2020-09-25 10:43:54 +00:00
|
|
|
#!/bin/bash
|
|
|
|
|
|
|
|
set -e
|
2020-09-23 06:32:50 +00:00
|
|
|
|
2020-09-23 07:31:36 +00:00
|
|
|
PLUGIN_COMPOSE=${PLUGIN_COMPOSE:-compose.yml}
|
2020-09-23 07:38:51 +00:00
|
|
|
PLUGIN_HOST=${PLUGIN_HOST:-swarm.autonomic.zone}
|
|
|
|
PLUGIN_PORT=${PLUGIN_PORT:-222}
|
2020-09-25 18:03:10 +00:00
|
|
|
PLUGIN_PURGE=${PLUGIN_PURGE:-"false"}
|
2020-09-23 07:38:51 +00:00
|
|
|
PLUGIN_USER=${PLUGIN_USER:-drone}
|
2020-09-23 06:50:38 +00:00
|
|
|
|
2020-09-25 18:19:10 +00:00
|
|
|
DOCKER_HOST="ssh://$PLUGIN_USER@$PLUGIN_HOST:$PLUGIN_PORT"
|
2020-09-25 18:03:10 +00:00
|
|
|
|
2020-09-25 17:26:21 +00:00
|
|
|
generate_secrets() {
|
|
|
|
echo "--- start secrets ---"
|
2020-09-25 17:51:30 +00:00
|
|
|
# FIXME 3wc: use the yq docker image instead; couldn't easily get it working
|
|
|
|
VERSION=3.4.0
|
|
|
|
BINARY=yq_linux_amd64
|
|
|
|
wget https://github.com/mikefarah/yq/releases/download/${VERSION}/${BINARY} -O /usr/bin/yq &&\
|
|
|
|
chmod +x /usr/bin/yq
|
2020-09-25 18:32:04 +00:00
|
|
|
|
|
|
|
export DOCKER_HOST="ssh://$PLUGIN_USER@$PLUGIN_HOST:$PLUGIN_PORT"
|
|
|
|
|
|
|
|
for SECRET in $(yq r "$PLUGIN_COMPOSE" 'secrets.*.name'); do
|
2020-09-25 18:53:09 +00:00
|
|
|
SECRET=$(eval echo "$SECRET")
|
|
|
|
docker secret ls
|
|
|
|
echo "$SECRET"
|
2020-09-25 18:50:09 +00:00
|
|
|
if ! docker secret ls | grep -q "$SECRET"; then
|
2020-09-25 18:47:13 +00:00
|
|
|
eval "echo \"generating $SECRET\""
|
|
|
|
PW=$(</dev/urandom tr -dc 'A-Za-z0-9' | head -c 40; echo)
|
|
|
|
eval "echo \"$PW\" | docker secret create \"$SECRET\" -";
|
|
|
|
fi
|
2020-09-25 17:26:21 +00:00
|
|
|
done
|
|
|
|
echo "--- end secrets ---"
|
|
|
|
}
|
|
|
|
|
2020-09-23 06:35:16 +00:00
|
|
|
load_deploy_key() {
|
2020-09-25 18:03:22 +00:00
|
|
|
echo "--- start ssh key load ---"
|
2020-09-23 07:24:15 +00:00
|
|
|
mkdir -p "$HOME/.ssh/"
|
2020-09-23 07:31:36 +00:00
|
|
|
ssh-keyscan -p "$PLUGIN_PORT" "$PLUGIN_HOST" > "$HOME/.ssh/known_hosts"
|
2020-09-23 07:24:15 +00:00
|
|
|
|
2020-09-25 10:44:00 +00:00
|
|
|
# shellcheck disable=SC2046,SC2006
|
2020-09-23 07:24:15 +00:00
|
|
|
eval `ssh-agent`
|
2020-09-23 07:00:55 +00:00
|
|
|
echo "$PLUGIN_DEPLOY_KEY" | ssh-add -
|
2020-09-25 18:03:22 +00:00
|
|
|
echo "--- end ssh key load ---"
|
2020-09-23 06:32:50 +00:00
|
|
|
}
|
|
|
|
|
2020-09-25 18:04:36 +00:00
|
|
|
output_versions(){
|
|
|
|
echo "--- start versions"
|
2020-09-23 07:21:21 +00:00
|
|
|
docker version
|
2020-09-25 18:04:36 +00:00
|
|
|
echo "--- end versions"
|
|
|
|
}
|
2020-09-23 07:12:21 +00:00
|
|
|
|
2020-09-25 18:03:10 +00:00
|
|
|
run_stack_deploy() {
|
|
|
|
echo "--- start deploy ---"
|
2020-09-25 18:19:10 +00:00
|
|
|
docker -H "$DOCKER_HOST" stack deploy -c "$PLUGIN_COMPOSE" "$PLUGIN_STACK"
|
2020-09-25 18:03:10 +00:00
|
|
|
echo "--- end deploy ---"
|
2020-09-23 06:32:50 +00:00
|
|
|
}
|
|
|
|
|
2020-09-25 14:11:48 +00:00
|
|
|
run_stack_wait() {
|
2020-09-25 18:19:10 +00:00
|
|
|
export DOCKER_HOST="ssh://$PLUGIN_USER@$PLUGIN_HOST:$PLUGIN_PORT"
|
|
|
|
|
2020-09-25 18:04:06 +00:00
|
|
|
docker run --rm vitalets/docker-stack-wait-deploy \
|
|
|
|
| sed 's/True/true/' \
|
|
|
|
| bash /dev/stdin "$PLUGIN_STACK"
|
2020-09-25 14:11:48 +00:00
|
|
|
}
|
|
|
|
|
2020-09-25 18:04:36 +00:00
|
|
|
run_purge() {
|
|
|
|
echo "--- start purge ---"
|
2020-09-25 18:29:24 +00:00
|
|
|
docker -H "$DOCKER_HOST" stack rm "$PLUGIN_STACK"
|
2020-09-25 18:04:36 +00:00
|
|
|
echo "--- end purge ---"
|
|
|
|
}
|
|
|
|
|
2020-09-25 18:29:24 +00:00
|
|
|
run_cleanup() {
|
|
|
|
echo "--- start cleanup ---"
|
2020-09-25 18:35:27 +00:00
|
|
|
# See https://github.com/moby/moby/issues/30942#issuecomment-540699206
|
|
|
|
until [ -z "$(docker stack ps "$PLUGIN_STACK" -q)" ]; do sleep 1; done
|
2020-09-25 18:29:24 +00:00
|
|
|
docker -H "$DOCKER_HOST" system prune --all --volumes --force
|
2020-09-25 18:53:01 +00:00
|
|
|
docker -H "$DOCKER_HOST" secret rm "$(docker -H "$DOCKER_HOST" secret ls -q)" || true
|
2020-09-25 18:29:24 +00:00
|
|
|
echo "--- end cleanup ---"
|
|
|
|
}
|
|
|
|
|
2020-09-23 06:35:16 +00:00
|
|
|
run_plugin() {
|
2020-09-25 18:04:36 +00:00
|
|
|
echo "--- start ssh-stack-deploy ---"
|
2020-09-23 06:32:50 +00:00
|
|
|
load_deploy_key
|
2020-09-25 18:21:19 +00:00
|
|
|
output_versions
|
2020-09-25 17:26:21 +00:00
|
|
|
|
|
|
|
if [ -n "$PLUGIN_GENERATE_SECRETS" ]; then
|
|
|
|
generate_secrets
|
|
|
|
fi
|
|
|
|
|
2020-09-23 06:32:50 +00:00
|
|
|
run_stack_deploy
|
2020-09-25 14:11:48 +00:00
|
|
|
run_stack_wait
|
2020-09-25 18:04:36 +00:00
|
|
|
|
|
|
|
if [ "$PLUGIN_PURGE" == "true" ]; then
|
|
|
|
run_purge
|
|
|
|
fi
|
2020-09-25 18:29:24 +00:00
|
|
|
|
|
|
|
run_cleanup
|
2020-09-25 18:04:36 +00:00
|
|
|
echo "--- end ssh-stack-deploy ---"
|
2020-09-23 06:32:50 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
run_plugin
|