squid/.drone/drone-home.jsonnet

151 lines
4.1 KiB
Plaintext
Raw Normal View History

2020-08-05 07:30:16 +00:00
local images = import 'lib/images.libsonnet';
local environment = import 'node_modules/@sigyl/jsonnet-drone-environment/environment.libsonnet';
2020-08-05 07:30:16 +00:00
local compose = import 'node_modules/@sigyl/jsonnet-compose/compose.libsonnet';
local secretSecrets = import 'lib/secret-secrets.libsonnet';
local publicSecrets = import 'lib/public-secrets.libsonnet';
2020-08-06 14:09:33 +00:00
local util = import 'lib/util.libsonnet';
2020-07-30 14:32:27 +00:00
[
{
kind: 'pipeline',
type: 'docker',
name: 'build',
clone: {
disable: false,
depth: 0,
},
2020-08-06 02:25:56 +00:00
/*trigger: {
2020-08-05 13:27:33 +00:00
event: [
'tag',
],
2020-08-06 02:25:56 +00:00
},*/
2020-07-30 14:32:27 +00:00
services: [
images.docker {
privileged: true,
volumes: [
{
name: 'dockersock',
path: '/var/run',
},
{
name: 'ca',
path: '/etc/docker/certs.d',
},
],
},
],
volumes: [
{
name: 'dockersock',
temp: {},
},
{
name: 'ca',
host: {
path: '/etc/docker/certs.d',
},
},
],
steps:[
2020-08-06 14:23:26 +00:00
compose(
std.map(
function(secret) util.printEnv('env-squid', secret),
publicSecrets,
)
)
(
images.ssh {
settings +: {
script: [
'rm -f env-squid',
],
},
},
2020-08-06 14:09:33 +00:00
) {
name: 'print env',
},
2020-07-30 14:32:27 +00:00
images.scp(
'/stack/squid'
),
images.wait(15),
2020-08-06 15:33:26 +00:00
images.docker {
2020-08-06 17:10:19 +00:00
name +: 'build docker:dind image:',
2020-08-06 09:51:41 +00:00
environment +: environment.environmentSecrets([
'LOCAL_DOCKER_REGISTRY',
'LOCAL_REGISTRY_PASSWORD',
2020-08-06 17:10:19 +00:00
'CA_CRT'
2020-08-06 09:51:41 +00:00
]),
volumes: [
{
name: 'dockersock',
path: '/var/run',
},
],
commands: [
'set -e',
2020-08-06 17:10:19 +00:00
'sleep 15',
'docker login $${LOCAL_DOCKER_REGISTRY} --username client --password "$${LOCAL_REGISTRY_PASSWORD}"',
'cd docker-dind',
2020-08-06 17:12:04 +00:00
'echo "$${CA_CRT}" > CA_crt.crt',
2020-08-06 17:10:19 +00:00
'docker build . -t $${LOCAL_DOCKER_REGISTRY}docker:dind',
'docker push $${LOCAL_DOCKER_REGISTRY}docker:dind',
'docker logout $${LOCAL_DOCKER_REGISTRY}',
2020-08-06 09:51:41 +00:00
],
2020-08-06 15:33:26 +00:00
}, /*
2020-08-06 09:28:48 +00:00
images.docker {
name +: 'build docker image:',
environment +: environment.environmentSecrets([
'LOCAL_DOCKER_REGISTRY',
'LOCAL_REGISTRY_PASSWORD',
]),
volumes: [
{
name: 'dockersock',
path: '/var/run',
},
],
commands: [
'set -e',
'pwd',
'sleep 15',
'cd docker',
'docker login $${LOCAL_DOCKER_REGISTRY} --username client --password "$${LOCAL_REGISTRY_PASSWORD}"',
'docker build . -t $${LOCAL_DOCKER_REGISTRY}squid',
'docker push $${LOCAL_DOCKER_REGISTRY}squid',
'docker logout $${LOCAL_DOCKER_REGISTRY}',
],
2020-08-06 10:05:40 +00:00
} */
2020-08-05 11:31:43 +00:00
compose([
environment.envSet('local-docker-registry'),
environment.envSet('local-registry-password'),
2020-08-06 14:23:26 +00:00
environment.envSet('ca-crt'),
environment.envSet('ca-key'),
2020-08-05 11:31:43 +00:00
])(
images.ssh {
name: 'deploy squid',
settings +: {
script +: [
2020-08-06 14:23:26 +00:00
'rm -f -R /stack/squid/.secrets',
'mkdir -p /stack/squid/.secrets',
2020-08-06 14:29:28 +00:00
'echo "$${CA_CRT}" > /stack/squid/.secrets/ca.crt',
'echo "$${CA_KEY}" > /stack/squid/.secrets/ca.key',
2020-08-05 11:31:43 +00:00
'set -e',
2020-08-06 12:52:00 +00:00
//"docker network prune -f",
2020-08-05 11:31:43 +00:00
"cd /stack/squid/myCA",
2020-08-06 09:06:26 +00:00
//'openssl genrsa -out CA_key.pem 2048',
//'openssl req -x509 -days 600 -new -nodes -key CA_key.pem -out CA_crt.pem -extensions v3_ca -config openssl.cnf -subj "/C=US/ST=California/L=Mountain View/O=Google/OU=Enterprise/CN=MyCA"',
2020-08-05 11:31:43 +00:00
'cd ..',
2020-08-06 12:52:00 +00:00
//"docker stack rm squid",
//"sleep 60",
2020-08-06 10:40:22 +00:00
// "docker volume rm squid_squid-cache",
2020-08-05 11:31:43 +00:00
"docker stack deploy -c docker-compose.yml squid",
]
}
},
2020-08-06 10:05:40 +00:00
),
2020-07-30 14:32:27 +00:00
],
2020-08-06 15:06:53 +00:00
image_pull_secrets: [
'dockerconfigjson'
]
2020-07-30 14:32:27 +00:00
}
]