squid/.drone/drone-home.jsonnet

89 lines
2.3 KiB
Plaintext

local images = import 'lib/images.libsonnet';
local environment = import 'node_modules/@sigyl/jsonnet-drone-environment/environment.libsonnet';
local compose = import 'node_modules/@sigyl/jsonnet-compose/compose.libsonnet';
local secretSecrets = import 'lib/secret-secrets.libsonnet';
local publicSecrets = import 'lib/public-secrets.libsonnet';
[
{
kind: 'pipeline',
type: 'docker',
name: 'build',
clone: {
disable: false,
depth: 0,
},
services: [
images.docker {
privileged: true,
volumes: [
{
name: 'dockersock',
path: '/var/run',
},
{
name: 'ca',
path: '/etc/docker/certs.d',
},
],
},
],
volumes: [
{
name: 'dockersock',
temp: {},
},
{
name: 'ca',
host: {
path: '/etc/docker/certs.d',
},
},
],
steps:[
images.scp(
'/stack/squid'
),
images.wait(15),
images.docker {
name +: 'build docker image:',
environment +: environment.environmentSecrets([
'LOCAL_DOCKER_REGISTRY',
'LOCAL_REGISTRY_PASSWORD',
]),
volumes: [
{
name: 'dockersock',
path: '/var/run',
},
],
commands: [
'set -e',
'pwd',
'sleep 15',
'cd docker',
'docker login $${LOCAL_DOCKER_REGISTRY} --username client --password "$${LOCAL_REGISTRY_PASSWORD}"',
'docker build . -t $${LOCAL_DOCKER_REGISTRY}squid',
'docker push $${LOCAL_DOCKER_REGISTRY}squid',
'docker logout $${LOCAL_DOCKER_REGISTRY}',
],
},
images.ssh {
name: 'deploy squid',
settings +: {
script +: [
'set -e',
"docker network prune -f",
"cd /stack/squid/myCA",
'openssl genrsa -out CA_key.pem 2048',
'openssl req -x509 -days 600 -new -nodes -key CA_key.pem -out CA_crt.pem -extensions v3_ca -config openssl.cnf -subj "/C=US/ST=California/L=Mountain View/O=Google/OU=Enterprise/CN=MyCA"',
'cd ..',
"docker stack rm squid",
"sleep 31",
"docker stack deploy -c docker-compose.yml squid",
]
}
}
],
}
]