feat: remove docker sock

Signed-off-by: kjuulh <contact@kjuulh.io>
2024-03-30 00:16:23 +01:00 · 2024-03-30 00:16:23 +01:00 · c9754a8a09
commit c9754a8a09
parent 02b2c986ed
8 changed files with 0 additions and 222 deletions
--- a/.drone.yml
+++ b/.drone.yml
@ -47,8 +47,6 @@ steps:
    volumes:
      - name: ssh
        path: /root/.ssh/
      - name: dockersock
        path: /var/run
      - name: ci
        path: /mnt/ci
    commands:
@ -87,8 +85,6 @@ steps:
    volumes:
      - name: ssh
        path: /root/.ssh/
 #     - name: dockersock
 #       path: /var/run
      - name: ci
        path: /mnt/ci
    commands:
@ -134,59 +130,8 @@ steps:
      - "load_secret"
      - "build ci"
  - name: deploy release
    image: kasperhermansen/cuddle:latest
    pull: always
    volumes:
      - name: ssh
        path: /root/.ssh/
      - name: dockersock
        path: /var/run
      - name: ci
        path: /mnt/ci
    commands:
      - eval `ssh-agent`
      - ssh-add
      - echo "$DOCKER_PASSWORD" | docker login  --password-stdin --username="$DOCKER_USERNAME" docker.io
      - apk add git
      - $CI_PREFIX release
    environment:
      DOCKER_BUILDKIT: 1
      DOCKER_PASSWORD:
        from_secret: docker_password
      DOCKER_USERNAME:
        from_secret: docker_username
      CUDDLE_SECRETS_PROVIDER: 1password
      CUDDLE_ONE_PASSWORD_DOT_ENV: ".env.ci"
      CUDDLE_SSH_AGENT: "true"
      CI_PREFIX: "/mnt/ci/ci"
      CUDDLE_PLEASE_TOKEN:
        from_secret: cuddle_please_token
      OP_SERVICE_ACCOUNT_TOKEN:
        from_secret: op_service_account_token
    when:
      event:
        - tag
      ref:
        include:
        - refs/tags/v*
    depends_on:
      - "load_secret"
      - "build ci"
 services:
 - name: docker
  image: docker:dind
  privileged: true
  volumes:
  - name: dockersock
    path: /var/run
 volumes:
  - name: ssh
    temp: {}
  - name: dockersock
    temp: {}
  - name: ci
    temp: {}
--- a/crates/cuddle-rust-cli-plan/src/main.rs
+++ b/crates/cuddle-rust-cli-plan/src/main.rs
@ -28,59 +28,11 @@ async fn main() -> eyre::Result<()> {
    let service = Arc::new(Mutex::new(service));
    let render = Arc::new(Mutex::new(RustServiceRender::default()));
    let deployment = Arc::new(Mutex::new(CuddleReleaser::new(client).await?));
    CuddleCI::default()
        .with_pull_request(service.clone())
        //.with_pull_request(render.clone())
        //.with_pull_request(deployment.clone())
        .with_main(service.clone())
        .with_main(render.clone())
        .with_main(deployment.clone())
        .execute(std::env::args())
        .await?;
    Ok(())
 }
 #[derive(Default)]
 struct RustServiceRender {}
 #[async_trait]
 impl MainAction for RustServiceRender {
    async fn execute_main(&self, ctx: &mut Context) -> eyre::Result<()> {
        let image_tag = ctx
            .get_image_tag()?
            .ok_or(eyre::anyhow!("failed to find image_tag"))?;
        cuddle_ci::cuddle_x::well_known::render(vec![
            "--cluster",
            "clank-prod",
            "--image_tag",
            &image_tag,
        ])
        .await?;
        Ok(())
    }
 }
 #[async_trait]
 impl PullRequestAction for RustServiceRender {
    async fn execute_pull_request(&self, ctx: &mut Context) -> eyre::Result<()> {
        let image_tag = ctx
            .get_image_tag()?
            .ok_or(eyre::anyhow!("failed to find image_tag"))?;
        cuddle_ci::cuddle_x::well_known::render(vec![
            "--cluster",
            "clank-dev",
            "--image_tag",
            &image_tag,
        ])
        .await?;
        Ok(())
    }
 }
--- a/cuddle.yaml
+++ b/cuddle.yaml
@ -5,20 +5,3 @@ base: "git@git.front.kjuulh.io:kjuulh/cuddle-base.git"
 vars:
  service: "cuddle-rust-cli-plan"
  registry: kasperhermansen
  clusters:
    clank-prod:
      replicas: "3"
      namespace: prod
 scripts:
  render:
    type: shell
    args:
      cluster:
        name: cluster
        type: flag
      image_tag:
        name: image_tag
        type: flag
--- a/scripts/render.sh
+++ b/scripts/render.sh
@ -1,19 +0,0 @@
 #!/bin/bash
 set -eou pipefail
 echo "rendering folder"
 cuddle render folder \
  --source $TMP/kustomize \
  --destination $TMP/rendered/kustomize \
  --extra-var cluster=$CLUSTER \
  --extra-var image_tag=$IMAGE_TAG
 echo "rendering kustomize"
 cuddle render kustomize \
  --kustomize-folder $TMP/rendered/kustomize/base \
  --destination $TMP/k8s
 echo "done"
--- a/templates/deployment.yaml
+++ b/templates/deployment.yaml
@ -1,20 +0,0 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: "{{ service }}"
 spec:
  selector:
    matchLabels:
      app: "{{ service }}"
  template:
    spec:
      containers:
      - name: "{{ service }}"
        image: "deployment:latest"
        ports:
        - containerPort: 3000
          name: external_http
        - containerPort: 3001
          name: internal_http
        - containerPort: 3002
          name: internal_grpc
--- a/templates/kustomize/base/deployment.yaml
+++ b/templates/kustomize/base/deployment.yaml
@ -1,22 +0,0 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: "{{ service }}"
 spec:
  selector:
    matchLabels:
      app: "{{ service }}"
  template:
    spec:
      containers:
      - name: "{{ service }}"
        command: [{{ service }}]
        args: ["serve"]
        image: "deployment:latest"
        ports:
        - containerPort: 3000
          name: external-http
        - containerPort: 3001
          name: internal-http
        - containerPort: 3002
          name: internal-grpc
--- a/templates/kustomize/base/kustomization.yaml
+++ b/templates/kustomize/base/kustomization.yaml
@ -1,24 +0,0 @@
 {% set_global cluster_vars = filter_by_prefix(prefix=["clusters", cluster]) %}
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
 - deployment.yaml
 - service.yaml
 commonLabels:
  app: "{{ service }}"
  cluster: "{{ cluster }}"
 namespace: "{{ cluster_vars.namespace }}"
 replicas:
  - name: "{{ service }}"
    count: {{ cluster_vars.replicas }}
 images:
  - name: "deployment"
    newName: "{{ registry }}/{{ service }}"
    newTag: "{{ image_tag }}"
--- a/templates/kustomize/base/service.yaml
+++ b/templates/kustomize/base/service.yaml
@ -1,17 +0,0 @@
 apiVersion: v1
 kind: Service
 metadata:
  name: "{{ service }}"
 spec:
  type: LoadBalancer
  ports:
    - name: external-http
      port: 3000
      targetPort: 3000 
    - name: internal-http
      port: 3001
      targetPort: 3001 
    - name: internal-grpc
      port: 3002
      targetPort: 3002