca98e312b2cfb89a43da3872e48f95a7554c48f
+  commands:
+  - set -e
+  - "n=0\nwhile :\ndo\n  docker login $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/ --username client --password \"$${REGISTRY_PASSWORD}\" \\\\\n    && break  # substitute your command here\n  n=$((n+1))\n      if [ $n -ge 10 ]; then\n      echo \"login failed\"\n      exit 1\n  fi\n  echo \"retrying login..$n\"\n  sleep 5\ndone\n"
+  - "n=0\nwhile :\ndo\n  docker pull guacamole/guacd:1.2.0@sha256:6ba0abac865bd7efd55dd52085ba8eb4f57910e33cea5ae6c4135a84f6a8bcdf \\\\\n    && docker tag guacamole/guacd:1.2.0@sha256:6ba0abac865bd7efd55dd52085ba8eb4f57910e33cea5ae6c4135a84f6a8bcdf $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/guacamole/guacamole/guacd:1.2.0 \\\\\n    && docker push $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/guacamole/guacamole/guacd:1.2.0 && break\n  n=$((n+1))\n      if [ $n -ge 10 ]; then\n      echo \"initialise failed\"\n      exit 1\n  fi\n  echo \"retrying..$n\"\n  sleep 5\ndone\n"
+  volumes:
+  - name: dockersock
+    path: /var/run
+
+- name: guacamole/guacamole:1.2.0
+  image: docker:19.03.12-dind@sha256:8dded163e463f4a59bf305b3dca98e312b2cfb89a43da3872e48f95a7554c48f
+  commands:
+  - set -e
+  - "n=0\nwhile :\ndo\n  docker login $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/ --username client --password \"$${REGISTRY_PASSWORD}\" \\\\\n    && break  # substitute your command here\n  n=$((n+1))\n      if [ $n -ge 10 ]; then\n      echo \"login failed\"\n      exit 1\n  fi\n  echo \"retrying login..$n\"\n  sleep 5\ndone\n"
+  - "n=0\nwhile :\ndo\n  docker pull guacamole/guacamole:1.2.0@sha256:6eb0b854e8e145df8f9220b92e51d52e9ff18c4262de20d56ccc62a4dad835b9 \\\\\n    && docker tag guacamole/guacamole:1.2.0@sha256:6eb0b854e8e145df8f9220b92e51d52e9ff18c4262de20d56ccc62a4dad835b9 $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/guacamole/guacamole/guacamole:1.2.0 \\\\\n    && docker push $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/guacamole/guacamole/guacamole:1.2.0 && break\n  n=$((n+1))\n      if [ $n -ge 10 ]; then\n      echo \"initialise failed\"\n      exit 1\n  fi\n  echo \"retrying..$n\"\n  sleep 5\ndone\n"
+  volumes:
+  - name: dockersock
+    path: /var/run
+
+services:
+- name: docker
+  image: docker:19.03.12-dind@sha256:8dded163e463f4a59bf305b3dca98e312b2cfb89a43da3872e48f95a7554c48f
+  privileged: true
+  volumes:
+  - name: dockersock
+    path: /var/run
+  - name: ca
+    path: /etc/docker/certs.d
+  - name: daemonjson
+    path: /etc/docker/daemon.json
+
+volumes:
+- name: dockersock
+  temp: {}
+- name: ca
+  host:
+    path: /etc/docker/certs.d
+- name: daemonjson
+  host:
+    path: /etc/docker/daemon.json
+
+image_pull_secrets:
+- dockerconfigjson
+
+trigger:
+  event:
+  - promote
+  target:
+  - registry
+
+---
+kind: pipeline
+type: docker
+name: save
+
+platform:
+  os: linux
+  arch: amd64
+
+clone:
+  disable: true
+
+steps:
+- name: mkdir
+  image: appleboy/drone-ssh:1.6.2@sha256:b801dc2cd238c192b6e99acfa7bc3f5b9a03f312bd2feb1e10b3a7a28a1b80ea
+  settings:
+    envs:
+    - drone_tag
+    - drone_commit
+    - drone_build_number
+    - drone_repo_name
+    - drone_repo_namespace
+    script:
+    - mkdir -p /stack/.images/guacamole/built
+    - rm -f /stack/.images/guacamole/*.*
+    - rm -f /stack/.images/guacamole/built/*.*
+
+- name: postgres:12.4
+  image: appleboy/drone-ssh:1.6.2@sha256:b801dc2cd238c192b6e99acfa7bc3f5b9a03f312bd2feb1e10b3a7a28a1b80ea
+  settings:
+    envs:
+    - drone_tag
+    - drone_commit
+    - drone_build_number
+    - drone_repo_name
+    - drone_repo_namespace
+    - registry_domain
+    - registry_port
+    - registry_password
+    - destination_registry
+    script:
+    - "n=0\nwhile :\ndo\n  docker login $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/ --username client --password \"$${REGISTRY_PASSWORD}\" \\\\\n    && break  # substitute your command here\n  n=$((n+1))\n      if [ $n -ge 10 ]; then\n      echo \"login failed\"\n      exit 1\n  fi\n  echo \"retrying login..$n\"\n  sleep 5\ndone\n"
+    - docker pull $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/guacamole/postgres:12.4
+    - docker save $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/guacamole/postgres:12.4 -o /stack/.images/guacamole/postgres:12.4.tar
+    - echo "docker load < postgres:12.4.tar" >> /stack/.images/guacamole/load.sh
+    - echo "docker tag $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/guacamole/postgres:12.4 $${DESTINATION_REGISTRY}/stack/guacamole/postgres:12.4" >> /stack/.images/guacamole/load.sh
+
+- name: guacamole/guacd:1.2.0
+  image: appleboy/drone-ssh:1.6.2@sha256:b801dc2cd238c192b6e99acfa7bc3f5b9a03f312bd2feb1e10b3a7a28a1b80ea
+  settings:
+    envs:
+    - drone_tag
+    - drone_commit
+    - drone_build_number
+    - drone_repo_name
+    - drone_repo_namespace
+    - registry_domain
+    - registry_port
+    - registry_password
+    - destination_registry
+    script:
+    - "n=0\nwhile :\ndo\n  docker login $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/ --username client --password \"$${REGISTRY_PASSWORD}\" \\\\\n    && break  # substitute your command here\n  n=$((n+1))\n      if [ $n -ge 10 ]; then\n      echo \"login failed\"\n      exit 1\n  fi\n  echo \"retrying login..$n\"\n  sleep 5\ndone\n"
+    - docker pull $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/guacamole/guacamole/guacd:1.2.0
+    - docker save $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/guacamole/guacamole/guacd:1.2.0 -o /stack/.images/guacamole/guacamole_guacd:1.2.0.tar
+    - echo "docker load < guacamole_guacd:1.2.0.tar" >> /stack/.images/guacamole/load.sh
+    - echo "docker tag $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/guacamole/guacamole/guacd:1.2.0 $${DESTINATION_REGISTRY}/stack/guacamole/guacamole/guacd:1.2.0" >> /stack/.images/guacamole/load.sh
+
+- name: guacamole/guacamole:1.2.0
+  image: appleboy/drone-ssh:1.6.2@sha256:b801dc2cd238c192b6e99acfa7bc3f5b9a03f312bd2feb1e10b3a7a28a1b80ea
+  settings:
+    envs:
+    - drone_tag
+    - drone_commit
+    - drone_build_number
+    - drone_repo_name
+    - drone_repo_namespace
+    - registry_domain
+    - registry_port
+    - registry_password
+    - destination_registry
+    script:
+    - "n=0\nwhile :\ndo\n  docker login $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/ --username client --password \"$${REGISTRY_PASSWORD}\" \\\\\n    && break  # substitute your command here\n  n=$((n+1))\n      if [ $n -ge 10 ]; then\n      echo \"login failed\"\n      exit 1\n  fi\n  echo \"retrying login..$n\"\n  sleep 5\ndone\n"
+    - docker pull $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/guacamole/guacamole/guacamole:1.2.0
+    - docker save $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/guacamole/guacamole/guacamole:1.2.0 -o /stack/.images/guacamole/guacamole_guacamole:1.2.0.tar
+    - echo "docker load < guacamole_guacamole:1.2.0.tar" >> /stack/.images/guacamole/load.sh
+    - echo "docker tag $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/guacamole/guacamole/guacamole:1.2.0 $${DESTINATION_REGISTRY}/stack/guacamole/guacamole/guacamole:1.2.0" >> /stack/.images/guacamole/load.sh
+
+- name: guacamole-postgresql
+  image: appleboy/drone-ssh:1.6.2@sha256:b801dc2cd238c192b6e99acfa7bc3f5b9a03f312bd2feb1e10b3a7a28a1b80ea
+  settings:
+    envs:
+    - drone_tag
+    - drone_commit
+    - drone_build_number
+    - drone_repo_name
+    - drone_repo_namespace
+    - registry_domain
+    - registry_port
+    - registry_password
+    - destination_registry
+    script:
+    - "n=0\nwhile :\ndo\n  docker login $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/ --username client --password \"$${REGISTRY_PASSWORD}\" \\\\\n    && break  # substitute your command here\n  n=$((n+1))\n      if [ $n -ge 10 ]; then\n      echo \"login failed\"\n      exit 1\n  fi\n  echo \"retrying login..$n\"\n  sleep 5\ndone\n"
+    - docker pull $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/guacamole/guacamole-postgresql
+    - docker save $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/guacamole/guacamole-postgresql -o /stack/.images/guacamole/built/guacamole-postgresql.tar
+    - echo "docker load guacamole-postgresql.tar" >> /stack/.images/guacamole/built/load.sh
+    - echo "docker tag $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/guacamole/guacamole-postgresql ${DESINATION_REGISTRY}/stack/guacamole/guacamole-postgresql" >> /stack/.images/guacamole/built/load.sh
+
+trigger:
+  event:
+  - promote
+  target:
+  - save
+
+---
+kind: pipeline
+type: docker
+name: print
+
+platform:
+  os: linux
+  arch: amd64
+
+steps:
+- name: print env
+  image: appleboy/drone-ssh:1.6.2@sha256:b801dc2cd238c192b6e99acfa7bc3f5b9a03f312bd2feb1e10b3a7a28a1b80ea
+  settings:
+    envs:
+    - drone_tag
+    - drone_commit
+    - drone_build_number
+    - drone_repo_name
+    - drone_repo_namespace
+    - postgres_password
+    script:
+    - rm -f env-guacamole
+    - "echo \"export POSTGRES_PASSWORD='$${POSTGRES_PASSWORD}'\" >> env-guacamole # \"postgres-password\""
+  environment:
+    POSTGRES_PASSWORD:
+      from_secret: postgres-password
+
+trigger:
+  event:
+  - promote
+  target:
+  - print
+
+---
+kind: pipeline
+type: docker
+name: build
+
+platform:
+  os: linux
+  arch: amd64
+
+steps:
+- name: "dockerbuild:"
+  image: docker:19.03.12-dind@sha256:8dded163e463f4a59bf305b3dca98e312b2cfb89a43da3872e48f95a7554c48f
+  commands:
+  - set -e
+  - export NAME=guacamole
+  - export ROOT=stack
+  - "n=0\nwhile :\ndo\n  docker login $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/ --username client --password \"$${REGISTRY_PASSWORD}\" \\\\\n    && break  # substitute your command here\n  n=$((n+1))\n      if [ $n -ge 10 ]; then\n      echo \"login failed\"\n      exit 1\n  fi\n  echo \"retrying login..$n\"\n  sleep 5\ndone\n"
+  - sh .drone/build.sh
+  - sh .drone/push.sh
+  volumes:
+  - name: dockersock
+    path: /var/run
+
+services:
+- name: docker
+  image: docker:19.03.12-dind@sha256:8dded163e463f4a59bf305b3dca98e312b2cfb89a43da3872e48f95a7554c48f
+  privileged: true
+  volumes:
+  - name: dockersock
+    path: /var/run
+  - name: ca
+    path: /etc/docker/certs.d
+  - name: daemonjson
+    path: /etc/docker/daemon.json
+
+volumes:
+- name: dockersock
+  temp: {}
+- name: ca
+  host:
+    path: /etc/docker/certs.d
+- name: daemonjson
+  host:
+    path: /etc/docker/daemon.json
+
+trigger:
+  event:
+  - promote
+  target:
+  - build
+
+---
+kind: pipeline
+type: docker
+name: deploy
+
+platform:
+  os: linux
+  arch: amd64
+
+steps:
+- name: scp
+  image: appleboy/drone-scp:1.6.2@sha256:bd37a55f4b97e7742b0de7333669b96220b3cc422d366e1fa8c34059b736ab47
+  settings:
+    command_timeout: 2m
+    source:
+    - .
+    target: /stack/guacamole
+
+- name: deploy
+  image: appleboy/drone-ssh:1.6.2@sha256:b801dc2cd238c192b6e99acfa7bc3f5b9a03f312bd2feb1e10b3a7a28a1b80ea
+  settings:
+    envs:
+    - drone_tag
+    - drone_commit
+    - drone_build_number
+    - drone_repo_name
+    - drone_repo_namespace
+    - registry_domain
+    - registry_port
+    - registry_password
+    - postgres_password
+    script:
+    - export POSTGRES_PASSWORD=$${POSTGRES_PASSWORD}
+    - export REGISTRY_DOMAIN=$${REGISTRY_DOMAIN}
+    - export REGISTRY_PORT=$${REGISTRY_PORT}
+    - export REGISTRY_PASSWORD=$${REGISTRY_PASSWORD}
+    - set -e
+    - export NAME=guacamole
+    - export ROOT=stack
+    - cd /stack/guacamole
+    - "n=0\nwhile :\ndo\n  docker login $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/ --username client --password \"$${REGISTRY_PASSWORD}\" \\\\\n    && break  # substitute your command here\n  n=$((n+1))\n      if [ $n -ge 10 ]; then\n      echo \"login failed\"\n      exit 1\n  fi\n  echo \"retrying login..$n\"\n  sleep 5\ndone\n"
+    - sh .drone/pull.sh
+    - sh .drone/deploy.sh
+  environment:
+    POSTGRES_PASSWORD:
+      from_secret: postgres-password
+
+trigger:
+  event:
+  - promote
+  target:
+  - deploy
+
+...

.drone/lib/public-secrets.libsonnet

@@ -0,0 +1 @@
+[]

.drone/lib/secret-secrets.libsonnet

@@ -0,0 +1,3 @@
+[
+  'postgres-password',
+]

.drone/package.json

@@ -0,0 +1,9 @@
+{
+  "private": true,
+  "scripts": {
+    "build": "drone jsonnet --source drone-home.jsonnet --target drone-home.yml --stream"
+  },
+  "dependencies": {
+    "@sigyl/jsonnet-drone": "^1.0.0"
+  }
+}

.drone/pull.sh

@@ -0,0 +1 @@
+docker pull ${REGISTRY_DOMAIN}:${REGISTRY_PORT}/${ROOT}/${NAME}/guacamole-postgresql

.drone/push.sh

@@ -0,0 +1 @@
+docker push ${REGISTRY_DOMAIN}:${REGISTRY_PORT}/${ROOT}/${NAME}/guacamole-postgresql

.drone/yarn-error.log

@@ -0,0 +1,55 @@
+Arguments: 
+  /usr/local/Cellar/node/11.9.0/bin/node /usr/local/Cellar/yarn/1.13.0/libexec/bin/yarn.js
+
+PATH: 
+  /Users/giles/.cargo/bin:/Users/giles/.local/bin:/Users/giles/Library/Python/3.7/bin:/Library/Frameworks/Python.framework/Versions/3.7/bin:/opt/local/bin:/opt/local/sbin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/share/dotnet:/usr/local/share/dotnet/sdk:/usr/local/share/dotnet/sdk/2.2.101:/opt/X11/bin:~/.dotnet/tools:/usr/local/bin:/usr/local/Cellar/openssl/1.0.2j/bin/openssl
+
+Yarn version: 
+  1.13.0
+
+Node version: 
+  12.13.1
+
+Platform: 
+  darwin x64
+
+Trace: 
+  Error: getaddrinfo ENOTFOUND registry.yarnpkg.com
+      at GetAddrInfoReqWrap.onlookup [as oncomplete] (dns.js:60:26)
+
+npm manifest: 
+  {
+    "private": true,
+    "scripts": {
+      "build": "drone jsonnet --source drone-home.jsonnet --target drone-home.yml --stream"
+    },
+    "dependencies": {
+      "@sigyl/jsonnet-drone": "^0.0.3"
+    }
+  }
+
+yarn manifest: 
+  No manifest
+
+Lockfile: 
+  # THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.
+  # yarn lockfile v1
+  
+  
+  "@sigyl/jsonnet-compose@^0.0.2":
+    version "0.0.2"
+    resolved "https://registry.yarnpkg.com/@sigyl/jsonnet-compose/-/jsonnet-compose-0.0.2.tgz#8900a21e8cd8109929b6042703f8645aacb9bcda"
+    integrity sha512-wWS3CgPeNi/o1pcS6n/4pafxlMD0KC9/RKMZr/ySmzeGNRW++sPuKuxajYse2TNd47uNDdeUSnk4aEeEIKL0zA==
+  
+  "@sigyl/jsonnet-drone-environment@0.0.5":
+    version "0.0.5"
+    resolved "https://registry.yarnpkg.com/@sigyl/jsonnet-drone-environment/-/jsonnet-drone-environment-0.0.5.tgz#9ea85e08904777bd21a3e4b30b0b91461d0285ff"
+    integrity sha512-xVGmdMO1pOyozAWUbJm6mzKBgsLPJ+1hWnGCK3AxPkr7kkDh18hu30+TLzlcQtqq76s5jUfvJUztezsGj/mIcw==
+  
+  "@sigyl/jsonnet-drone@^0.0.2":
+    version "0.0.2"
+    resolved "https://registry.yarnpkg.com/@sigyl/jsonnet-drone/-/jsonnet-drone-0.0.2.tgz#64572524155eaa2c2b8bda6102f238a0269cafbb"
+    integrity sha512-1/EZR5Vbo8oKAm+R31XIzsS6VZxcEIcRLyrLi53JQ0+z+CWLPvrUwiq0homBysYJhqk1XRzYF6+ctwbbmmzxrA==
+    dependencies:
+      "@sigyl/jsonnet-compose" "^0.0.2"
+      "@sigyl/jsonnet-drone-environment" "0.0.5"

.drone/yarn.lock

@@ -0,0 +1,21 @@
+# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.
+# yarn lockfile v1
+
+
+"@sigyl/jsonnet-compose@^0.0.2":
+  version "0.0.2"
+  resolved "https://registry.yarnpkg.com/@sigyl/jsonnet-compose/-/jsonnet-compose-0.0.2.tgz#8900a21e8cd8109929b6042703f8645aacb9bcda"
+  integrity sha512-wWS3CgPeNi/o1pcS6n/4pafxlMD0KC9/RKMZr/ySmzeGNRW++sPuKuxajYse2TNd47uNDdeUSnk4aEeEIKL0zA==
+
+"@sigyl/jsonnet-drone-environment@0.0.5":
+  version "0.0.5"
+  resolved "https://registry.yarnpkg.com/@sigyl/jsonnet-drone-environment/-/jsonnet-drone-environment-0.0.5.tgz#9ea85e08904777bd21a3e4b30b0b91461d0285ff"
+  integrity sha512-xVGmdMO1pOyozAWUbJm6mzKBgsLPJ+1hWnGCK3AxPkr7kkDh18hu30+TLzlcQtqq76s5jUfvJUztezsGj/mIcw==
+
+"@sigyl/jsonnet-drone@^1.0.0":
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/@sigyl/jsonnet-drone/-/jsonnet-drone-1.0.0.tgz#943bd8a1abc8a916026944816709f5ed1d8e7ef8"
+  integrity sha512-ubyVC1/nAM584wTnnRBZTOP18z28Yy7SRApvSuo/3y2arngKlNI1FwOzKTFt/7L9+rNy19dRO/g0obEkyR3KmA==
+  dependencies:
+    "@sigyl/jsonnet-compose" "^0.0.2"
+    "@sigyl/jsonnet-drone-environment" "0.0.5"

.gitignore

@@ -0,0 +1,2 @@
+node_modules
+.log

.versionrc

@@ -0,0 +1,3 @@
+{
+  "tagMessageInChangeLog": true
+}

CHANGELOG.md

@@ -0,0 +1,30 @@
+# Changelog
+
+All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
+
+### [0.0.6](https://sigyl.com///compare/v0.0.5...v0.0.6) "chore(release): 0.0.6" (2020-10-23)
+
+
+### Features
+
+* print, build, save, registry, deploy ([50a035e](https://sigyl.com///commit/50a035eff200829d5cab9a79f4720bfebe21cf1e))
+
+### [0.0.5](https://sigyl.com///compare/v0.0.3...v0.0.5) "chore(release): 0.0.5" (2020-09-25)
+
+
+### Features
+
+* registry promotion ([3b16cde](https://sigyl.com///commit/3b16cdebe5a7212bc5823927f5bfb8cf8b7a567f))
+
+### [0.0.4](https://sigyl.com///compare/v0.0.3...v0.0.4) "chore(release): 0.0.4" (2020-08-19)
+
+
+### Bug Fixes
+
+* build and deloy scripts ([b6f60a1](https://sigyl.com///commit/b6f60a17bf23165b355085b63f879b1949f34888))
+
+### [0.0.3](https://sigyl.com///compare/v0.0.1...v0.0.3) "chore(release): 0.0.3" (2020-08-11)
+
+### [0.0.2](https://sigyl.com///compare/v0.0.1...v0.0.2) (2020-08-11)
+
+### 0.0.1 (2020-08-11)

README.md

@@ -2,5 +2,47 @@
 
 ## secrets
 
-* guacamole-postgres-password
+* postgres-password
-* local-docker-registry
+* postgres-user
+* postgres-db
+
+## initial deployment
+
+initialise database
+
+```shell
+docker ps | grep guacamole-postgresql.1
+sh init-postgresql.sh $ID
+```
+
+## using ssh keys
+
+guacamole does *not* work with the standard openssh format for private keys.  ie:
+
+```
+-----BEGIN OPENSSH PRIVATE KEY-----
+[key goes here]
+-----END OPENSSH PRIVATE KEY-----
+```
+
+you need to generate the public/private key pair using:
+
+```shell
+ssh-keygen -m pem
+```
+
+this will give you a private key that looks like:
+
+
+```
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: [dec info goes here]
+
+[key goes here]
+-----END RSA PRIVATE KEY-----
+```
+
+then on the target machine you need to paste the *public* key into the file /home/[user]/.ssh/authorized_keys
+
+and the *private* key into the configuration for the guacamole connection

docker-compose.yml

@@ -10,7 +10,7 @@ services:
         condition: any
     image: ${LOCAL_DOCKER_REGISTRY}guacamole-postgresql:latest
     environment:
-      POSTGRES_PASSWORD: ${GUACAMOLE_POSTGRES_PASSWORD}
+      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
       POSTGRES_DB: guacamole_db
     volumes:
       - guacamole-postgresql-data:/var/lib/postgresql/data
@@ -24,7 +24,7 @@ services:
       replicas: 1
       restart_policy:
         condition: any
-    image: guacamole/guacd:latest
+    image: ${LOCAL_DOCKER_REGISTRY}guacamole/guacd:1.2.0
     networks:
       - appnet
 
@@ -35,12 +35,13 @@ services:
       replicas: 1
       restart_policy:
         condition: any
-    image: guacamole/guacamole:latest
+    image: ${LOCAL_DOCKER_REGISTRY}guacamole/guacamole:1.2.0
+    #@sha256:6eb0b854e8e145df8f9220b92e51d52e9ff18c4262de20d56ccc62a4dad835b9
     environment:
       - POSTGRES_HOSTNAME=guacamole-postgresql
       - POSTGRES_PORT=5432
       - POSTGRES_USER=guacamole_user
-      - POSTGRES_PASSWORD=${GUACAMOLE_POSTGRES_PASSWORD}
+      - POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
       - POSTGRES_DATABASE=guacamole_db
       - GUACD_HOSTNAME=guacd
     networks:

git-hooks/pre-commit

@@ -0,0 +1,3 @@
+drone jsonnet --source .drone/drone-home.jsonnet --target .drone/drone-home.yml --stream \
+&& git add .drone/drone-home.yml \
+&& echo "jsonnet built"

guacamole-postgresql/Dockerfile

@@ -1,2 +1,4 @@
-FROM postgres:12
+ARG REGISTRY
+FROM ${REGISTRY}postgres:12.4
+# @sha256:b0cfe264cb1143c7c660ddfd5c482464997d62d6bc9f97f8fdf3deefce881a8c
 COPY *.sql /

init-postgresql.sh

@@ -0,0 +1,2 @@
+docker exec -it $1 psql -U postgres -d $POSTGRES_DB -f /initdb.sql
+docker exec -it $1 psql -U postgres -d $POSTGRES_DB -f /init-user.sql -v password=$POSTGRES_PASSWORD -v user=$POSTGRES_USER

init-postgresql.sql

@@ -0,0 +1,2 @@
+docker exec -it $1 psql -U postgres -d $GUACAMOLE_POSTGRES_DB -f /initdb.sql
+docker exec -it $1 psql -U postgres -d $GUACAMOLE_POSTGRES_DB -f /init-user.sql -v password=$POSTGRES_PASSWORD -v user=$POSTGRES_USER

package.json

@@ -0,0 +1,19 @@
+{
+  "private": true,
+  "name": "guacamole",
+  "version": "0.0.6",
+  "description": "remote access",
+  "scripts": {
+    "release": "standard-version",
+    "test": "echo \"Error: no test specified\" && exit 1"
+  },
+  "repository": {
+    "type": "git",
+    "url": "https://sigyl.com/git/stack/guacamole"
+  },
+  "author": "Giles Bradshaw",
+  "license": "ISC",
+  "devDependencies": {
+    "standard-version": "git+https://github.com/gilesbradshaw/standard-version.git"
+  }
+}