Compare commits
55 Commits
master
...
home-deplo
| Author | SHA1 | Date |
|---|---|---|
 Giles Bradshaw
|
502700b6de | |
|
Giles
|
7153c383f9 | |
|
Giles
|
c6bda81782 | |
|
Giles
|
44640be0c6 | |
|
Giles
|
030758687a | |
|
Giles
|
bff36e5e37 | |
|
Giles
|
85c4cc9986 | |
|
Giles
|
bd0c8c631c | |
|
Giles
|
3d484408d0 | |
|
Giles
|
6131b0bdbf | |
|
Giles
|
9faf86302e | |
|
Giles
|
c69a15eccb | |
|
Giles
|
0e93a886bd | |
|
Giles
|
5aa7994e53 | |
|
Giles
|
44d1938a51 | |
|
Giles Bradshaw
|
088e469a00 | |
|
Giles Bradshaw
|
cdbf8bf1c2 | |
|
Giles Bradshaw
|
82eeeba210 | |
|
Giles Bradshaw
|
1692c835e2 | |
|
Giles Bradshaw
|
9eb234182b | |
|
Giles Bradshaw
|
f2a83c2069 | |
|
Giles Bradshaw
|
09cdaa61db | |
|
Giles Bradshaw
|
f66460a092 | |
|
Giles Bradshaw
|
917d518299 | |
|
Giles Bradshaw
|
03665f3a6a | |
|
Giles Bradshaw
|
649f6bac47 | |
|
Giles Bradshaw
|
6f75f22094 | |
|
Giles Bradshaw
|
e44de99707 | |
|
Giles Bradshaw
|
031dc15083 | |
|
Giles Bradshaw
|
d66b2f3e97 | |
|
Giles Bradshaw
|
534548dd70 | |
|
Giles Bradshaw
|
190c393af5 | |
|
Giles Bradshaw
|
9807f15f72 | |
|
Giles Bradshaw
|
4324045b10 | |
|
Giles Bradshaw
|
3b40d8c44b | |
|
Giles Bradshaw
|
4ba904839d | |
|
Giles Bradshaw
|
a535706098 | |
|
Giles Bradshaw
|
5e803aa57e | |
|
Giles Bradshaw
|
a49d20dc90 | |
|
Giles Bradshaw
|
56d5fda038 | |
|
Giles Bradshaw
|
e25ca5057f | |
|
Giles Bradshaw
|
50f728e77e | |
|
Giles Bradshaw
|
0fba89d95c | |
|
Giles Bradshaw
|
5416ee6a9e | |
|
Giles Bradshaw
|
22f59b648a | |
|
Giles Bradshaw
|
2b86e1e751 | |
|
Giles Bradshaw
|
aba96f4413 | |
|
Giles Bradshaw
|
39692236de | |
|
Giles Bradshaw
|
afea79d33b | |
|
Giles Bradshaw
|
ece961ed00 | |
|
Giles Bradshaw
|
cb901db134 | |
|
Giles Bradshaw
|
ae38779355 | |
|
Giles Bradshaw
|
7a89383b66 | |
|
Giles Bradshaw
|
d59ad3269b | |
|
Giles Bradshaw
|
a34548c293 |
|
|
@ -0,0 +1,14 @@
|
|||
|
||||
load("@this//portainer:drone.star", "drone")
|
||||
load("@this//portainer:stack-name.star", "stackName")
|
||||
load("@this//portainer:stack-root.star", "stackRoot")
|
||||
|
||||
def main(ctx):
|
||||
return drone(
|
||||
ctx,
|
||||
"do",
|
||||
stackRoot,
|
||||
stackName,
|
||||
[]
|
||||
)
|
||||
|
||||
|
|
@ -0,0 +1,256 @@
|
|||
local publicSecrets = [
|
||||
'ssh-host',
|
||||
'ssh-user',
|
||||
'ssh-root-user',
|
||||
];
|
||||
local secretSecrets = [
|
||||
'ssh-password',
|
||||
];
|
||||
local util = {
|
||||
// the head of an array
|
||||
head(array): array[0],
|
||||
// the tail of an array
|
||||
tail(array): std.makeArray(
|
||||
std.length(array) -1,
|
||||
function(x) array[x + 1],
|
||||
),
|
||||
// compose an array of functions
|
||||
compose(functions):
|
||||
local compose(functions) =
|
||||
if std.length(functions) == 0
|
||||
then
|
||||
local ret(object) = object;
|
||||
ret
|
||||
else
|
||||
local ret(object) = compose(
|
||||
util.tail(
|
||||
functions,
|
||||
)
|
||||
)(
|
||||
util.head(
|
||||
functions,
|
||||
)(object)
|
||||
);
|
||||
ret;
|
||||
compose(functions),
|
||||
fromSecret(secret): {
|
||||
from_secret: secret,
|
||||
},
|
||||
secret(secret): std.asciiLower(
|
||||
std.strReplace(
|
||||
secret,
|
||||
'_',
|
||||
'-',
|
||||
),
|
||||
),
|
||||
environment(secret): std.asciiUpper(
|
||||
std.strReplace(
|
||||
secret,
|
||||
'-',
|
||||
'_',
|
||||
),
|
||||
),
|
||||
env(secret): std.asciiLower(
|
||||
std.strReplace(
|
||||
secret,
|
||||
'-',
|
||||
'_',
|
||||
),
|
||||
),
|
||||
envSet(env): function(step) step {
|
||||
environment +: {
|
||||
[util.environment(env)]: util.fromSecret(
|
||||
util.secret(env)
|
||||
),
|
||||
},
|
||||
settings +: {
|
||||
envs +: [
|
||||
util.env(env),
|
||||
],
|
||||
},
|
||||
},
|
||||
printEnv(file, env): function(step) util.compose([
|
||||
util.envSet(env),
|
||||
function(step) step {
|
||||
settings +: {
|
||||
script +: [
|
||||
'echo "export %(environment)s=\'$${%(environment)s}\'" >> %(file)s # "%(secret)s"' % {
|
||||
environment: util.environment(env),
|
||||
file: file,
|
||||
secret: util.secret(env),
|
||||
},
|
||||
],
|
||||
},
|
||||
},
|
||||
])(step),
|
||||
};
|
||||
local images = {
|
||||
docker: {
|
||||
name: 'docker',
|
||||
image: 'docker:dind',
|
||||
},
|
||||
scp(target): {
|
||||
name: 'scp',
|
||||
image: 'appleboy/drone-scp',
|
||||
settings: {
|
||||
host: {
|
||||
from_secret: 'ssh-host',
|
||||
},
|
||||
username: {
|
||||
from_secret: 'ssh-user',
|
||||
},
|
||||
password: {
|
||||
from_secret: 'ssh-password',
|
||||
},
|
||||
port: {
|
||||
from_secret: 'ssh-port',
|
||||
},
|
||||
command_timeout: '2m',
|
||||
target: target,
|
||||
source: [
|
||||
'.',
|
||||
],
|
||||
},
|
||||
},
|
||||
ssh: {
|
||||
image: 'appleboy/drone-ssh',
|
||||
settings: {
|
||||
host: util.fromSecret("ssh-host"),
|
||||
port: util.fromSecret("ssh-port"),
|
||||
username: util.fromSecret("ssh-user"),
|
||||
password: util.fromSecret("ssh-password"),
|
||||
envs: [
|
||||
'drone_tag',
|
||||
'drone_commit',
|
||||
'drone_build_number',
|
||||
'drone_repo_name',
|
||||
'drone_repo_namespace',
|
||||
'DRONE_GITEA_SERVER',
|
||||
],
|
||||
script: [],
|
||||
},
|
||||
},
|
||||
wait(delay): {
|
||||
image: 'alpine',
|
||||
name: 'wait',
|
||||
commands: [
|
||||
'sleep %s' % delay,
|
||||
],
|
||||
}
|
||||
};
|
||||
[
|
||||
{
|
||||
kind: 'pipeline',
|
||||
type: 'docker',
|
||||
name: 'build',
|
||||
clone: {
|
||||
disable: false,
|
||||
depth: 0,
|
||||
},
|
||||
services: [
|
||||
images.docker {
|
||||
privileged: true,
|
||||
volumes: [
|
||||
{
|
||||
name: 'dockersock',
|
||||
path: '/var/run',
|
||||
},
|
||||
{
|
||||
name: 'ca',
|
||||
path: '/etc/docker/certs.d',
|
||||
},
|
||||
],
|
||||
},
|
||||
],
|
||||
volumes: [
|
||||
{
|
||||
name: 'dockersock',
|
||||
temp: {},
|
||||
},
|
||||
{
|
||||
name: 'ca',
|
||||
host: {
|
||||
path: '/etc/docker/certs.d',
|
||||
},
|
||||
},
|
||||
],
|
||||
steps:[
|
||||
images.scp(
|
||||
'/stack/root'
|
||||
),
|
||||
images.wait(15),
|
||||
util.compose(
|
||||
std.map(
|
||||
function(secret) util.printEnv('afile', secret),
|
||||
publicSecrets,
|
||||
)
|
||||
)(
|
||||
images.ssh {
|
||||
name: 'will print ssh-host again',
|
||||
settings +: {
|
||||
script +: [
|
||||
'rm afile'
|
||||
],
|
||||
},
|
||||
},
|
||||
),
|
||||
util.compose(
|
||||
std.map(
|
||||
function(s) util.envSet(s),
|
||||
publicSecrets + secretSecrets
|
||||
) +
|
||||
std.map(
|
||||
function(s) function(step) step {
|
||||
settings +: {
|
||||
script +: [
|
||||
|
||||
'export %(env)s="$${%(env)s}"' % {
|
||||
env: util.environment(s),
|
||||
},
|
||||
'echo "$${%s}"' % util.environment(s),
|
||||
],
|
||||
},
|
||||
},
|
||||
publicSecrets + secretSecrets
|
||||
)
|
||||
)
|
||||
(
|
||||
images.ssh {
|
||||
name: 'deploy portainer',
|
||||
settings +: {
|
||||
//username: util.fromSecret("ssh-root-user"),
|
||||
//password: util.fromSecret("ssh-root-password"),
|
||||
script +: [
|
||||
'set -e',
|
||||
'echo go',
|
||||
" echo $${DRONE_GITEA_SERVER} > thefile",
|
||||
] /*+
|
||||
map(export, secrets) +
|
||||
[
|
||||
"export DRONE_REPO_LINK=$${{DRONE_GITEA_SERVER}}/{namespace}/{name}".format(name=ctx.repo.name, namespace=ctx.repo.namespace),
|
||||
"export DRONE_COMMIT={commit}".format(commit=ctx.build.commit),
|
||||
"docker network prune -f",
|
||||
"cd {folder}".format(folder=folder),
|
||||
"docker stack rm {name}".format(name = name),
|
||||
"sleep 30",
|
||||
"docker stack deploy -c {filename} {name}".format(name= name, filename = filename),
|
||||
] + commands */
|
||||
}
|
||||
}
|
||||
) {
|
||||
settings +: {
|
||||
script +: [
|
||||
//"export DRONE_REPO_LINK=$${{DRONE_GITEA_SERVER}}/$${DRONE_REPO_NAMESPACE}/$${DRONE_REPO_NAME}",
|
||||
//"export DRONE_COMMIT={commit}".format(commit=ctx.build.commit),
|
||||
"docker network prune -f",
|
||||
"cd /stack/portainer",
|
||||
"docker stack rm portainer",
|
||||
"sleep 30",
|
||||
"docker stack deploy -c docker-compose.yml portainer",
|
||||
],
|
||||
},
|
||||
},
|
||||
],
|
||||
}
|
||||
]
|
||||
|
||||
|
|
@ -0,0 +1,14 @@
|
|||
|
||||
load("@this//portainer:drone.star", "drone")
|
||||
load("@this//portainer:stack-name.star", "stackName")
|
||||
load("@this//portainer:stack-root.star", "stackRoot")
|
||||
|
||||
def main(ctx):
|
||||
return drone(
|
||||
ctx,
|
||||
"home-deploy",
|
||||
stackRoot,
|
||||
stackName,
|
||||
[]
|
||||
)
|
||||
|
||||
|
|
@ -1 +0,0 @@
|
|||
echo 'nothing to build'
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
export LOCAL_DOCKER_REGISTRY=${REGISTRY_DOMAIN}:${REGISTRY_PORT}/${ROOT}/${NAME}/ \
|
||||
&& docker stack rm portainer \
|
||||
&& echo 'sleeping...60' \
|
||||
&& sleep 60 \
|
||||
&& docker stack deploy -c docker-compose.yml portainer --with-registry-auth
|
||||
|
|
@ -1,72 +0,0 @@
|
|||
|
||||
local secretSecrets = import 'lib/secret-secrets.libsonnet';
|
||||
local publicSecrets = import 'lib/public-secrets.libsonnet';
|
||||
|
||||
local deploy = import 'node_modules/@sigyl/jsonnet-drone/deploy.libsonnet';
|
||||
local register = import 'node_modules/@sigyl/jsonnet-drone/register.libsonnet';
|
||||
local registry = import 'node_modules/@sigyl/jsonnet-drone/registry.libsonnet';
|
||||
local save = import 'node_modules/@sigyl/jsonnet-drone/save.libsonnet';
|
||||
local build = import 'node_modules/@sigyl/jsonnet-drone/build.libsonnet';
|
||||
local print = import 'node_modules/@sigyl/jsonnet-drone/print.libsonnet';
|
||||
|
||||
|
||||
local config = {
|
||||
registry: '',
|
||||
name: 'portainer',
|
||||
root: 'stack',
|
||||
};
|
||||
|
||||
|
||||
local defs = [
|
||||
{
|
||||
load: 'portainer/portainer-ce:2.0.0-alpine@sha256:5555e1538aa4bc56d7ae85787278e4b972573b205e2ae260717ef17985e0e24f',
|
||||
save: 'portainer/portainer-ce:2.0.0-alpine'
|
||||
},
|
||||
{
|
||||
load: 'portainer/agent:2.0.0@sha256:8f994457bc32480bff351f0b1d371557238e69f5902037addfe76fa7bd930b9d',
|
||||
save: 'portainer/agent:2.0.0'
|
||||
},
|
||||
];
|
||||
|
||||
|
||||
[
|
||||
register,
|
||||
registry(
|
||||
config {
|
||||
secrets: [],
|
||||
images: defs,
|
||||
},
|
||||
),
|
||||
save(config)(
|
||||
defs,
|
||||
[],
|
||||
),
|
||||
print(config)(
|
||||
[],
|
||||
publicSecrets,
|
||||
secretSecrets,
|
||||
),
|
||||
build(config)(
|
||||
[],
|
||||
),
|
||||
deploy(config)(
|
||||
[],
|
||||
publicSecrets,
|
||||
secretSecrets,
|
||||
[
|
||||
'DOMAIN',
|
||||
'REGISTRY_DOMAIN',
|
||||
'REGISTRY_PORT',
|
||||
'REGISTRY_PASSWORD',
|
||||
],
|
||||
) {
|
||||
trigger +: {
|
||||
event +: [
|
||||
'promote',
|
||||
],
|
||||
target +: [
|
||||
'production',
|
||||
],
|
||||
},
|
||||
},
|
||||
]
|
||||
|
|
@ -1,286 +0,0 @@
|
|||
---
|
||||
kind: pipeline
|
||||
type: docker
|
||||
name: register
|
||||
|
||||
platform:
|
||||
os: linux
|
||||
arch: amd64
|
||||
|
||||
clone:
|
||||
disable: true
|
||||
|
||||
trigger:
|
||||
event:
|
||||
exclude:
|
||||
- promote
|
||||
|
||||
---
|
||||
kind: pipeline
|
||||
type: docker
|
||||
name: registry
|
||||
|
||||
platform:
|
||||
os: linux
|
||||
arch: amd64
|
||||
|
||||
clone:
|
||||
disable: true
|
||||
|
||||
steps:
|
||||
- name: portainer/portainer-ce:2.0.0-alpine
|
||||
image: docker:19.03.12-dind@sha256:8dded163e463f4a59bf305b3dca98e312b2cfb89a43da3872e48f95a7554c48f
|
||||
commands:
|
||||
- set -e
|
||||
- "n=0\nwhile :\ndo\n docker login $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/ --username client --password \"$${REGISTRY_PASSWORD}\" \\\\\n && break # substitute your command here\n n=$((n+1))\n if [ $n -ge 10 ]; then\n echo \"login failed\"\n exit 1\n fi\n echo \"retrying login..$n\"\n sleep 5\ndone\n"
|
||||
- "n=0\nwhile :\ndo\n docker pull portainer/portainer-ce:2.0.0-alpine@sha256:5555e1538aa4bc56d7ae85787278e4b972573b205e2ae260717ef17985e0e24f \\\\\n && docker tag portainer/portainer-ce:2.0.0-alpine@sha256:5555e1538aa4bc56d7ae85787278e4b972573b205e2ae260717ef17985e0e24f $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/portainer/portainer/portainer-ce:2.0.0-alpine \\\\\n && docker push $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/portainer/portainer/portainer-ce:2.0.0-alpine && break\n n=$((n+1))\n if [ $n -ge 10 ]; then\n echo \"initialise failed\"\n exit 1\n fi\n echo \"retrying..$n\"\n sleep 5\ndone\n"
|
||||
volumes:
|
||||
- name: dockersock
|
||||
path: /var/run
|
||||
|
||||
- name: portainer/agent:2.0.0
|
||||
image: docker:19.03.12-dind@sha256:8dded163e463f4a59bf305b3dca98e312b2cfb89a43da3872e48f95a7554c48f
|
||||
commands:
|
||||
- set -e
|
||||
- "n=0\nwhile :\ndo\n docker login $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/ --username client --password \"$${REGISTRY_PASSWORD}\" \\\\\n && break # substitute your command here\n n=$((n+1))\n if [ $n -ge 10 ]; then\n echo \"login failed\"\n exit 1\n fi\n echo \"retrying login..$n\"\n sleep 5\ndone\n"
|
||||
- "n=0\nwhile :\ndo\n docker pull portainer/agent:2.0.0@sha256:8f994457bc32480bff351f0b1d371557238e69f5902037addfe76fa7bd930b9d \\\\\n && docker tag portainer/agent:2.0.0@sha256:8f994457bc32480bff351f0b1d371557238e69f5902037addfe76fa7bd930b9d $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/portainer/portainer/agent:2.0.0 \\\\\n && docker push $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/portainer/portainer/agent:2.0.0 && break\n n=$((n+1))\n if [ $n -ge 10 ]; then\n echo \"initialise failed\"\n exit 1\n fi\n echo \"retrying..$n\"\n sleep 5\ndone\n"
|
||||
volumes:
|
||||
- name: dockersock
|
||||
path: /var/run
|
||||
|
||||
services:
|
||||
- name: docker
|
||||
image: docker:19.03.12-dind@sha256:8dded163e463f4a59bf305b3dca98e312b2cfb89a43da3872e48f95a7554c48f
|
||||
privileged: true
|
||||
volumes:
|
||||
- name: dockersock
|
||||
path: /var/run
|
||||
- name: ca
|
||||
path: /etc/docker/certs.d
|
||||
- name: daemonjson
|
||||
path: /etc/docker/daemon.json
|
||||
|
||||
volumes:
|
||||
- name: dockersock
|
||||
temp: {}
|
||||
- name: ca
|
||||
host:
|
||||
path: /etc/docker/certs.d
|
||||
- name: daemonjson
|
||||
host:
|
||||
path: /etc/docker/daemon.json
|
||||
|
||||
image_pull_secrets:
|
||||
- dockerconfigjson
|
||||
|
||||
trigger:
|
||||
event:
|
||||
- promote
|
||||
target:
|
||||
- registry
|
||||
|
||||
---
|
||||
kind: pipeline
|
||||
type: docker
|
||||
name: save
|
||||
|
||||
platform:
|
||||
os: linux
|
||||
arch: amd64
|
||||
|
||||
clone:
|
||||
disable: true
|
||||
|
||||
steps:
|
||||
- name: mkdir
|
||||
image: appleboy/drone-ssh:1.6.2@sha256:b801dc2cd238c192b6e99acfa7bc3f5b9a03f312bd2feb1e10b3a7a28a1b80ea
|
||||
settings:
|
||||
envs:
|
||||
- drone_tag
|
||||
- drone_commit
|
||||
- drone_build_number
|
||||
- drone_repo_name
|
||||
- drone_repo_namespace
|
||||
script:
|
||||
- mkdir -p /stack/.images/portainer/built
|
||||
- rm -f /stack/.images/portainer/*.*
|
||||
- rm -f /stack/.images/portainer/built/*.*
|
||||
|
||||
- name: portainer/portainer-ce:2.0.0-alpine
|
||||
image: appleboy/drone-ssh:1.6.2@sha256:b801dc2cd238c192b6e99acfa7bc3f5b9a03f312bd2feb1e10b3a7a28a1b80ea
|
||||
settings:
|
||||
envs:
|
||||
- drone_tag
|
||||
- drone_commit
|
||||
- drone_build_number
|
||||
- drone_repo_name
|
||||
- drone_repo_namespace
|
||||
- registry_domain
|
||||
- registry_port
|
||||
- registry_password
|
||||
- destination_registry
|
||||
script:
|
||||
- "n=0\nwhile :\ndo\n docker login $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/ --username client --password \"$${REGISTRY_PASSWORD}\" \\\\\n && break # substitute your command here\n n=$((n+1))\n if [ $n -ge 10 ]; then\n echo \"login failed\"\n exit 1\n fi\n echo \"retrying login..$n\"\n sleep 5\ndone\n"
|
||||
- docker pull $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/portainer/portainer/portainer-ce:2.0.0-alpine
|
||||
- docker save $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/portainer/portainer/portainer-ce:2.0.0-alpine -o /stack/.images/portainer/portainer_portainer-ce:2.0.0-alpine.tar
|
||||
- echo "docker load < portainer_portainer-ce:2.0.0-alpine.tar" >> /stack/.images/portainer/load.sh
|
||||
- echo "docker tag $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/portainer/portainer/portainer-ce:2.0.0-alpine $${DESTINATION_REGISTRY}/stack/portainer/portainer/portainer-ce:2.0.0-alpine" >> /stack/.images/portainer/load.sh
|
||||
|
||||
- name: portainer/agent:2.0.0
|
||||
image: appleboy/drone-ssh:1.6.2@sha256:b801dc2cd238c192b6e99acfa7bc3f5b9a03f312bd2feb1e10b3a7a28a1b80ea
|
||||
settings:
|
||||
envs:
|
||||
- drone_tag
|
||||
- drone_commit
|
||||
- drone_build_number
|
||||
- drone_repo_name
|
||||
- drone_repo_namespace
|
||||
- registry_domain
|
||||
- registry_port
|
||||
- registry_password
|
||||
- destination_registry
|
||||
script:
|
||||
- "n=0\nwhile :\ndo\n docker login $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/ --username client --password \"$${REGISTRY_PASSWORD}\" \\\\\n && break # substitute your command here\n n=$((n+1))\n if [ $n -ge 10 ]; then\n echo \"login failed\"\n exit 1\n fi\n echo \"retrying login..$n\"\n sleep 5\ndone\n"
|
||||
- docker pull $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/portainer/portainer/agent:2.0.0
|
||||
- docker save $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/portainer/portainer/agent:2.0.0 -o /stack/.images/portainer/portainer_agent:2.0.0.tar
|
||||
- echo "docker load < portainer_agent:2.0.0.tar" >> /stack/.images/portainer/load.sh
|
||||
- echo "docker tag $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/stack/portainer/portainer/agent:2.0.0 $${DESTINATION_REGISTRY}/stack/portainer/portainer/agent:2.0.0" >> /stack/.images/portainer/load.sh
|
||||
|
||||
trigger:
|
||||
event:
|
||||
- promote
|
||||
target:
|
||||
- save
|
||||
|
||||
---
|
||||
kind: pipeline
|
||||
type: docker
|
||||
name: print
|
||||
|
||||
platform:
|
||||
os: linux
|
||||
arch: amd64
|
||||
|
||||
steps:
|
||||
- name: print env
|
||||
image: appleboy/drone-ssh:1.6.2@sha256:b801dc2cd238c192b6e99acfa7bc3f5b9a03f312bd2feb1e10b3a7a28a1b80ea
|
||||
settings:
|
||||
envs:
|
||||
- drone_tag
|
||||
- drone_commit
|
||||
- drone_build_number
|
||||
- drone_repo_name
|
||||
- drone_repo_namespace
|
||||
script:
|
||||
- rm -f env-portainer
|
||||
|
||||
trigger:
|
||||
event:
|
||||
- promote
|
||||
target:
|
||||
- print
|
||||
|
||||
---
|
||||
kind: pipeline
|
||||
type: docker
|
||||
name: build
|
||||
|
||||
platform:
|
||||
os: linux
|
||||
arch: amd64
|
||||
|
||||
steps:
|
||||
- name: "dockerbuild:"
|
||||
image: docker:19.03.12-dind@sha256:8dded163e463f4a59bf305b3dca98e312b2cfb89a43da3872e48f95a7554c48f
|
||||
commands:
|
||||
- set -e
|
||||
- export NAME=portainer
|
||||
- export ROOT=stack
|
||||
- "n=0\nwhile :\ndo\n docker login $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/ --username client --password \"$${REGISTRY_PASSWORD}\" \\\\\n && break # substitute your command here\n n=$((n+1))\n if [ $n -ge 10 ]; then\n echo \"login failed\"\n exit 1\n fi\n echo \"retrying login..$n\"\n sleep 5\ndone\n"
|
||||
- sh .drone/build.sh
|
||||
- sh .drone/push.sh
|
||||
volumes:
|
||||
- name: dockersock
|
||||
path: /var/run
|
||||
|
||||
services:
|
||||
- name: docker
|
||||
image: docker:19.03.12-dind@sha256:8dded163e463f4a59bf305b3dca98e312b2cfb89a43da3872e48f95a7554c48f
|
||||
privileged: true
|
||||
volumes:
|
||||
- name: dockersock
|
||||
path: /var/run
|
||||
- name: ca
|
||||
path: /etc/docker/certs.d
|
||||
- name: daemonjson
|
||||
path: /etc/docker/daemon.json
|
||||
|
||||
volumes:
|
||||
- name: dockersock
|
||||
temp: {}
|
||||
- name: ca
|
||||
host:
|
||||
path: /etc/docker/certs.d
|
||||
- name: daemonjson
|
||||
host:
|
||||
path: /etc/docker/daemon.json
|
||||
|
||||
trigger:
|
||||
event:
|
||||
- promote
|
||||
target:
|
||||
- build
|
||||
|
||||
---
|
||||
kind: pipeline
|
||||
type: docker
|
||||
name: deploy
|
||||
|
||||
platform:
|
||||
os: linux
|
||||
arch: amd64
|
||||
|
||||
steps:
|
||||
- name: scp
|
||||
image: appleboy/drone-scp:1.6.2@sha256:bd37a55f4b97e7742b0de7333669b96220b3cc422d366e1fa8c34059b736ab47
|
||||
settings:
|
||||
command_timeout: 2m
|
||||
source:
|
||||
- .
|
||||
target: /stack/portainer
|
||||
|
||||
- name: deploy
|
||||
image: appleboy/drone-ssh:1.6.2@sha256:b801dc2cd238c192b6e99acfa7bc3f5b9a03f312bd2feb1e10b3a7a28a1b80ea
|
||||
settings:
|
||||
envs:
|
||||
- drone_tag
|
||||
- drone_commit
|
||||
- drone_build_number
|
||||
- drone_repo_name
|
||||
- drone_repo_namespace
|
||||
- domain
|
||||
- registry_domain
|
||||
- registry_port
|
||||
- registry_password
|
||||
script:
|
||||
- export DOMAIN=$${DOMAIN}
|
||||
- export REGISTRY_DOMAIN=$${REGISTRY_DOMAIN}
|
||||
- export REGISTRY_PORT=$${REGISTRY_PORT}
|
||||
- export REGISTRY_PASSWORD=$${REGISTRY_PASSWORD}
|
||||
- set -e
|
||||
- export NAME=portainer
|
||||
- export ROOT=stack
|
||||
- cd /stack/portainer
|
||||
- "n=0\nwhile :\ndo\n docker login $${REGISTRY_DOMAIN}:$${REGISTRY_PORT}/ --username client --password \"$${REGISTRY_PASSWORD}\" \\\\\n && break # substitute your command here\n n=$((n+1))\n if [ $n -ge 10 ]; then\n echo \"login failed\"\n exit 1\n fi\n echo \"retrying login..$n\"\n sleep 5\ndone\n"
|
||||
- sh .drone/pull.sh
|
||||
- sh .drone/deploy.sh
|
||||
|
||||
trigger:
|
||||
event:
|
||||
- promote
|
||||
- promote
|
||||
target:
|
||||
- deploy
|
||||
- production
|
||||
|
||||
...
|
||||
|
|
@ -1 +0,0 @@
|
|||
[]
|
||||
|
|
@ -1 +0,0 @@
|
|||
[]
|
||||
|
|
@ -1,6 +0,0 @@
|
|||
{
|
||||
"private": true,
|
||||
"dependencies": {
|
||||
"@sigyl/jsonnet-drone": "^1.0.0"
|
||||
}
|
||||
}
|
||||
|
|
@ -1 +0,0 @@
|
|||
echo 'nothing to pull'
|
||||
|
|
@ -1 +0,0 @@
|
|||
echo 'nothing to push'
|
||||
|
|
@ -1,21 +0,0 @@
|
|||
# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.
|
||||
# yarn lockfile v1
|
||||
|
||||
|
||||
"@sigyl/jsonnet-compose@^0.0.2":
|
||||
version "0.0.2"
|
||||
resolved "https://registry.yarnpkg.com/@sigyl/jsonnet-compose/-/jsonnet-compose-0.0.2.tgz#8900a21e8cd8109929b6042703f8645aacb9bcda"
|
||||
integrity sha512-wWS3CgPeNi/o1pcS6n/4pafxlMD0KC9/RKMZr/ySmzeGNRW++sPuKuxajYse2TNd47uNDdeUSnk4aEeEIKL0zA==
|
||||
|
||||
"@sigyl/jsonnet-drone-environment@0.0.5":
|
||||
version "0.0.5"
|
||||
resolved "https://registry.yarnpkg.com/@sigyl/jsonnet-drone-environment/-/jsonnet-drone-environment-0.0.5.tgz#9ea85e08904777bd21a3e4b30b0b91461d0285ff"
|
||||
integrity sha512-xVGmdMO1pOyozAWUbJm6mzKBgsLPJ+1hWnGCK3AxPkr7kkDh18hu30+TLzlcQtqq76s5jUfvJUztezsGj/mIcw==
|
||||
|
||||
"@sigyl/jsonnet-drone@^1.0.0":
|
||||
version "1.0.0"
|
||||
resolved "https://registry.yarnpkg.com/@sigyl/jsonnet-drone/-/jsonnet-drone-1.0.0.tgz#943bd8a1abc8a916026944816709f5ed1d8e7ef8"
|
||||
integrity sha512-ubyVC1/nAM584wTnnRBZTOP18z28Yy7SRApvSuo/3y2arngKlNI1FwOzKTFt/7L9+rNy19dRO/g0obEkyR3KmA==
|
||||
dependencies:
|
||||
"@sigyl/jsonnet-compose" "^0.0.2"
|
||||
"@sigyl/jsonnet-drone-environment" "0.0.5"
|
||||
|
|
@ -1,2 +0,0 @@
|
|||
node_modules
|
||||
*.log
|
||||
|
|
@ -1,3 +0,0 @@
|
|||
{
|
||||
"tagMessageInChangeLog": true
|
||||
}
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
# Changelog
|
||||
|
||||
All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
|
||||
|
||||
### 0.0.1 "chore(release): 0.0.1" (2020-08-19)
|
||||
|
|
@ -1,7 +1,7 @@
|
|||
version: "3.7"
|
||||
services:
|
||||
portainer:
|
||||
image: ${LOCAL_DOCKER_REGISTRY}portainer/portainer-ce:2.0.0-alpine
|
||||
image: portainer/portainer:1.23.2
|
||||
command: -H tcp://tasks.portainer-agent:9001 --tlsskipverify
|
||||
# command: -H unix:///var/run/docker.sock
|
||||
deploy:
|
||||
|
|
@ -18,7 +18,7 @@ services:
|
|||
- appnet
|
||||
- externalnet
|
||||
portainer-agent:
|
||||
image: ${LOCAL_DOCKER_REGISTRY}portainer/agent:2.0.0
|
||||
image: portainer/agent:1.5.1
|
||||
environment:
|
||||
# REQUIRED: Should be equal to the service name prefixed by "tasks." when
|
||||
# deployed inside an overlay network
|
||||
|
|
|
|||
|
|
@ -1,3 +0,0 @@
|
|||
drone jsonnet --source .drone/drone-home.jsonnet --target .drone/drone-home.yml --stream \
|
||||
&& git add .drone/drone-home.yml \
|
||||
&& echo "jsonnet built"
|
||||
|
|
@ -0,0 +1,256 @@
|
|||
local publicSecrets = [
|
||||
'ssh-host',
|
||||
'ssh-user',
|
||||
'ssh-root-user',
|
||||
];
|
||||
local secretSecrets = [
|
||||
'ssh-password',
|
||||
];
|
||||
local util = {
|
||||
// the head of an array
|
||||
head(array): array[0],
|
||||
// the tail of an array
|
||||
tail(array): std.makeArray(
|
||||
std.length(array) -1,
|
||||
function(x) array[x + 1],
|
||||
),
|
||||
// compose an array of functions
|
||||
compose(functions):
|
||||
local compose(functions) =
|
||||
if std.length(functions) == 0
|
||||
then
|
||||
local ret(object) = object;
|
||||
ret
|
||||
else
|
||||
local ret(object) = compose(
|
||||
util.tail(
|
||||
functions,
|
||||
)
|
||||
)(
|
||||
util.head(
|
||||
functions,
|
||||
)(object)
|
||||
);
|
||||
ret;
|
||||
compose(functions),
|
||||
fromSecret(secret): {
|
||||
from_secret: secret,
|
||||
},
|
||||
secret(secret): std.asciiLower(
|
||||
std.strReplace(
|
||||
secret,
|
||||
'_',
|
||||
'-',
|
||||
),
|
||||
),
|
||||
environment(secret): std.asciiUpper(
|
||||
std.strReplace(
|
||||
secret,
|
||||
'-',
|
||||
'_',
|
||||
),
|
||||
),
|
||||
env(secret): std.asciiLower(
|
||||
std.strReplace(
|
||||
secret,
|
||||
'-',
|
||||
'_',
|
||||
),
|
||||
),
|
||||
envSet(env): function(step) step {
|
||||
environment +: {
|
||||
[util.environment(env)]: util.fromSecret(
|
||||
util.secret(env)
|
||||
),
|
||||
},
|
||||
settings +: {
|
||||
envs +: [
|
||||
util.env(env),
|
||||
],
|
||||
},
|
||||
},
|
||||
printEnv(file, env): function(step) util.compose([
|
||||
util.envSet(env),
|
||||
function(step) step {
|
||||
settings +: {
|
||||
script +: [
|
||||
'echo "export %(environment)s=\'$${%(environment)s}\'" >> %(file)s # "%(secret)s"' % {
|
||||
environment: util.environment(env),
|
||||
file: file,
|
||||
secret: util.secret(env),
|
||||
},
|
||||
],
|
||||
},
|
||||
},
|
||||
])(step),
|
||||
};
|
||||
local images = {
|
||||
docker: {
|
||||
name: 'docker',
|
||||
image: 'docker:dind',
|
||||
},
|
||||
scp(target): {
|
||||
name: 'scp',
|
||||
image: 'appleboy/drone-scp',
|
||||
settings: {
|
||||
host: {
|
||||
from_secret: 'ssh-host',
|
||||
},
|
||||
username: {
|
||||
from_secret: 'ssh-user',
|
||||
},
|
||||
password: {
|
||||
from_secret: 'ssh-password',
|
||||
},
|
||||
port: {
|
||||
from_secret: 'ssh-port',
|
||||
},
|
||||
command_timeout: '2m',
|
||||
target: target,
|
||||
source: [
|
||||
'.',
|
||||
],
|
||||
},
|
||||
},
|
||||
ssh: {
|
||||
image: 'appleboy/drone-ssh',
|
||||
settings: {
|
||||
host: util.fromSecret("ssh-host"),
|
||||
port: util.fromSecret("ssh-port"),
|
||||
username: util.fromSecret("ssh-user"),
|
||||
password: util.fromSecret("ssh-password"),
|
||||
envs: [
|
||||
'drone_tag',
|
||||
'drone_commit',
|
||||
'drone_build_number',
|
||||
'drone_repo_name',
|
||||
'drone_repo_namespace',
|
||||
'DRONE_GITEA_SERVER',
|
||||
],
|
||||
script: [],
|
||||
},
|
||||
},
|
||||
wait(delay): {
|
||||
image: 'alpine',
|
||||
name: 'wait',
|
||||
commands: [
|
||||
'sleep %s' % delay,
|
||||
],
|
||||
}
|
||||
};
|
||||
[
|
||||
{
|
||||
kind: 'pipeline',
|
||||
type: 'docker',
|
||||
name: 'build',
|
||||
clone: {
|
||||
disable: false,
|
||||
depth: 0,
|
||||
},
|
||||
services: [
|
||||
images.docker {
|
||||
privileged: true,
|
||||
volumes: [
|
||||
{
|
||||
name: 'dockersock',
|
||||
path: '/var/run',
|
||||
},
|
||||
{
|
||||
name: 'ca',
|
||||
path: '/etc/docker/certs.d',
|
||||
},
|
||||
],
|
||||
},
|
||||
],
|
||||
volumes: [
|
||||
{
|
||||
name: 'dockersock',
|
||||
temp: {},
|
||||
},
|
||||
{
|
||||
name: 'ca',
|
||||
host: {
|
||||
path: '/etc/docker/certs.d',
|
||||
},
|
||||
},
|
||||
],
|
||||
steps:[
|
||||
images.scp(
|
||||
'/stack/root'
|
||||
),
|
||||
images.wait(15),
|
||||
util.compose(
|
||||
std.map(
|
||||
function(secret) util.printEnv('afile', secret),
|
||||
publicSecrets,
|
||||
)
|
||||
)(
|
||||
images.ssh {
|
||||
name: 'will print ssh-host again',
|
||||
settings +: {
|
||||
script +: [
|
||||
'rm afile'
|
||||
],
|
||||
},
|
||||
},
|
||||
),
|
||||
util.compose(
|
||||
std.map(
|
||||
function(s) util.envSet(s),
|
||||
publicSecrets + secretSecrets
|
||||
) +
|
||||
std.map(
|
||||
function(s) function(step) step {
|
||||
settings +: {
|
||||
script +: [
|
||||
|
||||
'export %(env)s="$${%(env)s}"' % {
|
||||
env: util.environment(s),
|
||||
},
|
||||
'echo "$${%s}"' % util.environment(s),
|
||||
],
|
||||
},
|
||||
},
|
||||
publicSecrets + secretSecrets
|
||||
)
|
||||
)
|
||||
(
|
||||
images.ssh {
|
||||
name: 'deploy portainer',
|
||||
settings +: {
|
||||
//username: util.fromSecret("ssh-root-user"),
|
||||
//password: util.fromSecret("ssh-root-password"),
|
||||
script +: [
|
||||
'set -e',
|
||||
'echo go',
|
||||
" echo $${DRONE_GITEA_SERVER} > thefile",
|
||||
] /*+
|
||||
map(export, secrets) +
|
||||
[
|
||||
"export DRONE_REPO_LINK=$${{DRONE_GITEA_SERVER}}/{namespace}/{name}".format(name=ctx.repo.name, namespace=ctx.repo.namespace),
|
||||
"export DRONE_COMMIT={commit}".format(commit=ctx.build.commit),
|
||||
"docker network prune -f",
|
||||
"cd {folder}".format(folder=folder),
|
||||
"docker stack rm {name}".format(name = name),
|
||||
"sleep 30",
|
||||
"docker stack deploy -c {filename} {name}".format(name= name, filename = filename),
|
||||
] + commands */
|
||||
}
|
||||
}
|
||||
) {
|
||||
settings +: {
|
||||
script +: [
|
||||
//"export DRONE_REPO_LINK=$${{DRONE_GITEA_SERVER}}/$${DRONE_REPO_NAMESPACE}/$${DRONE_REPO_NAME}",
|
||||
//"export DRONE_COMMIT={commit}".format(commit=ctx.build.commit),
|
||||
"docker network prune -f",
|
||||
"cd /stack/portainer",
|
||||
"docker stack rm portainer",
|
||||
"sleep 30",
|
||||
"docker stack deploy -c docker-compose.yml portainer",
|
||||
],
|
||||
},
|
||||
},
|
||||
],
|
||||
}
|
||||
]
|
||||
|
||||
|
|
@ -0,0 +1,132 @@
|
|||
---
|
||||
kind: pipeline
|
||||
type: docker
|
||||
name: build
|
||||
|
||||
platform:
|
||||
os: linux
|
||||
arch: amd64
|
||||
|
||||
steps:
|
||||
- name: scp
|
||||
image: appleboy/drone-scp
|
||||
settings:
|
||||
command_timeout: 2m
|
||||
host:
|
||||
from_secret: ssh-host
|
||||
password:
|
||||
from_secret: ssh-password
|
||||
port:
|
||||
from_secret: ssh-port
|
||||
source:
|
||||
- .
|
||||
target: /stack/root
|
||||
username:
|
||||
from_secret: ssh-user
|
||||
|
||||
- name: wait
|
||||
image: alpine
|
||||
commands:
|
||||
- sleep 15
|
||||
|
||||
- name: will print ssh-host again
|
||||
image: appleboy/drone-ssh
|
||||
settings:
|
||||
envs:
|
||||
- drone_tag
|
||||
- drone_commit
|
||||
- drone_build_number
|
||||
- drone_repo_name
|
||||
- drone_repo_namespace
|
||||
- DRONE_GITEA_SERVER
|
||||
- ssh_host
|
||||
- ssh_user
|
||||
- ssh_root_user
|
||||
host:
|
||||
from_secret: ssh-host
|
||||
password:
|
||||
from_secret: ssh-password
|
||||
port:
|
||||
from_secret: ssh-port
|
||||
script:
|
||||
- rm afile
|
||||
- "echo \"export SSH_HOST='$${SSH_HOST}'\" >> afile # \"ssh-host\""
|
||||
- "echo \"export SSH_USER='$${SSH_USER}'\" >> afile # \"ssh-user\""
|
||||
- "echo \"export SSH_ROOT_USER='$${SSH_ROOT_USER}'\" >> afile # \"ssh-root-user\""
|
||||
username:
|
||||
from_secret: ssh-user
|
||||
environment:
|
||||
SSH_HOST:
|
||||
from_secret: ssh-host
|
||||
SSH_ROOT_USER:
|
||||
from_secret: ssh-root-user
|
||||
SSH_USER:
|
||||
from_secret: ssh-user
|
||||
|
||||
- name: deploy portainer
|
||||
image: appleboy/drone-ssh
|
||||
settings:
|
||||
envs:
|
||||
- drone_tag
|
||||
- drone_commit
|
||||
- drone_build_number
|
||||
- drone_repo_name
|
||||
- drone_repo_namespace
|
||||
- DRONE_GITEA_SERVER
|
||||
- ssh_host
|
||||
- ssh_user
|
||||
- ssh_root_user
|
||||
- ssh_password
|
||||
host:
|
||||
from_secret: ssh-host
|
||||
password:
|
||||
from_secret: ssh-password
|
||||
port:
|
||||
from_secret: ssh-port
|
||||
script:
|
||||
- set -e
|
||||
- echo go
|
||||
- " echo $${DRONE_GITEA_SERVER} > thefile"
|
||||
- export SSH_HOST="$${SSH_HOST}"
|
||||
- echo "$${SSH_HOST}"
|
||||
- export SSH_USER="$${SSH_USER}"
|
||||
- echo "$${SSH_USER}"
|
||||
- export SSH_ROOT_USER="$${SSH_ROOT_USER}"
|
||||
- echo "$${SSH_ROOT_USER}"
|
||||
- export SSH_PASSWORD="$${SSH_PASSWORD}"
|
||||
- echo "$${SSH_PASSWORD}"
|
||||
- docker network prune -f
|
||||
- cd /stack/portainer
|
||||
- docker stack rm portainer
|
||||
- sleep 30
|
||||
- docker stack deploy -c docker-compose.yml portainer
|
||||
username:
|
||||
from_secret: ssh-user
|
||||
environment:
|
||||
SSH_HOST:
|
||||
from_secret: ssh-host
|
||||
SSH_PASSWORD:
|
||||
from_secret: ssh-password
|
||||
SSH_ROOT_USER:
|
||||
from_secret: ssh-root-user
|
||||
SSH_USER:
|
||||
from_secret: ssh-user
|
||||
|
||||
services:
|
||||
- name: docker
|
||||
image: docker:dind
|
||||
privileged: true
|
||||
volumes:
|
||||
- name: dockersock
|
||||
path: /var/run
|
||||
- name: ca
|
||||
path: /etc/docker/certs.d
|
||||
|
||||
volumes:
|
||||
- name: dockersock
|
||||
temp: {}
|
||||
- name: ca
|
||||
host:
|
||||
path: /etc/docker/certs.d
|
||||
|
||||
...
|
||||
15
package.json
15
package.json
|
|
@ -1,19 +1,6 @@
|
|||
{
|
||||
"private": true,
|
||||
"name": "portainer",
|
||||
"version": "0.0.1",
|
||||
"description": "remote access",
|
||||
"scripts": {
|
||||
"release": "standard-version",
|
||||
"test": "echo \"Error: no test specified\" && exit 1"
|
||||
},
|
||||
"repository": {
|
||||
"type": "git",
|
||||
"url": "https://sigyl.com/git/stack/portainer"
|
||||
},
|
||||
"author": "Giles Bradshaw",
|
||||
"license": "ISC",
|
||||
"devDependencies": {
|
||||
"standard-version": "git+https://github.com/gilesbradshaw/standard-version.git"
|
||||
"jsonnet:home": "drone jsonnet --source jsonnet/.drone-home.jsonnet --target jsonnet/.drone-home.yml --stream"
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue