k9e.no/.drone.yml

---
kind: pipeline
type: docker
name: Build

platform:
  os: linux
  arch: amd64

steps:
  - name: Install dependencies
    image: node:21-alpine3.17
    commands:
      - yarn

  - name: Lint project
    image: node:21-alpine3.17
    commands:
      - yarn lint

  - name: Build
    image: node:21-alpine3.17
    commands:
      - yarn build

---
kind: pipeline
type: docker
name: Publish

platform:
  os: linux
  arch: amd64

steps:
  - name: Publish to ghcr
    image: plugins/docker
    settings:
      registry: ghcr.io
      repo: ghcr.io/kevinmidboe/${DRONE_REPO_NAME}
      dockerfile: Dockerfile
      username:
        from_secret: GITHUB_USERNAME
      password:
        from_secret: GHCR_UPLOAD_TOKEN
      tags:
        - latest
        - ${DRONE_COMMIT_SHA}

trigger:
  event:
    include:
      - push
    exclude:
      - pull_request
  branch:
    - main

depends_on:
  - Build

---
kind: pipeline
type: docker
name: Deploy

platform:
  os: linux
  arch: amd64

steps:
  - name: Prepare kubernetes environment
    image: alpine/k8s:1.25.15
    environment:
      VAULT_TOKEN:
        from_secret: VAULT_TOKEN
      VAULT_HOST:
        from_secret: VAULT_HOST
    commands:
      - mkdir -p /root/.kube
      - echo "IMAGE=ghcr.io/kevinmidboe/${DRONE_REPO_NAME}:${DRONE_COMMIT_SHA}" > /root/.kube/.env
      - echo "NAMESPACE=${DRONE_REPO_NAME}" >> /root/.kube/.env
      - 'curl -s
        -H "X-Vault-Token: $VAULT_TOKEN"
        $VAULT_HOST/v1/schleppe/data/kazan/_infra
        | jq -r ".data.data.KUBE_CONFIG" > /root/.kube/config'
      - 'curl -s
        -H "X-Vault-Token: $VAULT_TOKEN"
        $VAULT_HOST/v1/schleppe/data/kazan/_infra
        | jq -cr ".data.data | .[\"ghcr-login-secret\"] | @base64" > /root/.kube/dockerconfig.json'
      - echo "DOCKER_CONFIG=$(cat /root/.kube/dockerconfig.json)" >> /root/.kube/.env
      - sed -i '/^$/!s/^/export /' /root/.kube/.env
    volumes:
      - name: kube-config
        path: /root/.kube

  - name: Deploy to kubernetes
    image: alpine/k8s:1.25.15
    commands:
      - source /root/.kube/.env > /dev/null 2>&1
      - cat .kubernetes/*.yml
        | envsubst
        | kubectl --kubeconfig=/root/.kube/config apply -f -
    volumes:
      - name: kube-config
        path: /root/.kube

trigger:
  event:
    include:
      - push
    exclude:
      - pull_request
  branch:
    - main

depends_on:
  - Build
  - Publish

volumes:
  - name: kube-config
    temp: {}
---
kind: signature
hmac: 03e25f2d7d7c020ae68bf05137456105df022f967c02709740cf892a94ac8620

...