Compare commits
2 Commits
main
...
get-rid-of
| Author | SHA1 | Date | |
|---|---|---|---|
|
86140ea516 | ||
|
|
59dca13656 |
20
.drone.yml
20
.drone.yml
@ -28,6 +28,9 @@ name: Build badhouseplants.net
|
|||||||
trigger:
|
trigger:
|
||||||
event:
|
event:
|
||||||
- push
|
- push
|
||||||
|
builder: &builder
|
||||||
|
image: git.badhouseplants.net/badhouseplants/badhouseplants-builder:555262114ea81f6f286010474527f419b56d33a3
|
||||||
|
|
||||||
clone:
|
clone:
|
||||||
disable: true
|
disable: true
|
||||||
steps:
|
steps:
|
||||||
@ -45,8 +48,8 @@ steps:
|
|||||||
- clone
|
- clone
|
||||||
commands:
|
commands:
|
||||||
- hugo -s ./src
|
- hugo -s ./src
|
||||||
- name: Build and push the docker image
|
- <<: *builder
|
||||||
image: git.badhouseplants.net/badhouseplants/badhouseplants-builder:2449b73b13a62ae916c6703778d096e5290157b3
|
name: Build and push the docker image
|
||||||
privileged: true
|
privileged: true
|
||||||
depends_on:
|
depends_on:
|
||||||
- Test a build
|
- Test a build
|
||||||
@ -56,8 +59,8 @@ steps:
|
|||||||
from_secret: GITEA_TOKEN
|
from_secret: GITEA_TOKEN
|
||||||
commands:
|
commands:
|
||||||
- ./scripts/build-container.pl
|
- ./scripts/build-container.pl
|
||||||
- name: Sync pictures from lfs to Minio
|
- <<: *builder
|
||||||
image: git.badhouseplants.net/badhouseplants/badhouseplants-builder:2449b73b13a62ae916c6703778d096e5290157b3
|
name: Sync pictures from lfs to Minio
|
||||||
depends_on:
|
depends_on:
|
||||||
- Test a build
|
- Test a build
|
||||||
environment:
|
environment:
|
||||||
@ -67,8 +70,8 @@ steps:
|
|||||||
commands:
|
commands:
|
||||||
- echo "$RCLONE_CONFIG_CONTENT" > $RCLONE_CONFIG
|
- echo "$RCLONE_CONFIG_CONTENT" > $RCLONE_CONFIG
|
||||||
- ./scripts/upload-media.pl
|
- ./scripts/upload-media.pl
|
||||||
- name: Deploy the application
|
- <<: *builder
|
||||||
image: git.badhouseplants.net/badhouseplants/badhouseplants-builder:2449b73b13a62ae916c6703778d096e5290157b3
|
name: Deploy the application
|
||||||
depends_on:
|
depends_on:
|
||||||
- Build and push the docker image
|
- Build and push the docker image
|
||||||
- Sync pictures from lfs to Minio
|
- Sync pictures from lfs to Minio
|
||||||
@ -81,10 +84,11 @@ steps:
|
|||||||
from_secret: GITHUB_OAUTH_KEY
|
from_secret: GITHUB_OAUTH_KEY
|
||||||
ARGO_GOOGLE_OAUTH_KEY:
|
ARGO_GOOGLE_OAUTH_KEY:
|
||||||
from_secret: GOOGLE_OAUTH_KEY
|
from_secret: GOOGLE_OAUTH_KEY
|
||||||
|
DEPLOY_SCRIPT_DEBUG: true
|
||||||
commands:
|
commands:
|
||||||
- ./scripts/deploy-app.pl
|
- ./scripts/deploy-app.pl
|
||||||
- name: Cleanup everything
|
- <<: *builder
|
||||||
image: git.badhouseplants.net/badhouseplants/badhouseplants-builder:2449b73b13a62ae916c6703778d096e5290157b3
|
name: Cleanup everything
|
||||||
depends_on:
|
depends_on:
|
||||||
- Deploy the application
|
- Deploy the application
|
||||||
environment:
|
environment:
|
||||||
|
|||||||
5
.sops.yaml
Normal file
5
.sops.yaml
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
creation_rules:
|
||||||
|
- path_regex: .*secrets\.values.*
|
||||||
|
key_groups:
|
||||||
|
- age:
|
||||||
|
- age155dykdtnkw9fke45pxkygyyx2eal0hwpdm0zz8qa92z5ludjqe5sfakqgs
|
||||||
@ -1,4 +1,4 @@
|
|||||||
FROM git.badhouseplants.net/badhouseplants/hugo-container:df0ab0c6f98e1921f451eb444aa5e7cb03d1f27b
|
FROM git.badhouseplants.net/badhouseplants/hugo-container:3daaf01c9811501f2b4c691f6910e3df285c2007
|
||||||
WORKDIR /src
|
WORKDIR /src
|
||||||
COPY ./src /src
|
COPY ./src /src
|
||||||
ENTRYPOINT ["hugo"]
|
ENTRYPOINT ["hugo"]
|
||||||
|
|||||||
21
kube/secrets.values-main.yaml
Normal file
21
kube/secrets.values-main.yaml
Normal file
@ -0,0 +1,21 @@
|
|||||||
|
values: ENC[AES256_GCM,data:qQTaz7Ab1+2udnxTNRfRKALV93SNBX1l+po11ZPV/RRstwuaBqkrp/zRMllPj6O6p62Y9N9BknSJsuavH62wqAOmN0qVP1XQtzHMLMKMIOe4ut29NtcR7XM54Cq1glqTk2LRfCaCdYSzOsXFscGI/x2bx7G8LjKXWEPtHGXVU+lU3OZFWZ7Ioz02lPl3FnidXBQrCQnY1Wc4qS0T/haCq0cXYk+SA4jMY5vxn3+WwaCfq//50EZOebNFCPnGHR5kRmMmG32u918lt/jv2GEu066Vjd0J67S8HGiykFi6RHZwIry0V65YH7X/L4LtEqKok+WAu3ssNRsgXaEhvWclpn0Jq30Z2qsaSFVItbSC7oiUEixlRc1oxOm0ytWZmlFJbzfpA9JdHw1Dpw0q8kIY2eqmAM/W3omZy+4tmPttHbnWyoKSPJi4CflDMToMkkujGqfnOx0OVQ85fXpr0cKkYJuyLz7YQtAyIGGqGyHtqqicWCqt9B25If1Cv+91gu1If0fpEb77ITIjRHaeEcLkBqb9cCGJnV+a6bdVTtDvH2sS9kBS+oWK+cgsAWD3BVDIpOlV0jwJyAB+++PwmsZuFc9MEkE8DSMK2P64J4ceyV6M4Eb8YNGljdxTRZAl9m6SaKLMC8KiggiHs3JPg69n1OsFWN7EcCKtErTq0+XbiHidkYbg+xnxnez3cCbMvTeNZvbKU2bVllqie4ZMe4q0TzQEnTlMeuqeGtVIgPn9an2N2foTHZUboAysM2MKKeWB2isABtv59SXyzhfQmvC08Cgf9Jj3cJpqWm2/Am3RIYcsXW8NwkxM+lPQ6+IYx87Wd3FvPDTTS+wSO700uzFWXfwsaE7AY1uQBXK7bL61jPQ3HpQYWDS11+1zX30iUaDm3m3u6t6gVlGeICAvxqoBxOiruX/jcAOzU/dSeSTjjPmvDO829kB6rFugAvRDYXetoI09EugdnPHTaC/xFejV,iv:/7k4rjpiuCJev6B/GJu9eyb/RMWJfyfjrRuVRTdybDM=,tag:G1eRy4i6+59wZuGqx9bDPQ==,type:str]
|
||||||
|
sops:
|
||||||
|
kms: []
|
||||||
|
gcp_kms: []
|
||||||
|
azure_kv: []
|
||||||
|
hc_vault: []
|
||||||
|
age:
|
||||||
|
- recipient: age155dykdtnkw9fke45pxkygyyx2eal0hwpdm0zz8qa92z5ludjqe5sfakqgs
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBEMWthSXdncUI0U0tSdkk4
|
||||||
|
d1lyQWJ2M0NQSjRQRWViQ0RLVWlSK3FsczB3Cks1V1BaZmFlUVRCdUpBS2kzekxK
|
||||||
|
RlRlQ1daTGdMODlEenVUOVNDOVhNUWsKLS0tIERxeG1BRlh0T0hKSlNXeHI0eUVO
|
||||||
|
V1N2YWIvWXpDckhzampIVUx4YU50Q2cKRyx2G5ki4yhhzpTVjjCBPKvI1C208HJb
|
||||||
|
Qb9Kpd2HkJaVllL5mUsXOAWtugceaSvidK1t3Hz0NXrVvFVUxDh8Rg==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
lastmodified: "2023-12-07T09:10:13Z"
|
||||||
|
mac: ENC[AES256_GCM,data:gsbIyJU7T6wRj5CFbG2nyeawvCzp/BtOSOIsapC0AF6a2IIqau1IaH+vd2O7mbT5ClurC0zfR5k5g/pRE8AWc85kbdBhzLBe4Kkx5DXy9N/JQaNh8RlJ1HKzvipVK46zF+6PZYjsrb1S+9WL9p/aV226XkhdcHWcMWrKUaAWVOg=,iv:H5YcSg5gVHNEt7gFLuF8OQtTMq88HdZwlMfMTxxL7iQ=,tag:66qP18m69BBEIuHKJMa1Cw==,type:str]
|
||||||
|
pgp: []
|
||||||
|
unencrypted_suffix: _unencrypted
|
||||||
|
version: 3.8.1
|
||||||
@ -1,33 +1,32 @@
|
|||||||
---
|
---
|
||||||
values: |
|
|
||||||
namespace:
|
namespace:
|
||||||
name: badhouseplants-$ARGO_APP_BRANCH
|
name: badhouseplants-$BH_APP_BRANCH
|
||||||
labels:
|
labels:
|
||||||
istio-injection: disabled
|
istio-injection: disabled
|
||||||
istio:
|
istio:
|
||||||
hosts:
|
hosts:
|
||||||
- $ARGO_APP_HOSTNAME
|
- $BH_APP_HOSTNAME
|
||||||
annotations:
|
annotations:
|
||||||
link.argocd.argoproj.io/env: https://$ARGO_APP_HOSTNAME/
|
link.argocd.argoproj.io/env: https://$BH_APP_HOSTNAME/
|
||||||
link.argocd.argoproj.io/remark42: https://remark42-$ARGO_APP_HOSTNAME/web
|
link.argocd.argoproj.io/remark42: https://remark42-$BH_APP_HOSTNAME/web
|
||||||
link.argocd.argoproj.io/build: $DRONE_BUILD_LINK
|
link.argocd.argoproj.io/build: $DRONE_BUILD_LINK
|
||||||
hugo:
|
hugo:
|
||||||
image:
|
image:
|
||||||
tag: $ARGO_APP_IMAGE_TAG
|
tag: $BH_APP_IMAGE_TAG
|
||||||
baseURL: https://$ARGO_APP_HOSTNAME/
|
baseURL: https://$BH_APP_HOSTNAME/
|
||||||
buildDrafts: true
|
buildDrafts: true
|
||||||
env:
|
env:
|
||||||
HUGO_PARAMS_GITBRANCH: $ARGO_APP_BRANCH
|
HUGO_PARAMS_GITBRANCH: $BH_APP_BRANCH
|
||||||
HUGO_PARAMS_REMARK42URL: https://remark42-$ARGO_APP_HOSTNAME
|
HUGO_PARAMS_REMARK42URL: https://remark42-$BH_APP_HOSTNAME
|
||||||
HUGO_PARAMS_GITCOMMIT: $ARGO_APP_IMAGE_TAG
|
HUGO_PARAMS_GITCOMMIT: $BH_APP_IMAGE_TAG
|
||||||
remark42:
|
remark42:
|
||||||
istio:
|
istio:
|
||||||
hosts:
|
hosts:
|
||||||
- remark42-$ARGO_APP_HOSTNAME
|
- remark42-$BH_APP_HOSTNAME
|
||||||
settings:
|
settings:
|
||||||
url: https://remark42-$ARGO_APP_HOSTNAME/
|
url: https://remark42-$BH_APP_HOSTNAME/
|
||||||
auth:
|
auth:
|
||||||
anonymous: true
|
anonymous: true
|
||||||
secretKey: $ARGO_REMARK_SECRET
|
secretKey: $BH_REMARK_SECRET
|
||||||
rclone:
|
rclone:
|
||||||
command: 'rclone copy -P badhouseplants-public:/badhouseplants-net/$ARGO_APP_IMAGE_TAG /static'
|
command: 'rclone copy -P badhouseplants-public:/badhouseplants-net/$BH_APP_IMAGE_TAG /static'
|
||||||
|
|||||||
@ -15,11 +15,11 @@ my $values = "";
|
|||||||
my $remark_secret = `openssl rand -hex 12`;
|
my $remark_secret = `openssl rand -hex 12`;
|
||||||
chomp($remark_secret);
|
chomp($remark_secret);
|
||||||
|
|
||||||
$ENV{'ARGO_APP_CHART_VERSION'} = $chart_version;
|
$ENV{'BH_APP_CHART_VERSION'} = $chart_version;
|
||||||
$ENV{'ARGO_APP_BRANCH'} = $git_branch;
|
$ENV{'BH_APP_BRANCH'} = $git_branch;
|
||||||
$ENV{'ARGO_APP_HOSTNAME'} = "$git_branch-dev.badhouseplants.net";
|
$ENV{'BH_APP_HOSTNAME'} = "$git_branch-dev.badhouseplants.net";
|
||||||
$ENV{'ARGO_APP_IMAGE_TAG'} = $git_commit_sha;
|
$ENV{'BH_APP_IMAGE_TAG'} = $git_commit_sha;
|
||||||
$ENV{'ARGO_REMARK_SECRET'} = $remark_secret;
|
$ENV{'BH_REMARK_SECRET'} = $remark_secret;
|
||||||
|
|
||||||
# ----------------------------------
|
# ----------------------------------
|
||||||
# -- Fill the Application manifest
|
# -- Fill the Application manifest
|
||||||
@ -37,6 +37,7 @@ print `envsubst < ./kube/application.yaml > /tmp/application.yaml` or die $!;
|
|||||||
print `yq -i '.spec.source.helm.values = load_str("/tmp/values.yaml")' /tmp/application.yaml` or die $!;
|
print `yq -i '.spec.source.helm.values = load_str("/tmp/values.yaml")' /tmp/application.yaml` or die $!;
|
||||||
|
|
||||||
if(!defined $ENV{DEPLOY_SCRIPT_DEBUG}){
|
if(!defined $ENV{DEPLOY_SCRIPT_DEBUG}){
|
||||||
|
print `helm upgrade --install `
|
||||||
print `argocd app create -f /tmp/application.yaml --upsert` or die $!;
|
print `argocd app create -f /tmp/application.yaml --upsert` or die $!;
|
||||||
print `argocd app sync --prune -l application=badhouseplants -l branch=$git_branch` or die $!;
|
print `argocd app sync --prune -l application=badhouseplants -l branch=$git_branch` or die $!;
|
||||||
print `argocd app wait -l application=badhouseplants -l branch=$git_branch` or die $!;
|
print `argocd app wait -l application=badhouseplants -l branch=$git_branch` or die $!;
|
||||||
|
|||||||
Reference in New Issue
Block a user