Working deployment w/ optional Git(hub|ea)
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/push Build is passing
Details
Re compose-stacks/organising#18
This commit is contained in:
parent
99cb1b0c78
commit
e0c6c5bca2
|
@ -16,8 +16,9 @@ steps:
|
||||||
STACK_NAME: drone
|
STACK_NAME: drone
|
||||||
LETS_ENCRYPT_ENV: production
|
LETS_ENCRYPT_ENV: production
|
||||||
GITEA_DOMAIN: gitea.swarm-test.autonomic.zone
|
GITEA_DOMAIN: gitea.swarm-test.autonomic.zone
|
||||||
GITEA_CLIENT_ID: barfoo
|
GITEA_CLIENT_ID: drone-test
|
||||||
GITEA_CLIENT_SECRET: foobar
|
RPC_SECRET_VERSION: v1
|
||||||
|
DRONE_ENV_VERSION: v1
|
||||||
trigger:
|
trigger:
|
||||||
branch:
|
branch:
|
||||||
- master
|
- master
|
||||||
|
|
|
@ -1,9 +1,20 @@
|
||||||
export SERVICE=drone
|
export SERVICE=drone
|
||||||
export STACK_NAME=drone
|
export STACK_NAME=drone
|
||||||
|
|
||||||
export DOMAIN=drone.autonomic.zone
|
export DOMAIN=git.example.com
|
||||||
export LETS_ENCRYPT_ENV=production
|
export LETS_ENCRYPT_ENV=production
|
||||||
|
|
||||||
# Gitea Single Sign On
|
export DRONE_ENV_VERSION=v1
|
||||||
export GITEA_CLIENT_ID=barfoo
|
export RPC_SECRET_VERSION=v1
|
||||||
export GITEA_CLIENT_SECRET=foobar
|
|
||||||
|
## Required for any kind of Single Sign On
|
||||||
|
#export CLIENT_SECRET_VERSION=v1
|
||||||
|
|
||||||
|
## Gitea Single Sign On
|
||||||
|
#export COMPOSE_FILE="compose.yml:compose.gitea.yml"
|
||||||
|
#export GITEA_CLIENT_ID=your-client-id
|
||||||
|
#export GITEA_DOMAIN=git.example.com
|
||||||
|
|
||||||
|
## Github Single Sign On
|
||||||
|
#export COMPOSE_FILE="compose.yml:compose.github.yml"
|
||||||
|
#export GITHUB_CLIENT_ID=your-client-id
|
||||||
|
|
|
@ -0,0 +1,15 @@
|
||||||
|
---
|
||||||
|
version: "3.8"
|
||||||
|
|
||||||
|
services:
|
||||||
|
app:
|
||||||
|
environment:
|
||||||
|
- DRONE_GITEA_CLIENT_ID=${GITEA_CLIENT_ID}
|
||||||
|
- DRONE_GITEA_SERVER=https://${GITEA_DOMAIN}
|
||||||
|
secrets:
|
||||||
|
- client_secret
|
||||||
|
|
||||||
|
secrets:
|
||||||
|
client_secret:
|
||||||
|
name: ${STACK_NAME}_client_secret_${CLIENT_SECRET_VERSION}
|
||||||
|
external: true
|
|
@ -0,0 +1,14 @@
|
||||||
|
---
|
||||||
|
version: "3.8"
|
||||||
|
|
||||||
|
services:
|
||||||
|
app:
|
||||||
|
environment:
|
||||||
|
- DRONE_GITHUB_CLIENT_ID=${GITHUB_CLIENT_ID}
|
||||||
|
secrets:
|
||||||
|
- client_secret
|
||||||
|
|
||||||
|
secrets:
|
||||||
|
client_secret:
|
||||||
|
name: ${STACK_NAME}_client_secret_${CLIENT_SECRET_VERSION}
|
||||||
|
external: true
|
53
compose.yml
53
compose.yml
|
@ -2,40 +2,55 @@
|
||||||
version: "3.8"
|
version: "3.8"
|
||||||
|
|
||||||
services:
|
services:
|
||||||
drone:
|
app:
|
||||||
image: "drone/drone:1.9.1"
|
image: "drone/drone:1.9.1"
|
||||||
command:
|
|
||||||
- "--env-file /data/drone.conf"
|
|
||||||
volumes:
|
volumes:
|
||||||
- "data:/data"
|
- "data:/data"
|
||||||
configs:
|
configs:
|
||||||
- source: drone_conf
|
- source: drone_env
|
||||||
target: /data/drone.conf
|
target: .env
|
||||||
environment:
|
environment:
|
||||||
- DRONE_GITEA_CLIENT_ID: "${GITEA_CLIENT_ID}"
|
- DRONE_GIT_ALWAYS_AUTH=true
|
||||||
- DRONE_GITEA_SERVER: "https://${GITEA_DOMAIN}"
|
- DRONE_JSONNET_ENABLED=true
|
||||||
- DRONE_GIT_ALWAYS_AUTH: "true"
|
- DRONE_SERVER_HOST=${DOMAIN}
|
||||||
- DRONE_JSONNET_ENABLED: "true"
|
- DRONE_SERVER_PORT=:${PORT:-8042}
|
||||||
- DRONE_SERVER_HOST: "${DOMAIN}"
|
- DRONE_SERVER_PROTO=https
|
||||||
- DRONE_SERVER_PORT: ":${PORT:8042}"
|
- DRONE_USER_CREATE=username:admin,admin:true
|
||||||
- DRONE_SERVER_PROTO: "https"
|
|
||||||
networks:
|
networks:
|
||||||
- proxy
|
- proxy
|
||||||
|
secrets:
|
||||||
|
- rpc_secret
|
||||||
|
healthcheck:
|
||||||
|
test: ["CMD", "wget", "-qO", "-", "http://localhost:8042/healthz"]
|
||||||
|
interval: 10s
|
||||||
|
timeout: 10s
|
||||||
|
retries: 10
|
||||||
|
start_period: 10s
|
||||||
deploy:
|
deploy:
|
||||||
update_config:
|
update_config:
|
||||||
failure_action: rollback
|
failure_action: rollback
|
||||||
|
order: start-first
|
||||||
labels:
|
labels:
|
||||||
- "traefik.enable=true"
|
- "traefik.enable=true"
|
||||||
- "traefik.http.routers.drone.rule=Host(`${DOMAIN}`)"
|
- "traefik.http.routers.drone.rule=Host(`${DOMAIN}`)"
|
||||||
- "traefik.http.routers.drone.entrypoints=web-secure"
|
- "traefik.http.routers.drone.entrypoints=web-secure"
|
||||||
- "traefik.http.services.drone.loadbalancer.server.port=${PORT:8042}"
|
- "traefik.http.services.drone.loadbalancer.server.port=${PORT:-8042}"
|
||||||
- "traefik.http.routers.drone.tls.certresolver=${LETS_ENCRYPT_ENV}"
|
- "traefik.http.routers.drone.tls.certresolver=${LETS_ENCRYPT_ENV}"
|
||||||
|
|
||||||
configs:
|
|
||||||
drone_conf:
|
|
||||||
name: ${STACK_NAME}_drone_conf_${DRONE_CONF_VERSION}
|
|
||||||
file: drone.conf.tmpl
|
|
||||||
template_driver: golang
|
|
||||||
|
|
||||||
volumes:
|
volumes:
|
||||||
data:
|
data:
|
||||||
|
|
||||||
|
configs:
|
||||||
|
drone_env:
|
||||||
|
name: ${STACK_NAME}_drone_env_${DRONE_ENV_VERSION}
|
||||||
|
file: drone.env.tmpl
|
||||||
|
template_driver: golang
|
||||||
|
|
||||||
|
secrets:
|
||||||
|
rpc_secret:
|
||||||
|
name: ${STACK_NAME}_rpc_secret_${RPC_SECRET_VERSION}
|
||||||
|
external: true
|
||||||
|
|
||||||
|
networks:
|
||||||
|
proxy:
|
||||||
|
external: true
|
||||||
|
|
|
@ -1,2 +0,0 @@
|
||||||
DRONE_GITEA_CLIENT_SECRET={{ secret "client_secret" }}
|
|
||||||
DRONE_RPC_SECRET={{ secret "rpc_secret" }}
|
|
|
@ -0,0 +1,7 @@
|
||||||
|
DRONE_RPC_SECRET={{ secret "rpc_secret" }}
|
||||||
|
{{ if (env "DRONE_GITEA_CLIENT_ID") }}
|
||||||
|
DRONE_GITEA_CLIENT_SECRET={{ secret "client_secret" }}
|
||||||
|
{{ end }}
|
||||||
|
{{ if (env "DRONE_GITHUB_CLIENT_ID") }}
|
||||||
|
DRONE_GITHUB_CLIENT_SECRET={{ secret "client_secret" }}
|
||||||
|
{{ end }}
|
Reference in New Issue