1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
|
# starlark is used instead of more readable YAML because protocols will be added/removed in future.
# you need to set the drone config path to `utils/drone.star` in the webui and also store the ssh key as a drone secret in `ssh_private_key` variable.
# run custom build with force_rebuild parameter set to true to rebuild and override images on registry
def main(ctx):
protocols = [
'xray',
'hysteria',
'ocserv',
'sshvpn'
]
pipelines = [
pipeline_1(),
pipeline_2(protocols)
]
return pipelines
def pipeline_1():
steps = []
# step 1: check if image exists on remote registry
steps.append({
"name": "check_image",
"image": "alpine:latest",
"commands": [
' wget http://registry.opviel.de/v2/_catalog -O - | grep -q "alpine_ansible_hugo" && [ "$force_rebuild" != "true" ] && echo -n "\nBUILD SKIPPED" && exit 78 || exit 0'
],
"trigger": {"branch": "master"}
})
# step 2: if doesn't exist, build and publish image to registry
steps.append({
"name": "publish_on_registry",
"image": "plugins/docker",
"settings": {
"repo": "registry.opviel.de/alpine_ansible_hugo",
"dockerfile": "utils/Dockerfile",
"registry": "registry.opviel.de",
"tags": ["latest"],
"insecure": "true",
"purge": "true",
"compress": "true"
}
})
return {
"kind": "pipeline",
"type": "docker",
"name": "Build and Publish Image",
"platform": { "arch": "arm64" },
"steps": steps,
"trigger": {"branch": "master" }
}
def pipeline_2(protocols):
environment_vars = {
"SSH_PRIVATE_KEY": {
"from_secret": "ssh_private_key"
}
}
steps = []
# step 1: export ssh private key to file
steps.append({
"name": "export_ssh_key",
"image": "alpine",
"commands": [
'echo "$SSH_PRIVATE_KEY" > .ssh_private_key',
"chmod 600 .ssh_private_key"
],
"environment": environment_vars
})
# step 2: add theme
steps.append({
"name": "git_add_theme",
"image": "alpine/git",
"commands": [
"git submodule add -f https://github.com/alex-shpak/hugo-book web/themes/hugo-book"
],
"environment": environment_vars
})
steps.append({
"name": "setup_base",
"image": "registry.opviel.de:80/alpine_ansible_hugo:latest",
"commands": [
"/usr/bin/ansible-playbook reactance.yaml -t base"
],
"depends_on": ["export_ssh_key"]
})
# step 3: run pipeline
web_deps = ["export_ssh_key", "setup_base", "git_add_theme"]
for protocol in protocols:
steps.append({
"name": "setup_{}".format(protocol),
"image": "registry.opviel.de:80/alpine_ansible_hugo:latest",
"commands": [
"/usr/bin/ansible-playbook reactance.yaml -t {}".format(protocol)
],
"depends_on": ["export_ssh_key", "setup_base"]
})
web_deps.append("setup_{}".format(protocol))
steps.append({
"name": "setup_dns",
"image": "registry.opviel.de:80/alpine_ansible_hugo:latest",
"commands": [
"/usr/bin/ansible-playbook reactance.yaml -t dns"
],
"depends_on": ["export_ssh_key", "setup_base"]
})
steps.append({
"name": "setup_web",
"image": "registry.opviel.de:80/alpine_ansible_hugo:latest",
"commands": [
"/usr/bin/ansible-playbook reactance.yaml -t web"
],
"depends_on": web_deps
})
return {
"kind": "pipeline",
"type": "docker",
"name": "Execute Playbook",
"platform": { "arch": "arm64" },
"steps": steps,
"depends_on": ["Build and Publish Image"],
"trigger": {"branch": "master"}
}
|
