add gitea oauth variables
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
parent
d51a2b3ced
commit
94d2c22fc5
112
.drone.jsonnet
Normal file
112
.drone.jsonnet
Normal file
@ -0,0 +1,112 @@
|
||||
local AnsibleVersions(version="latest", package="ansible") = {
|
||||
name: "ansible-" + version,
|
||||
image: "python:3.7",
|
||||
pull: "always",
|
||||
environment: {
|
||||
PY_COLORS: 1
|
||||
},
|
||||
commands: [
|
||||
"pip install " + package + " ansible-later~=0.2.0 -qq",
|
||||
"git clone https://gitea.rknet.org/ansible/ansible-later-policy.git ~/policy",
|
||||
"ansible-later -c ~/policy/config.yml"
|
||||
],
|
||||
depends_on: [
|
||||
"clone",
|
||||
],
|
||||
};
|
||||
|
||||
local PipelineLinting = {
|
||||
kind: "pipeline",
|
||||
name: "linting",
|
||||
platform: {
|
||||
os: "linux",
|
||||
arch: "amd64",
|
||||
},
|
||||
steps: [
|
||||
AnsibleVersions(version="latest", package="ansible"),
|
||||
AnsibleVersions(version="master", package="git+https://github.com/ansible/ansible.git@devel"),
|
||||
],
|
||||
trigger: {
|
||||
ref: ["refs/heads/master", "refs/tags/**", "refs/pull/**"],
|
||||
},
|
||||
};
|
||||
|
||||
local PipelineDeployment = {
|
||||
kind: "pipeline",
|
||||
name: "deployment",
|
||||
platform: {
|
||||
os: "linux",
|
||||
arch: "amd64",
|
||||
},
|
||||
workspace: {
|
||||
base: "/drone/src",
|
||||
path: "xoxys.nginx"
|
||||
},
|
||||
steps: [
|
||||
{
|
||||
name: "molecule",
|
||||
image: "xoxys/molecule:ec2-linux-amd64",
|
||||
pull: "always",
|
||||
environment: {
|
||||
ANSIBLE_ROLES_PATH: "/drone/src",
|
||||
AWS_ACCESS_KEY_ID: { "from_secret": "aws_access_key_id" },
|
||||
AWS_SECRET_ACCESS_KEY: { "from_secret": "aws_secret_access_key" },
|
||||
AWS_REGION: "eu-central-1",
|
||||
MOLECULE_CUSTOM_MODULES_REPO: "https://gitea.rknet.org/ansible/custom_modules",
|
||||
MOLECULE_CUSTOM_FILTERS_REPO: "https://gitea.rknet.org/ansible/custom_filters",
|
||||
PY_COLORS: 1
|
||||
},
|
||||
commands: [
|
||||
"/bin/bash /docker-entrypoint.sh",
|
||||
"molecule create --scenario-name ec2-centos-7",
|
||||
"molecule converge --scenario-name ec2-centos-7",
|
||||
"molecule verify --scenario-name ec2-centos-7",
|
||||
"molecule destroy --scenario-name ec2-centos-7",
|
||||
],
|
||||
},
|
||||
],
|
||||
depends_on: [
|
||||
"linting",
|
||||
],
|
||||
trigger: {
|
||||
ref: ["refs/heads/master", "refs/tags/**"],
|
||||
},
|
||||
};
|
||||
|
||||
local PipelineNotifications = {
|
||||
kind: "pipeline",
|
||||
name: "notifications",
|
||||
platform: {
|
||||
os: "linux",
|
||||
arch: "amd64",
|
||||
},
|
||||
clone: {
|
||||
disable: true,
|
||||
},
|
||||
steps: [
|
||||
{
|
||||
name: "matrix",
|
||||
image: "plugins/matrix",
|
||||
settings: {
|
||||
homeserver: "https://matrix.rknet.org",
|
||||
roomid: "MtidqQXWWAtQcByBhH:rknet.org",
|
||||
template: "Status: **{{ build.status }}**<br/> Build: [{{ repo.Owner }}/{{ repo.Name }}]({{ build.link }}) ({{ build.branch }}) by {{ build.author }}<br/> Message: {{ build.message }}",
|
||||
username: { "from_secret": "matrix_username" },
|
||||
password: { "from_secret": "matrix_password" },
|
||||
},
|
||||
},
|
||||
],
|
||||
// depends_on: [
|
||||
// "deployment",
|
||||
// ],
|
||||
trigger: {
|
||||
status: [ "success", "failure" ],
|
||||
ref: ["refs/heads/master", "refs/tags/**"],
|
||||
},
|
||||
};
|
||||
|
||||
[
|
||||
PipelineLinting,
|
||||
// PipelineDeployment,
|
||||
PipelineNotifications,
|
||||
]
|
83
.drone.yml
83
.drone.yml
@ -1,22 +1,71 @@
|
||||
---
|
||||
kind: pipeline
|
||||
name: default
|
||||
name: linting
|
||||
|
||||
platform:
|
||||
os: linux
|
||||
arch: amd64
|
||||
|
||||
steps:
|
||||
- name: ansible-latest
|
||||
image: python:2.7
|
||||
pull: always
|
||||
commands:
|
||||
- pip install ansible ansible-later -q
|
||||
- git clone https://gitea.rknet.org/ansible/ansible-later-policy.git ~/policy
|
||||
- git ls-files *[^LICENSE,.md] | xargs ansible-later -c ~/policy/config.ini
|
||||
depends_on: [ clone ]
|
||||
- name: ansible-latest
|
||||
pull: always
|
||||
image: python:3.7
|
||||
commands:
|
||||
- pip install ansible ansible-later~=0.2.0 -qq
|
||||
- git clone https://gitea.rknet.org/ansible/ansible-later-policy.git ~/policy
|
||||
- ansible-later -c ~/policy/config.yml
|
||||
environment:
|
||||
PY_COLORS: 1
|
||||
depends_on:
|
||||
- clone
|
||||
|
||||
- name: ansible-master
|
||||
image: python:2.7
|
||||
pull: always
|
||||
commands:
|
||||
- pip install ansible ansible-later -q
|
||||
- git clone https://gitea.rknet.org/ansible/ansible-later-policy.git ~/policy
|
||||
- git ls-files *[^LICENSE,.md] | xargs ansible-later -c ~/policy/config.ini
|
||||
depends_on: [ clone ]
|
||||
- name: ansible-master
|
||||
pull: always
|
||||
image: python:3.7
|
||||
commands:
|
||||
- "pip install git+https://github.com/ansible/ansible.git@devel ansible-later~=0.2.0 -qq"
|
||||
- git clone https://gitea.rknet.org/ansible/ansible-later-policy.git ~/policy
|
||||
- ansible-later -c ~/policy/config.yml
|
||||
environment:
|
||||
PY_COLORS: 1
|
||||
depends_on:
|
||||
- clone
|
||||
|
||||
trigger:
|
||||
ref:
|
||||
- refs/heads/master
|
||||
- "refs/tags/**"
|
||||
- "refs/pull/**"
|
||||
|
||||
---
|
||||
kind: pipeline
|
||||
name: notifications
|
||||
|
||||
platform:
|
||||
os: linux
|
||||
arch: amd64
|
||||
|
||||
clone:
|
||||
disable: true
|
||||
|
||||
steps:
|
||||
- name: matrix
|
||||
image: plugins/matrix
|
||||
settings:
|
||||
homeserver: https://matrix.rknet.org
|
||||
password:
|
||||
from_secret: matrix_password
|
||||
roomid: MtidqQXWWAtQcByBhH:rknet.org
|
||||
template: "Status: **{{ build.status }}**<br/> Build: [{{ repo.Owner }}/{{ repo.Name }}]({{ build.link }}) ({{ build.branch }}) by {{ build.author }}<br/> Message: {{ build.message }}"
|
||||
username:
|
||||
from_secret: matrix_username
|
||||
|
||||
trigger:
|
||||
ref:
|
||||
- refs/heads/master
|
||||
- "refs/tags/**"
|
||||
status:
|
||||
- success
|
||||
- failure
|
||||
|
||||
...
|
||||
|
@ -9,6 +9,7 @@ droneci_secret: myveryownsecret
|
||||
|
||||
droneci_restart_policy: always
|
||||
|
||||
droneci_server_container_name: drone-server
|
||||
droneci_server_image: "drone/drone:{{ droneci_version }}"
|
||||
droneci_server_exposed_port: 8080
|
||||
droneci_server_exposed_ip: 127.0.0.1
|
||||
@ -17,8 +18,9 @@ droneci_server_exposed_ip: 127.0.0.1
|
||||
# droneci_server_extra_hosts: []
|
||||
droneci_server_privileged: False
|
||||
|
||||
droneci_agent_container_name: drone-agent
|
||||
droneci_agent_image: "drone/agent:{{ droneci_version }}"
|
||||
dronevi_agent_capacity: 2
|
||||
droneci_agent_capacity: 2
|
||||
# droneci_agent_memory_limit: 512m # defaults to not set
|
||||
# droneci_agent_memory_reservation: 256m # defaults to not set
|
||||
droneci_agent_privileged: False
|
||||
@ -60,7 +62,10 @@ droneci_postgres_user:
|
||||
|
||||
droneci_gitea_enabled: False
|
||||
droneci_gitea_server: http://my-git.example.com
|
||||
droneci_gitea_skip_verify_enabled: False
|
||||
droneci_gitea_skip_verify: False
|
||||
# To enable gitea oauth set both
|
||||
# droneci_gitea_oauth_client_id: 1111-222-33333-44444 # defaults to not set
|
||||
# droneci_gitea_oauth_client_secret: 1234abcd5678efgh # defaults to not set
|
||||
|
||||
droneci_tls_cert_path: droneci.pem
|
||||
droneci_tls_key_path: droneci.pem
|
||||
|
@ -4,6 +4,7 @@ version: '2'
|
||||
|
||||
services:
|
||||
droneserver:
|
||||
container_name: {{ droneci_server_container_name }}
|
||||
image: {{ droneci_server_image }}
|
||||
ports:
|
||||
- {{ droneci_server_exposed_ip + ':' if droneci_server_exposed_ip is defined else '' }}{{ droneci_server_exposed_port }}:80
|
||||
@ -38,7 +39,11 @@ services:
|
||||
{% endif %}
|
||||
{% if droneci_gitea_enabled %}
|
||||
- DRONE_GITEA_SERVER={{ droneci_gitea_server }}
|
||||
- DRONE_GITEA_SKIP_VERIFY={{ droneci_gitea_skip_verify_enabled | lower }}
|
||||
- DRONE_GITEA_SKIP_VERIFY={{ droneci_gitea_skip_verify | lower }}
|
||||
{% if droneci_gitea_oauth_client_id is defined and droneci_gitea_oauth_client_secret is defined %}
|
||||
DRONE_GITEA_CLIENT_ID={{ droneci_gitea_oauth_client_id }}
|
||||
DRONE_GITEA_CLIENT_SECRET={{ droneci_gitea_oauth_client_secret }}
|
||||
{% endif %}
|
||||
{% endif %}
|
||||
{% if droneci_http_proxy is defined %}
|
||||
- HTTP_PROXY={{ droneci_http_proxy | join(',') }}
|
||||
@ -58,6 +63,7 @@ services:
|
||||
{% endif %}
|
||||
|
||||
droneagent:
|
||||
container_name: {{ droneci_agent_container_name }}
|
||||
image: {{ droneci_agent_image }}
|
||||
depends_on:
|
||||
- droneserver
|
||||
@ -69,7 +75,7 @@ services:
|
||||
environment:
|
||||
- DRONE_RPC_SERVER=http://droneserver
|
||||
- DRONE_RPC_SECRET={{ droneci_secret }}
|
||||
- DRONE_RUNNER_CAPACITY={{ dronevi_agent_capacity }}
|
||||
- DRONE_RUNNER_CAPACITY={{ droneci_agent_capacity }}
|
||||
# TODO: temp static value, needs to be replaced by a custom fact
|
||||
- DOCKER_API_VERSION=1.26
|
||||
{% if droneci_agent_memory_limit is defined %}
|
||||
|
Loading…
Reference in New Issue
Block a user