kube/drone/README.md

3.5 KiB

Deployment

To deploy:

kubectl apply -n drone -f application.yml

To bootstrap secrets:

 kubectl create secret generic -n drone application-secrets \
    --from-literal=DRONE_GITEA_CLIENT_ID=... \
    --from-literal=DRONE_GITEA_CLIENT_SECRET=... \
    --from-literal=DRONE_RPC_SECRET=$(cat /dev/urandom | base64 | head -c 30)

Integrating with Docker registry

We use harbor.k-space.ee to host own images.

Set up robot account robot$k-space+drone in Harbor first.

In Drone associate docker_username and docker_password secrets with the k-space.

Instead of click marathon you can also pull the CLI configuration for Drone from https://drone.k-space.ee/account

drone orgsecret add k-space docker_username 'robot$k-space+drone'
 drone orgsecret add k-space docker_password '...'

Integrating with e-mail

To (re)set e-mail credentials:

drone orgsecret add k-space email_password '...'

To issue build hit the button in Drone web interface or alternatively:

drone build create k-space/...

Using templates

Templates unfortunately aren't pulled in from this Git repo.

Current docker.yaml template includes following:

kind: pipeline
type: kubernetes
name: build-arm64
platform:
  arch: arm64
  os: linux
node_selector:
  kubernetes.io/arch: arm64
tolerations:
- key: arch
  operator: Equal
  value: arm64
  effect: NoSchedule
steps:
- name: submodules
  image: alpine/git
  commands:
  - touch .gitmodules
  - sed -i -e 's/git@git.k-space.ee:/https:\\/\\/git.k-space.ee\\//g' .gitmodules
  - git submodule update --init --recursive
  - echo "ENV GIT_COMMIT=$(git rev-parse HEAD)" >> Dockerfile
  - echo "ENV GIT_COMMIT_TIMESTAMP=$(git log -1 --format=%cd --date=iso-strict)" >> Dockerfile
  - cat Dockerfile
- name: docker
  image: harbor.k-space.ee/k-space/drone-kaniko
  settings:
    repo: ${DRONE_REPO}
    tags: latest-arm64
    registry: harbor.k-space.ee
    username:
      from_secret: docker_username
    password:
      from_secret: docker_password
---
kind: pipeline
type: kubernetes
name: build-amd64
platform:
  arch: amd64
  os: linux
node_selector:
  kubernetes.io/arch: amd64
steps:
- name: submodules
  image: alpine/git
  commands:
  - touch .gitmodules
  - sed -i -e 's/git@git.k-space.ee:/https:\\/\\/git.k-space.ee\\//g' .gitmodules
  - git submodule update --init --recursive
  - echo "ENV GIT_COMMIT=$(git rev-parse HEAD)" >> Dockerfile
  - echo "ENV GIT_COMMIT_TIMESTAMP=$(git log -1 --format=%cd --date=iso-strict)" >> Dockerfile
  - cat Dockerfile
- name: docker
  image: harbor.k-space.ee/k-space/drone-kaniko
  settings:
    repo: ${DRONE_REPO}
    tags: latest-amd64
    registry: harbor.k-space.ee
    storage_driver: vfs
    username:
      from_secret: docker_username
    password:
      from_secret: docker_password
---
kind: pipeline
type: kubernetes
name: manifest
steps:
- name: manifest
  image: plugins/manifest
  settings:
    target: ${DRONE_REPO}:latest
    template: ${DRONE_REPO}:latest-ARCH
    platforms:
      - linux/amd64
      - linux/arm64
    username:
      from_secret: docker_username
    password:
      from_secret: docker_password
depends_on:
- build-amd64
- build-arm64
---
kind: pipeline
type: kubernetes
name: gitlint
steps:
- name: gitlint
  image: harbor.k-space.ee/k-space/gitlint-bundle
  # https://git.k-space.ee/k-space/gitlint-bundle
---
kind: pipeline
type: kubernetes
name: flake8
steps:
- name: flake8
  image: harbor.k-space.ee/k-space/flake8-bundle
  # https://git.k-space.ee/k-space/flake8-bundle