add gitea oauth variables

.drone.jsonnet

@@ -0,0 +1,112 @@
+local AnsibleVersions(version="latest", package="ansible") = {
+    name: "ansible-" + version,
+    image: "python:3.7",
+    pull: "always",
+    environment: {
+      PY_COLORS: 1
+    },
+    commands: [
+      "pip install " + package + " ansible-later~=0.2.0 -qq",
+      "git clone https://gitea.rknet.org/ansible/ansible-later-policy.git ~/policy",
+      "ansible-later -c ~/policy/config.yml"
+    ],
+    depends_on: [
+      "clone",
+    ],
+};
+
+local PipelineLinting = {
+  kind: "pipeline",
+  name: "linting",
+  platform: {
+    os: "linux",
+    arch: "amd64",
+  },
+  steps: [
+    AnsibleVersions(version="latest", package="ansible"),
+    AnsibleVersions(version="master", package="git+https://github.com/ansible/ansible.git@devel"),
+  ],
+  trigger: {
+    ref: ["refs/heads/master", "refs/tags/**", "refs/pull/**"],
+  },
+};
+
+local PipelineDeployment = {
+  kind: "pipeline",
+  name: "deployment",
+  platform: {
+    os: "linux",
+    arch: "amd64",
+  },
+  workspace: {
+    base: "/drone/src",
+    path: "xoxys.nginx"
+  },
+  steps: [
+    {
+      name: "molecule",
+      image: "xoxys/molecule:ec2-linux-amd64",
+      pull: "always",
+      environment: {
+        ANSIBLE_ROLES_PATH: "/drone/src",
+        AWS_ACCESS_KEY_ID: { "from_secret": "aws_access_key_id" },
+        AWS_SECRET_ACCESS_KEY: { "from_secret": "aws_secret_access_key" },
+        AWS_REGION: "eu-central-1",
+        MOLECULE_CUSTOM_MODULES_REPO: "https://gitea.rknet.org/ansible/custom_modules",
+        MOLECULE_CUSTOM_FILTERS_REPO: "https://gitea.rknet.org/ansible/custom_filters",
+        PY_COLORS: 1
+      },
+      commands: [
+        "/bin/bash /docker-entrypoint.sh",
+        "molecule create --scenario-name ec2-centos-7",
+        "molecule converge --scenario-name ec2-centos-7",
+        "molecule verify --scenario-name ec2-centos-7",
+        "molecule destroy --scenario-name ec2-centos-7",
+      ],
+    },
+  ],
+  depends_on: [
+    "linting",
+  ],
+  trigger: {
+    ref: ["refs/heads/master", "refs/tags/**"],
+  },
+};
+
+local PipelineNotifications = {
+  kind: "pipeline",
+  name: "notifications",
+  platform: {
+    os: "linux",
+    arch: "amd64",
+  },
+  clone: {
+    disable: true,
+  },
+  steps: [
+    {
+      name: "matrix",
+      image: "plugins/matrix",
+      settings: {
+        homeserver: "https://matrix.rknet.org",
+        roomid: "MtidqQXWWAtQcByBhH:rknet.org",
+        template: "Status: **{{ build.status }}**<br/> Build: [{{ repo.Owner }}/{{ repo.Name }}]({{ build.link }}) ({{ build.branch }}) by {{ build.author }}<br/> Message: {{ build.message }}",
+        username: { "from_secret": "matrix_username" },
+        password: { "from_secret": "matrix_password" },
+      },
+    },
+  ],
+  // depends_on: [
+  //   "deployment",
+  // ],
+  trigger: {
+    status: [ "success", "failure" ],
+    ref: ["refs/heads/master", "refs/tags/**"],
+  },
+};
+
+[
+  PipelineLinting,
+  // PipelineDeployment,
+  PipelineNotifications,
+]

.drone.yml

@@ -1,22 +1,71 @@
 ---
 kind: pipeline
-name: default
+name: linting
+
+platform:
+  os: linux
+  arch: amd64
 
 steps:
-  - name: ansible-latest
-    image: python:2.7
-    pull: always
-    commands:
-      - pip install ansible ansible-later -q
-      - git clone https://gitea.rknet.org/ansible/ansible-later-policy.git ~/policy
-      - git ls-files *[^LICENSE,.md] | xargs ansible-later -c ~/policy/config.ini
-    depends_on: [ clone ]
+- name: ansible-latest
+  pull: always
+  image: python:3.7
+  commands:
+  - pip install ansible ansible-later~=0.2.0 -qq
+  - git clone https://gitea.rknet.org/ansible/ansible-later-policy.git ~/policy
+  - ansible-later -c ~/policy/config.yml
+  environment:
+    PY_COLORS: 1
+  depends_on:
+  - clone
 
-  - name: ansible-master
-    image: python:2.7
-    pull: always
-    commands:
-      - pip install ansible ansible-later -q
-      - git clone https://gitea.rknet.org/ansible/ansible-later-policy.git ~/policy
-      - git ls-files *[^LICENSE,.md] | xargs ansible-later -c ~/policy/config.ini
-    depends_on: [ clone ]
+- name: ansible-master
+  pull: always
+  image: python:3.7
+  commands:
+  - "pip install git+https://github.com/ansible/ansible.git@devel ansible-later~=0.2.0 -qq"
+  - git clone https://gitea.rknet.org/ansible/ansible-later-policy.git ~/policy
+  - ansible-later -c ~/policy/config.yml
+  environment:
+    PY_COLORS: 1
+  depends_on:
+  - clone
+
+trigger:
+  ref:
+  - refs/heads/master
+  - "refs/tags/**"
+  - "refs/pull/**"
+
+---
+kind: pipeline
+name: notifications
+
+platform:
+  os: linux
+  arch: amd64
+
+clone:
+  disable: true
+
+steps:
+- name: matrix
+  image: plugins/matrix
+  settings:
+    homeserver: https://matrix.rknet.org
+    password:
+      from_secret: matrix_password
+    roomid: MtidqQXWWAtQcByBhH:rknet.org
+    template: "Status: **{{ build.status }}**<br/> Build: [{{ repo.Owner }}/{{ repo.Name }}]({{ build.link }}) ({{ build.branch }}) by {{ build.author }}<br/> Message: {{ build.message }}"
+    username:
+      from_secret: matrix_username
+
+trigger:
+  ref:
+  - refs/heads/master
+  - "refs/tags/**"
+  status:
+  - success
+  - failure
+
+...

defaults/main.yml

@@ -9,6 +9,7 @@ droneci_secret: myveryownsecret
 
 droneci_restart_policy: always
 
+droneci_server_container_name: drone-server
 droneci_server_image: "drone/drone:{{ droneci_version }}"
 droneci_server_exposed_port: 8080
 droneci_server_exposed_ip: 127.0.0.1
@@ -17,8 +18,9 @@ droneci_server_exposed_ip: 127.0.0.1
 # droneci_server_extra_hosts: []
 droneci_server_privileged: False
 
+droneci_agent_container_name: drone-agent
 droneci_agent_image: "drone/agent:{{ droneci_version }}"
-dronevi_agent_capacity: 2
+droneci_agent_capacity: 2
 # droneci_agent_memory_limit: 512m # defaults to not set
 # droneci_agent_memory_reservation: 256m # defaults to not set
 droneci_agent_privileged: False
@@ -60,7 +62,10 @@ droneci_postgres_user:
 
 droneci_gitea_enabled: False
 droneci_gitea_server: http://my-git.example.com
-droneci_gitea_skip_verify_enabled: False
+droneci_gitea_skip_verify: False
+# To enable gitea oauth set both
+# droneci_gitea_oauth_client_id: 1111-222-33333-44444 # defaults to not set
+# droneci_gitea_oauth_client_secret: 1234abcd5678efgh # defaults to not set
 
 droneci_tls_cert_path: droneci.pem
 droneci_tls_key_path: droneci.pem

templates/services/droneci-compose.yml.j2

@@ -4,6 +4,7 @@ version: '2'
 
 services:
   droneserver:
+    container_name: {{ droneci_server_container_name }}
     image: {{ droneci_server_image }}
     ports:
       - {{ droneci_server_exposed_ip + ':' if droneci_server_exposed_ip is defined else '' }}{{ droneci_server_exposed_port }}:80
@@ -38,7 +39,11 @@ services:
       {% endif %}
       {% if droneci_gitea_enabled %}
       - DRONE_GITEA_SERVER={{ droneci_gitea_server }}
-      - DRONE_GITEA_SKIP_VERIFY={{ droneci_gitea_skip_verify_enabled | lower }}
+      - DRONE_GITEA_SKIP_VERIFY={{ droneci_gitea_skip_verify | lower }}
+      {% if droneci_gitea_oauth_client_id is defined and droneci_gitea_oauth_client_secret is defined %}
+      DRONE_GITEA_CLIENT_ID={{ droneci_gitea_oauth_client_id }}
+      DRONE_GITEA_CLIENT_SECRET={{ droneci_gitea_oauth_client_secret }}
+      {% endif %}
       {% endif %}
       {% if droneci_http_proxy is defined %}
       - HTTP_PROXY={{ droneci_http_proxy | join(',') }}
@@ -58,6 +63,7 @@ services:
     {% endif %}
 
   droneagent:
+    container_name: {{ droneci_agent_container_name }}
     image: {{ droneci_agent_image }}
     depends_on:
       - droneserver
@@ -69,7 +75,7 @@ services:
     environment:
       - DRONE_RPC_SERVER=http://droneserver
       - DRONE_RPC_SECRET={{ droneci_secret }}
-      - DRONE_RUNNER_CAPACITY={{ dronevi_agent_capacity }}
+      - DRONE_RUNNER_CAPACITY={{ droneci_agent_capacity }}
       # TODO: temp static value, needs to be replaced by a custom fact
       - DOCKER_API_VERSION=1.26
     {% if droneci_agent_memory_limit is defined %}