From fde88fd65558c4e96144db4b7fb12efbe634894c Mon Sep 17 00:00:00 2001
From: KevinMidboe <kevin.midboe@gmail.com>
Date: Sun, 11 Feb 2024 11:16:06 +0100
Subject: [PATCH] Updated CI kubernetes deploy environment perperation

---
 .drone.yml                        | 28 ++++++++++++++--------------
 .kubernetes/ghcr-token-secret.yml |  2 +-
 2 files changed, 15 insertions(+), 15 deletions(-)

diff --git a/.drone.yml b/.drone.yml
index 929e4da..51cbf3f 100644
--- a/.drone.yml
+++ b/.drone.yml
@@ -12,7 +12,7 @@ steps:
     image: plugins/docker
     settings:
       registry: ghcr.io
-      repo: ghcr.io/kevinmidboe/cloudflare-ddns
+      repo: ghcr.io/kevinmidboe/${DRONE_REPO_NAME}
       dockerfile: Dockerfile
       username:
         from_secret: GITHUB_USERNAME
@@ -43,9 +43,15 @@ platform:
 steps:
   - name: Prepare kubernetes environment
     image: alpine/k8s:1.25.15
+    environment:
+      VAULT_TOKEN:
+        from_secret: VAULT_TOKEN
+      VAULT_HOST:
+        from_secret: VAULT_HOST
     commands:
       - mkdir -p /root/.kube
-      - echo "NAMESPACE=${DRONE_REPO_NAME}" > /root/.kube/variables.env
+      - echo "IMAGE=ghcr.io/kevinmidboe/${DRONE_REPO_NAME}:${DRONE_COMMIT_SHA}" > /root/.kube/.env
+      - echo "NAMESPACE=${DRONE_REPO_NAME}" >> /root/.kube/.env
       - 'curl -s
         -H "X-Vault-Token: $VAULT_TOKEN"
         $VAULT_HOST/v1/schleppe/data/kazan/_infra
@@ -53,16 +59,13 @@ steps:
       - 'curl -s
         -H "X-Vault-Token: $VAULT_TOKEN"
         $VAULT_HOST/v1/schleppe/data/kazan/_infra
-        | jq -r ".data | .data | .[\"ghcr-login-secret\"]" > /root/.kube/dockerconfig.json'
+        | jq -cr ".data.data | .[\"ghcr-login-secret\"] | @base64" > /root/.kube/dockerconfig.json'
+      - echo "DOCKER_CONFIG=$(cat /root/.kube/dockerconfig.json)" >> /root/.kube/.env
       - 'curl -s
         -H "X-Vault-Token: $VAULT_TOKEN"
         $VAULT_HOST/v1/schleppe/data/kazan/${DRONE_REPO_NAME}
-        | jq -cr ".data.data | to_entries[] | .key + \"=\" + (.value | @base64)" >> /root/.kube/variables.env'
-    environment:
-      VAULT_TOKEN:
-        from_secret: VAULT_TOKEN
-      VAULT_HOST:
-        from_secret: VAULT_HOST
+        | jq -cr ".data.data | to_entries[] | .key + \"=\" + (.value | @base64)" >> /root/.kube/.env'
+      - sed -i '/^$/!s/^/export /' /root/.kube/.env
     volumes:
     - name: kube-config
       path: /root/.kube
@@ -70,10 +73,7 @@ steps:
   - name: Deploy to kubernetes
     image: alpine/k8s:1.25.15
     commands:
-      - export DOCKER_CONFIG_BASE64=$(cat /root/.kube/dockerconfig.json | tr -d "\n\t " | base64 -w 0)
-      - export IMAGE="ghcr.io/kevinmidboe/${DRONE_REPO_NAME}:${DRONE_COMMIT_SHA}"
-      - sed -i '/^$/!s/^/export /' /root/.kube/variables.env
-      - source /root/.kube/variables.env > /dev/null 2>&1
+      - source /root/.kube/.env > /dev/null 2>&1
       - cat .kubernetes/*.yml
         | envsubst
         | kubectl --kubeconfig=/root/.kube/config apply -f -
@@ -99,6 +99,6 @@ volumes:
 
 ---
 kind: signature
-hmac: 4b290c54b9fb5f4951a6501ce97c14ffb79fd57464547e4dda75560ed0d57e7c
+hmac: d3088aaf784f4eaac3223f43a86a19bfccff416fd854351c527d785002ae2c26
 
 ...
diff --git a/.kubernetes/ghcr-token-secret.yml b/.kubernetes/ghcr-token-secret.yml
index 0165555..68fe67c 100644
--- a/.kubernetes/ghcr-token-secret.yml
+++ b/.kubernetes/ghcr-token-secret.yml
@@ -5,5 +5,5 @@ metadata:
   name: ghcr-login-secret
   namespace: ${NAMESPACE}
 data:
-  .dockerconfigjson: ${DOCKER_CONFIG_BASE64}
+  .dockerconfigjson: ${DOCKER_CONFIG}
 type: kubernetes.io/dockerconfigjson