103 lines
2.8 KiB
YAML
103 lines
2.8 KiB
YAML
---
|
|
kind: pipeline
|
|
name: CI/CD
|
|
|
|
trigger:
|
|
ref:
|
|
- refs/tags/*
|
|
|
|
volumes:
|
|
- name: deps
|
|
temp: {}
|
|
- name: dockersock
|
|
temp: {}
|
|
|
|
steps:
|
|
- name: notify-start
|
|
image: appleboy/drone-discord
|
|
settings:
|
|
webhook_id:
|
|
from_secret: DISCORD_WEBHOOK_ID
|
|
webhook_token:
|
|
from_secret: DISCORD_WEBHOOK_TOKEN
|
|
message: "Started build: https://drone.cechis.cz/c3c/cv/{{ build.number }}"
|
|
|
|
- name: build
|
|
image: nixos/nix
|
|
volumes:
|
|
- name: deps
|
|
path: /nix/store
|
|
environment:
|
|
DRONE_SSH_KEY:
|
|
from_secret: drone_ssh_key
|
|
commands:
|
|
- mkdir /root/.ssh
|
|
- echo $DRONE_SSH_KEY > /root/.ssh/id_ed25519
|
|
- echo $GIT_C3C_KNOW_HOSTS > /root/.ssh/known_hosts
|
|
- nix --extra-experimental-features nix-command --extra-experimental-features flakes build .#image
|
|
|
|
- name: publish
|
|
image: docker:dind
|
|
environment:
|
|
REGISTRY_PASSWORD:
|
|
from_secret: registry_password
|
|
REGISTRY_USER:
|
|
from_secret: registry_user
|
|
volumes:
|
|
- name: deps
|
|
path: /nix/store
|
|
- name: dockersock
|
|
path: /var/run
|
|
commands:
|
|
- sleep 5
|
|
- ./result | docker load
|
|
- echo $$REGISTRY_PASSWORD | docker login -u $$REGISTRY_USER --password-stdin dr.cechis.cz
|
|
- docker tag cv:${DRONE_TAG} dr.cechis.cz/c3c/cv:${DRONE_TAG}
|
|
- docker push dr.cechis.cz/c3c/cv:${DRONE_TAG}
|
|
depends_on:
|
|
- build
|
|
|
|
- name: deploy
|
|
image: appleboy/drone-ssh
|
|
settings:
|
|
host: vps-1.cechis.cz
|
|
command_timeout: 20m
|
|
username: drone
|
|
key:
|
|
from_secret: SSH_DRONE
|
|
script:
|
|
- docker service update --quiet --with-registry-auth --detach=false --image dr.cechis.cz/c3c/cv:${DRONE_TAG} c3c-cv
|
|
depends_on:
|
|
- publish
|
|
|
|
- name: notify-end
|
|
image: appleboy/drone-discord
|
|
settings:
|
|
webhook_id:
|
|
from_secret: DISCORD_WEBHOOK_ID
|
|
webhook_token:
|
|
from_secret: DISCORD_WEBHOOK_TOKEN
|
|
message: "C3C CV build: {{ build.number }} - {{ build.status }}"
|
|
when:
|
|
status: [ success, failure ]
|
|
depends_on:
|
|
- deploy
|
|
|
|
services:
|
|
- name: docker
|
|
image: docker:dind
|
|
privileged: true
|
|
volumes:
|
|
- name: dockersock
|
|
path: /var/run
|
|
|
|
---
|
|
kind: secret
|
|
name: drone_ssh_key
|
|
data: tsiJlrs/usJ7DBgSh4Xz1NancyaEM7+20x8e4ZyAlca/jC5pf0Fcb+WIyZx5yUhtBNES9gE7/+FL+BUGE7GyRtRj46N55KgxPPi6LjYx35nQVDhnKRmyKcAIAvMmNgpo1dUO1HZac4Rb8enKFL6zRDsNSZjdOfxUZl056MWRkGD3ze3BxULXknXZpCxENHD49uwcF4FrHNTVf9fJFrOOrxXT6pCg3aj+hIOG2VKimIQaHje3yTIkHc/68QW+dUD6Yvx4J9f9N8buW8c0ilPtlGh58Hv/s7OeeYqszS9rTfw/6ra+mEVLTDTGSIOMuaVVfxlHJ9dpJsZsdn1PxrgGi3XiZnKMCSHAjwrmDbf5kYdoPm/PX4JwYAfopd84px749f6NOuhb8Hwv7QKu5szLmp2pQ/4nTRft/9zeo2OZneXTt8xjvptTgOwFffLkxFliYVcsd0rbanpjWDW6mfy558pNfptKK+ZDqTjpRTDk6DDws6fm9XwdPLK01t2t90DfKSNzKN1FUNg51C+VIoKqQjBzWli+4w4HsAKumPtrchCfYrNCxgyJ5jcjvxyjg3GdsOnlEA3M
|
|
---
|
|
kind: signature
|
|
hmac: b992b7c5815edff54cbee13837b65760419a6058da6f98fc45856aa40bf8002d
|
|
|
|
...
|