--- kind: pipeline type: docker name: Build platform: os: linux arch: amd64 steps: - name: Install dependencies image: node:22-alpine3.20 commands: - yarn - name: Lint project image: node:22-alpine3.20 commands: - yarn lint || true - name: Build image: node:22-alpine3.20 commands: - yarn build --- kind: pipeline type: docker name: Publish platform: os: linux arch: amd64 steps: - name: Publish app to ghcr image: plugins/docker settings: registry: ghcr.io repo: ghcr.io/kevinmidboe/${DRONE_REPO_NAME} dockerfile: Dockerfile compress: true username: from_secret: GITHUB_USERNAME password: from_secret: GHCR_UPLOAD_TOKEN tags: - latest - ${DRONE_COMMIT_SHA} trigger: event: include: - push exclude: - pull_request branch: - main - update depends_on: - Build --- kind: pipeline type: docker name: Publish platform: os: linux arch: amd64 kind: pipeline type: docker name: config-check steps: - name: check-config image: alpine/git commands: - git fetch --no-tags --depth=2 - | if git diff --quiet HEAD^ HEAD -- varnish/default.vcl; then echo "No changes in varnish config file, skipping..." exit 78 # exit code 78 = skip in Drone else echo "Changes detected in varnish config" fi - name: Publish varnish to ghcr image: plugins/docker settings: registry: ghcr.io repo: ghcr.io/kevinmidboe/varnish-infra-map contexT: varnish dockerfile: Dockerfile compress: true username: from_secret: GITHUB_USERNAME password: from_secret: GHCR_UPLOAD_TOKEN build_args_from_env: - tags: - latest - ${DRONE_COMMIT_SHA} trigger: event: include: - push exclude: - pull_request branch: - main - update depends_on: - Build --- kind: pipeline type: docker name: Deploy platform: os: linux arch: amd64 steps: - name: Prepare kubernetes environment image: alpine/k8s:1.25.15 environment: VAULT_TOKEN: from_secret: VAULT_TOKEN VAULT_HOST: from_secret: VAULT_HOST commands: - mkdir -p /root/.kube - echo "IMAGE=ghcr.io/kevinmidboe/${DRONE_REPO_NAME}:${DRONE_COMMIT_SHA}" > /root/.kube/.env - echo "VARNISH_IMAGE=ghcr.io/kevinmidboe/varnish-${DRONE_REPO_NAME}" >> /root/.kube/.env - echo "NAMESPACE=${DRONE_REPO_NAME}" >> /root/.kube/.env - 'curl -s -H "X-Vault-Token: $VAULT_TOKEN" $VAULT_HOST/v1/schleppe/data/kazan/_infra | jq -r ".data.data.KUBE_CONFIG" > /root/.kube/config' - 'curl -s -H "X-Vault-Token: $VAULT_TOKEN" $VAULT_HOST/v1/schleppe/data/kazan/_infra | jq -cr ".data.data | .[\"ghcr-login-secret\"] | @base64" > /root/.kube/dockerconfig.json' - echo "DOCKER_CONFIG=$(cat /root/.kube/dockerconfig.json)" >> /root/.kube/.env - 'curl -s -H "X-Vault-Token: $VAULT_TOKEN" $VAULT_HOST/v1/schleppe/data/kazan/${DRONE_REPO_NAME} | jq -cr ".data.data | to_entries[] | .key + \"=\" + (.value | @base64)" >> /root/.kube/.env' - sed -i '/^$/!s/^/export /' /root/.kube/.env volumes: - name: kube-config path: /root/.kube - name: Deploy to kubernetes image: alpine/k8s:1.25.15 commands: - source /root/.kube/.env > /dev/null 2>&1 - cat .kubernetes/*.yml | envsubst | kubectl --kubeconfig=/root/.kube/config apply -f - volumes: - name: kube-config path: /root/.kube trigger: event: include: - push exclude: - pull_request branch: - main - update depends_on: - Build - Publish volumes: - name: kube-config temp: {} --- kind: signature hmac: 01caa41521eac62356f6fc941cdd489dae8e2c4249bdb4e4dc1a32e101c639b7 ...