Signed-off-by: kjuulh <contact@kjuulh.io>
This commit is contained in:
parent
2617cbd1e2
commit
d28a24b855
192
.drone.yml
Normal file
192
.drone.yml
Normal file
@ -0,0 +1,192 @@
|
||||
kind: pipeline
|
||||
name: default
|
||||
type: docker
|
||||
|
||||
steps:
|
||||
- name: build ci
|
||||
image: rustlang/rust:nightly
|
||||
volumes:
|
||||
- name: ci
|
||||
path: /mnt/ci
|
||||
environment:
|
||||
PKG_CONFIG_SYSROOT_DIR: "/"
|
||||
CI_PREFIX: "/mnt/ci"
|
||||
commands:
|
||||
- set -e
|
||||
- apt update
|
||||
- apt install musl-tools pkg-config libssl-dev openssl build-essential musl-dev -y
|
||||
- rustup target add x86_64-unknown-linux-musl
|
||||
- cargo build --target=x86_64-unknown-linux-musl -p ci --bin ci
|
||||
- mv target/x86_64-unknown-linux-musl/debug/ci "$CI_PREFIX/ci"
|
||||
|
||||
- name: load_secret
|
||||
image: debian:buster-slim
|
||||
volumes:
|
||||
- name: ssh
|
||||
path: /root/.ssh/
|
||||
environment:
|
||||
SSH_KEY:
|
||||
from_secret: gitea_id_ed25519
|
||||
commands:
|
||||
- mkdir -p $HOME/.ssh/
|
||||
- echo "$SSH_KEY" | base64 -d > $HOME/.ssh/id_ed25519
|
||||
- chmod -R 600 ~/.ssh
|
||||
- |
|
||||
cat >$HOME/.ssh/config <<EOL
|
||||
Host git.front.kjuulh.io
|
||||
IdentityFile $HOME/.ssh/id_ed25519
|
||||
IdentitiesOnly yes
|
||||
UserKnownHostsFile=/dev/null
|
||||
StrictHostKeyChecking no
|
||||
EOL
|
||||
- chmod 700 ~/.ssh/config
|
||||
|
||||
- name: build pr
|
||||
image: kasperhermansen/cuddle:latest
|
||||
pull: always
|
||||
volumes:
|
||||
- name: ssh
|
||||
path: /root/.ssh/
|
||||
- name: dockersock
|
||||
path: /var/run
|
||||
- name: ci
|
||||
path: /mnt/ci
|
||||
commands:
|
||||
- eval `ssh-agent`
|
||||
- ssh-add
|
||||
- echo "$DOCKER_PASSWORD" | docker login --password-stdin --username="$DOCKER_USERNAME" docker.io
|
||||
- apk add git
|
||||
- $CI_PREFIX pr
|
||||
environment:
|
||||
DOCKER_BUILDKIT: 1
|
||||
DOCKER_PASSWORD:
|
||||
from_secret: docker_password
|
||||
DOCKER_USERNAME:
|
||||
from_secret: docker_username
|
||||
CUDDLE_SECRETS_PROVIDER: 1password
|
||||
CUDDLE_ONE_PASSWORD_DOT_ENV: ".env.ci"
|
||||
CUDDLE_SSH_AGENT: "true"
|
||||
CI_PREFIX: "/mnt/ci/ci"
|
||||
CUDDLE_PLEASE_TOKEN:
|
||||
from_secret: cuddle_please_token
|
||||
OP_SERVICE_ACCOUNT_TOKEN:
|
||||
from_secret: op_service_account_token
|
||||
when:
|
||||
event:
|
||||
- pull_request
|
||||
exclude:
|
||||
- main
|
||||
- master
|
||||
depends_on:
|
||||
- "load_secret"
|
||||
- "build ci"
|
||||
|
||||
- name: build main
|
||||
image: kasperhermansen/cuddle:latest
|
||||
pull: always
|
||||
volumes:
|
||||
- name: ssh
|
||||
path: /root/.ssh/
|
||||
# - name: dockersock
|
||||
# path: /var/run
|
||||
- name: ci
|
||||
path: /mnt/ci
|
||||
commands:
|
||||
- eval `ssh-agent`
|
||||
- ssh-add
|
||||
- echo "$DOCKER_PASSWORD" | docker login --password-stdin --username="$DOCKER_USERNAME" docker.io
|
||||
- apk add git
|
||||
- $CI_PREFIX main
|
||||
environment:
|
||||
REGISTRY_CACHE_USERNAME:
|
||||
from_secret: registry_cache_username
|
||||
REGISTRY_CACHE_PASSWORD:
|
||||
from_secret: registry_cache_password
|
||||
REGISTRY_CACHE_TOKEN:
|
||||
from_secret: registry_cache_token
|
||||
REGISTRY_CACHE_url:
|
||||
from_secret: registry_cache_url
|
||||
DOCKER_BUILDKIT: 1
|
||||
DOCKER_PASSWORD:
|
||||
from_secret: docker_password
|
||||
DOCKER_USERNAME:
|
||||
from_secret: docker_username
|
||||
CUDDLE_SECRETS_PROVIDER: 1password
|
||||
CUDDLE_ONE_PASSWORD_DOT_ENV: ".env.ci"
|
||||
CUDDLE_SSH_AGENT: "true"
|
||||
GIT_PASSWORD:
|
||||
from_secret: git_password
|
||||
CI_PREFIX: "/mnt/ci/ci"
|
||||
DOCKER_HOST: "tcp://192.168.1.233:2376"
|
||||
CUDDLE_PLEASE_TOKEN:
|
||||
from_secret: cuddle_please_token
|
||||
OP_SERVICE_ACCOUNT_TOKEN:
|
||||
from_secret: op_service_account_token
|
||||
when:
|
||||
event:
|
||||
- push
|
||||
branch:
|
||||
- main
|
||||
- master
|
||||
exclude:
|
||||
- pull_request
|
||||
depends_on:
|
||||
- "load_secret"
|
||||
- "build ci"
|
||||
|
||||
- name: deploy release
|
||||
image: kasperhermansen/cuddle:latest
|
||||
pull: always
|
||||
volumes:
|
||||
- name: ssh
|
||||
path: /root/.ssh/
|
||||
- name: dockersock
|
||||
path: /var/run
|
||||
- name: ci
|
||||
path: /mnt/ci
|
||||
commands:
|
||||
- eval `ssh-agent`
|
||||
- ssh-add
|
||||
- echo "$DOCKER_PASSWORD" | docker login --password-stdin --username="$DOCKER_USERNAME" docker.io
|
||||
- apk add git
|
||||
|
||||
- $CI_PREFIX release
|
||||
environment:
|
||||
DOCKER_BUILDKIT: 1
|
||||
DOCKER_PASSWORD:
|
||||
from_secret: docker_password
|
||||
DOCKER_USERNAME:
|
||||
from_secret: docker_username
|
||||
CUDDLE_SECRETS_PROVIDER: 1password
|
||||
CUDDLE_ONE_PASSWORD_DOT_ENV: ".env.ci"
|
||||
CUDDLE_SSH_AGENT: "true"
|
||||
CI_PREFIX: "/mnt/ci/ci"
|
||||
CUDDLE_PLEASE_TOKEN:
|
||||
from_secret: cuddle_please_token
|
||||
OP_SERVICE_ACCOUNT_TOKEN:
|
||||
from_secret: op_service_account_token
|
||||
when:
|
||||
event:
|
||||
- tag
|
||||
ref:
|
||||
include:
|
||||
- refs/tags/v*
|
||||
depends_on:
|
||||
- "load_secret"
|
||||
- "build ci"
|
||||
|
||||
services:
|
||||
- name: docker
|
||||
image: docker:dind
|
||||
privileged: true
|
||||
volumes:
|
||||
- name: dockersock
|
||||
path: /var/run
|
||||
|
||||
volumes:
|
||||
- name: ssh
|
||||
temp: {}
|
||||
- name: dockersock
|
||||
temp: {}
|
||||
- name: ci
|
||||
temp: {}
|
Loading…
Reference in New Issue
Block a user