From 38f7af0b5c37c2ddfd4f972b1a30af2bc4adcf44 Mon Sep 17 00:00:00 2001 From: Giles Bradshaw Date: Wed, 5 Aug 2020 12:31:43 +0100 Subject: [PATCH] ci:docker deploy from registry --- .drone/drone-home.jsonnet | 43 +++++++++++++++++++++++---------------- .drone/drone-home.yml | 29 ++++++++------------------ docker-compose.yml | 2 +- 3 files changed, 35 insertions(+), 39 deletions(-) diff --git a/.drone/drone-home.jsonnet b/.drone/drone-home.jsonnet index 3c581fe..91b77f6 100644 --- a/.drone/drone-home.jsonnet +++ b/.drone/drone-home.jsonnet @@ -44,7 +44,7 @@ local publicSecrets = import 'lib/public-secrets.libsonnet'; '/stack/squid' ), images.wait(15), - images.docker { + /*images.docker { name +: 'build docker image:', environment +: environment.environmentSecrets([ 'LOCAL_DOCKER_REGISTRY', @@ -66,23 +66,30 @@ local publicSecrets = import 'lib/public-secrets.libsonnet'; 'docker push $${LOCAL_DOCKER_REGISTRY}squid', 'docker logout $${LOCAL_DOCKER_REGISTRY}', ], - }, - images.ssh { - name: 'deploy squid', - settings +: { - script +: [ - 'set -e', - "docker network prune -f", - "cd /stack/squid/myCA", - 'openssl genrsa -out CA_key.pem 2048', - 'openssl req -x509 -days 600 -new -nodes -key CA_key.pem -out CA_crt.pem -extensions v3_ca -config openssl.cnf -subj "/C=US/ST=California/L=Mountain View/O=Google/OU=Enterprise/CN=MyCA"', - 'cd ..', - "docker stack rm squid", - "sleep 31", - "docker stack deploy -c docker-compose.yml squid", - ] - } - } + },*/ + compose([ + environment.envSet('local-docker-registry'), + environment.envSet('local-registry-password'), + ])( + images.ssh { + name: 'deploy squid', + settings +: { + script +: [ + 'set -e', + "docker network prune -f", + "cd /stack/squid/myCA", + 'openssl genrsa -out CA_key.pem 2048', + 'openssl req -x509 -days 600 -new -nodes -key CA_key.pem -out CA_crt.pem -extensions v3_ca -config openssl.cnf -subj "/C=US/ST=California/L=Mountain View/O=Google/OU=Enterprise/CN=MyCA"', + 'cd ..', + "docker stack rm squid", + "sleep 31", + 'export SQUID_IMAGE=$${LOCAL_DOCKER_REGISTRY}squid', + 'docker login $${LOCAL_DOCKER_REGISTRY} --username client --password "$${LOCAL_REGISTRY_PASSWORD}"', + "docker stack deploy -c docker-compose.yml squid", + ] + } + }, + ), ], } ] diff --git a/.drone/drone-home.yml b/.drone/drone-home.yml index da657f9..c72e628 100644 --- a/.drone/drone-home.yml +++ b/.drone/drone-home.yml @@ -29,26 +29,6 @@ steps: commands: - sleep 15 -- name: "dockerbuild docker image:" - image: docker:dind - commands: - - set -e - - pwd - - sleep 15 - - cd docker - - docker login $${LOCAL_DOCKER_REGISTRY} --username client --password "$${LOCAL_REGISTRY_PASSWORD}" - - docker build . -t $${LOCAL_DOCKER_REGISTRY}squid - - docker push $${LOCAL_DOCKER_REGISTRY}squid - - docker logout $${LOCAL_DOCKER_REGISTRY} - environment: - LOCAL_DOCKER_REGISTRY: - from_secret: local-docker-registry - LOCAL_REGISTRY_PASSWORD: - from_secret: local-registry-password - volumes: - - name: dockersock - path: /var/run - - name: deploy squid image: appleboy/drone-ssh settings: @@ -58,6 +38,8 @@ steps: - drone_build_number - drone_repo_name - drone_repo_namespace + - local_docker_registry + - local_registry_password host: from_secret: ssh-host key: @@ -73,9 +55,16 @@ steps: - cd .. - docker stack rm squid - sleep 31 + - export SQUID_IMAGE=$${LOCAL_DOCKER_REGISTRY}squid + - docker login $${LOCAL_DOCKER_REGISTRY} --username client --password "$${LOCAL_REGISTRY_PASSWORD}" - docker stack deploy -c docker-compose.yml squid username: from_secret: ssh-user + environment: + LOCAL_DOCKER_REGISTRY: + from_secret: local-docker-registry + LOCAL_REGISTRY_PASSWORD: + from_secret: local-registry-password services: - name: docker diff --git a/docker-compose.yml b/docker-compose.yml index ffa415f..97251be 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -7,7 +7,7 @@ services: replicas: 1 restart_policy: condition: any - image: squid + image: ${SQUID_IMAGE} volumes: - squid-cache:/apps/squid/var/cache/squid #- ./squid.intercept.conf:/etc/squid/squid.conf