ci:docker deploy from registry

.drone/drone-home.jsonnet

@@ -44,7 +44,7 @@ local publicSecrets = import 'lib/public-secrets.libsonnet';
         '/stack/squid'
       ),
       images.wait(15),
-      images.docker {
+      /*images.docker {
         name +: 'build docker image:',
         environment +: environment.environmentSecrets([
           'LOCAL_DOCKER_REGISTRY',
@@ -66,23 +66,30 @@ local publicSecrets = import 'lib/public-secrets.libsonnet';
           'docker push $${LOCAL_DOCKER_REGISTRY}squid',
           'docker logout $${LOCAL_DOCKER_REGISTRY}',
         ],
-      },
+      },*/
-      images.ssh  {
+      compose([
-        name: 'deploy squid',
+        environment.envSet('local-docker-registry'),
-        settings +: {
+        environment.envSet('local-registry-password'),
-          script +: [
+      ])(
-            'set -e',
+        images.ssh  {
-            "docker network prune -f",
+          name: 'deploy squid',
-            "cd /stack/squid/myCA",
+          settings +: {
-            'openssl genrsa -out CA_key.pem 2048',
+            script +: [
-            'openssl req -x509 -days 600 -new -nodes -key CA_key.pem -out CA_crt.pem -extensions v3_ca -config openssl.cnf    -subj "/C=US/ST=California/L=Mountain View/O=Google/OU=Enterprise/CN=MyCA"',
+              'set -e',
-            'cd ..',
+              "docker network prune -f",
-            "docker stack rm squid",
+              "cd /stack/squid/myCA",
-            "sleep 31",
+              'openssl genrsa -out CA_key.pem 2048',
-            "docker stack deploy -c docker-compose.yml squid",
+              'openssl req -x509 -days 600 -new -nodes -key CA_key.pem -out CA_crt.pem -extensions v3_ca -config openssl.cnf    -subj "/C=US/ST=California/L=Mountain View/O=Google/OU=Enterprise/CN=MyCA"',
-          ]
+              'cd ..',
-        }
+              "docker stack rm squid",
-      }
+              "sleep 31",
+              'export SQUID_IMAGE=$${LOCAL_DOCKER_REGISTRY}squid',
+              'docker login $${LOCAL_DOCKER_REGISTRY} --username client --password "$${LOCAL_REGISTRY_PASSWORD}"',
+              "docker stack deploy -c docker-compose.yml squid",
+            ]
+          }
+        },
+      ),
     ],
   }
 ]

.drone/drone-home.yml

@@ -29,26 +29,6 @@ steps:
   commands:
   - sleep 15
 
-- name: "dockerbuild docker image:"
-  image: docker:dind
-  commands:
-  - set -e
-  - pwd
-  - sleep 15
-  - cd docker
-  - docker login $${LOCAL_DOCKER_REGISTRY} --username client --password "$${LOCAL_REGISTRY_PASSWORD}"
-  - docker build . -t $${LOCAL_DOCKER_REGISTRY}squid
-  - docker push $${LOCAL_DOCKER_REGISTRY}squid
-  - docker logout $${LOCAL_DOCKER_REGISTRY}
-  environment:
-    LOCAL_DOCKER_REGISTRY:
-      from_secret: local-docker-registry
-    LOCAL_REGISTRY_PASSWORD:
-      from_secret: local-registry-password
-  volumes:
-  - name: dockersock
-    path: /var/run
-
 - name: deploy squid
   image: appleboy/drone-ssh
   settings:
@@ -58,6 +38,8 @@ steps:
     - drone_build_number
     - drone_repo_name
     - drone_repo_namespace
+    - local_docker_registry
+    - local_registry_password
     host:
       from_secret: ssh-host
     key:
@@ -73,9 +55,16 @@ steps:
     - cd ..
     - docker stack rm squid
     - sleep 31
+    - export SQUID_IMAGE=$${LOCAL_DOCKER_REGISTRY}squid
+    - docker login $${LOCAL_DOCKER_REGISTRY} --username client --password "$${LOCAL_REGISTRY_PASSWORD}"
     - docker stack deploy -c docker-compose.yml squid
     username:
       from_secret: ssh-user
+  environment:
+    LOCAL_DOCKER_REGISTRY:
+      from_secret: local-docker-registry
+    LOCAL_REGISTRY_PASSWORD:
+      from_secret: local-registry-password
 
 services:
 - name: docker

docker-compose.yml

@@ -7,7 +7,7 @@ services:
       replicas: 1
       restart_policy:
         condition: any
-    image: squid
+    image: ${SQUID_IMAGE}
     volumes:
       - squid-cache:/apps/squid/var/cache/squid
       #- ./squid.intercept.conf:/etc/squid/squid.conf