ci:docker deploy from registry
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/push Build is passing
Details
This commit is contained in:
parent
4c00cf3eff
commit
38f7af0b5c
|
@ -44,7 +44,7 @@ local publicSecrets = import 'lib/public-secrets.libsonnet';
|
||||||
'/stack/squid'
|
'/stack/squid'
|
||||||
),
|
),
|
||||||
images.wait(15),
|
images.wait(15),
|
||||||
images.docker {
|
/*images.docker {
|
||||||
name +: 'build docker image:',
|
name +: 'build docker image:',
|
||||||
environment +: environment.environmentSecrets([
|
environment +: environment.environmentSecrets([
|
||||||
'LOCAL_DOCKER_REGISTRY',
|
'LOCAL_DOCKER_REGISTRY',
|
||||||
|
@ -66,23 +66,30 @@ local publicSecrets = import 'lib/public-secrets.libsonnet';
|
||||||
'docker push $${LOCAL_DOCKER_REGISTRY}squid',
|
'docker push $${LOCAL_DOCKER_REGISTRY}squid',
|
||||||
'docker logout $${LOCAL_DOCKER_REGISTRY}',
|
'docker logout $${LOCAL_DOCKER_REGISTRY}',
|
||||||
],
|
],
|
||||||
},
|
},*/
|
||||||
images.ssh {
|
compose([
|
||||||
name: 'deploy squid',
|
environment.envSet('local-docker-registry'),
|
||||||
settings +: {
|
environment.envSet('local-registry-password'),
|
||||||
script +: [
|
])(
|
||||||
'set -e',
|
images.ssh {
|
||||||
"docker network prune -f",
|
name: 'deploy squid',
|
||||||
"cd /stack/squid/myCA",
|
settings +: {
|
||||||
'openssl genrsa -out CA_key.pem 2048',
|
script +: [
|
||||||
'openssl req -x509 -days 600 -new -nodes -key CA_key.pem -out CA_crt.pem -extensions v3_ca -config openssl.cnf -subj "/C=US/ST=California/L=Mountain View/O=Google/OU=Enterprise/CN=MyCA"',
|
'set -e',
|
||||||
'cd ..',
|
"docker network prune -f",
|
||||||
"docker stack rm squid",
|
"cd /stack/squid/myCA",
|
||||||
"sleep 31",
|
'openssl genrsa -out CA_key.pem 2048',
|
||||||
"docker stack deploy -c docker-compose.yml squid",
|
'openssl req -x509 -days 600 -new -nodes -key CA_key.pem -out CA_crt.pem -extensions v3_ca -config openssl.cnf -subj "/C=US/ST=California/L=Mountain View/O=Google/OU=Enterprise/CN=MyCA"',
|
||||||
]
|
'cd ..',
|
||||||
}
|
"docker stack rm squid",
|
||||||
}
|
"sleep 31",
|
||||||
|
'export SQUID_IMAGE=$${LOCAL_DOCKER_REGISTRY}squid',
|
||||||
|
'docker login $${LOCAL_DOCKER_REGISTRY} --username client --password "$${LOCAL_REGISTRY_PASSWORD}"',
|
||||||
|
"docker stack deploy -c docker-compose.yml squid",
|
||||||
|
]
|
||||||
|
}
|
||||||
|
},
|
||||||
|
),
|
||||||
],
|
],
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
|
|
|
@ -29,26 +29,6 @@ steps:
|
||||||
commands:
|
commands:
|
||||||
- sleep 15
|
- sleep 15
|
||||||
|
|
||||||
- name: "dockerbuild docker image:"
|
|
||||||
image: docker:dind
|
|
||||||
commands:
|
|
||||||
- set -e
|
|
||||||
- pwd
|
|
||||||
- sleep 15
|
|
||||||
- cd docker
|
|
||||||
- docker login $${LOCAL_DOCKER_REGISTRY} --username client --password "$${LOCAL_REGISTRY_PASSWORD}"
|
|
||||||
- docker build . -t $${LOCAL_DOCKER_REGISTRY}squid
|
|
||||||
- docker push $${LOCAL_DOCKER_REGISTRY}squid
|
|
||||||
- docker logout $${LOCAL_DOCKER_REGISTRY}
|
|
||||||
environment:
|
|
||||||
LOCAL_DOCKER_REGISTRY:
|
|
||||||
from_secret: local-docker-registry
|
|
||||||
LOCAL_REGISTRY_PASSWORD:
|
|
||||||
from_secret: local-registry-password
|
|
||||||
volumes:
|
|
||||||
- name: dockersock
|
|
||||||
path: /var/run
|
|
||||||
|
|
||||||
- name: deploy squid
|
- name: deploy squid
|
||||||
image: appleboy/drone-ssh
|
image: appleboy/drone-ssh
|
||||||
settings:
|
settings:
|
||||||
|
@ -58,6 +38,8 @@ steps:
|
||||||
- drone_build_number
|
- drone_build_number
|
||||||
- drone_repo_name
|
- drone_repo_name
|
||||||
- drone_repo_namespace
|
- drone_repo_namespace
|
||||||
|
- local_docker_registry
|
||||||
|
- local_registry_password
|
||||||
host:
|
host:
|
||||||
from_secret: ssh-host
|
from_secret: ssh-host
|
||||||
key:
|
key:
|
||||||
|
@ -73,9 +55,16 @@ steps:
|
||||||
- cd ..
|
- cd ..
|
||||||
- docker stack rm squid
|
- docker stack rm squid
|
||||||
- sleep 31
|
- sleep 31
|
||||||
|
- export SQUID_IMAGE=$${LOCAL_DOCKER_REGISTRY}squid
|
||||||
|
- docker login $${LOCAL_DOCKER_REGISTRY} --username client --password "$${LOCAL_REGISTRY_PASSWORD}"
|
||||||
- docker stack deploy -c docker-compose.yml squid
|
- docker stack deploy -c docker-compose.yml squid
|
||||||
username:
|
username:
|
||||||
from_secret: ssh-user
|
from_secret: ssh-user
|
||||||
|
environment:
|
||||||
|
LOCAL_DOCKER_REGISTRY:
|
||||||
|
from_secret: local-docker-registry
|
||||||
|
LOCAL_REGISTRY_PASSWORD:
|
||||||
|
from_secret: local-registry-password
|
||||||
|
|
||||||
services:
|
services:
|
||||||
- name: docker
|
- name: docker
|
||||||
|
|
|
@ -7,7 +7,7 @@ services:
|
||||||
replicas: 1
|
replicas: 1
|
||||||
restart_policy:
|
restart_policy:
|
||||||
condition: any
|
condition: any
|
||||||
image: squid
|
image: ${SQUID_IMAGE}
|
||||||
volumes:
|
volumes:
|
||||||
- squid-cache:/apps/squid/var/cache/squid
|
- squid-cache:/apps/squid/var/cache/squid
|
||||||
#- ./squid.intercept.conf:/etc/squid/squid.conf
|
#- ./squid.intercept.conf:/etc/squid/squid.conf
|
||||||
|
|
Loading…
Reference in New Issue