diff --git a/.drone.jsonnet b/.drone.jsonnet
new file mode 100644
index 0000000..a5bca5b
--- /dev/null
+++ b/.drone.jsonnet
@@ -0,0 +1,112 @@
+local AnsibleVersions(version="latest", package="ansible") = {
+ name: "ansible-" + version,
+ image: "python:3.7",
+ pull: "always",
+ environment: {
+ PY_COLORS: 1
+ },
+ commands: [
+ "pip install " + package + " ansible-later~=0.2.0 -qq",
+ "git clone https://gitea.rknet.org/ansible/ansible-later-policy.git ~/policy",
+ "ansible-later -c ~/policy/config.yml"
+ ],
+ depends_on: [
+ "clone",
+ ],
+};
+
+local PipelineLinting = {
+ kind: "pipeline",
+ name: "linting",
+ platform: {
+ os: "linux",
+ arch: "amd64",
+ },
+ steps: [
+ AnsibleVersions(version="latest", package="ansible"),
+ AnsibleVersions(version="master", package="git+https://github.com/ansible/ansible.git@devel"),
+ ],
+ trigger: {
+ ref: ["refs/heads/master", "refs/tags/**", "refs/pull/**"],
+ },
+};
+
+local PipelineDeployment = {
+ kind: "pipeline",
+ name: "deployment",
+ platform: {
+ os: "linux",
+ arch: "amd64",
+ },
+ workspace: {
+ base: "/drone/src",
+ path: "xoxys.nginx"
+ },
+ steps: [
+ {
+ name: "molecule",
+ image: "xoxys/molecule:ec2-linux-amd64",
+ pull: "always",
+ environment: {
+ ANSIBLE_ROLES_PATH: "/drone/src",
+ AWS_ACCESS_KEY_ID: { "from_secret": "aws_access_key_id" },
+ AWS_SECRET_ACCESS_KEY: { "from_secret": "aws_secret_access_key" },
+ AWS_REGION: "eu-central-1",
+ MOLECULE_CUSTOM_MODULES_REPO: "https://gitea.rknet.org/ansible/custom_modules",
+ MOLECULE_CUSTOM_FILTERS_REPO: "https://gitea.rknet.org/ansible/custom_filters",
+ PY_COLORS: 1
+ },
+ commands: [
+ "/bin/bash /docker-entrypoint.sh",
+ "molecule create --scenario-name ec2-centos-7",
+ "molecule converge --scenario-name ec2-centos-7",
+ "molecule verify --scenario-name ec2-centos-7",
+ "molecule destroy --scenario-name ec2-centos-7",
+ ],
+ },
+ ],
+ depends_on: [
+ "linting",
+ ],
+ trigger: {
+ ref: ["refs/heads/master", "refs/tags/**"],
+ },
+};
+
+local PipelineNotifications = {
+ kind: "pipeline",
+ name: "notifications",
+ platform: {
+ os: "linux",
+ arch: "amd64",
+ },
+ clone: {
+ disable: true,
+ },
+ steps: [
+ {
+ name: "matrix",
+ image: "plugins/matrix",
+ settings: {
+ homeserver: "https://matrix.rknet.org",
+ roomid: "MtidqQXWWAtQcByBhH:rknet.org",
+ template: "Status: **{{ build.status }}**
Build: [{{ repo.Owner }}/{{ repo.Name }}]({{ build.link }}) ({{ build.branch }}) by {{ build.author }}
Message: {{ build.message }}",
+ username: { "from_secret": "matrix_username" },
+ password: { "from_secret": "matrix_password" },
+ },
+ },
+ ],
+ // depends_on: [
+ // "deployment",
+ // ],
+ trigger: {
+ status: [ "success", "failure" ],
+ ref: ["refs/heads/master", "refs/tags/**"],
+ },
+};
+
+[
+ PipelineLinting,
+ // PipelineDeployment,
+ PipelineNotifications,
+]
diff --git a/.drone.yml b/.drone.yml
index 289d224..e4f6557 100644
--- a/.drone.yml
+++ b/.drone.yml
@@ -1,22 +1,71 @@
---
kind: pipeline
-name: default
+name: linting
+
+platform:
+ os: linux
+ arch: amd64
steps:
- - name: ansible-latest
- image: python:2.7
- pull: always
- commands:
- - pip install ansible ansible-later -q
- - git clone https://gitea.rknet.org/ansible/ansible-later-policy.git ~/policy
- - git ls-files *[^LICENSE,.md] | xargs ansible-later -c ~/policy/config.ini
- depends_on: [ clone ]
+- name: ansible-latest
+ pull: always
+ image: python:3.7
+ commands:
+ - pip install ansible ansible-later~=0.2.0 -qq
+ - git clone https://gitea.rknet.org/ansible/ansible-later-policy.git ~/policy
+ - ansible-later -c ~/policy/config.yml
+ environment:
+ PY_COLORS: 1
+ depends_on:
+ - clone
- - name: ansible-master
- image: python:2.7
- pull: always
- commands:
- - pip install ansible ansible-later -q
- - git clone https://gitea.rknet.org/ansible/ansible-later-policy.git ~/policy
- - git ls-files *[^LICENSE,.md] | xargs ansible-later -c ~/policy/config.ini
- depends_on: [ clone ]
+- name: ansible-master
+ pull: always
+ image: python:3.7
+ commands:
+ - "pip install git+https://github.com/ansible/ansible.git@devel ansible-later~=0.2.0 -qq"
+ - git clone https://gitea.rknet.org/ansible/ansible-later-policy.git ~/policy
+ - ansible-later -c ~/policy/config.yml
+ environment:
+ PY_COLORS: 1
+ depends_on:
+ - clone
+
+trigger:
+ ref:
+ - refs/heads/master
+ - "refs/tags/**"
+ - "refs/pull/**"
+
+---
+kind: pipeline
+name: notifications
+
+platform:
+ os: linux
+ arch: amd64
+
+clone:
+ disable: true
+
+steps:
+- name: matrix
+ image: plugins/matrix
+ settings:
+ homeserver: https://matrix.rknet.org
+ password:
+ from_secret: matrix_password
+ roomid: MtidqQXWWAtQcByBhH:rknet.org
+ template: "Status: **{{ build.status }}**
Build: [{{ repo.Owner }}/{{ repo.Name }}]({{ build.link }}) ({{ build.branch }}) by {{ build.author }}
Message: {{ build.message }}"
+ username:
+ from_secret: matrix_username
+
+trigger:
+ ref:
+ - refs/heads/master
+ - "refs/tags/**"
+ status:
+ - success
+ - failure
+
+...
diff --git a/defaults/main.yml b/defaults/main.yml
index 2ec1154..75ab533 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -9,6 +9,7 @@ droneci_secret: myveryownsecret
droneci_restart_policy: always
+droneci_server_container_name: drone-server
droneci_server_image: "drone/drone:{{ droneci_version }}"
droneci_server_exposed_port: 8080
droneci_server_exposed_ip: 127.0.0.1
@@ -17,8 +18,9 @@ droneci_server_exposed_ip: 127.0.0.1
# droneci_server_extra_hosts: []
droneci_server_privileged: False
+droneci_agent_container_name: drone-agent
droneci_agent_image: "drone/agent:{{ droneci_version }}"
-dronevi_agent_capacity: 2
+droneci_agent_capacity: 2
# droneci_agent_memory_limit: 512m # defaults to not set
# droneci_agent_memory_reservation: 256m # defaults to not set
droneci_agent_privileged: False
@@ -60,7 +62,10 @@ droneci_postgres_user:
droneci_gitea_enabled: False
droneci_gitea_server: http://my-git.example.com
-droneci_gitea_skip_verify_enabled: False
+droneci_gitea_skip_verify: False
+# To enable gitea oauth set both
+# droneci_gitea_oauth_client_id: 1111-222-33333-44444 # defaults to not set
+# droneci_gitea_oauth_client_secret: 1234abcd5678efgh # defaults to not set
droneci_tls_cert_path: droneci.pem
droneci_tls_key_path: droneci.pem
diff --git a/templates/services/droneci-compose.yml.j2 b/templates/services/droneci-compose.yml.j2
index 620d4c0..d398422 100644
--- a/templates/services/droneci-compose.yml.j2
+++ b/templates/services/droneci-compose.yml.j2
@@ -4,6 +4,7 @@ version: '2'
services:
droneserver:
+ container_name: {{ droneci_server_container_name }}
image: {{ droneci_server_image }}
ports:
- {{ droneci_server_exposed_ip + ':' if droneci_server_exposed_ip is defined else '' }}{{ droneci_server_exposed_port }}:80
@@ -38,7 +39,11 @@ services:
{% endif %}
{% if droneci_gitea_enabled %}
- DRONE_GITEA_SERVER={{ droneci_gitea_server }}
- - DRONE_GITEA_SKIP_VERIFY={{ droneci_gitea_skip_verify_enabled | lower }}
+ - DRONE_GITEA_SKIP_VERIFY={{ droneci_gitea_skip_verify | lower }}
+ {% if droneci_gitea_oauth_client_id is defined and droneci_gitea_oauth_client_secret is defined %}
+ DRONE_GITEA_CLIENT_ID={{ droneci_gitea_oauth_client_id }}
+ DRONE_GITEA_CLIENT_SECRET={{ droneci_gitea_oauth_client_secret }}
+ {% endif %}
{% endif %}
{% if droneci_http_proxy is defined %}
- HTTP_PROXY={{ droneci_http_proxy | join(',') }}
@@ -58,6 +63,7 @@ services:
{% endif %}
droneagent:
+ container_name: {{ droneci_agent_container_name }}
image: {{ droneci_agent_image }}
depends_on:
- droneserver
@@ -69,7 +75,7 @@ services:
environment:
- DRONE_RPC_SERVER=http://droneserver
- DRONE_RPC_SECRET={{ droneci_secret }}
- - DRONE_RUNNER_CAPACITY={{ dronevi_agent_capacity }}
+ - DRONE_RUNNER_CAPACITY={{ droneci_agent_capacity }}
# TODO: temp static value, needs to be replaced by a custom fact
- DOCKER_API_VERSION=1.26
{% if droneci_agent_memory_limit is defined %}