From 8eb6ba303c107fb116cf3a43689f2643ea309561 Mon Sep 17 00:00:00 2001 From: Simon Vieille Date: Wed, 6 Dec 2023 19:38:45 +0100 Subject: [PATCH 1/5] add novops conf --- .mage.yml.dist | 1 + .novops.yml | 39 +++++++++++++++++++++++++++++++++++++++ .woodpecker/build.yml | 14 ++++++++++---- .woodpecker/deploy.yml | 8 +++++++- 4 files changed, 57 insertions(+), 5 deletions(-) create mode 100644 .novops.yml diff --git a/.mage.yml.dist b/.mage.yml.dist index 44e7dfb..a724526 100644 --- a/.mage.yml.dist +++ b/.mage.yml.dist @@ -18,6 +18,7 @@ magephp: - "/var/cache/*" - "/var/log/*" - "/public/media" + - "/.secrets" hosts: - ssh_host on-deploy: diff --git a/.novops.yml b/.novops.yml new file mode 100644 index 0000000..a0a9c25 --- /dev/null +++ b/.novops.yml @@ -0,0 +1,39 @@ +environments: + build: + variables: + - name: MYSQLDUMP + value: + hvault_kv2: + mount: kv + path: deblan/deblan.io-murph + key: mysqldump + + deploy: + variables: + - name: SSH_USER + value: + hvault_kv2: + mount: kv + path: deblan/deblan.io-murph + key: ssh_user + + - name: SSH_HOST + value: + hvault_kv2: + mount: kv + path: deblan/deblan.io-murph + key: ssh_host + + - name: SSH_PRIV_KEY + value: + hvault_kv2: + mount: kv + path: deblan/deblan.io-murph + key: ssh_priv_key + + - name: APP_DIRECTORY + value: + hvault_kv2: + mount: kv + path: deblan/deblan.io-murph + key: app_directory diff --git a/.woodpecker/build.yml b/.woodpecker/build.yml index 161ce66..e241c79 100644 --- a/.woodpecker/build.yml +++ b/.woodpecker/build.yml @@ -1,6 +1,6 @@ variables: - - &volumes - - node16_cache:/root/.npm + volumes: &volumes + - node_cache:/root/.npm - /data/${CI_REPO}:/builds when: @@ -8,6 +8,12 @@ when: branch: [master, master-*, develop, develop-*, feature/*] steps: + secrets: + image: gitnet.fr/deblan/novops + secrets: [vault_addr, vault_token] + commands: + - novops load -e build > .secrets + db-wait: image: gitnet.fr/deblan/timeout:latest commands: @@ -15,8 +21,8 @@ steps: db-create: image: mariadb:10.3 - secrets: [mysqldump] commands: + - . /.secrets - mysql -hdb -uroot -proot -e "CREATE DATABASE app" - eval "$MYSQLDUMP" | mysql -hdb -uroot -proot app @@ -80,4 +86,4 @@ services: - MARIADB_ROOT_PASSWORD=root volumes: - node16_cache: + node_cache: diff --git a/.woodpecker/deploy.yml b/.woodpecker/deploy.yml index b163295..c5afb1b 100644 --- a/.woodpecker/deploy.yml +++ b/.woodpecker/deploy.yml @@ -8,11 +8,17 @@ when: skip_clone: true steps: + secrets: + image: gitnet.fr/deblan/novops + secrets: [vault_addr, vault_token] + commands: + - novops load -e deploy > .secrets + app-deploy: image: deblan/mage - secrets: [ssh_user, ssh_host, ssh_priv_key, app_directory] volumes: *volumes commands: + - . ./.secrets - cd "/builds/$CI_COMMIT_SHA" - mkdir "$HOME/.ssh" - echo "$SSH_PRIV_KEY" > "$HOME/.ssh/id_ed25519" From 60c60016a162e52fb23e692355250968fd6e5e0b Mon Sep 17 00:00:00 2001 From: Simon Vieille Date: Wed, 6 Dec 2023 19:40:30 +0100 Subject: [PATCH 2/5] update novops conf --- .woodpecker/build.yml | 12 ++++++------ .woodpecker/deploy.yml | 2 +- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.woodpecker/build.yml b/.woodpecker/build.yml index e241c79..c867611 100644 --- a/.woodpecker/build.yml +++ b/.woodpecker/build.yml @@ -8,21 +8,21 @@ when: branch: [master, master-*, develop, develop-*, feature/*] steps: + db-wait: + image: gitnet.fr/deblan/timeout:latest + commands: + - /bin/timeout -t 30 -v -c 'while true; do nc -z -v db 3306 2>&1 | grep succeeded && exit 0; sleep 0.5; done' + secrets: image: gitnet.fr/deblan/novops secrets: [vault_addr, vault_token] commands: - novops load -e build > .secrets - db-wait: - image: gitnet.fr/deblan/timeout:latest - commands: - - /bin/timeout -t 30 -v -c 'while true; do nc -z -v db 3306 2>&1 | grep succeeded && exit 0; sleep 0.5; done' - db-create: image: mariadb:10.3 commands: - - . /.secrets + - . .secrets - mysql -hdb -uroot -proot -e "CREATE DATABASE app" - eval "$MYSQLDUMP" | mysql -hdb -uroot -proot app diff --git a/.woodpecker/deploy.yml b/.woodpecker/deploy.yml index c5afb1b..1a7e7f4 100644 --- a/.woodpecker/deploy.yml +++ b/.woodpecker/deploy.yml @@ -18,7 +18,7 @@ steps: image: deblan/mage volumes: *volumes commands: - - . ./.secrets + - . .secrets - cd "/builds/$CI_COMMIT_SHA" - mkdir "$HOME/.ssh" - echo "$SSH_PRIV_KEY" > "$HOME/.ssh/id_ed25519" From 0e0f2688c77152aaa5142507e26d7951a787db4f Mon Sep 17 00:00:00 2001 From: Simon Vieille Date: Wed, 6 Dec 2023 19:41:35 +0100 Subject: [PATCH 3/5] update novops conf --- .woodpecker/build.yml | 2 +- .woodpecker/deploy.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.woodpecker/build.yml b/.woodpecker/build.yml index c867611..82b4b24 100644 --- a/.woodpecker/build.yml +++ b/.woodpecker/build.yml @@ -22,7 +22,7 @@ steps: db-create: image: mariadb:10.3 commands: - - . .secrets + - . ./.secrets - mysql -hdb -uroot -proot -e "CREATE DATABASE app" - eval "$MYSQLDUMP" | mysql -hdb -uroot -proot app diff --git a/.woodpecker/deploy.yml b/.woodpecker/deploy.yml index 1a7e7f4..c5afb1b 100644 --- a/.woodpecker/deploy.yml +++ b/.woodpecker/deploy.yml @@ -18,7 +18,7 @@ steps: image: deblan/mage volumes: *volumes commands: - - . .secrets + - . ./.secrets - cd "/builds/$CI_COMMIT_SHA" - mkdir "$HOME/.ssh" - echo "$SSH_PRIV_KEY" > "$HOME/.ssh/id_ed25519" From 83f7946d020ac73583c76475eb130701cc44cd34 Mon Sep 17 00:00:00 2001 From: Simon Vieille Date: Wed, 6 Dec 2023 20:18:21 +0100 Subject: [PATCH 4/5] update ci config --- .woodpecker/build.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.woodpecker/build.yml b/.woodpecker/build.yml index 82b4b24..4ad2e1b 100644 --- a/.woodpecker/build.yml +++ b/.woodpecker/build.yml @@ -55,7 +55,8 @@ steps: image: node:16-alpine environment: - CPU_COUNT=3 - volumes: *volumes + volumes: + - <<: *volumes commands: - apk add --no-cache git - npm install -g svg2ttf ttf2eot ttf2woff2 From 2ee645bdab96302bbeb7bb11df54286dba5c32ca Mon Sep 17 00:00:00 2001 From: Simon Vieille Date: Wed, 6 Dec 2023 20:20:10 +0100 Subject: [PATCH 5/5] update ci config --- .woodpecker/build.yml | 3 +-- .woodpecker/deploy.yml | 2 +- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/.woodpecker/build.yml b/.woodpecker/build.yml index 4ad2e1b..82b4b24 100644 --- a/.woodpecker/build.yml +++ b/.woodpecker/build.yml @@ -55,8 +55,7 @@ steps: image: node:16-alpine environment: - CPU_COUNT=3 - volumes: - - <<: *volumes + volumes: *volumes commands: - apk add --no-cache git - npm install -g svg2ttf ttf2eot ttf2woff2 diff --git a/.woodpecker/deploy.yml b/.woodpecker/deploy.yml index c5afb1b..c5e87f7 100644 --- a/.woodpecker/deploy.yml +++ b/.woodpecker/deploy.yml @@ -1,5 +1,5 @@ variables: - - &volumes + volumes: &volumes - /data/${CI_REPO}:/builds when: