chore(deps): update debian docker tag to v11

Re: coop-cloud/organising#369

.drone.yml

@@ -1,9 +1,9 @@
 ---
 kind: pipeline
-name: deploy to hub.docker.com
+name: build & publish image
 steps:
   - name: run shellcheck
-    image: debian:buster
+    image: debian:bullseye
     commands:
       - apt update
       - apt install -y shellcheck
@@ -11,12 +11,12 @@ steps:
   - name: docker push
     image: plugins/docker
     settings:
-      username:
-        from_secret: docker_reg_username_coopcloud
+      username: 3wordchant
       password:
-        from_secret: docker_reg_passwd_coopcloud
-      repo: thecoopcloud/stack-ssh-deploy
+        from_secret: git_coopcloud_tech_token_3wc
+      repo: git.coopcloud.tech/coop-cloud/stack-ssh-deploy
       tags: latest
+      registry: git.coopcloud.tech
 trigger:
   branch:
     - main

README.md

@@ -1,6 +1,6 @@
 # stack-ssh-deploy
 
-[![Build Status](https://drone.autonomic.zone/api/badges/coop-cloud/stack-ssh-deploy/status.svg?ref=refs/heads/main)](https://drone.autonomic.zone/coop-cloud/stack-ssh-deploy)
+[![Build Status](https://build.coopcloud.tech/api/badges/coop-cloud/stack-ssh-deploy/status.svg?ref=refs/heads/main)](https://build.coopcloud.tech/coop-cloud/stack-ssh-deploy)
 
 Deploy swarm stacks against a SSH based remote docker daemon context.
 

plugin.sh

@@ -31,15 +31,19 @@ generate_secrets() {
   wget https://github.com/mikefarah/yq/releases/download/${VERSION}/${BINARY} -O /usr/bin/yq &&\
     chmod +x /usr/bin/yq
 
-  for SECRET in $(yq r "$PLUGIN_COMPOSE" 'secrets.*.name'); do
-    SECRET=$(eval echo "$SECRET")
-    if docker -H "$REMOTE_DOCKER_HOST" secret ls | grep -q "$SECRET"; then
-      echo "Skipping existing secret $SECRET"
-    else
-      eval "echo \"generating $SECRET\""
-      PW=$(</dev/urandom tr -dc 'A-Za-z0-9' | head -c 40; echo)
-      eval "echo \"$PW\" | docker -H \"$REMOTE_DOCKER_HOST\" secret create \"$SECRET\" -";
-    fi
+  # shellcheck disable=SC2086
+  for COMPOSE_FILE in ${PLUGIN_COMPOSE//:/ }; do
+    for SECRET in $(yq r "$COMPOSE_FILE" 'secrets.*.name'); do
+      echo "generating $SECRET"
+      SECRET=$(eval echo "$SECRET")
+      if docker -H "$REMOTE_DOCKER_HOST" secret ls | grep -q "$SECRET"; then
+        echo "Skipping existing secret $SECRET"
+      else
+        eval "echo \"generating $SECRET\""
+        PW=$(</dev/urandom tr -dc 'A-Za-z0-9' | head -c 40; echo)
+        eval "echo \"$PW\" | docker -H \"$REMOTE_DOCKER_HOST\" secret create \"$SECRET\" -";
+      fi
+    done
   done
   echo "--- end secrets ---"
 }
@@ -64,15 +68,15 @@ output_versions(){
 run_stack_deploy() {
   echo "--- start deploy ---"
 
-  if [[ ! -z "${PLUGIN_REG_USER}" ]] && [[ ! -z "${PLUGIN_REG_PASS}" ]]; then
+  if [[ -n "${PLUGIN_REG_USER}" ]] && [[ -n "${PLUGIN_REG_PASS}" ]]; then
     echo "--- discovered secrets, assuming private registry, logging in ---"
     docker -H "$REMOTE_DOCKER_HOST" login -u "${PLUGIN_REG_USER}" -p "${PLUGIN_REG_PASS}"
     docker -H "$REMOTE_DOCKER_HOST" pull "${PLUGIN_IMAGE}"
     echo "${PLUGIN_IMAGE}"
-    docker -H "$REMOTE_DOCKER_HOST" stack deploy -c "$PLUGIN_COMPOSE" "$PLUGIN_STACK"
-  else
-    docker -H "$REMOTE_DOCKER_HOST" stack deploy -c "$PLUGIN_COMPOSE" "$PLUGIN_STACK"
   fi
+  echo "compose: $PLUGIN_COMPOSE"
+  # shellcheck disable=SC2086
+  docker -H "$REMOTE_DOCKER_HOST" stack deploy -c ${PLUGIN_COMPOSE//:/ -c } "$PLUGIN_STACK"
   echo "--- end deploy ---"
 }
 
@@ -100,7 +104,7 @@ run_purge() {
 
   # See https://github.com/moby/moby/issues/30942#issuecomment-540699206
   until [ -z "$(docker -H "$REMOTE_DOCKER_HOST" stack ps "$PLUGIN_STACK" -q)" ]; do sleep 1; done
-  docker -H "$REMOTE_DOCKER_HOST" system prune --all --volumes --force
+  docker -H "$REMOTE_DOCKER_HOST" system prune --all --volumes --force || true
 
   # try and remove all secrets; Docker will leave ones which are in use
   docker -H "$REMOTE_DOCKER_HOST" secret ls --format '{{ .Name }}' | xargs -i sh -c "echo {}; docker -H \"$REMOTE_DOCKER_HOST\" secret rm {} || true"