squid/.drone/drone-home.jsonnet

local images = import 'lib/images.libsonnet';
local util = import 'lib/util.libsonnet';
local compose = import 'node_modules/@sigyl/jsonnet-compose/compose.libsonnet';
local secretSecrets = import 'lib/secret-secrets.libsonnet';
local publicSecrets = import 'lib/public-secrets.libsonnet';
[
  {
    kind: 'pipeline',
    type: 'docker',
    name: 'build',
    clone: {
      disable: false,
      depth: 0,
    },
    services: [
      images.docker {
        privileged: true,
        volumes: [
          {
            name: 'dockersock',
            path: '/var/run',
          },
          {
            name: 'ca',
            path: '/etc/docker/certs.d',
          },
        ],
      },
    ],
    volumes: [
      {
        name: 'dockersock',
        temp: {},
      },
      {
        name: 'ca',
        host: {
          path: '/etc/docker/certs.d',
        },
      },
    ],
    steps:[
      images.scp(
        '/stack/squid'
      ),
      images.wait(15),
      images.ssh  {
        name: 'deploy squid',
        settings +: {
          //username: util.fromSecret("ssh-root-user"),
          //password: util.fromSecret("ssh-root-password"),
          script +: [
            'set -e',
            "docker network prune -f",
            "cd /stack/squid/myCA",
            'openssl genrsa -out CA_key.pem 2048',
            'openssl req -x509 -days 600 -new -nodes -key CA_key.pem -out CA_crt.pem -extensions v3_ca -config openssl.cnf    -subj "/C=US/ST=California/L=Mountain View/O=Google/OU=Enterprise/CN=MyCA"',
            'cd ..',
            "docker stack rm squid",
            "sleep 31",
            "docker stack deploy -c docker-compose.yml squid",
          ]
        }
      }
    ],
  }
]