build jsonnet to yml

.drone-do.star

@@ -0,0 +1,14 @@
+
+load("@this//portainer:drone.star", "drone")
+load("@this//portainer:stack-name.star", "stackName")
+load("@this//portainer:stack-root.star", "stackRoot")
+
+def main(ctx):
+  return drone(
+    ctx,
+    "do",
+    stackRoot,
+    stackName,
+    []
+  )
+  

.drone-home.jsonnet

@@ -0,0 +1,256 @@
+local publicSecrets = [
+  'ssh-host',
+  'ssh-user',
+  'ssh-root-user',
+];
+local secretSecrets = [
+  'ssh-password',
+];
+local util = {
+  // the head of an array
+    head(array): array[0],
+    // the tail of an array
+    tail(array): std.makeArray(
+      std.length(array) -1,
+      function(x) array[x + 1],
+    ),
+    // compose an array of functions
+    compose(functions):
+      local compose(functions) =
+        if std.length(functions) == 0
+          then
+            local ret(object) = object;
+            ret
+          else
+            local ret(object) = compose(
+              util.tail(
+                functions,
+              )
+            )(
+              util.head(
+                functions,
+              )(object)
+            );
+            ret;
+      compose(functions),
+  fromSecret(secret): {
+    from_secret: secret,
+  },
+  secret(secret): std.asciiLower(
+    std.strReplace(
+      secret,
+      '_',
+      '-',
+    ),
+  ),
+  environment(secret): std.asciiUpper(
+    std.strReplace(
+      secret,
+      '-',
+      '_',
+    ),
+  ),
+  env(secret): std.asciiLower(
+    std.strReplace(
+      secret,
+      '-',
+      '_',
+    ),
+  ),
+  envSet(env): function(step) step {
+    environment +: {
+      [util.environment(env)]: util.fromSecret(
+        util.secret(env)
+      ),
+    },
+    settings +: {
+      envs +: [
+        util.env(env),
+      ],
+    },
+  },
+  printEnv(file, env): function(step) util.compose([
+    util.envSet(env),
+    function(step) step {
+      settings +: {
+        script +: [
+          'echo "export %(environment)s=\'$${%(environment)s}\'" >> %(file)s # "%(secret)s"' % {
+            environment: util.environment(env),
+            file: file,
+            secret: util.secret(env),
+          },
+        ],
+      },
+    },
+  ])(step),
+};
+local images = {
+  docker: {
+    name: 'docker',
+    image: 'docker:dind',
+  },
+  scp(target): {
+    name: 'scp',
+    image: 'appleboy/drone-scp',
+    settings: {
+      host: {
+        from_secret: 'ssh-host',
+      },
+      username: {
+        from_secret: 'ssh-user',
+      },
+      password: {
+        from_secret: 'ssh-password',
+      },
+      port: {
+        from_secret: 'ssh-port',
+      },
+      command_timeout: '2m',
+      target: target,
+      source: [
+        '.',
+      ],
+    },
+  },
+  ssh: {
+    image: 'appleboy/drone-ssh',    
+    settings: {
+      host: util.fromSecret("ssh-host"),
+      port: util.fromSecret("ssh-port"),
+      username: util.fromSecret("ssh-user"),
+      password: util.fromSecret("ssh-password"),
+      envs: [
+        'drone_tag',
+        'drone_commit',
+        'drone_build_number',
+        'drone_repo_name',
+        'drone_repo_namespace',
+        'DRONE_GITEA_SERVER',
+      ],
+      script: [],
+    },
+  },
+  wait(delay): {
+    image: 'alpine',
+    name: 'wait',
+    commands: [
+      'sleep %s' % delay,
+    ],
+  }
+};
+[
+  {
+    kind: 'pipeline',
+    type: 'docker',
+    name: 'build',
+    clone: {
+      disable: false,
+      depth: 0,
+    },
+    services: [
+      images.docker {
+        privileged: true,
+        volumes: [
+          {
+            name: 'dockersock',
+            path: '/var/run',
+          },
+          {
+            name: 'ca',
+            path: '/etc/docker/certs.d',
+          },
+        ],
+      },
+    ],
+    volumes: [
+      {
+        name: 'dockersock',
+        temp: {},
+      },
+      {
+        name: 'ca',
+        host: {
+          path: '/etc/docker/certs.d',
+        },
+      },
+    ],
+    steps:[
+      images.scp(
+        '/stack/root'
+      ),
+      images.wait(15),
+      util.compose(
+        std.map(
+          function(secret) util.printEnv('afile', secret),
+          publicSecrets,
+        )
+      )(
+        images.ssh {
+          name: 'will print ssh-host again',
+          settings +: {
+            script +: [
+            'rm afile'
+            ],
+          },
+        },
+      ),
+        util.compose(
+          std.map(
+            function(s) util.envSet(s),
+            publicSecrets + secretSecrets
+          ) + 
+          std.map(
+            function(s) function(step) step {
+              settings +: {
+                script +: [
+                  
+                  'export %(env)s="$${%(env)s}"' % {
+                    env: util.environment(s),
+                  },
+                  'echo "$${%s}"' % util.environment(s),
+                ],
+              },
+            },
+            publicSecrets + secretSecrets
+          )
+        )
+      (
+        images.ssh  {
+          name: 'deploy portainer',
+          settings +: {
+            //username: util.fromSecret("ssh-root-user"),
+            //password: util.fromSecret("ssh-root-password"),
+            script +: [
+              'set -e',
+              'echo go',
+              " echo $${DRONE_GITEA_SERVER} > thefile",
+            ] /*+
+            map(export, secrets) + 
+            [
+              "export DRONE_REPO_LINK=$${{DRONE_GITEA_SERVER}}/{namespace}/{name}".format(name=ctx.repo.name, namespace=ctx.repo.namespace),
+              "export DRONE_COMMIT={commit}".format(commit=ctx.build.commit),
+              "docker network prune -f",
+              "cd {folder}".format(folder=folder),
+              "docker stack rm {name}".format(name = name),
+              "sleep 30",
+              "docker stack deploy -c {filename} {name}".format(name= name, filename = filename),
+            ] + commands */
+          }
+        }
+      ) {
+        settings +: {
+          script +: [
+              //"export DRONE_REPO_LINK=$${{DRONE_GITEA_SERVER}}/$${DRONE_REPO_NAMESPACE}/$${DRONE_REPO_NAME}",
+              //"export DRONE_COMMIT={commit}".format(commit=ctx.build.commit),
+              "docker network prune -f",
+              "cd /stack/portainer",
+              "docker stack rm portainer",
+              "sleep 30",
+              "docker stack deploy -c docker-compose.yml portainer",
+          ],
+        },
+      },
+    ],
+  }
+]
+

jsonnet/.drone-home.jsonnet

@@ -0,0 +1,256 @@
+local publicSecrets = [
+  'ssh-host',
+  'ssh-user',
+  'ssh-root-user',
+];
+local secretSecrets = [
+  'ssh-password',
+];
+local util = {
+  // the head of an array
+    head(array): array[0],
+    // the tail of an array
+    tail(array): std.makeArray(
+      std.length(array) -1,
+      function(x) array[x + 1],
+    ),
+    // compose an array of functions
+    compose(functions):
+      local compose(functions) =
+        if std.length(functions) == 0
+          then
+            local ret(object) = object;
+            ret
+          else
+            local ret(object) = compose(
+              util.tail(
+                functions,
+              )
+            )(
+              util.head(
+                functions,
+              )(object)
+            );
+            ret;
+      compose(functions),
+  fromSecret(secret): {
+    from_secret: secret,
+  },
+  secret(secret): std.asciiLower(
+    std.strReplace(
+      secret,
+      '_',
+      '-',
+    ),
+  ),
+  environment(secret): std.asciiUpper(
+    std.strReplace(
+      secret,
+      '-',
+      '_',
+    ),
+  ),
+  env(secret): std.asciiLower(
+    std.strReplace(
+      secret,
+      '-',
+      '_',
+    ),
+  ),
+  envSet(env): function(step) step {
+    environment +: {
+      [util.environment(env)]: util.fromSecret(
+        util.secret(env)
+      ),
+    },
+    settings +: {
+      envs +: [
+        util.env(env),
+      ],
+    },
+  },
+  printEnv(file, env): function(step) util.compose([
+    util.envSet(env),
+    function(step) step {
+      settings +: {
+        script +: [
+          'echo "export %(environment)s=\'$${%(environment)s}\'" >> %(file)s # "%(secret)s"' % {
+            environment: util.environment(env),
+            file: file,
+            secret: util.secret(env),
+          },
+        ],
+      },
+    },
+  ])(step),
+};
+local images = {
+  docker: {
+    name: 'docker',
+    image: 'docker:dind',
+  },
+  scp(target): {
+    name: 'scp',
+    image: 'appleboy/drone-scp',
+    settings: {
+      host: {
+        from_secret: 'ssh-host',
+      },
+      username: {
+        from_secret: 'ssh-user',
+      },
+      password: {
+        from_secret: 'ssh-password',
+      },
+      port: {
+        from_secret: 'ssh-port',
+      },
+      command_timeout: '2m',
+      target: target,
+      source: [
+        '.',
+      ],
+    },
+  },
+  ssh: {
+    image: 'appleboy/drone-ssh',    
+    settings: {
+      host: util.fromSecret("ssh-host"),
+      port: util.fromSecret("ssh-port"),
+      username: util.fromSecret("ssh-user"),
+      password: util.fromSecret("ssh-password"),
+      envs: [
+        'drone_tag',
+        'drone_commit',
+        'drone_build_number',
+        'drone_repo_name',
+        'drone_repo_namespace',
+        'DRONE_GITEA_SERVER',
+      ],
+      script: [],
+    },
+  },
+  wait(delay): {
+    image: 'alpine',
+    name: 'wait',
+    commands: [
+      'sleep %s' % delay,
+    ],
+  }
+};
+[
+  {
+    kind: 'pipeline',
+    type: 'docker',
+    name: 'build',
+    clone: {
+      disable: false,
+      depth: 0,
+    },
+    services: [
+      images.docker {
+        privileged: true,
+        volumes: [
+          {
+            name: 'dockersock',
+            path: '/var/run',
+          },
+          {
+            name: 'ca',
+            path: '/etc/docker/certs.d',
+          },
+        ],
+      },
+    ],
+    volumes: [
+      {
+        name: 'dockersock',
+        temp: {},
+      },
+      {
+        name: 'ca',
+        host: {
+          path: '/etc/docker/certs.d',
+        },
+      },
+    ],
+    steps:[
+      images.scp(
+        '/stack/root'
+      ),
+      images.wait(15),
+      util.compose(
+        std.map(
+          function(secret) util.printEnv('afile', secret),
+          publicSecrets,
+        )
+      )(
+        images.ssh {
+          name: 'will print ssh-host again',
+          settings +: {
+            script +: [
+            'rm afile'
+            ],
+          },
+        },
+      ),
+        util.compose(
+          std.map(
+            function(s) util.envSet(s),
+            publicSecrets + secretSecrets
+          ) + 
+          std.map(
+            function(s) function(step) step {
+              settings +: {
+                script +: [
+                  
+                  'export %(env)s="$${%(env)s}"' % {
+                    env: util.environment(s),
+                  },
+                  'echo "$${%s}"' % util.environment(s),
+                ],
+              },
+            },
+            publicSecrets + secretSecrets
+          )
+        )
+      (
+        images.ssh  {
+          name: 'deploy portainer',
+          settings +: {
+            //username: util.fromSecret("ssh-root-user"),
+            //password: util.fromSecret("ssh-root-password"),
+            script +: [
+              'set -e',
+              'echo go',
+              " echo $${DRONE_GITEA_SERVER} > thefile",
+            ] /*+
+            map(export, secrets) + 
+            [
+              "export DRONE_REPO_LINK=$${{DRONE_GITEA_SERVER}}/{namespace}/{name}".format(name=ctx.repo.name, namespace=ctx.repo.namespace),
+              "export DRONE_COMMIT={commit}".format(commit=ctx.build.commit),
+              "docker network prune -f",
+              "cd {folder}".format(folder=folder),
+              "docker stack rm {name}".format(name = name),
+              "sleep 30",
+              "docker stack deploy -c {filename} {name}".format(name= name, filename = filename),
+            ] + commands */
+          }
+        }
+      ) {
+        settings +: {
+          script +: [
+              //"export DRONE_REPO_LINK=$${{DRONE_GITEA_SERVER}}/$${DRONE_REPO_NAMESPACE}/$${DRONE_REPO_NAME}",
+              //"export DRONE_COMMIT={commit}".format(commit=ctx.build.commit),
+              "docker network prune -f",
+              "cd /stack/portainer",
+              "docker stack rm portainer",
+              "sleep 30",
+              "docker stack deploy -c docker-compose.yml portainer",
+          ],
+        },
+      },
+    ],
+  }
+]
+

jsonnet/.drone-home.yml

@@ -0,0 +1,132 @@
+---
+kind: pipeline
+type: docker
+name: build
+
+platform:
+  os: linux
+  arch: amd64
+
+steps:
+- name: scp
+  image: appleboy/drone-scp
+  settings:
+    command_timeout: 2m
+    host:
+      from_secret: ssh-host
+    password:
+      from_secret: ssh-password
+    port:
+      from_secret: ssh-port
+    source:
+    - .
+    target: /stack/root
+    username:
+      from_secret: ssh-user
+
+- name: wait
+  image: alpine
+  commands:
+  - sleep 15
+
+- name: will print ssh-host again
+  image: appleboy/drone-ssh
+  settings:
+    envs:
+    - drone_tag
+    - drone_commit
+    - drone_build_number
+    - drone_repo_name
+    - drone_repo_namespace
+    - DRONE_GITEA_SERVER
+    - ssh_host
+    - ssh_user
+    - ssh_root_user
+    host:
+      from_secret: ssh-host
+    password:
+      from_secret: ssh-password
+    port:
+      from_secret: ssh-port
+    script:
+    - rm afile
+    - "echo \"export SSH_HOST='$${SSH_HOST}'\" >> afile # \"ssh-host\""
+    - "echo \"export SSH_USER='$${SSH_USER}'\" >> afile # \"ssh-user\""
+    - "echo \"export SSH_ROOT_USER='$${SSH_ROOT_USER}'\" >> afile # \"ssh-root-user\""
+    username:
+      from_secret: ssh-user
+  environment:
+    SSH_HOST:
+      from_secret: ssh-host
+    SSH_ROOT_USER:
+      from_secret: ssh-root-user
+    SSH_USER:
+      from_secret: ssh-user
+
+- name: deploy portainer
+  image: appleboy/drone-ssh
+  settings:
+    envs:
+    - drone_tag
+    - drone_commit
+    - drone_build_number
+    - drone_repo_name
+    - drone_repo_namespace
+    - DRONE_GITEA_SERVER
+    - ssh_host
+    - ssh_user
+    - ssh_root_user
+    - ssh_password
+    host:
+      from_secret: ssh-host
+    password:
+      from_secret: ssh-password
+    port:
+      from_secret: ssh-port
+    script:
+    - set -e
+    - echo go
+    - " echo $${DRONE_GITEA_SERVER} > thefile"
+    - export SSH_HOST="$${SSH_HOST}"
+    - echo "$${SSH_HOST}"
+    - export SSH_USER="$${SSH_USER}"
+    - echo "$${SSH_USER}"
+    - export SSH_ROOT_USER="$${SSH_ROOT_USER}"
+    - echo "$${SSH_ROOT_USER}"
+    - export SSH_PASSWORD="$${SSH_PASSWORD}"
+    - echo "$${SSH_PASSWORD}"
+    - docker network prune -f
+    - cd /stack/portainer
+    - docker stack rm portainer
+    - sleep 30
+    - docker stack deploy -c docker-compose.yml portainer
+    username:
+      from_secret: ssh-user
+  environment:
+    SSH_HOST:
+      from_secret: ssh-host
+    SSH_PASSWORD:
+      from_secret: ssh-password
+    SSH_ROOT_USER:
+      from_secret: ssh-root-user
+    SSH_USER:
+      from_secret: ssh-user
+
+services:
+- name: docker
+  image: docker:dind
+  privileged: true
+  volumes:
+  - name: dockersock
+    path: /var/run
+  - name: ca
+    path: /etc/docker/certs.d
+
+volumes:
+- name: dockersock
+  temp: {}
+- name: ca
+  host:
+    path: /etc/docker/certs.d
+
+...

package.json

@@ -0,0 +1,6 @@
+{
+  "private": true,
+  "scripts": {
+    "jsonnet:home": "drone jsonnet --source jsonnet/.drone-home.jsonnet --target jsonnet/.drone-home.yml --stream"
+  }
+}