Working deployment w/ optional Git(hub|ea)
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/push Build is passing
Details
Re compose-stacks/organising#18
This commit is contained in:
parent
99cb1b0c78
commit
e0c6c5bca2
|
@ -16,8 +16,9 @@ steps:
|
|||
STACK_NAME: drone
|
||||
LETS_ENCRYPT_ENV: production
|
||||
GITEA_DOMAIN: gitea.swarm-test.autonomic.zone
|
||||
GITEA_CLIENT_ID: barfoo
|
||||
GITEA_CLIENT_SECRET: foobar
|
||||
GITEA_CLIENT_ID: drone-test
|
||||
RPC_SECRET_VERSION: v1
|
||||
DRONE_ENV_VERSION: v1
|
||||
trigger:
|
||||
branch:
|
||||
- master
|
||||
|
|
|
@ -1,9 +1,20 @@
|
|||
export SERVICE=drone
|
||||
export STACK_NAME=drone
|
||||
|
||||
export DOMAIN=drone.autonomic.zone
|
||||
export DOMAIN=git.example.com
|
||||
export LETS_ENCRYPT_ENV=production
|
||||
|
||||
# Gitea Single Sign On
|
||||
export GITEA_CLIENT_ID=barfoo
|
||||
export GITEA_CLIENT_SECRET=foobar
|
||||
export DRONE_ENV_VERSION=v1
|
||||
export RPC_SECRET_VERSION=v1
|
||||
|
||||
## Required for any kind of Single Sign On
|
||||
#export CLIENT_SECRET_VERSION=v1
|
||||
|
||||
## Gitea Single Sign On
|
||||
#export COMPOSE_FILE="compose.yml:compose.gitea.yml"
|
||||
#export GITEA_CLIENT_ID=your-client-id
|
||||
#export GITEA_DOMAIN=git.example.com
|
||||
|
||||
## Github Single Sign On
|
||||
#export COMPOSE_FILE="compose.yml:compose.github.yml"
|
||||
#export GITHUB_CLIENT_ID=your-client-id
|
||||
|
|
|
@ -0,0 +1,15 @@
|
|||
---
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
app:
|
||||
environment:
|
||||
- DRONE_GITEA_CLIENT_ID=${GITEA_CLIENT_ID}
|
||||
- DRONE_GITEA_SERVER=https://${GITEA_DOMAIN}
|
||||
secrets:
|
||||
- client_secret
|
||||
|
||||
secrets:
|
||||
client_secret:
|
||||
name: ${STACK_NAME}_client_secret_${CLIENT_SECRET_VERSION}
|
||||
external: true
|
|
@ -0,0 +1,14 @@
|
|||
---
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
app:
|
||||
environment:
|
||||
- DRONE_GITHUB_CLIENT_ID=${GITHUB_CLIENT_ID}
|
||||
secrets:
|
||||
- client_secret
|
||||
|
||||
secrets:
|
||||
client_secret:
|
||||
name: ${STACK_NAME}_client_secret_${CLIENT_SECRET_VERSION}
|
||||
external: true
|
53
compose.yml
53
compose.yml
|
@ -2,40 +2,55 @@
|
|||
version: "3.8"
|
||||
|
||||
services:
|
||||
drone:
|
||||
app:
|
||||
image: "drone/drone:1.9.1"
|
||||
command:
|
||||
- "--env-file /data/drone.conf"
|
||||
volumes:
|
||||
- "data:/data"
|
||||
configs:
|
||||
- source: drone_conf
|
||||
target: /data/drone.conf
|
||||
- source: drone_env
|
||||
target: .env
|
||||
environment:
|
||||
- DRONE_GITEA_CLIENT_ID: "${GITEA_CLIENT_ID}"
|
||||
- DRONE_GITEA_SERVER: "https://${GITEA_DOMAIN}"
|
||||
- DRONE_GIT_ALWAYS_AUTH: "true"
|
||||
- DRONE_JSONNET_ENABLED: "true"
|
||||
- DRONE_SERVER_HOST: "${DOMAIN}"
|
||||
- DRONE_SERVER_PORT: ":${PORT:8042}"
|
||||
- DRONE_SERVER_PROTO: "https"
|
||||
- DRONE_GIT_ALWAYS_AUTH=true
|
||||
- DRONE_JSONNET_ENABLED=true
|
||||
- DRONE_SERVER_HOST=${DOMAIN}
|
||||
- DRONE_SERVER_PORT=:${PORT:-8042}
|
||||
- DRONE_SERVER_PROTO=https
|
||||
- DRONE_USER_CREATE=username:admin,admin:true
|
||||
networks:
|
||||
- proxy
|
||||
secrets:
|
||||
- rpc_secret
|
||||
healthcheck:
|
||||
test: ["CMD", "wget", "-qO", "-", "http://localhost:8042/healthz"]
|
||||
interval: 10s
|
||||
timeout: 10s
|
||||
retries: 10
|
||||
start_period: 10s
|
||||
deploy:
|
||||
update_config:
|
||||
failure_action: rollback
|
||||
order: start-first
|
||||
labels:
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.drone.rule=Host(`${DOMAIN}`)"
|
||||
- "traefik.http.routers.drone.entrypoints=web-secure"
|
||||
- "traefik.http.services.drone.loadbalancer.server.port=${PORT:8042}"
|
||||
- "traefik.http.services.drone.loadbalancer.server.port=${PORT:-8042}"
|
||||
- "traefik.http.routers.drone.tls.certresolver=${LETS_ENCRYPT_ENV}"
|
||||
|
||||
configs:
|
||||
drone_conf:
|
||||
name: ${STACK_NAME}_drone_conf_${DRONE_CONF_VERSION}
|
||||
file: drone.conf.tmpl
|
||||
template_driver: golang
|
||||
|
||||
volumes:
|
||||
data:
|
||||
|
||||
configs:
|
||||
drone_env:
|
||||
name: ${STACK_NAME}_drone_env_${DRONE_ENV_VERSION}
|
||||
file: drone.env.tmpl
|
||||
template_driver: golang
|
||||
|
||||
secrets:
|
||||
rpc_secret:
|
||||
name: ${STACK_NAME}_rpc_secret_${RPC_SECRET_VERSION}
|
||||
external: true
|
||||
|
||||
networks:
|
||||
proxy:
|
||||
external: true
|
||||
|
|
|
@ -1,2 +0,0 @@
|
|||
DRONE_GITEA_CLIENT_SECRET={{ secret "client_secret" }}
|
||||
DRONE_RPC_SECRET={{ secret "rpc_secret" }}
|
|
@ -0,0 +1,7 @@
|
|||
DRONE_RPC_SECRET={{ secret "rpc_secret" }}
|
||||
{{ if (env "DRONE_GITEA_CLIENT_ID") }}
|
||||
DRONE_GITEA_CLIENT_SECRET={{ secret "client_secret" }}
|
||||
{{ end }}
|
||||
{{ if (env "DRONE_GITHUB_CLIENT_ID") }}
|
||||
DRONE_GITHUB_CLIENT_SECRET={{ secret "client_secret" }}
|
||||
{{ end }}
|
Reference in New Issue