diff --git a/.drone/deploy.sh b/.drone/deploy.sh index 1fbdd30..86d5317 100644 --- a/.drone/deploy.sh +++ b/.drone/deploy.sh @@ -1,4 +1,5 @@ -docker stack rm portainer -echo 'sleeping...60' -sleep 60 -docker stack deploy -c docker-compose.yml portainer +export LOCAL_DOCKER_REGISTRY=${REGISTRY_DOMAIN}:${REGISTRY_PORT}/ \ +&& docker stack rm portainer \ +&& echo 'sleeping...60' \ +&& sleep 60 \ +&& docker stack deploy -c docker-compose.yml portainer --with-registry-auth diff --git a/.drone/drone-home.jsonnet b/.drone/drone-home.jsonnet index d59a915..89fcb05 100644 --- a/.drone/drone-home.jsonnet +++ b/.drone/drone-home.jsonnet @@ -4,9 +4,33 @@ local publicSecrets = import 'lib/public-secrets.libsonnet'; local deploy = import 'node_modules/@sigyl/jsonnet-drone/deploy.libsonnet'; local register = import 'node_modules/@sigyl/jsonnet-drone/register.libsonnet'; + +local deploy = import 'node_modules/@sigyl/jsonnet-drone/deploy.libsonnet'; +local registry = import 'node_modules/@sigyl/jsonnet-drone/registry.libsonnet'; + + +local config = { + registry: '', +}; + [ register, - deploy( + registry( + config { + script: 'sh .drone/scripts/initialise-images.sh', + secrets: [], + }, + ) { + trigger +: { + event +: [ + 'promote', + ], + target +: [ + 'registry', + ], + }, + }, + deploy(config)( 'portainer', '/stack/', [], diff --git a/.drone/drone-home.yml b/.drone/drone-home.yml index a4e1617..e05ba9c 100644 --- a/.drone/drone-home.yml +++ b/.drone/drone-home.yml @@ -15,6 +15,57 @@ trigger: exclude: - promote +--- +kind: pipeline +type: docker +name: registry + +platform: + os: linux + arch: amd64 + +steps: +- name: "dockerpull and save docker images:" + image: docker:19.03.12-dind@sha256:8dded163e463f4a59bf305b3dca98e312b2cfb89a43da3872e48f95a7554c48f + commands: + - set -e + - export REGISTRY=$${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/ + - sh .drone/scripts/initialise-images.sh $${REGISTRY} "$${REGISTRY_PASSWORD}" + volumes: + - name: dockersock + path: /var/run + +services: +- name: docker + image: docker:19.03.12-dind@sha256:8dded163e463f4a59bf305b3dca98e312b2cfb89a43da3872e48f95a7554c48f + privileged: true + volumes: + - name: dockersock + path: /var/run + - name: ca + path: /etc/docker/certs.d + - name: daemonjson + path: /etc/docker/daemon.json + +volumes: +- name: dockersock + temp: {} +- name: ca + host: + path: /etc/docker/certs.d +- name: daemonjson + host: + path: /etc/docker/daemon.json + +image_pull_secrets: +- dockerconfigjson + +trigger: + event: + - promote + target: + - registry + --- kind: pipeline type: docker @@ -34,26 +85,16 @@ steps: - drone_build_number - drone_repo_name - drone_repo_namespace - host: ${SSH_HOST} - key: ${SSH_KEY} - passphrase: ${SSH_PASSPHRASE} - port: ${SSH_PORT} script: - rm -f env-portainer - username: ${SSH_USER} - name: scp image: appleboy/drone-scp:1.6.2@sha256:bd37a55f4b97e7742b0de7333669b96220b3cc422d366e1fa8c34059b736ab47 settings: command_timeout: 2m - host: ${SSH_HOST} - key: ${SSH_KEY} - passphrase: ${SSH_PASSPHRASE} - port: ${SSH_PORT} source: - . target: /stack/portainer - username: ${SSH_USER} - name: wait image: alpine:3.12.0@sha256:90baa0922fe90624b05cb5766fa5da4e337921656c2f8e2b13bd3c052a0baac1 @@ -85,10 +126,6 @@ steps: - registry_domain - registry_port - registry_password - host: ${SSH_HOST} - key: ${SSH_KEY} - passphrase: ${SSH_PASSPHRASE} - port: ${SSH_PORT} script: - export DOMAIN=$${DOMAIN} - export REGISTRY_DOMAIN=$${REGISTRY_DOMAIN} @@ -99,7 +136,6 @@ steps: - sh .drone/login.sh - sh .drone/pull.sh - sh .drone/deploy.sh - username: ${SSH_USER} services: - name: docker @@ -110,6 +146,8 @@ services: path: /var/run - name: ca path: /etc/docker/certs.d + - name: daemonjson + path: /etc/docker/daemon.json volumes: - name: dockersock @@ -117,6 +155,9 @@ volumes: - name: ca host: path: /etc/docker/certs.d +- name: daemonjson + host: + path: /etc/docker/daemon.json trigger: event: diff --git a/.drone/package.json b/.drone/package.json index 8501e0b..650ebc0 100644 --- a/.drone/package.json +++ b/.drone/package.json @@ -1,6 +1,6 @@ { "private": true, "dependencies": { - "@sigyl/jsonnet-drone": "^0.4.0" + "@sigyl/jsonnet-drone": "^0.4.1" } } diff --git a/.drone/scripts/initialise-image.sh b/.drone/scripts/initialise-image.sh new file mode 100644 index 0000000..17793da --- /dev/null +++ b/.drone/scripts/initialise-image.sh @@ -0,0 +1,15 @@ +n=0 +while : +do + docker pull $2 \ + && docker tag $2 $1$3 \ + && docker push $1$3 && break # substitute your command here + n=$((n+1)) + if [ $n -ge 10 ]; then + echo "initialise failed" + exit 1 + fi + echo "retrying..$n" + sleep 5 +done + diff --git a/.drone/scripts/initialise-images.sh b/.drone/scripts/initialise-images.sh new file mode 100644 index 0000000..20aa41b --- /dev/null +++ b/.drone/scripts/initialise-images.sh @@ -0,0 +1,7 @@ +sh $(dirname $0)/login.sh $1 "$2" \ +&& sh $(dirname $0)/initialise-image.sh $1 \ + portainer/portainer-ce:2.0.0-alpine@sha256:5555e1538aa4bc56d7ae85787278e4b972573b205e2ae260717ef17985e0e24f \ + sigyl.stack.portainer_portainer/portainer-ce:2.0.0-alpine \ +&& sh $(dirname $0)/initialise-image.sh $1 \ + portainer/agent:2.0.0@sha256:8f994457bc32480bff351f0b1d371557238e69f5902037addfe76fa7bd930b9d \ + sigyl.stack.portainer_portainer/agent:2.0.0 diff --git a/.drone/scripts/login.sh b/.drone/scripts/login.sh new file mode 100644 index 0000000..cc1af90 --- /dev/null +++ b/.drone/scripts/login.sh @@ -0,0 +1,13 @@ +n=0 +while : +do + docker login $1 --username client --password "$2" \ + && break # substitute your command here + n=$((n+1)) + if [ $n -ge 10 ]; then + echo "login failed" + exit 1 + fi + echo "retrying login..$n" + sleep 5 +done diff --git a/.drone/yarn.lock b/.drone/yarn.lock index 44ab354..415f02c 100644 --- a/.drone/yarn.lock +++ b/.drone/yarn.lock @@ -12,10 +12,10 @@ resolved "https://registry.yarnpkg.com/@sigyl/jsonnet-drone-environment/-/jsonnet-drone-environment-0.0.5.tgz#9ea85e08904777bd21a3e4b30b0b91461d0285ff" integrity sha512-xVGmdMO1pOyozAWUbJm6mzKBgsLPJ+1hWnGCK3AxPkr7kkDh18hu30+TLzlcQtqq76s5jUfvJUztezsGj/mIcw== -"@sigyl/jsonnet-drone@^0.1.0": - version "0.1.0" - resolved "https://registry.yarnpkg.com/@sigyl/jsonnet-drone/-/jsonnet-drone-0.1.0.tgz#feda1797e8e9ef799cad72e65f7163ca26a9e3a5" - integrity sha512-QY/ngucxFOtLfL8Mt0f2bxN4fQDUOGOFtaRpSH2cNyg84xADkzehT0ORZtbLitr+AwhyF5KN/zAGvzkyNAoqPw== +"@sigyl/jsonnet-drone@^0.4.1": + version "0.4.1" + resolved "https://registry.yarnpkg.com/@sigyl/jsonnet-drone/-/jsonnet-drone-0.4.1.tgz#3527edb00f8bb860de1658f4c9fa6f81f932d3b7" + integrity sha512-+TOx51KJG1RxrPRZ2lPpia7a6Ms5UvkyLIuXuumPtenyxJ/pivY1TdcLvSAvFgVZHMjh9CxBCuOu8vNT1fPy2A== dependencies: "@sigyl/jsonnet-compose" "^0.0.2" "@sigyl/jsonnet-drone-environment" "0.0.5" diff --git a/docker-compose.yml b/docker-compose.yml index f66ae8b..edd1474 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,7 +1,7 @@ version: "3.7" services: portainer: - image: portainer/portainer-ce:2.0.0-alpine@sha256:5555e1538aa4bc56d7ae85787278e4b972573b205e2ae260717ef17985e0e24f + image: ${LOCAL_DOCKER_REGISTRY}sigyl.stack.portainer_portainer/portainer-ce:2.0.0-alpine command: -H tcp://tasks.portainer-agent:9001 --tlsskipverify # command: -H unix:///var/run/docker.sock deploy: @@ -18,7 +18,7 @@ services: - appnet - externalnet portainer-agent: - image: portainer/agent:2.0.0@sha256:8f994457bc32480bff351f0b1d371557238e69f5902037addfe76fa7bd930b9d + image: ${LOCAL_DOCKER_REGISTRY}sigyl.stack.portainer_portainer/agent:2.0.0 environment: # REQUIRED: Should be equal to the service name prefixed by "tasks." when # deployed inside an overlay network