stack
/
squid
1
0
Fork 0
Code Issues Pull Requests 1 Releases Wiki Activity

ci: copy drone to docker secrets
continuous-integration/drone/push Build is passing Details
continuous-integration/drone Build is passing Details

This commit is contained in:
Giles Bradshaw 2020-09-01 15:58:06 +01:00
parent b22b7d0321
commit e8b61d5992
5 changed files with 15 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.drone/build.sh
View File

@ -1,2 +1,2 @@
echo $CA_CRT > docker-dind/CA_crt.crt echo "${CA_CRT}" > docker-dind/CA_crt.crt
docker build docker-dind -t ${REGISTRY_DOMAIN}:${REGISTRY_PORT}/docker-dind docker build docker-dind -t ${REGISTRY_DOMAIN}:${REGISTRY_PORT}/docker-dind

3
.drone/deploy.sh
View File

@ -1,4 +1,7 @@
docker stack rm squid docker stack rm squid
echo 'sleeping...zzz' echo 'sleeping...zzz'
sleep 60 sleep 60
mkdir -p .secrets
echo "${CA_CRT}" > .secrets/ca.crt
echo "${CA_KEY}" > .secrets/ca.key
docker stack deploy -c docker-compose.yml squid docker stack deploy -c docker-compose.yml squid

4
.drone/drone-home.jsonnet
View File

@ -9,7 +9,9 @@ local register = import 'node_modules/@sigyl/jsonnet-drone/register.libsonnet';
deploy( deploy(
'squid', 'squid',
'/stack/', '/stack/',
[], [
'CA_CRT',
],
publicSecrets, publicSecrets,
secretSecrets, secretSecrets,
[ [

7
.drone/drone-home.yml
View File

@ -35,6 +35,7 @@ steps:
- drone_repo_name - drone_repo_name
- drone_repo_namespace - drone_repo_namespace
- ca_crt - ca_crt
- ca_crt
- local_domain - local_domain
- ca_key - ca_key
host: ${SSH_HOST} host: ${SSH_HOST}
@ -44,6 +45,7 @@ steps:
script: script:
- rm -f env-squid - rm -f env-squid
- "echo \"export CA_CRT='$${CA_CRT}'\" >> env-squid # \"ca-crt\"" - "echo \"export CA_CRT='$${CA_CRT}'\" >> env-squid # \"ca-crt\""
- "echo \"export CA_CRT='$${CA_CRT}'\" >> env-squid # \"ca-crt\""
- "echo \"export LOCAL_DOMAIN='$${LOCAL_DOMAIN}'\" >> env-squid # \"local-domain\"" - "echo \"export LOCAL_DOMAIN='$${LOCAL_DOMAIN}'\" >> env-squid # \"local-domain\""
- "echo \"export CA_KEY='$${CA_KEY}'\" >> env-squid # \"ca-key\"" - "echo \"export CA_KEY='$${CA_KEY}'\" >> env-squid # \"ca-key\""
username: ${SSH_USER} username: ${SSH_USER}
@ -81,6 +83,9 @@ steps:
- sh .drone/build.sh - sh .drone/build.sh
- sh .drone/push.sh - sh .drone/push.sh
- sh .drone/logout.sh - sh .drone/logout.sh
environment:
CA_CRT:
from_secret: ca-crt
volumes: volumes:
- name: dockersock - name: dockersock
path: /var/run path: /var/run
@ -101,6 +106,7 @@ steps:
- ca_crt - ca_crt
- local_domain - local_domain
- ca_key - ca_key
- ca_crt
host: ${SSH_HOST} host: ${SSH_HOST}
key: ${SSH_KEY} key: ${SSH_KEY}
passphrase: ${SSH_PASSPHRASE} passphrase: ${SSH_PASSPHRASE}
@ -109,6 +115,7 @@ steps:
- export CA_KEY=$${CA_KEY} - export CA_KEY=$${CA_KEY}
- export CA_CRT=$${CA_CRT} - export CA_CRT=$${CA_CRT}
- export LOCAL_DOMAIN=$${LOCAL_DOMAIN} - export LOCAL_DOMAIN=$${LOCAL_DOMAIN}
- export CA_CRT=$${CA_CRT}
- export DOMAIN=$${DOMAIN} - export DOMAIN=$${DOMAIN}
- export REGISTRY_DOMAIN=$${REGISTRY_DOMAIN} - export REGISTRY_DOMAIN=$${REGISTRY_DOMAIN}
- export REGISTRY_PORT=$${REGISTRY_PORT} - export REGISTRY_PORT=$${REGISTRY_PORT}

2
docker-dind/Dockerfile
View File

@ -1,3 +1,3 @@
FROM docker:18.06.0-dind FROM docker:18.06.0-dind
COPY CA_crt.crt /usr/local/share/ca-certificates/CA_crt.crt COPY ./CA_crt.crt /usr/local/share/ca-certificates/CA_crt.crt
RUN update-ca-certificates RUN update-ca-certificates