--- kind: pipeline type: docker name: Publish platform: os: linux arch: amd64 steps: - name: Publish to ghcr image: plugins/docker settings: registry: ghcr.io repo: ghcr.io/kevinmidboe/cloudflare-ddns dockerfile: Dockerfile username: from_secret: GITHUB_USERNAME password: from_secret: GHCR_UPLOAD_TOKEN tags: - latest - ${DRONE_COMMIT_SHA} trigger: event: include: - push exclude: - pull_request branch: - main --- kind: pipeline type: docker name: Deploy platform: os: linux arch: amd64 steps: - name: Prepare kubernetes environment image: alpine/k8s:1.25.15 commands: - mkdir -p /root/.kube - echo "NAMESPACE=${DRONE_REPO_NAME}" > /root/.kube/variables.env - 'curl -s -H "X-Vault-Token: $VAULT_TOKEN" $VAULT_HOST/v1/schleppe/data/kazan/_infra | jq -r ".data.data.KUBE_CONFIG" > /root/.kube/config' - 'curl -s -H "X-Vault-Token: $VAULT_TOKEN" $VAULT_HOST/v1/schleppe/data/kazan/_infra | jq -r ".data | .data | .[\"ghcr-login-secret\"]" > /root/.kube/dockerconfig.json' - 'curl -s -H "X-Vault-Token: $VAULT_TOKEN" $VAULT_HOST/v1/schleppe/data/kazan/${DRONE_REPO_NAME} | jq -cr ".data.data | to_entries[] | .key + \"=\" + (.value | @base64)" >> /root/.kube/variables.env' environment: VAULT_TOKEN: from_secret: VAULT_TOKEN VAULT_HOST: from_secret: VAULT_HOST volumes: - name: kube-config path: /root/.kube - name: Deploy to kubernetes image: alpine/k8s:1.25.15 commands: - export DOCKER_CONFIG_BASE64=$(cat /root/.kube/dockerconfig.json | tr -d "\n\t " | base64 -w 0) - export IMAGE="ghcr.io/kevinmidboe/${DRONE_REPO_NAME}:${DRONE_COMMIT_SHA}" - sed -i '/^$/!s/^/export /' /root/.kube/variables.env - source /root/.kube/variables.env > /dev/null 2>&1 - cat .kubernetes/*.yml | envsubst | kubectl --kubeconfig=/root/.kube/config apply -f - volumes: - name: kube-config path: /root/.kube trigger: event: include: - push exclude: - pull_request branch: - main depends_on: - Publish volumes: - name: kube-config temp: {} --- kind: signature hmac: 4b290c54b9fb5f4951a6501ce97c14ffb79fd57464547e4dda75560ed0d57e7c ...