From 9fe2f2463fad22f287eec2f5da8da3fb6375d8aa Mon Sep 17 00:00:00 2001 From: Ambrose Chua Date: Sun, 24 Mar 2019 01:30:53 +0800 Subject: [PATCH 01/10] Add traefik config --- .drone.yml | 366 +-------------------------------------------------- drone_gen.js | 1 + 2 files changed, 4 insertions(+), 363 deletions(-) diff --git a/.drone.yml b/.drone.yml index fbab619..db52500 100644 --- a/.drone.yml +++ b/.drone.yml @@ -1,344 +1,4 @@ kind: pipeline -name: backend-auth -clone: - depth: 1 -steps: - - name: submodule - image: plugins/git - settings: - recursive: true - submodule_override: - backend-auth: 'https://git.makerforce.io/beep/backend-auth.git' - backend-bite: 'https://git.makerforce.io/beep/backend-bite.git' - backend-core: 'https://git.makerforce.io/beep/backend-core.git' - backend-heartbeat: 'https://git.makerforce.io/beep/backend-heartbeat.git' - backend-login: 'https://git.makerforce.io/beep/backend-login.git' - backend-protobuf: 'https://git.makerforce.io/beep/backend-protobuf.git' - backend-publish: 'https://git.makerforce.io/beep/backend-publish.git' - backend-signal: 'https://git.makerforce.io/beep/backend-signal.git' - backend-store: 'https://git.makerforce.io/beep/backend-store.git' - backend-subscribe: 'https://git.makerforce.io/beep/backend-subscribe.git' - backend-transcription: 'https://git.makerforce.io/beep/backend-transcription.git' - - name: docker - image: plugins/docker - settings: - registry: registry.makerforce.io - repo: registry.makerforce.io/beep/backend-auth - context: backend-auth - dockerfile: backend-auth/Dockerfile - auto_tag: true - username: - from_secret: docker_username - password: - from_secret: docker_password ---- -kind: pipeline -name: backend-bite -clone: - depth: 1 -steps: - - name: submodule - image: plugins/git - settings: - recursive: true - submodule_override: - backend-auth: 'https://git.makerforce.io/beep/backend-auth.git' - backend-bite: 'https://git.makerforce.io/beep/backend-bite.git' - backend-core: 'https://git.makerforce.io/beep/backend-core.git' - backend-heartbeat: 'https://git.makerforce.io/beep/backend-heartbeat.git' - backend-login: 'https://git.makerforce.io/beep/backend-login.git' - backend-protobuf: 'https://git.makerforce.io/beep/backend-protobuf.git' - backend-publish: 'https://git.makerforce.io/beep/backend-publish.git' - backend-signal: 'https://git.makerforce.io/beep/backend-signal.git' - backend-store: 'https://git.makerforce.io/beep/backend-store.git' - backend-subscribe: 'https://git.makerforce.io/beep/backend-subscribe.git' - backend-transcription: 'https://git.makerforce.io/beep/backend-transcription.git' - - name: docker - image: plugins/docker - settings: - registry: registry.makerforce.io - repo: registry.makerforce.io/beep/backend-bite - context: backend-bite - dockerfile: backend-bite/Dockerfile - auto_tag: true - username: - from_secret: docker_username - password: - from_secret: docker_password ---- -kind: pipeline -name: backend-core -clone: - depth: 1 -steps: - - name: submodule - image: plugins/git - settings: - recursive: true - submodule_override: - backend-auth: 'https://git.makerforce.io/beep/backend-auth.git' - backend-bite: 'https://git.makerforce.io/beep/backend-bite.git' - backend-core: 'https://git.makerforce.io/beep/backend-core.git' - backend-heartbeat: 'https://git.makerforce.io/beep/backend-heartbeat.git' - backend-login: 'https://git.makerforce.io/beep/backend-login.git' - backend-protobuf: 'https://git.makerforce.io/beep/backend-protobuf.git' - backend-publish: 'https://git.makerforce.io/beep/backend-publish.git' - backend-signal: 'https://git.makerforce.io/beep/backend-signal.git' - backend-store: 'https://git.makerforce.io/beep/backend-store.git' - backend-subscribe: 'https://git.makerforce.io/beep/backend-subscribe.git' - backend-transcription: 'https://git.makerforce.io/beep/backend-transcription.git' - - name: docker - image: plugins/docker - settings: - registry: registry.makerforce.io - repo: registry.makerforce.io/beep/backend-core - context: backend-core - dockerfile: backend-core/Dockerfile - auto_tag: true - username: - from_secret: docker_username - password: - from_secret: docker_password ---- -kind: pipeline -name: backend-heartbeat -clone: - depth: 1 -steps: - - name: submodule - image: plugins/git - settings: - recursive: true - submodule_override: - backend-auth: 'https://git.makerforce.io/beep/backend-auth.git' - backend-bite: 'https://git.makerforce.io/beep/backend-bite.git' - backend-core: 'https://git.makerforce.io/beep/backend-core.git' - backend-heartbeat: 'https://git.makerforce.io/beep/backend-heartbeat.git' - backend-login: 'https://git.makerforce.io/beep/backend-login.git' - backend-protobuf: 'https://git.makerforce.io/beep/backend-protobuf.git' - backend-publish: 'https://git.makerforce.io/beep/backend-publish.git' - backend-signal: 'https://git.makerforce.io/beep/backend-signal.git' - backend-store: 'https://git.makerforce.io/beep/backend-store.git' - backend-subscribe: 'https://git.makerforce.io/beep/backend-subscribe.git' - backend-transcription: 'https://git.makerforce.io/beep/backend-transcription.git' - - name: docker - image: plugins/docker - settings: - registry: registry.makerforce.io - repo: registry.makerforce.io/beep/backend-heartbeat - context: backend-heartbeat - dockerfile: backend-heartbeat/Dockerfile - auto_tag: true - username: - from_secret: docker_username - password: - from_secret: docker_password ---- -kind: pipeline -name: backend-login -clone: - depth: 1 -steps: - - name: submodule - image: plugins/git - settings: - recursive: true - submodule_override: - backend-auth: 'https://git.makerforce.io/beep/backend-auth.git' - backend-bite: 'https://git.makerforce.io/beep/backend-bite.git' - backend-core: 'https://git.makerforce.io/beep/backend-core.git' - backend-heartbeat: 'https://git.makerforce.io/beep/backend-heartbeat.git' - backend-login: 'https://git.makerforce.io/beep/backend-login.git' - backend-protobuf: 'https://git.makerforce.io/beep/backend-protobuf.git' - backend-publish: 'https://git.makerforce.io/beep/backend-publish.git' - backend-signal: 'https://git.makerforce.io/beep/backend-signal.git' - backend-store: 'https://git.makerforce.io/beep/backend-store.git' - backend-subscribe: 'https://git.makerforce.io/beep/backend-subscribe.git' - backend-transcription: 'https://git.makerforce.io/beep/backend-transcription.git' - - name: docker - image: plugins/docker - settings: - registry: registry.makerforce.io - repo: registry.makerforce.io/beep/backend-login - context: backend-login - dockerfile: backend-login/Dockerfile - auto_tag: true - username: - from_secret: docker_username - password: - from_secret: docker_password ---- -kind: pipeline -name: backend-publish -clone: - depth: 1 -steps: - - name: submodule - image: plugins/git - settings: - recursive: true - submodule_override: - backend-auth: 'https://git.makerforce.io/beep/backend-auth.git' - backend-bite: 'https://git.makerforce.io/beep/backend-bite.git' - backend-core: 'https://git.makerforce.io/beep/backend-core.git' - backend-heartbeat: 'https://git.makerforce.io/beep/backend-heartbeat.git' - backend-login: 'https://git.makerforce.io/beep/backend-login.git' - backend-protobuf: 'https://git.makerforce.io/beep/backend-protobuf.git' - backend-publish: 'https://git.makerforce.io/beep/backend-publish.git' - backend-signal: 'https://git.makerforce.io/beep/backend-signal.git' - backend-store: 'https://git.makerforce.io/beep/backend-store.git' - backend-subscribe: 'https://git.makerforce.io/beep/backend-subscribe.git' - backend-transcription: 'https://git.makerforce.io/beep/backend-transcription.git' - - name: docker - image: plugins/docker - settings: - registry: registry.makerforce.io - repo: registry.makerforce.io/beep/backend-publish - context: backend-publish - dockerfile: backend-publish/Dockerfile - auto_tag: true - username: - from_secret: docker_username - password: - from_secret: docker_password ---- -kind: pipeline -name: backend-signal -clone: - depth: 1 -steps: - - name: submodule - image: plugins/git - settings: - recursive: true - submodule_override: - backend-auth: 'https://git.makerforce.io/beep/backend-auth.git' - backend-bite: 'https://git.makerforce.io/beep/backend-bite.git' - backend-core: 'https://git.makerforce.io/beep/backend-core.git' - backend-heartbeat: 'https://git.makerforce.io/beep/backend-heartbeat.git' - backend-login: 'https://git.makerforce.io/beep/backend-login.git' - backend-protobuf: 'https://git.makerforce.io/beep/backend-protobuf.git' - backend-publish: 'https://git.makerforce.io/beep/backend-publish.git' - backend-signal: 'https://git.makerforce.io/beep/backend-signal.git' - backend-store: 'https://git.makerforce.io/beep/backend-store.git' - backend-subscribe: 'https://git.makerforce.io/beep/backend-subscribe.git' - backend-transcription: 'https://git.makerforce.io/beep/backend-transcription.git' - - name: docker - image: plugins/docker - settings: - registry: registry.makerforce.io - repo: registry.makerforce.io/beep/backend-signal - context: backend-signal - dockerfile: backend-signal/Dockerfile - auto_tag: true - username: - from_secret: docker_username - password: - from_secret: docker_password ---- -kind: pipeline -name: backend-store -clone: - depth: 1 -steps: - - name: submodule - image: plugins/git - settings: - recursive: true - submodule_override: - backend-auth: 'https://git.makerforce.io/beep/backend-auth.git' - backend-bite: 'https://git.makerforce.io/beep/backend-bite.git' - backend-core: 'https://git.makerforce.io/beep/backend-core.git' - backend-heartbeat: 'https://git.makerforce.io/beep/backend-heartbeat.git' - backend-login: 'https://git.makerforce.io/beep/backend-login.git' - backend-protobuf: 'https://git.makerforce.io/beep/backend-protobuf.git' - backend-publish: 'https://git.makerforce.io/beep/backend-publish.git' - backend-signal: 'https://git.makerforce.io/beep/backend-signal.git' - backend-store: 'https://git.makerforce.io/beep/backend-store.git' - backend-subscribe: 'https://git.makerforce.io/beep/backend-subscribe.git' - backend-transcription: 'https://git.makerforce.io/beep/backend-transcription.git' - - name: docker - image: plugins/docker - settings: - registry: registry.makerforce.io - repo: registry.makerforce.io/beep/backend-store - context: backend-store - dockerfile: backend-store/Dockerfile - auto_tag: true - username: - from_secret: docker_username - password: - from_secret: docker_password ---- -kind: pipeline -name: backend-subscribe -clone: - depth: 1 -steps: - - name: submodule - image: plugins/git - settings: - recursive: true - submodule_override: - backend-auth: 'https://git.makerforce.io/beep/backend-auth.git' - backend-bite: 'https://git.makerforce.io/beep/backend-bite.git' - backend-core: 'https://git.makerforce.io/beep/backend-core.git' - backend-heartbeat: 'https://git.makerforce.io/beep/backend-heartbeat.git' - backend-login: 'https://git.makerforce.io/beep/backend-login.git' - backend-protobuf: 'https://git.makerforce.io/beep/backend-protobuf.git' - backend-publish: 'https://git.makerforce.io/beep/backend-publish.git' - backend-signal: 'https://git.makerforce.io/beep/backend-signal.git' - backend-store: 'https://git.makerforce.io/beep/backend-store.git' - backend-subscribe: 'https://git.makerforce.io/beep/backend-subscribe.git' - backend-transcription: 'https://git.makerforce.io/beep/backend-transcription.git' - - name: docker - image: plugins/docker - settings: - registry: registry.makerforce.io - repo: registry.makerforce.io/beep/backend-subscribe - context: backend-subscribe - dockerfile: backend-subscribe/Dockerfile - auto_tag: true - username: - from_secret: docker_username - password: - from_secret: docker_password ---- -kind: pipeline -name: backend-transcription -clone: - depth: 1 -steps: - - name: submodule - image: plugins/git - settings: - recursive: true - submodule_override: - backend-auth: 'https://git.makerforce.io/beep/backend-auth.git' - backend-bite: 'https://git.makerforce.io/beep/backend-bite.git' - backend-core: 'https://git.makerforce.io/beep/backend-core.git' - backend-heartbeat: 'https://git.makerforce.io/beep/backend-heartbeat.git' - backend-login: 'https://git.makerforce.io/beep/backend-login.git' - backend-protobuf: 'https://git.makerforce.io/beep/backend-protobuf.git' - backend-publish: 'https://git.makerforce.io/beep/backend-publish.git' - backend-signal: 'https://git.makerforce.io/beep/backend-signal.git' - backend-store: 'https://git.makerforce.io/beep/backend-store.git' - backend-subscribe: 'https://git.makerforce.io/beep/backend-subscribe.git' - backend-transcription: 'https://git.makerforce.io/beep/backend-transcription.git' - - name: docker - image: plugins/docker - settings: - registry: registry.makerforce.io - repo: registry.makerforce.io/beep/backend-transcription - context: backend-transcription - dockerfile: backend-transcription/Dockerfile - auto_tag: true - username: - from_secret: docker_username - password: - from_secret: docker_password ---- -kind: pipeline name: deploy clone: depth: 1 @@ -347,18 +7,7 @@ steps: image: plugins/git settings: recursive: true - submodule_override: - backend-auth: 'https://git.makerforce.io/beep/backend-auth.git' - backend-bite: 'https://git.makerforce.io/beep/backend-bite.git' - backend-core: 'https://git.makerforce.io/beep/backend-core.git' - backend-heartbeat: 'https://git.makerforce.io/beep/backend-heartbeat.git' - backend-login: 'https://git.makerforce.io/beep/backend-login.git' - backend-protobuf: 'https://git.makerforce.io/beep/backend-protobuf.git' - backend-publish: 'https://git.makerforce.io/beep/backend-publish.git' - backend-signal: 'https://git.makerforce.io/beep/backend-signal.git' - backend-store: 'https://git.makerforce.io/beep/backend-store.git' - backend-subscribe: 'https://git.makerforce.io/beep/backend-subscribe.git' - backend-transcription: 'https://git.makerforce.io/beep/backend-transcription.git' + submodule_override: {} - name: copy-docker-compose image: appleboy/drone-scp settings: @@ -368,6 +17,7 @@ steps: from_secret: ssh_key source: - docker-compose.staging.yml + - traefik.staging.toml target: /home/core/staging - name: copy-migrations image: appleboy/drone-scp @@ -393,14 +43,4 @@ steps: - >- cd /home/core/staging && docker-compose -f docker-compose.staging.yml up -d -depends_on: - - backend-auth - - backend-bite - - backend-core - - backend-heartbeat - - backend-login - - backend-publish - - backend-signal - - backend-store - - backend-subscribe - - backend-transcription +depends_on: [] diff --git a/drone_gen.js b/drone_gen.js index 882fb2d..cdb9357 100644 --- a/drone_gen.js +++ b/drone_gen.js @@ -77,6 +77,7 @@ const deploy = { }, source: [ 'docker-compose.staging.yml', + 'traefik.staging.toml', ], target: '/home/core/staging', }, From 99e9f937919a1f0679ecab20f27cf612f5f838e5 Mon Sep 17 00:00:00 2001 From: Ambrose Chua Date: Sun, 24 Mar 2019 22:22:41 +0800 Subject: [PATCH 02/10] More updates --- .drone.yml | 8 +- docker-compose.staging.yml | 3 + drone_gen.js | 4 +- traefik.staging.toml | 183 ------------------------------------- 4 files changed, 9 insertions(+), 189 deletions(-) delete mode 100644 traefik.staging.toml diff --git a/.drone.yml b/.drone.yml index db52500..678346b 100644 --- a/.drone.yml +++ b/.drone.yml @@ -38,9 +38,9 @@ steps: from_secret: ssh_key script: - >- - cd /home/core/staging && docker-compose -f docker-compose.staging.yml - pull + cd /home/core/staging && /home/core/docker-compose -f + docker-compose.staging.yml pull - >- - cd /home/core/staging && docker-compose -f docker-compose.staging.yml - up -d + cd /home/core/staging && /home/core/docker-compose -f + docker-compose.staging.yml up -d depends_on: [] diff --git a/docker-compose.staging.yml b/docker-compose.staging.yml index 8dc39ee..9b72543 100644 --- a/docker-compose.staging.yml +++ b/docker-compose.staging.yml @@ -28,6 +28,7 @@ services: - "8080:8080" volumes: - ./traefik.staging.toml:/traefik.toml:ro + - ./acme-staging.json:/acme-staging.json networks: - traefiknet - authnet @@ -188,3 +189,5 @@ networks: natsnet: redisnet: traefiknet: + external: + name: http diff --git a/drone_gen.js b/drone_gen.js index cdb9357..a17545c 100644 --- a/drone_gen.js +++ b/drone_gen.js @@ -107,8 +107,8 @@ const deploy = { from_secret: 'ssh_key', }, script: [ - 'cd /home/core/staging && docker-compose -f docker-compose.staging.yml pull', - 'cd /home/core/staging && docker-compose -f docker-compose.staging.yml up -d', + 'cd /home/core/staging && /home/core/docker-compose -f docker-compose.staging.yml pull', + 'cd /home/core/staging && /home/core/docker-compose -f docker-compose.staging.yml up -d', ], }, }, diff --git a/traefik.staging.toml b/traefik.staging.toml deleted file mode 100644 index 4bd1583..0000000 --- a/traefik.staging.toml +++ /dev/null @@ -1,183 +0,0 @@ -# staging - -[api] - -dashboard = false - -[acme] - -email = "letsencrypt+alpha@beepvoice.app" -caServer = "https://acme-v02.api.letsencrypt.org/directory" -acmeLogging = true -storage = "acme-staging.json" -onHostRule = true -entryPoint = "https" - [acme.httpChallenge] - entryPoint = "http" - -# funny, this doesn't work... -defaultEntryPoints = ["http", "https"] - -[entryPoints] - - [entryPoints.http] - address = ":80" - [entryPoints.http.redirect] - entryPoint = "https" - [entryPoints.https] - address = ":443" - [entryPoints.https.tls] - [entryPoints.traefik] - address = ":8080" - -[file] - -# Core - -[backends.core] - [backends.core.servers.one] - url = "http://core" - -[frontends.core] -backend = "core" -entrypoints = ["http", "https"] - [frontends.core.auth.forward] - address = "http://auth:10205/auth" - [frontends.core.headers.customresponseheaders] - Access-Control-Allow-Origin = "*" - Access-Control-Allow-Headers = "Content-Type, Authorization, X-User-Claim" - Access-Control-Allow-Credentials = "true" - Access-Control-Allow-Methods = "GET, HEAD, POST, PUT, PATCH, DELETE" - [frontends.core.routes.one] - rule = "PathPrefixStrip: /core/" - -# Signal - -[backends.signal] - [backends.signal.servers.one] - url = "http://signal" - -[frontends.signal] -backend = "signal" -entrypoints = ["http", "https"] - [frontends.signal.auth.forward] - address = "http://auth:10205/auth" - [frontends.signal.headers.customresponseheaders] - Access-Control-Allow-Origin = "*" - Access-Control-Allow-Headers = "Content-Type, Authorization, X-User-Claim" - Access-Control-Allow-Credentials = "true" - Access-Control-Allow-Methods = "GET, HEAD, POST, PUT, PATCH, DELETE" - [frontends.signal.routes.one] - rule = "PathPrefixStrip: /signal/" - -# Heartbeat - -[backends.heartbeat] - [backends.heartbeat.servers.one] - url = "http://heartbeat" - -[frontends.heartbeat] -backend = "heartbeat" -entrypoints = ["http", "https"] - [frontends.heartbeat.auth.forward] - address = "http://auth:10205/auth" - [frontends.heartbeat.headers.customresponseheaders] - Access-Control-Allow-Origin = "*" - Access-Control-Allow-Headers = "Content-Type, Authorization, X-User-Claim" - Access-Control-Allow-Credentials = "true" - Access-Control-Allow-Methods = "GET, HEAD, POST, PUT, PATCH, DELETE" - [frontends.heartbeat.routes.one] - rule = "PathPrefixStrip: /heartbeat/" - -# Bite - -[backends.bite] - [backends.bite.servers.one] - url = "http://bite" - -[frontends.bite] -backend = "bite" -entrypoints = ["http", "https"] - [frontends.bite.auth.forward] - address = "http://auth:10205/auth" - [frontends.bite.headers.customresponseheaders] - Access-Control-Allow-Origin = "*" - Access-Control-Allow-Headers = "Content-Type, Authorization, X-User-Claim" - Access-Control-Allow-Credentials = "true" - Access-Control-Allow-Methods = "GET, HEAD, POST, PUT, PATCH, DELETE" - [frontends.bite.routes.one] - rule = "PathPrefixStrip: /bite/" - -# Publish - -[backends.publish] - [backends.publish.servers.one] - url = "http://publish" - -[frontends.publish] -backend = "publish" -entrypoints = ["http", "https"] - [frontends.publish.auth.forward] - address = "http://auth:10205/auth" - [frontends.publish.headers.customresponseheaders] - Access-Control-Allow-Origin = "*" - Access-Control-Allow-Headers = "Content-Type, Authorization, X-User-Claim" - Access-Control-Allow-Credentials = "true" - Access-Control-Allow-Methods = "GET, HEAD, POST, PUT, PATCH, DELETE" - [frontends.publish.routes.one] - rule = "PathPrefixStrip: /publish/" - -# Subscribe - -[backends.subscribe] - [backends.subscribe.servers.one] - url = "http://subscribe" - -[frontends.subscribe] -backend = "subscribe" -entrypoints = ["http", "https"] - [frontends.subscribe.auth.forward] - address = "http://auth:10205/auth" - [frontends.subscribe.headers.customresponseheaders] - Access-Control-Allow-Origin = "*" - Access-Control-Allow-Headers = "Content-Type, Authorization, X-User-Claim" - Access-Control-Allow-Credentials = "true" - Access-Control-Allow-Methods = "GET, HEAD, POST, PUT, PATCH, DELETE" - [frontends.subscribe.routes.one] - rule = "PathPrefixStrip: /subscribe/" - -# Transcription - -[backends.transcription] - [backends.transcription.servers.one] - url = "http://transcription" - -[frontends.transcription] -backend = "transcription" -entrypoints = ["http", "https"] - [frontends.transcription.auth.forward] - address = "http://auth:10205/auth" - [frontends.transcription.headers.customresponseheaders] - Access-Control-Allow-Origin = "*" - Access-Control-Allow-Headers = "Content-Type, Authorization, X-User-Claim" - Access-Control-Allow-Credentials = "true" - Access-Control-Allow-Methods = "GET, HEAD, POST, PUT, PATCH, DELETE" - [frontends.transcription.routes.one] - rule = "PathPrefixStrip: /transcription/" - -# Login - -[backends.login] - [backends.login.servers.one] - url = "http://login" - -[frontends.login] -backend = "login" -entrypoints = ["login", "login_https"] - [frontends.login.headers.customresponseheaders] - Access-Control-Allow-Origin = "*" - Access-Control-Allow-Headers = "Content-Type, Authorization" - Access-Control-Allow-Credentials = "true" - Access-Control-Allow-Methods = "GET, HEAD, POST, PUT, PATCH, DELETE" - [frontends.login.routes.one] - rule = "PathPrefixStrip: /" From b0433071165191023111bda5569a45d47fba6e37 Mon Sep 17 00:00:00 2001 From: Ambrose Chua Date: Sun, 24 Mar 2019 23:30:04 +0800 Subject: [PATCH 03/10] Switch to RSA SSH CI key --- .drone.yml | 371 ++++++++++++++++++++++++++++++++++++++++++++++++++- drone_gen.js | 6 +- 2 files changed, 369 insertions(+), 8 deletions(-) diff --git a/.drone.yml b/.drone.yml index 678346b..1d11278 100644 --- a/.drone.yml +++ b/.drone.yml @@ -1,4 +1,344 @@ kind: pipeline +name: backend-auth +clone: + depth: 1 +steps: + - name: submodule + image: plugins/git + settings: + recursive: true + submodule_override: + backend-auth: 'https://git.makerforce.io/beep/backend-auth.git' + backend-bite: 'https://git.makerforce.io/beep/backend-bite.git' + backend-core: 'https://git.makerforce.io/beep/backend-core.git' + backend-heartbeat: 'https://git.makerforce.io/beep/backend-heartbeat.git' + backend-login: 'https://git.makerforce.io/beep/backend-login.git' + backend-protobuf: 'https://git.makerforce.io/beep/backend-protobuf.git' + backend-publish: 'https://git.makerforce.io/beep/backend-publish.git' + backend-signal: 'https://git.makerforce.io/beep/backend-signal.git' + backend-store: 'https://git.makerforce.io/beep/backend-store.git' + backend-subscribe: 'https://git.makerforce.io/beep/backend-subscribe.git' + backend-transcription: 'https://git.makerforce.io/beep/backend-transcription.git' + - name: docker + image: plugins/docker + settings: + registry: registry.makerforce.io + repo: registry.makerforce.io/beep/backend-auth + context: backend-auth + dockerfile: backend-auth/Dockerfile + auto_tag: true + username: + from_secret: docker_username + password: + from_secret: docker_password +--- +kind: pipeline +name: backend-bite +clone: + depth: 1 +steps: + - name: submodule + image: plugins/git + settings: + recursive: true + submodule_override: + backend-auth: 'https://git.makerforce.io/beep/backend-auth.git' + backend-bite: 'https://git.makerforce.io/beep/backend-bite.git' + backend-core: 'https://git.makerforce.io/beep/backend-core.git' + backend-heartbeat: 'https://git.makerforce.io/beep/backend-heartbeat.git' + backend-login: 'https://git.makerforce.io/beep/backend-login.git' + backend-protobuf: 'https://git.makerforce.io/beep/backend-protobuf.git' + backend-publish: 'https://git.makerforce.io/beep/backend-publish.git' + backend-signal: 'https://git.makerforce.io/beep/backend-signal.git' + backend-store: 'https://git.makerforce.io/beep/backend-store.git' + backend-subscribe: 'https://git.makerforce.io/beep/backend-subscribe.git' + backend-transcription: 'https://git.makerforce.io/beep/backend-transcription.git' + - name: docker + image: plugins/docker + settings: + registry: registry.makerforce.io + repo: registry.makerforce.io/beep/backend-bite + context: backend-bite + dockerfile: backend-bite/Dockerfile + auto_tag: true + username: + from_secret: docker_username + password: + from_secret: docker_password +--- +kind: pipeline +name: backend-core +clone: + depth: 1 +steps: + - name: submodule + image: plugins/git + settings: + recursive: true + submodule_override: + backend-auth: 'https://git.makerforce.io/beep/backend-auth.git' + backend-bite: 'https://git.makerforce.io/beep/backend-bite.git' + backend-core: 'https://git.makerforce.io/beep/backend-core.git' + backend-heartbeat: 'https://git.makerforce.io/beep/backend-heartbeat.git' + backend-login: 'https://git.makerforce.io/beep/backend-login.git' + backend-protobuf: 'https://git.makerforce.io/beep/backend-protobuf.git' + backend-publish: 'https://git.makerforce.io/beep/backend-publish.git' + backend-signal: 'https://git.makerforce.io/beep/backend-signal.git' + backend-store: 'https://git.makerforce.io/beep/backend-store.git' + backend-subscribe: 'https://git.makerforce.io/beep/backend-subscribe.git' + backend-transcription: 'https://git.makerforce.io/beep/backend-transcription.git' + - name: docker + image: plugins/docker + settings: + registry: registry.makerforce.io + repo: registry.makerforce.io/beep/backend-core + context: backend-core + dockerfile: backend-core/Dockerfile + auto_tag: true + username: + from_secret: docker_username + password: + from_secret: docker_password +--- +kind: pipeline +name: backend-heartbeat +clone: + depth: 1 +steps: + - name: submodule + image: plugins/git + settings: + recursive: true + submodule_override: + backend-auth: 'https://git.makerforce.io/beep/backend-auth.git' + backend-bite: 'https://git.makerforce.io/beep/backend-bite.git' + backend-core: 'https://git.makerforce.io/beep/backend-core.git' + backend-heartbeat: 'https://git.makerforce.io/beep/backend-heartbeat.git' + backend-login: 'https://git.makerforce.io/beep/backend-login.git' + backend-protobuf: 'https://git.makerforce.io/beep/backend-protobuf.git' + backend-publish: 'https://git.makerforce.io/beep/backend-publish.git' + backend-signal: 'https://git.makerforce.io/beep/backend-signal.git' + backend-store: 'https://git.makerforce.io/beep/backend-store.git' + backend-subscribe: 'https://git.makerforce.io/beep/backend-subscribe.git' + backend-transcription: 'https://git.makerforce.io/beep/backend-transcription.git' + - name: docker + image: plugins/docker + settings: + registry: registry.makerforce.io + repo: registry.makerforce.io/beep/backend-heartbeat + context: backend-heartbeat + dockerfile: backend-heartbeat/Dockerfile + auto_tag: true + username: + from_secret: docker_username + password: + from_secret: docker_password +--- +kind: pipeline +name: backend-login +clone: + depth: 1 +steps: + - name: submodule + image: plugins/git + settings: + recursive: true + submodule_override: + backend-auth: 'https://git.makerforce.io/beep/backend-auth.git' + backend-bite: 'https://git.makerforce.io/beep/backend-bite.git' + backend-core: 'https://git.makerforce.io/beep/backend-core.git' + backend-heartbeat: 'https://git.makerforce.io/beep/backend-heartbeat.git' + backend-login: 'https://git.makerforce.io/beep/backend-login.git' + backend-protobuf: 'https://git.makerforce.io/beep/backend-protobuf.git' + backend-publish: 'https://git.makerforce.io/beep/backend-publish.git' + backend-signal: 'https://git.makerforce.io/beep/backend-signal.git' + backend-store: 'https://git.makerforce.io/beep/backend-store.git' + backend-subscribe: 'https://git.makerforce.io/beep/backend-subscribe.git' + backend-transcription: 'https://git.makerforce.io/beep/backend-transcription.git' + - name: docker + image: plugins/docker + settings: + registry: registry.makerforce.io + repo: registry.makerforce.io/beep/backend-login + context: backend-login + dockerfile: backend-login/Dockerfile + auto_tag: true + username: + from_secret: docker_username + password: + from_secret: docker_password +--- +kind: pipeline +name: backend-publish +clone: + depth: 1 +steps: + - name: submodule + image: plugins/git + settings: + recursive: true + submodule_override: + backend-auth: 'https://git.makerforce.io/beep/backend-auth.git' + backend-bite: 'https://git.makerforce.io/beep/backend-bite.git' + backend-core: 'https://git.makerforce.io/beep/backend-core.git' + backend-heartbeat: 'https://git.makerforce.io/beep/backend-heartbeat.git' + backend-login: 'https://git.makerforce.io/beep/backend-login.git' + backend-protobuf: 'https://git.makerforce.io/beep/backend-protobuf.git' + backend-publish: 'https://git.makerforce.io/beep/backend-publish.git' + backend-signal: 'https://git.makerforce.io/beep/backend-signal.git' + backend-store: 'https://git.makerforce.io/beep/backend-store.git' + backend-subscribe: 'https://git.makerforce.io/beep/backend-subscribe.git' + backend-transcription: 'https://git.makerforce.io/beep/backend-transcription.git' + - name: docker + image: plugins/docker + settings: + registry: registry.makerforce.io + repo: registry.makerforce.io/beep/backend-publish + context: backend-publish + dockerfile: backend-publish/Dockerfile + auto_tag: true + username: + from_secret: docker_username + password: + from_secret: docker_password +--- +kind: pipeline +name: backend-signal +clone: + depth: 1 +steps: + - name: submodule + image: plugins/git + settings: + recursive: true + submodule_override: + backend-auth: 'https://git.makerforce.io/beep/backend-auth.git' + backend-bite: 'https://git.makerforce.io/beep/backend-bite.git' + backend-core: 'https://git.makerforce.io/beep/backend-core.git' + backend-heartbeat: 'https://git.makerforce.io/beep/backend-heartbeat.git' + backend-login: 'https://git.makerforce.io/beep/backend-login.git' + backend-protobuf: 'https://git.makerforce.io/beep/backend-protobuf.git' + backend-publish: 'https://git.makerforce.io/beep/backend-publish.git' + backend-signal: 'https://git.makerforce.io/beep/backend-signal.git' + backend-store: 'https://git.makerforce.io/beep/backend-store.git' + backend-subscribe: 'https://git.makerforce.io/beep/backend-subscribe.git' + backend-transcription: 'https://git.makerforce.io/beep/backend-transcription.git' + - name: docker + image: plugins/docker + settings: + registry: registry.makerforce.io + repo: registry.makerforce.io/beep/backend-signal + context: backend-signal + dockerfile: backend-signal/Dockerfile + auto_tag: true + username: + from_secret: docker_username + password: + from_secret: docker_password +--- +kind: pipeline +name: backend-store +clone: + depth: 1 +steps: + - name: submodule + image: plugins/git + settings: + recursive: true + submodule_override: + backend-auth: 'https://git.makerforce.io/beep/backend-auth.git' + backend-bite: 'https://git.makerforce.io/beep/backend-bite.git' + backend-core: 'https://git.makerforce.io/beep/backend-core.git' + backend-heartbeat: 'https://git.makerforce.io/beep/backend-heartbeat.git' + backend-login: 'https://git.makerforce.io/beep/backend-login.git' + backend-protobuf: 'https://git.makerforce.io/beep/backend-protobuf.git' + backend-publish: 'https://git.makerforce.io/beep/backend-publish.git' + backend-signal: 'https://git.makerforce.io/beep/backend-signal.git' + backend-store: 'https://git.makerforce.io/beep/backend-store.git' + backend-subscribe: 'https://git.makerforce.io/beep/backend-subscribe.git' + backend-transcription: 'https://git.makerforce.io/beep/backend-transcription.git' + - name: docker + image: plugins/docker + settings: + registry: registry.makerforce.io + repo: registry.makerforce.io/beep/backend-store + context: backend-store + dockerfile: backend-store/Dockerfile + auto_tag: true + username: + from_secret: docker_username + password: + from_secret: docker_password +--- +kind: pipeline +name: backend-subscribe +clone: + depth: 1 +steps: + - name: submodule + image: plugins/git + settings: + recursive: true + submodule_override: + backend-auth: 'https://git.makerforce.io/beep/backend-auth.git' + backend-bite: 'https://git.makerforce.io/beep/backend-bite.git' + backend-core: 'https://git.makerforce.io/beep/backend-core.git' + backend-heartbeat: 'https://git.makerforce.io/beep/backend-heartbeat.git' + backend-login: 'https://git.makerforce.io/beep/backend-login.git' + backend-protobuf: 'https://git.makerforce.io/beep/backend-protobuf.git' + backend-publish: 'https://git.makerforce.io/beep/backend-publish.git' + backend-signal: 'https://git.makerforce.io/beep/backend-signal.git' + backend-store: 'https://git.makerforce.io/beep/backend-store.git' + backend-subscribe: 'https://git.makerforce.io/beep/backend-subscribe.git' + backend-transcription: 'https://git.makerforce.io/beep/backend-transcription.git' + - name: docker + image: plugins/docker + settings: + registry: registry.makerforce.io + repo: registry.makerforce.io/beep/backend-subscribe + context: backend-subscribe + dockerfile: backend-subscribe/Dockerfile + auto_tag: true + username: + from_secret: docker_username + password: + from_secret: docker_password +--- +kind: pipeline +name: backend-transcription +clone: + depth: 1 +steps: + - name: submodule + image: plugins/git + settings: + recursive: true + submodule_override: + backend-auth: 'https://git.makerforce.io/beep/backend-auth.git' + backend-bite: 'https://git.makerforce.io/beep/backend-bite.git' + backend-core: 'https://git.makerforce.io/beep/backend-core.git' + backend-heartbeat: 'https://git.makerforce.io/beep/backend-heartbeat.git' + backend-login: 'https://git.makerforce.io/beep/backend-login.git' + backend-protobuf: 'https://git.makerforce.io/beep/backend-protobuf.git' + backend-publish: 'https://git.makerforce.io/beep/backend-publish.git' + backend-signal: 'https://git.makerforce.io/beep/backend-signal.git' + backend-store: 'https://git.makerforce.io/beep/backend-store.git' + backend-subscribe: 'https://git.makerforce.io/beep/backend-subscribe.git' + backend-transcription: 'https://git.makerforce.io/beep/backend-transcription.git' + - name: docker + image: plugins/docker + settings: + registry: registry.makerforce.io + repo: registry.makerforce.io/beep/backend-transcription + context: backend-transcription + dockerfile: backend-transcription/Dockerfile + auto_tag: true + username: + from_secret: docker_username + password: + from_secret: docker_password +--- +kind: pipeline name: deploy clone: depth: 1 @@ -7,13 +347,24 @@ steps: image: plugins/git settings: recursive: true - submodule_override: {} + submodule_override: + backend-auth: 'https://git.makerforce.io/beep/backend-auth.git' + backend-bite: 'https://git.makerforce.io/beep/backend-bite.git' + backend-core: 'https://git.makerforce.io/beep/backend-core.git' + backend-heartbeat: 'https://git.makerforce.io/beep/backend-heartbeat.git' + backend-login: 'https://git.makerforce.io/beep/backend-login.git' + backend-protobuf: 'https://git.makerforce.io/beep/backend-protobuf.git' + backend-publish: 'https://git.makerforce.io/beep/backend-publish.git' + backend-signal: 'https://git.makerforce.io/beep/backend-signal.git' + backend-store: 'https://git.makerforce.io/beep/backend-store.git' + backend-subscribe: 'https://git.makerforce.io/beep/backend-subscribe.git' + backend-transcription: 'https://git.makerforce.io/beep/backend-transcription.git' - name: copy-docker-compose image: appleboy/drone-scp settings: host: staging.beepvoice.app username: core - ssh_key: + key: from_secret: ssh_key source: - docker-compose.staging.yml @@ -24,7 +375,7 @@ steps: settings: host: staging.beepvoice.app username: core - ssh_key: + key: from_secret: ssh_key source: - backend-core/postgres/* @@ -34,7 +385,7 @@ steps: settings: host: staging.beepvoice.app username: core - ssh_key: + key: from_secret: ssh_key script: - >- @@ -43,4 +394,14 @@ steps: - >- cd /home/core/staging && /home/core/docker-compose -f docker-compose.staging.yml up -d -depends_on: [] +depends_on: + - backend-auth + - backend-bite + - backend-core + - backend-heartbeat + - backend-login + - backend-publish + - backend-signal + - backend-store + - backend-subscribe + - backend-transcription diff --git a/drone_gen.js b/drone_gen.js index a17545c..5ce59d6 100644 --- a/drone_gen.js +++ b/drone_gen.js @@ -72,7 +72,7 @@ const deploy = { settings: { host: 'staging.beepvoice.app', username: 'core', - ssh_key: { + key: { from_secret: 'ssh_key', }, source: [ @@ -88,7 +88,7 @@ const deploy = { settings: { host: 'staging.beepvoice.app', username: 'core', - ssh_key: { + key: { from_secret: 'ssh_key', }, source: [ @@ -103,7 +103,7 @@ const deploy = { settings: { host: 'staging.beepvoice.app', username: 'core', - ssh_key: { + key: { from_secret: 'ssh_key', }, script: [ From 0b10fc4165bc46e5e707980e90ec582abbc4aa2d Mon Sep 17 00:00:00 2001 From: Ambrose Chua Date: Sun, 24 Mar 2019 23:37:37 +0800 Subject: [PATCH 04/10] Add ssh test [SKIP CI] --- .drone.yml | 15 +++++++++++++++ drone_gen.js | 26 +++++++++++++++++++++++++- 2 files changed, 40 insertions(+), 1 deletion(-) diff --git a/.drone.yml b/.drone.yml index 1d11278..d16fa4f 100644 --- a/.drone.yml +++ b/.drone.yml @@ -1,4 +1,19 @@ kind: pipeline +name: ssh-test +clone: + depth: 1 +steps: + - name: ssh + image: appleboy/drone-ssh + settings: + host: staging.beepvoice.app + username: core + key: + from_secret: ssh_key + script: + - cd /home/core/website && ls +--- +kind: pipeline name: backend-auth clone: depth: 1 diff --git a/drone_gen.js b/drone_gen.js index 5ce59d6..4df1485 100644 --- a/drone_gen.js +++ b/drone_gen.js @@ -51,6 +51,30 @@ const yamls = dockers.map(f => ({ ], })) +const sshTest = { + kind: 'pipeline', + name: 'ssh-test', + clone: { + depth: 1, + }, + steps: [ + { + name: 'ssh', + image: 'appleboy/drone-ssh', + settings: { + host: 'staging.beepvoice.app', + username: 'core', + key: { + from_secret: 'ssh_key', + }, + script: [ + 'cd /home/core/staging && ls' + ], + }, + }, + ], +}; + const deploy = { kind: 'pipeline', name: 'deploy', @@ -116,7 +140,7 @@ const deploy = { depends_on: dockers, }; -const droneyml = [].concat(yamls).concat(deploy).map(yaml.safeDump).join('---\n'); +const droneyml = [].concat(sshTest).concat(yamls).concat(deploy).map(yaml.safeDump).join('---\n'); fs.writeFileSync(path.join(cwd, '.drone.yml'), droneyml); console.log('Written to .drone.yml'); From bfdefd15760e4e09ad5704cf1aeffd9264a43724 Mon Sep 17 00:00:00 2001 From: Ambrose Chua Date: Sun, 24 Mar 2019 23:54:17 +0800 Subject: [PATCH 05/10] Add traefik labels --- docker-compose.staging.yml | 71 ++++++++++++++++++++++++-------------- 1 file changed, 46 insertions(+), 25 deletions(-) diff --git a/docker-compose.staging.yml b/docker-compose.staging.yml index 9b72543..09e3448 100644 --- a/docker-compose.staging.yml +++ b/docker-compose.staging.yml @@ -2,37 +2,12 @@ # Deployment # # Requirements -# ./traefik.staging.toml # ./backend-core/postgres # version: "3" services: - traefik: - image: traefik - command: --configfile=/traefik.toml - depends_on: - - core - - signal - - heartbeat - - bite - - publish - - subscribe - - transcription - - auth - ports: - - "80:80" - - "443:443" - - "1837:1837" - - "8080:8080" - volumes: - - ./traefik.staging.toml:/traefik.toml:ro - - ./acme-staging.json:/acme-staging.json - networks: - - traefiknet - - authnet - pg: image: postgres:10.3 environment: @@ -73,6 +48,12 @@ services: networks: - pgnet - traefiknet + labels: + - traefik.enable=true + - traefik.frontend.rule=Host:staging.beepvoice.app;PathPrefixStrip:/core/ + - traefik.frontend.auth.forward.address=http://auth:10205/auth + - traefik.frontend.auth.forward.authResponseHeaders=X-User-Claim + - traefik.port=80 signal: image: registry.makerforce.io/beep/backend-signal:latest @@ -81,6 +62,12 @@ services: - PORT=80 networks: - traefiknet + labels: + - traefik.enable=true + - traefik.frontend.rule=Host:staging.beepvoice.app;PathPrefixStrip:/signal/ + - traefik.frontend.auth.forward.address=http://auth:10205/auth + - traefik.frontend.auth.forward.authResponseHeaders=X-User-Claim + - traefik.port=80 heartbeat: image: registry.makerforce.io/beep/backend-heartbeat:latest @@ -93,6 +80,12 @@ services: networks: - redisnet - traefiknet + labels: + - traefik.enable=true + - traefik.frontend.rule=Host:staging.beepvoice.app;PathPrefixStrip:/heartbeat/ + - traefik.frontend.auth.forward.address=http://auth:10205/auth + - traefik.frontend.auth.forward.authResponseHeaders=X-User-Claim + - traefik.port=80 login: image: registry.makerforce.io/beep/backend-login:latest @@ -110,6 +103,10 @@ services: - traefiknet - redisnet - pgnet + labels: + - traefik.enable=true + - traefik.frontend.rule=Host:staging.beepvoice.app;PathPrefixStrip:/login/ + - traefik.port=80 auth: image: registry.makerforce.io/beep/backend-auth:latest @@ -133,6 +130,12 @@ services: networks: - natsnet - traefiknet + labels: + - traefik.enable=true + - traefik.frontend.rule=Host:staging.beepvoice.app;PathPrefixStrip:/bite/ + - traefik.frontend.auth.forward.address=http://auth:10205/auth + - traefik.frontend.auth.forward.authResponseHeaders=X-User-Claim + - traefik.port=80 publish: image: registry.makerforce.io/beep/backend-publish:latest @@ -146,6 +149,12 @@ services: networks: - natsnet - traefiknet + labels: + - traefik.enable=true + - traefik.frontend.rule=Host:staging.beepvoice.app;PathPrefixStrip:/publish/ + - traefik.frontend.auth.forward.address=http://auth:10205/auth + - traefik.frontend.auth.forward.authResponseHeaders=X-User-Claim + - traefik.port=80 store: image: registry.makerforce.io/beep/backend-store:latest @@ -169,6 +178,12 @@ services: networks: - natsnet - traefiknet + labels: + - traefik.enable=true + - traefik.frontend.rule=Host:staging.beepvoice.app;PathPrefixStrip:/subscribe/ + - traefik.frontend.auth.forward.address=http://auth:10205/auth + - traefik.frontend.auth.forward.authResponseHeaders=X-User-Claim + - traefik.port=80 transcription: image: registry.makerforce.io/beep/backend-transcription:latest @@ -182,6 +197,12 @@ services: networks: - natsnet - traefiknet + labels: + - traefik.enable=true + - traefik.frontend.rule=Host:staging.beepvoice.app;PathPrefixStrip:/transcription/ + - traefik.frontend.auth.forward.address=http://auth:10205/auth + - traefik.frontend.auth.forward.authResponseHeaders=X-User-Claim + - traefik.port=80 networks: authnet: From b703803e4745678f4715f1f8774758f134a26b99 Mon Sep 17 00:00:00 2001 From: Ambrose Chua Date: Sun, 24 Mar 2019 23:58:01 +0800 Subject: [PATCH 06/10] Fix accidental missing update to website path [SKIP CI] --- .drone.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.drone.yml b/.drone.yml index d16fa4f..9c950b6 100644 --- a/.drone.yml +++ b/.drone.yml @@ -11,7 +11,7 @@ steps: key: from_secret: ssh_key script: - - cd /home/core/website && ls + - cd /home/core/staging && ls --- kind: pipeline name: backend-auth From 0accd3dade8f36d4b187fd6d03ce6bb190297209 Mon Sep 17 00:00:00 2001 From: Ambrose Chua Date: Mon, 25 Mar 2019 00:18:32 +0800 Subject: [PATCH 07/10] Add Slack webhook --- .drone.yml | 5 +++++ drone_gen.js | 9 +++++++++ 2 files changed, 14 insertions(+) diff --git a/.drone.yml b/.drone.yml index 9c950b6..20bdb92 100644 --- a/.drone.yml +++ b/.drone.yml @@ -409,6 +409,11 @@ steps: - >- cd /home/core/staging && /home/core/docker-compose -f docker-compose.staging.yml up -d + - name: slack + image: plugins/slack + settings: + webhook: + from_secret: slack_webhook_beep depends_on: - backend-auth - backend-bite diff --git a/drone_gen.js b/drone_gen.js index 4df1485..c8c7f5d 100644 --- a/drone_gen.js +++ b/drone_gen.js @@ -136,6 +136,15 @@ const deploy = { ], }, }, + { + name: 'slack', + image: 'plugins/slack', + settings: { + webhook: { + from_secret: 'slack_webhook_beep', + }, + }, + }, ], depends_on: dockers, }; From 06a266c6bd9989de3dbacd2b0b156d774d8aaad5 Mon Sep 17 00:00:00 2001 From: Ambrose Chua Date: Mon, 25 Mar 2019 00:36:20 +0800 Subject: [PATCH 08/10] Add conditions [SKIP CI] --- .drone.yml | 39 +++++++++++++++++++++++++++++++++++++++ drone_gen.js | 12 ++++++++++++ 2 files changed, 51 insertions(+) diff --git a/.drone.yml b/.drone.yml index 20bdb92..9958d7e 100644 --- a/.drone.yml +++ b/.drone.yml @@ -46,6 +46,9 @@ steps: from_secret: docker_username password: from_secret: docker_password + when: + branch: + - master --- kind: pipeline name: backend-bite @@ -80,6 +83,9 @@ steps: from_secret: docker_username password: from_secret: docker_password + when: + branch: + - master --- kind: pipeline name: backend-core @@ -114,6 +120,9 @@ steps: from_secret: docker_username password: from_secret: docker_password + when: + branch: + - master --- kind: pipeline name: backend-heartbeat @@ -148,6 +157,9 @@ steps: from_secret: docker_username password: from_secret: docker_password + when: + branch: + - master --- kind: pipeline name: backend-login @@ -182,6 +194,9 @@ steps: from_secret: docker_username password: from_secret: docker_password + when: + branch: + - master --- kind: pipeline name: backend-publish @@ -216,6 +231,9 @@ steps: from_secret: docker_username password: from_secret: docker_password + when: + branch: + - master --- kind: pipeline name: backend-signal @@ -250,6 +268,9 @@ steps: from_secret: docker_username password: from_secret: docker_password + when: + branch: + - master --- kind: pipeline name: backend-store @@ -284,6 +305,9 @@ steps: from_secret: docker_username password: from_secret: docker_password + when: + branch: + - master --- kind: pipeline name: backend-subscribe @@ -318,6 +342,9 @@ steps: from_secret: docker_username password: from_secret: docker_password + when: + branch: + - master --- kind: pipeline name: backend-transcription @@ -352,6 +379,9 @@ steps: from_secret: docker_username password: from_secret: docker_password + when: + branch: + - master --- kind: pipeline name: deploy @@ -385,6 +415,9 @@ steps: - docker-compose.staging.yml - traefik.staging.toml target: /home/core/staging + when: + branch: + - master - name: copy-migrations image: appleboy/drone-scp settings: @@ -395,6 +428,9 @@ steps: source: - backend-core/postgres/* target: /home/core/staging/backend-core/postgres + when: + branch: + - master - name: docker-compose-up image: appleboy/drone-ssh settings: @@ -409,6 +445,9 @@ steps: - >- cd /home/core/staging && /home/core/docker-compose -f docker-compose.staging.yml up -d + when: + branch: + - master - name: slack image: plugins/slack settings: diff --git a/drone_gen.js b/drone_gen.js index c8c7f5d..f0fd3e9 100644 --- a/drone_gen.js +++ b/drone_gen.js @@ -47,6 +47,9 @@ const yamls = dockers.map(f => ({ from_secret: 'docker_password', }, }, + when: { + branch: ['master'], + }, }, ], })) @@ -105,6 +108,9 @@ const deploy = { ], target: '/home/core/staging', }, + when: { + branch: ['master'], + }, }, { name: 'copy-migrations', @@ -120,6 +126,9 @@ const deploy = { ], target: '/home/core/staging/backend-core/postgres', }, + when: { + branch: ['master'], + }, }, { name: 'docker-compose-up', @@ -135,6 +144,9 @@ const deploy = { 'cd /home/core/staging && /home/core/docker-compose -f docker-compose.staging.yml up -d', ], }, + when: { + branch: ['master'], + }, }, { name: 'slack', From b2695119c5dba06e13e18f2b24735ba0480d0ed6 Mon Sep 17 00:00:00 2001 From: Ambrose Chua Date: Mon, 25 Mar 2019 00:42:06 +0800 Subject: [PATCH 09/10] Fix SCP paths --- .drone.yml | 2 +- drone_gen.js | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.drone.yml b/.drone.yml index 9958d7e..ecb642c 100644 --- a/.drone.yml +++ b/.drone.yml @@ -427,7 +427,7 @@ steps: from_secret: ssh_key source: - backend-core/postgres/* - target: /home/core/staging/backend-core/postgres + target: /home/core/staging when: branch: - master diff --git a/drone_gen.js b/drone_gen.js index f0fd3e9..73baf3d 100644 --- a/drone_gen.js +++ b/drone_gen.js @@ -124,7 +124,7 @@ const deploy = { source: [ 'backend-core/postgres/*', ], - target: '/home/core/staging/backend-core/postgres', + target: '/home/core/staging', }, when: { branch: ['master'], From 273ddef133028803377c4899f46de3884e151f3e Mon Sep 17 00:00:00 2001 From: Ambrose Chua Date: Mon, 25 Mar 2019 00:49:44 +0800 Subject: [PATCH 10/10] Move auth to http network --- docker-compose.staging.yml | 21 ++++++++++----------- 1 file changed, 10 insertions(+), 11 deletions(-) diff --git a/docker-compose.staging.yml b/docker-compose.staging.yml index 09e3448..33bfe2a 100644 --- a/docker-compose.staging.yml +++ b/docker-compose.staging.yml @@ -47,7 +47,7 @@ services: - POSTGRES=postgresql://root@pg:5432/core?sslmode=disable networks: - pgnet - - traefiknet + - http labels: - traefik.enable=true - traefik.frontend.rule=Host:staging.beepvoice.app;PathPrefixStrip:/core/ @@ -61,7 +61,7 @@ services: environment: - PORT=80 networks: - - traefiknet + - http labels: - traefik.enable=true - traefik.frontend.rule=Host:staging.beepvoice.app;PathPrefixStrip:/signal/ @@ -79,7 +79,7 @@ services: - REDIS=redis:6379 networks: - redisnet - - traefiknet + - http labels: - traefik.enable=true - traefik.frontend.rule=Host:staging.beepvoice.app;PathPrefixStrip:/heartbeat/ @@ -100,7 +100,7 @@ services: - TWILIO_SID=AC22ea3eea85e5108a96b947aea8ab1320 - TWILIO_TOKEN=fb23fa1a1564aa9f62a7a3117f07b3a0 networks: - - traefiknet + - http - redisnet - pgnet labels: @@ -117,7 +117,7 @@ services: ports: - "10205:10205" # Remove this for production networks: - - authnet + - http bite: image: registry.makerforce.io/beep/backend-bite:latest @@ -129,7 +129,7 @@ services: - NATS=nats://nats:4222 networks: - natsnet - - traefiknet + - http labels: - traefik.enable=true - traefik.frontend.rule=Host:staging.beepvoice.app;PathPrefixStrip:/bite/ @@ -148,7 +148,7 @@ services: - SECRET=secret networks: - natsnet - - traefiknet + - http labels: - traefik.enable=true - traefik.frontend.rule=Host:staging.beepvoice.app;PathPrefixStrip:/publish/ @@ -177,7 +177,7 @@ services: - NATS=nats://nats:4222 networks: - natsnet - - traefiknet + - http labels: - traefik.enable=true - traefik.frontend.rule=Host:staging.beepvoice.app;PathPrefixStrip:/subscribe/ @@ -196,7 +196,7 @@ services: - API_KEY=AIzaSyDxSXDefzw9gXCQaVzOCYlRn_vcC9Da9Q0 networks: - natsnet - - traefiknet + - http labels: - traefik.enable=true - traefik.frontend.rule=Host:staging.beepvoice.app;PathPrefixStrip:/transcription/ @@ -205,10 +205,9 @@ services: - traefik.port=80 networks: - authnet: pgnet: natsnet: redisnet: - traefiknet: + http: external: name: http