From dce234b03c3c6ccbb0430cf1c97ee08c26d40fe0 Mon Sep 17 00:00:00 2001 From: Giles Bradshaw Date: Wed, 12 Aug 2020 12:49:05 +0100 Subject: [PATCH 1/9] chnage dind image name --- .drone/drone-home.jsonnet | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.drone/drone-home.jsonnet b/.drone/drone-home.jsonnet index da58df5..0041b22 100644 --- a/.drone/drone-home.jsonnet +++ b/.drone/drone-home.jsonnet @@ -86,8 +86,8 @@ local util = import 'lib/util.libsonnet'; 'docker login $${LOCAL_DOCKER_REGISTRY} --username client --password "$${LOCAL_REGISTRY_PASSWORD}"', 'cd docker-dind', 'echo "$${CA_CRT}" > CA_crt.crt', - 'docker build . -t $${LOCAL_DOCKER_REGISTRY}docker:dind', - 'docker push $${LOCAL_DOCKER_REGISTRY}docker:dind', + 'docker build . -t $${LOCAL_DOCKER_REGISTRY}docker:dind1', + 'docker push $${LOCAL_DOCKER_REGISTRY}docker:dind1', 'docker logout $${LOCAL_DOCKER_REGISTRY}', ], }, /* From 0d61cf53ca9db5b10b9800f9af4628612cd4950f Mon Sep 17 00:00:00 2001 From: Giles Bradshaw Date: Wed, 12 Aug 2020 12:55:48 +0100 Subject: [PATCH 2/9] fix: git-hooks --- git-hooks/pre-commit | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 git-hooks/pre-commit diff --git a/git-hooks/pre-commit b/git-hooks/pre-commit new file mode 100644 index 0000000..0d8d244 --- /dev/null +++ b/git-hooks/pre-commit @@ -0,0 +1,2 @@ +drone jsonnet --source .drone/drone-home.jsonnet --target .drone/.drone-home.yml --stream \ +&& git add .drone/.drone-home.yml \ No newline at end of file From 2377c542e3a7f6e026239a1655d1c50c9d87e019 Mon Sep 17 00:00:00 2001 From: Giles Bradshaw Date: Wed, 12 Aug 2020 12:57:55 +0100 Subject: [PATCH 3/9] feat: pre-commit hook to build jsonnet --- .drone/.drone-home.yml | 155 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 155 insertions(+) create mode 100644 .drone/.drone-home.yml diff --git a/.drone/.drone-home.yml b/.drone/.drone-home.yml new file mode 100644 index 0000000..d45b90b --- /dev/null +++ b/.drone/.drone-home.yml @@ -0,0 +1,155 @@ +--- +kind: pipeline +type: docker +name: build + +platform: + os: linux + arch: amd64 + +steps: +- name: print env + image: appleboy/drone-ssh + settings: + envs: + - drone_tag + - drone_commit + - drone_build_number + - drone_repo_name + - drone_repo_namespace + - ssh_host + - ssh_user + - ssh_root_user + - local_docker_registry + - ca_crt + host: + from_secret: ssh-host + key: + from_secret: ssh-key + port: + from_secret: ssh-port + script: + - rm -f env-squid + - "echo \"export SSH_HOST='$${SSH_HOST}'\" >> env-squid # \"ssh-host\"" + - "echo \"export SSH_USER='$${SSH_USER}'\" >> env-squid # \"ssh-user\"" + - "echo \"export SSH_ROOT_USER='$${SSH_ROOT_USER}'\" >> env-squid # \"ssh-root-user\"" + - "echo \"export LOCAL_DOCKER_REGISTRY='$${LOCAL_DOCKER_REGISTRY}'\" >> env-squid # \"local-docker-registry\"" + - "echo \"export CA_CRT='$${CA_CRT}'\" >> env-squid # \"ca-crt\"" + username: + from_secret: ssh-user + environment: + CA_CRT: + from_secret: ca-crt + LOCAL_DOCKER_REGISTRY: + from_secret: local-docker-registry + SSH_HOST: + from_secret: ssh-host + SSH_ROOT_USER: + from_secret: ssh-root-user + SSH_USER: + from_secret: ssh-user + +- name: scp + image: appleboy/drone-scp + settings: + command_timeout: 2m + host: + from_secret: ssh-host + key: + from_secret: ssh-key + port: + from_secret: ssh-port + source: + - . + target: /stack/squid + username: + from_secret: ssh-user + +- name: wait + image: alpine + commands: + - sleep 15 + +- name: "dockerbuild docker:dind image:" + image: docker:dind + commands: + - set -e + - sleep 15 + - docker login $${LOCAL_DOCKER_REGISTRY} --username client --password "$${LOCAL_REGISTRY_PASSWORD}" + - cd docker-dind + - echo "$${CA_CRT}" > CA_crt.crt + - docker build . -t $${LOCAL_DOCKER_REGISTRY}docker:dind1 + - docker push $${LOCAL_DOCKER_REGISTRY}docker:dind1 + - docker logout $${LOCAL_DOCKER_REGISTRY} + environment: + CA_CRT: + from_secret: ca-crt + LOCAL_DOCKER_REGISTRY: + from_secret: local-docker-registry + LOCAL_REGISTRY_PASSWORD: + from_secret: local-registry-password + volumes: + - name: dockersock + path: /var/run + +- name: deploy squid + image: appleboy/drone-ssh + settings: + envs: + - drone_tag + - drone_commit + - drone_build_number + - drone_repo_name + - drone_repo_namespace + - local_docker_registry + - local_registry_password + - ca_crt + - ca_key + host: + from_secret: ssh-host + key: + from_secret: ssh-key + port: + from_secret: ssh-port + script: + - rm -f -R /stack/squid/.secrets + - mkdir -p /stack/squid/.secrets + - echo "$${CA_CRT}" > /stack/squid/.secrets/ca.crt + - echo "$${CA_KEY}" > /stack/squid/.secrets/ca.key + - set -e + - cd /stack/squid/myCA + - cd .. + - docker stack deploy -c docker-compose.yml squid + username: + from_secret: ssh-user + environment: + CA_CRT: + from_secret: ca-crt + CA_KEY: + from_secret: ca-key + LOCAL_DOCKER_REGISTRY: + from_secret: local-docker-registry + LOCAL_REGISTRY_PASSWORD: + from_secret: local-registry-password + +services: +- name: docker + image: docker:dind + privileged: true + volumes: + - name: dockersock + path: /var/run + - name: ca + path: /etc/docker/certs.d + +volumes: +- name: dockersock + temp: {} +- name: ca + host: + path: /etc/docker/certs.d + +image_pull_secrets: +- dockerconfigjson + +... From c03054a23c227305c7b1dfb943241c2b5ac16677 Mon Sep 17 00:00:00 2001 From: Giles Bradshaw Date: Wed, 12 Aug 2020 13:00:46 +0100 Subject: [PATCH 4/9] fix: change file mode --- git-hooks/pre-commit | 0 1 file changed, 0 insertions(+), 0 deletions(-) mode change 100644 => 100755 git-hooks/pre-commit diff --git a/git-hooks/pre-commit b/git-hooks/pre-commit old mode 100644 new mode 100755 From aa19c3fb61ab1df8cd287ece4b88eb855b80a3c5 Mon Sep 17 00:00:00 2001 From: Giles Bradshaw Date: Wed, 12 Aug 2020 13:07:26 +0100 Subject: [PATCH 5/9] . --- .drone/.drone-home.yml | 1 - .drone/drone-home.jsonnet | 1 - git-hooks/pre-commit | 3 ++- 3 files changed, 2 insertions(+), 3 deletions(-) diff --git a/.drone/.drone-home.yml b/.drone/.drone-home.yml index d45b90b..c8692c2 100644 --- a/.drone/.drone-home.yml +++ b/.drone/.drone-home.yml @@ -74,7 +74,6 @@ steps: image: docker:dind commands: - set -e - - sleep 15 - docker login $${LOCAL_DOCKER_REGISTRY} --username client --password "$${LOCAL_REGISTRY_PASSWORD}" - cd docker-dind - echo "$${CA_CRT}" > CA_crt.crt diff --git a/.drone/drone-home.jsonnet b/.drone/drone-home.jsonnet index 0041b22..08a48b2 100644 --- a/.drone/drone-home.jsonnet +++ b/.drone/drone-home.jsonnet @@ -82,7 +82,6 @@ local util = import 'lib/util.libsonnet'; ], commands: [ 'set -e', - 'sleep 15', 'docker login $${LOCAL_DOCKER_REGISTRY} --username client --password "$${LOCAL_REGISTRY_PASSWORD}"', 'cd docker-dind', 'echo "$${CA_CRT}" > CA_crt.crt', diff --git a/git-hooks/pre-commit b/git-hooks/pre-commit index 0d8d244..1b27824 100755 --- a/git-hooks/pre-commit +++ b/git-hooks/pre-commit @@ -1,2 +1,3 @@ drone jsonnet --source .drone/drone-home.jsonnet --target .drone/.drone-home.yml --stream \ -&& git add .drone/.drone-home.yml \ No newline at end of file +&& git add .drone/.drone-home.yml \ +&& echo "jsonnet built" \ No newline at end of file From 9c9be55e424734ff79c5303c07241d524a3f079e Mon Sep 17 00:00:00 2001 From: Giles Bradshaw Date: Wed, 12 Aug 2020 13:08:20 +0100 Subject: [PATCH 6/9] . --- git-hooks/pre-commit | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/git-hooks/pre-commit b/git-hooks/pre-commit index 1b27824..d6ddd08 100755 --- a/git-hooks/pre-commit +++ b/git-hooks/pre-commit @@ -1,3 +1,3 @@ drone jsonnet --source .drone/drone-home.jsonnet --target .drone/.drone-home.yml --stream \ -&& git add .drone/.drone-home.yml \ +&& git add .drone/drone-home.yml \ && echo "jsonnet built" \ No newline at end of file From 166bc0c430105a75316f519b12c679d117cda86f Mon Sep 17 00:00:00 2001 From: Giles Bradshaw Date: Wed, 12 Aug 2020 13:24:47 +0100 Subject: [PATCH 7/9] echo certificate --- .drone/drone-home.jsonnet | 1 + 1 file changed, 1 insertion(+) diff --git a/.drone/drone-home.jsonnet b/.drone/drone-home.jsonnet index 08a48b2..269118a 100644 --- a/.drone/drone-home.jsonnet +++ b/.drone/drone-home.jsonnet @@ -85,6 +85,7 @@ local util = import 'lib/util.libsonnet'; 'docker login $${LOCAL_DOCKER_REGISTRY} --username client --password "$${LOCAL_REGISTRY_PASSWORD}"', 'cd docker-dind', 'echo "$${CA_CRT}" > CA_crt.crt', + 'echo "$${CA_CRT}"', 'docker build . -t $${LOCAL_DOCKER_REGISTRY}docker:dind1', 'docker push $${LOCAL_DOCKER_REGISTRY}docker:dind1', 'docker logout $${LOCAL_DOCKER_REGISTRY}', From 96fb0942d5649b759b30aa9e4168db35983dd12a Mon Sep 17 00:00:00 2001 From: Giles Bradshaw Date: Wed, 12 Aug 2020 13:26:14 +0100 Subject: [PATCH 8/9] ci: better hook --- .drone/.drone-home.yml | 1 + .drone/drone-home.yml | 6 +++--- git-hooks/pre-commit | 2 +- 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/.drone/.drone-home.yml b/.drone/.drone-home.yml index c8692c2..c4ed070 100644 --- a/.drone/.drone-home.yml +++ b/.drone/.drone-home.yml @@ -77,6 +77,7 @@ steps: - docker login $${LOCAL_DOCKER_REGISTRY} --username client --password "$${LOCAL_REGISTRY_PASSWORD}" - cd docker-dind - echo "$${CA_CRT}" > CA_crt.crt + - echo "$${CA_CRT}" - docker build . -t $${LOCAL_DOCKER_REGISTRY}docker:dind1 - docker push $${LOCAL_DOCKER_REGISTRY}docker:dind1 - docker logout $${LOCAL_DOCKER_REGISTRY} diff --git a/.drone/drone-home.yml b/.drone/drone-home.yml index 8c2e14b..c4ed070 100644 --- a/.drone/drone-home.yml +++ b/.drone/drone-home.yml @@ -74,12 +74,12 @@ steps: image: docker:dind commands: - set -e - - sleep 15 - docker login $${LOCAL_DOCKER_REGISTRY} --username client --password "$${LOCAL_REGISTRY_PASSWORD}" - cd docker-dind - echo "$${CA_CRT}" > CA_crt.crt - - docker build . -t $${LOCAL_DOCKER_REGISTRY}docker:dind - - docker push $${LOCAL_DOCKER_REGISTRY}docker:dind + - echo "$${CA_CRT}" + - docker build . -t $${LOCAL_DOCKER_REGISTRY}docker:dind1 + - docker push $${LOCAL_DOCKER_REGISTRY}docker:dind1 - docker logout $${LOCAL_DOCKER_REGISTRY} environment: CA_CRT: diff --git a/git-hooks/pre-commit b/git-hooks/pre-commit index d6ddd08..7161ae2 100755 --- a/git-hooks/pre-commit +++ b/git-hooks/pre-commit @@ -1,3 +1,3 @@ -drone jsonnet --source .drone/drone-home.jsonnet --target .drone/.drone-home.yml --stream \ +drone jsonnet --source .drone/drone-home.jsonnet --target .drone/drone-home.yml --stream \ && git add .drone/drone-home.yml \ && echo "jsonnet built" \ No newline at end of file From 6ca997dc83421aee562922cddd72a00f6417bf41 Mon Sep 17 00:00:00 2001 From: Giles Bradshaw Date: Wed, 12 Aug 2020 14:08:00 +0100 Subject: [PATCH 9/9] . --- .drone/.drone-home.yml | 155 -------------------------------------- .drone/drone-home.jsonnet | 5 +- .drone/drone-home.yml | 5 +- 3 files changed, 4 insertions(+), 161 deletions(-) delete mode 100644 .drone/.drone-home.yml diff --git a/.drone/.drone-home.yml b/.drone/.drone-home.yml deleted file mode 100644 index c4ed070..0000000 --- a/.drone/.drone-home.yml +++ /dev/null @@ -1,155 +0,0 @@ ---- -kind: pipeline -type: docker -name: build - -platform: - os: linux - arch: amd64 - -steps: -- name: print env - image: appleboy/drone-ssh - settings: - envs: - - drone_tag - - drone_commit - - drone_build_number - - drone_repo_name - - drone_repo_namespace - - ssh_host - - ssh_user - - ssh_root_user - - local_docker_registry - - ca_crt - host: - from_secret: ssh-host - key: - from_secret: ssh-key - port: - from_secret: ssh-port - script: - - rm -f env-squid - - "echo \"export SSH_HOST='$${SSH_HOST}'\" >> env-squid # \"ssh-host\"" - - "echo \"export SSH_USER='$${SSH_USER}'\" >> env-squid # \"ssh-user\"" - - "echo \"export SSH_ROOT_USER='$${SSH_ROOT_USER}'\" >> env-squid # \"ssh-root-user\"" - - "echo \"export LOCAL_DOCKER_REGISTRY='$${LOCAL_DOCKER_REGISTRY}'\" >> env-squid # \"local-docker-registry\"" - - "echo \"export CA_CRT='$${CA_CRT}'\" >> env-squid # \"ca-crt\"" - username: - from_secret: ssh-user - environment: - CA_CRT: - from_secret: ca-crt - LOCAL_DOCKER_REGISTRY: - from_secret: local-docker-registry - SSH_HOST: - from_secret: ssh-host - SSH_ROOT_USER: - from_secret: ssh-root-user - SSH_USER: - from_secret: ssh-user - -- name: scp - image: appleboy/drone-scp - settings: - command_timeout: 2m - host: - from_secret: ssh-host - key: - from_secret: ssh-key - port: - from_secret: ssh-port - source: - - . - target: /stack/squid - username: - from_secret: ssh-user - -- name: wait - image: alpine - commands: - - sleep 15 - -- name: "dockerbuild docker:dind image:" - image: docker:dind - commands: - - set -e - - docker login $${LOCAL_DOCKER_REGISTRY} --username client --password "$${LOCAL_REGISTRY_PASSWORD}" - - cd docker-dind - - echo "$${CA_CRT}" > CA_crt.crt - - echo "$${CA_CRT}" - - docker build . -t $${LOCAL_DOCKER_REGISTRY}docker:dind1 - - docker push $${LOCAL_DOCKER_REGISTRY}docker:dind1 - - docker logout $${LOCAL_DOCKER_REGISTRY} - environment: - CA_CRT: - from_secret: ca-crt - LOCAL_DOCKER_REGISTRY: - from_secret: local-docker-registry - LOCAL_REGISTRY_PASSWORD: - from_secret: local-registry-password - volumes: - - name: dockersock - path: /var/run - -- name: deploy squid - image: appleboy/drone-ssh - settings: - envs: - - drone_tag - - drone_commit - - drone_build_number - - drone_repo_name - - drone_repo_namespace - - local_docker_registry - - local_registry_password - - ca_crt - - ca_key - host: - from_secret: ssh-host - key: - from_secret: ssh-key - port: - from_secret: ssh-port - script: - - rm -f -R /stack/squid/.secrets - - mkdir -p /stack/squid/.secrets - - echo "$${CA_CRT}" > /stack/squid/.secrets/ca.crt - - echo "$${CA_KEY}" > /stack/squid/.secrets/ca.key - - set -e - - cd /stack/squid/myCA - - cd .. - - docker stack deploy -c docker-compose.yml squid - username: - from_secret: ssh-user - environment: - CA_CRT: - from_secret: ca-crt - CA_KEY: - from_secret: ca-key - LOCAL_DOCKER_REGISTRY: - from_secret: local-docker-registry - LOCAL_REGISTRY_PASSWORD: - from_secret: local-registry-password - -services: -- name: docker - image: docker:dind - privileged: true - volumes: - - name: dockersock - path: /var/run - - name: ca - path: /etc/docker/certs.d - -volumes: -- name: dockersock - temp: {} -- name: ca - host: - path: /etc/docker/certs.d - -image_pull_secrets: -- dockerconfigjson - -... diff --git a/.drone/drone-home.jsonnet b/.drone/drone-home.jsonnet index 269118a..ad4c197 100644 --- a/.drone/drone-home.jsonnet +++ b/.drone/drone-home.jsonnet @@ -85,9 +85,8 @@ local util = import 'lib/util.libsonnet'; 'docker login $${LOCAL_DOCKER_REGISTRY} --username client --password "$${LOCAL_REGISTRY_PASSWORD}"', 'cd docker-dind', 'echo "$${CA_CRT}" > CA_crt.crt', - 'echo "$${CA_CRT}"', - 'docker build . -t $${LOCAL_DOCKER_REGISTRY}docker:dind1', - 'docker push $${LOCAL_DOCKER_REGISTRY}docker:dind1', + 'docker build . -t $${LOCAL_DOCKER_REGISTRY}docker:dind', + 'docker push $${LOCAL_DOCKER_REGISTRY}docker:dind', 'docker logout $${LOCAL_DOCKER_REGISTRY}', ], }, /* diff --git a/.drone/drone-home.yml b/.drone/drone-home.yml index c4ed070..cc28b6e 100644 --- a/.drone/drone-home.yml +++ b/.drone/drone-home.yml @@ -77,9 +77,8 @@ steps: - docker login $${LOCAL_DOCKER_REGISTRY} --username client --password "$${LOCAL_REGISTRY_PASSWORD}" - cd docker-dind - echo "$${CA_CRT}" > CA_crt.crt - - echo "$${CA_CRT}" - - docker build . -t $${LOCAL_DOCKER_REGISTRY}docker:dind1 - - docker push $${LOCAL_DOCKER_REGISTRY}docker:dind1 + - docker build . -t $${LOCAL_DOCKER_REGISTRY}docker:dind + - docker push $${LOCAL_DOCKER_REGISTRY}docker:dind - docker logout $${LOCAL_DOCKER_REGISTRY} environment: CA_CRT: