--- kind: pipeline type: docker name: build platform: os: linux arch: amd64 steps: - name: print env image: appleboy/drone-ssh settings: envs: - drone_tag - drone_commit - drone_build_number - drone_repo_name - drone_repo_namespace - ssh_host - ssh_user - ssh_root_user - local_docker_registry - ca_crt host: from_secret: ssh-host key: from_secret: ssh-key port: from_secret: ssh-port script: - rm -f env-squid - "echo \"export SSH_HOST='$${SSH_HOST}'\" >> env-squid # \"ssh-host\"" - "echo \"export SSH_USER='$${SSH_USER}'\" >> env-squid # \"ssh-user\"" - "echo \"export SSH_ROOT_USER='$${SSH_ROOT_USER}'\" >> env-squid # \"ssh-root-user\"" - "echo \"export LOCAL_DOCKER_REGISTRY='$${LOCAL_DOCKER_REGISTRY}'\" >> env-squid # \"local-docker-registry\"" - "echo \"export CA_CRT='$${CA_CRT}'\" >> env-squid # \"ca-crt\"" username: from_secret: ssh-user environment: CA_CRT: from_secret: ca-crt LOCAL_DOCKER_REGISTRY: from_secret: local-docker-registry SSH_HOST: from_secret: ssh-host SSH_ROOT_USER: from_secret: ssh-root-user SSH_USER: from_secret: ssh-user - name: scp image: appleboy/drone-scp settings: command_timeout: 2m host: from_secret: ssh-host key: from_secret: ssh-key port: from_secret: ssh-port source: - . target: /stack/squid username: from_secret: ssh-user - name: wait image: alpine commands: - sleep 15 - name: deploy squid image: appleboy/drone-ssh settings: envs: - drone_tag - drone_commit - drone_build_number - drone_repo_name - drone_repo_namespace - local_docker_registry - local_registry_password - ca_crt - ca_key host: from_secret: ssh-host key: from_secret: ssh-key port: from_secret: ssh-port script: - rm -f -R /stack/squid/.secrets - mkdir -p /stack/squid/.secrets - echo $${CA_CRT} > /stack/squid/.secrets/ca.crt - echo $${CA_KEY} > /stack/squid/.secrets/ca.key - set -e - cd /stack/squid/myCA - cd .. - docker stack deploy -c docker-compose.yml squid username: from_secret: ssh-user environment: CA_CRT: from_secret: ca-crt CA_KEY: from_secret: ca-key LOCAL_DOCKER_REGISTRY: from_secret: local-docker-registry LOCAL_REGISTRY_PASSWORD: from_secret: local-registry-password services: - name: docker image: docker:dind privileged: true volumes: - name: dockersock path: /var/run - name: ca path: /etc/docker/certs.d volumes: - name: dockersock temp: {} - name: ca host: path: /etc/docker/certs.d ...