156 lines
3.4 KiB
YAML
156 lines
3.4 KiB
YAML
---
|
|
kind: pipeline
|
|
type: docker
|
|
name: build
|
|
|
|
platform:
|
|
os: linux
|
|
arch: amd64
|
|
|
|
steps:
|
|
- name: print env
|
|
image: appleboy/drone-ssh
|
|
settings:
|
|
envs:
|
|
- drone_tag
|
|
- drone_commit
|
|
- drone_build_number
|
|
- drone_repo_name
|
|
- drone_repo_namespace
|
|
- ssh_host
|
|
- ssh_user
|
|
- ssh_root_user
|
|
- local_docker_registry
|
|
- ca_crt
|
|
host:
|
|
from_secret: ssh-host
|
|
key:
|
|
from_secret: ssh-key
|
|
port:
|
|
from_secret: ssh-port
|
|
script:
|
|
- rm -f env-squid
|
|
- "echo \"export SSH_HOST='$${SSH_HOST}'\" >> env-squid # \"ssh-host\""
|
|
- "echo \"export SSH_USER='$${SSH_USER}'\" >> env-squid # \"ssh-user\""
|
|
- "echo \"export SSH_ROOT_USER='$${SSH_ROOT_USER}'\" >> env-squid # \"ssh-root-user\""
|
|
- "echo \"export LOCAL_DOCKER_REGISTRY='$${LOCAL_DOCKER_REGISTRY}'\" >> env-squid # \"local-docker-registry\""
|
|
- "echo \"export CA_CRT='$${CA_CRT}'\" >> env-squid # \"ca-crt\""
|
|
username:
|
|
from_secret: ssh-user
|
|
environment:
|
|
CA_CRT:
|
|
from_secret: ca-crt
|
|
LOCAL_DOCKER_REGISTRY:
|
|
from_secret: local-docker-registry
|
|
SSH_HOST:
|
|
from_secret: ssh-host
|
|
SSH_ROOT_USER:
|
|
from_secret: ssh-root-user
|
|
SSH_USER:
|
|
from_secret: ssh-user
|
|
|
|
- name: scp
|
|
image: appleboy/drone-scp
|
|
settings:
|
|
command_timeout: 2m
|
|
host:
|
|
from_secret: ssh-host
|
|
key:
|
|
from_secret: ssh-key
|
|
port:
|
|
from_secret: ssh-port
|
|
source:
|
|
- .
|
|
target: /stack/squid
|
|
username:
|
|
from_secret: ssh-user
|
|
|
|
- name: wait
|
|
image: alpine
|
|
commands:
|
|
- sleep 15
|
|
|
|
- name: "dockerbuild docker:dind image:"
|
|
image: docker:dind
|
|
commands:
|
|
- set -e
|
|
- docker login $${LOCAL_DOCKER_REGISTRY} --username client --password "$${LOCAL_REGISTRY_PASSWORD}"
|
|
- cd docker-dind
|
|
- echo "$${CA_CRT}" > CA_crt.crt
|
|
- echo "$${CA_CRT}"
|
|
- docker build . -t $${LOCAL_DOCKER_REGISTRY}docker:dind1
|
|
- docker push $${LOCAL_DOCKER_REGISTRY}docker:dind1
|
|
- docker logout $${LOCAL_DOCKER_REGISTRY}
|
|
environment:
|
|
CA_CRT:
|
|
from_secret: ca-crt
|
|
LOCAL_DOCKER_REGISTRY:
|
|
from_secret: local-docker-registry
|
|
LOCAL_REGISTRY_PASSWORD:
|
|
from_secret: local-registry-password
|
|
volumes:
|
|
- name: dockersock
|
|
path: /var/run
|
|
|
|
- name: deploy squid
|
|
image: appleboy/drone-ssh
|
|
settings:
|
|
envs:
|
|
- drone_tag
|
|
- drone_commit
|
|
- drone_build_number
|
|
- drone_repo_name
|
|
- drone_repo_namespace
|
|
- local_docker_registry
|
|
- local_registry_password
|
|
- ca_crt
|
|
- ca_key
|
|
host:
|
|
from_secret: ssh-host
|
|
key:
|
|
from_secret: ssh-key
|
|
port:
|
|
from_secret: ssh-port
|
|
script:
|
|
- rm -f -R /stack/squid/.secrets
|
|
- mkdir -p /stack/squid/.secrets
|
|
- echo "$${CA_CRT}" > /stack/squid/.secrets/ca.crt
|
|
- echo "$${CA_KEY}" > /stack/squid/.secrets/ca.key
|
|
- set -e
|
|
- cd /stack/squid/myCA
|
|
- cd ..
|
|
- docker stack deploy -c docker-compose.yml squid
|
|
username:
|
|
from_secret: ssh-user
|
|
environment:
|
|
CA_CRT:
|
|
from_secret: ca-crt
|
|
CA_KEY:
|
|
from_secret: ca-key
|
|
LOCAL_DOCKER_REGISTRY:
|
|
from_secret: local-docker-registry
|
|
LOCAL_REGISTRY_PASSWORD:
|
|
from_secret: local-registry-password
|
|
|
|
services:
|
|
- name: docker
|
|
image: docker:dind
|
|
privileged: true
|
|
volumes:
|
|
- name: dockersock
|
|
path: /var/run
|
|
- name: ca
|
|
path: /etc/docker/certs.d
|
|
|
|
volumes:
|
|
- name: dockersock
|
|
temp: {}
|
|
- name: ca
|
|
host:
|
|
path: /etc/docker/certs.d
|
|
|
|
image_pull_secrets:
|
|
- dockerconfigjson
|
|
|
|
...
|