--- kind: pipeline type: docker name: build platform: os: linux arch: amd64 steps: - name: scp image: appleboy/drone-scp settings: command_timeout: 2m host: from_secret: ssh-host password: from_secret: ssh-password port: from_secret: ssh-port source: - . target: /stack/squid username: from_secret: ssh-user - name: wait image: alpine commands: - sleep 15 - name: will print ssh-host again image: appleboy/drone-ssh settings: envs: - drone_tag - drone_commit - drone_build_number - drone_repo_name - drone_repo_namespace - ssh_host - ssh_user - ssh_root_user host: from_secret: ssh-host password: from_secret: ssh-password port: from_secret: ssh-port script: - rm afile - "echo \"export SSH_HOST='$${SSH_HOST}'\" >> afile # \"ssh-host\"" - "echo \"export SSH_USER='$${SSH_USER}'\" >> afile # \"ssh-user\"" - "echo \"export SSH_ROOT_USER='$${SSH_ROOT_USER}'\" >> afile # \"ssh-root-user\"" username: from_secret: ssh-user environment: SSH_HOST: from_secret: ssh-host SSH_ROOT_USER: from_secret: ssh-root-user SSH_USER: from_secret: ssh-user - name: deploy squid image: appleboy/drone-ssh settings: envs: - drone_tag - drone_commit - drone_build_number - drone_repo_name - drone_repo_namespace - ssh_host - ssh_user - ssh_root_user - ssh_password host: from_secret: ssh-host password: from_secret: ssh-password port: from_secret: ssh-port script: - set -e - docker network prune -f - cd /stack/squid/myCA - openssl genrsa -out CA_key.pem 2048 - openssl req -x509 -days 600 -new -nodes -key CA_key.pem -out CA_crt.pem -extensions v3_ca -config openssl.cnf -subj "/C=US/ST=California/L=Mountain View/O=Google/OU=Enterprise/CN=MyCA" - cd .. - docker stack rm squid - sleep 30 - docker stack deploy -c docker-compose.yml squid - export SSH_HOST="$${SSH_HOST}" - echo "$${SSH_HOST}" - export SSH_USER="$${SSH_USER}" - echo "$${SSH_USER}" - export SSH_ROOT_USER="$${SSH_ROOT_USER}" - echo "$${SSH_ROOT_USER}" - export SSH_PASSWORD="$${SSH_PASSWORD}" - echo "$${SSH_PASSWORD}" username: from_secret: ssh-user environment: SSH_HOST: from_secret: ssh-host SSH_PASSWORD: from_secret: ssh-password SSH_ROOT_USER: from_secret: ssh-root-user SSH_USER: from_secret: ssh-user services: - name: docker image: docker:dind privileged: true volumes: - name: dockersock path: /var/run - name: ca path: /etc/docker/certs.d volumes: - name: dockersock temp: {} - name: ca host: path: /etc/docker/certs.d ...