106 lines
3.2 KiB
YAML
106 lines
3.2 KiB
YAML
---
|
|
# Drone CI Pipeline
|
|
kind: pipeline
|
|
type: kubernetes
|
|
name: default
|
|
|
|
clone:
|
|
disable: true
|
|
|
|
trigger:
|
|
event:
|
|
- push
|
|
- tag
|
|
branch:
|
|
- main
|
|
|
|
environment:
|
|
REGISTRY: harbor.gitdata.me/gta_team
|
|
CARGO_TERM_COLOR: always
|
|
BUILD_TARGET: x86_64-unknown-linux-gnu
|
|
|
|
steps:
|
|
- name: clone
|
|
image: bitnami/git:latest
|
|
commands:
|
|
- |
|
|
if [ -n "${DRONE_TAG}" ]; then
|
|
git checkout ${DRONE_TAG}
|
|
fi
|
|
|
|
- name: frontend-deps
|
|
image: node:22-alpine
|
|
commands:
|
|
- cd apps/frontend && corepack enable && corepack prepare pnpm@10 --activate && pnpm install --frozen-lockfile
|
|
|
|
- name: frontend-build
|
|
image: node:22-alpine
|
|
commands:
|
|
- cd apps/frontend && pnpm build
|
|
|
|
- name: prepare-kubeconfig
|
|
image: alpine:latest
|
|
commands:
|
|
- apk add --no-cache kubectl
|
|
- mkdir -p ~/.kube
|
|
- echo "${KUBECONFIG}" | base64 -d > ~/.kube/config
|
|
- chmod 600 ~/.kube/config
|
|
|
|
- name: helm-deploy
|
|
image: alpine/helm:latest
|
|
commands:
|
|
- apk add --no-cache curl kubectl
|
|
- curl -fsSL -o /tmp/helm.tar.gz https://get.helm.sh/helm-v3.15.0-linux-amd64.tar.gz
|
|
- tar -xzf /tmp/helm.tar.gz -C /tmp
|
|
- mv /tmp/linux-amd64/helm /usr/local/bin/helm && chmod +x /usr/local/bin/helm
|
|
- |
|
|
TAG="${DRONE_TAG:-${DRONE_COMMIT_SHA:0:8}}"
|
|
helm upgrade --install gitdata deploy/ \
|
|
--namespace gitdataai \
|
|
-f deploy/values.yaml \
|
|
-f deploy/secrets.yaml \
|
|
--set image.registry=${REGISTRY} \
|
|
--set app.image.tag=${TAG} \
|
|
--set gitserver.image.tag=${TAG} \
|
|
--set emailWorker.image.tag=${TAG} \
|
|
--set gitHook.image.tag=${TAG} \
|
|
--set operator.image.tag=${TAG} \
|
|
--set static.image.tag=${TAG} \
|
|
--set frontend.image.tag=${TAG} \
|
|
--wait \
|
|
--timeout 5m \
|
|
--atomic
|
|
depends_on: [ prepare-kubeconfig ]
|
|
when:
|
|
branch: [ main ]
|
|
|
|
- name: verify-rollout
|
|
image: bitnami/kubectl:latest
|
|
commands:
|
|
- kubectl rollout status deployment/gitdata-frontend -n gitdataai --timeout=300s
|
|
- kubectl rollout status deployment/gitdata-app -n gitdataai --timeout=300s
|
|
- kubectl rollout status deployment/gitdata-gitserver -n gitdataai --timeout=300s
|
|
- kubectl rollout status deployment/gitdata-email-worker -n gitdataai --timeout=300s
|
|
- kubectl rollout status deployment/gitdata-git-hook -n gitdataai --timeout=300s
|
|
depends_on: [ helm-deploy ]
|
|
when:
|
|
branch: [ main ]
|
|
|
|
# =============================================================================
|
|
# Secrets (register via drone CLI)
|
|
# =============================================================================
|
|
# Harbor username
|
|
# drone secret add --repository <org/repo> --name drone_secret_docker_username --data <username>
|
|
#
|
|
# Harbor password
|
|
# drone secret add --repository <org/repo> --name drone_secret_docker_password --data <password>
|
|
#
|
|
# kubeconfig (base64)
|
|
# drone secret add --repository <org/repo> --name kubeconfig --data "$(cat ~/.kube/config | base64 -w 0)"
|
|
#
|
|
# Local exec:
|
|
# drone exec --trusted \
|
|
# --secret=DRONE_SECRET_DOCKER_USERNAME=<username> \
|
|
# --secret=DRONE_SECRET_DOCKER_PASSWORD=<password> \
|
|
# --secret=KUBECONFIG=$(base64 -w 0 ~/.kube/config)
|