diff --git a/README.md b/README.md index f82e8a6..c801579 100644 --- a/README.md +++ b/README.md @@ -8,17 +8,23 @@ This is meant to be used as a [Drone plugin](http://plugins.drone.io/). ## Settings -### With defaults +### Required (no default) + +- **deploy_key**: SSH private key part for ssh public key authentication +- **stack**: Name of the stack to be deployed + +### Optional (with defaults) - **compose** (default: `compose.yml`): compose file to use for deploying - **host** (default: `swarm.autonomic.zone`): Host to deploy to (don't include `ssh://`) - **port** (default: `222`): SSH port to connect to - **user** (default: `drone`): System user to connect via SSH with -### Without defaults +### Dangerous options, unwise outside CI -- **deploy_key**: SSH private key part for ssh public key authentication -- **stack**: Name of the stack to be deployed +- **generate_secrets** (default: no): randomly set all `secrets:` found in the + compose file -- you won't be able to retrieve them afterwards, so you almost + certainly don't want this for real deployments. ## Example diff --git a/plugin.sh b/plugin.sh index a27395b..2ee59a0 100755 --- a/plugin.sh +++ b/plugin.sh @@ -7,6 +7,16 @@ PLUGIN_HOST=${PLUGIN_HOST:-swarm.autonomic.zone} PLUGIN_PORT=${PLUGIN_PORT:-222} PLUGIN_USER=${PLUGIN_USER:-drone} +generate_secrets() { + echo "--- start secrets ---" + for SECRET in $(docker run --rm -v "${PWD}":/workdir mikefarah/yq yq r "$PLUGIN_COMPOSE" 'secrets.*.name'); do + eval "echo \"generating $SECRET\"" + PW=$( "$HOME/.ssh/known_hosts" @@ -34,6 +44,11 @@ run_stack_wait() { run_plugin() { echo "--- start deployment ---" load_deploy_key + + if [ -n "$PLUGIN_GENERATE_SECRETS" ]; then + generate_secrets + fi + run_stack_deploy run_stack_wait echo "--- end deployment ---"