kind: pipeline type: kubernetes name: deploy-backend steps: - name: build-and-push-backend image: plugins/docker:latest settings: registry: in.gohorsejobs.com repo: in.gohorsejobs.com/gohorsejobs/gohorsejobs-backend tags: - latest context: backend dockerfile: backend/Dockerfile insecure: true insecure_skip_verify: true debug: true username: from_secret: HARBOR_USERNAME password: from_secret: HARBOR_PASSWORD - name: export-envs-to-k8s image: bitnami/kubectl:latest environment: KUBERNETES_SERVER: from_secret: K3S_SERVER KUBERNETES_CA: from_secret: K3S_CA_CERT KUBERNETES_CLIENT_CERT: from_secret: K3S_CLIENT_CERT KUBERNETES_CLIENT_KEY: from_secret: K3S_CLIENT_KEY # Todas as variáveis do seu sistema: AWS_ACCESS_KEY_ID: { from_secret: AWS_ACCESS_KEY_ID } AWS_ENDPOINT: { from_secret: AWS_ENDPOINT } AWS_REGION: { from_secret: AWS_REGION } AWS_SECRET_ACCESS_KEY: { from_secret: AWS_SECRET_ACCESS_KEY } CORS_ORIGINS: { from_secret: CORS_ORIGINS } DB_HOST: { from_secret: DB_HOST } DB_NAME: { from_secret: DB_NAME } DB_PASSWORD: { from_secret: DB_PASSWORD } DB_PORT: { from_secret: DB_PORT } DB_SSLMODE: { from_secret: DB_SSLMODE } DB_USER: { from_secret: DB_USER } ENV: { from_secret: ENV } JWT_SECRET: { from_secret: JWT_SECRET } MAX_UPLOAD_CAD_SIZE: { from_secret: MAX_UPLOAD_CAD_SIZE } PORT: { from_secret: PORT } S3_BUCKET: { from_secret: S3_BUCKET } UPLOAD_DIR: { from_secret: UPLOAD_DIR } # Harbor/Docker HARBOR_USERNAME: { from_secret: HARBOR_USERNAME } HARBOR_PASSWORD: { from_secret: HARBOR_PASSWORD } commands: - echo "$KUBERNETES_CA" | base64 -d > /tmp/ca.crt - echo "$KUBERNETES_CLIENT_CERT" | base64 -d > /tmp/client.crt - echo "$KUBERNETES_CLIENT_KEY" | base64 -d > /tmp/client.key - kubectl config set-cluster k3s --server="${KUBERNETES_SERVER}" --certificate-authority=/tmp/ca.crt - kubectl config set-credentials drone --client-certificate=/tmp/client.crt --client-key=/tmp/client.key - kubectl config set-context drone-context --cluster=k3s --namespace=gohorsejobs --user=drone - kubectl config use-context drone-context - | cat < .env.k8s AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID AWS_ENDPOINT=$AWS_ENDPOINT AWS_REGION=$AWS_REGION AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY CORS_ORIGINS=$CORS_ORIGINS DB_HOST=$DB_HOST DB_NAME=$DB_NAME DB_PASSWORD=$DB_PASSWORD DB_PORT=$DB_PORT DB_SSLMODE=$DB_SSLMODE DB_USER=$DB_USER ENV=$ENV JWT_SECRET=$JWT_SECRET MAX_UPLOAD_CAD_SIZE=$MAX_UPLOAD_CAD_SIZE PORT=$PORT S3_BUCKET=$S3_BUCKET UPLOAD_DIR=$UPLOAD_DIR HARBOR_USERNAME=$HARBOR_USERNAME HARBOR_PASSWORD=$HARBOR_PASSWORD EOF - kubectl -n gohorsejobs delete secret backend-secrets --ignore-not-found - kubectl -n gohorsejobs create secret generic backend-secrets --from-env-file=.env.k8s - name: deploy-backend image: bitnami/kubectl:latest environment: KUBERNETES_SERVER: from_secret: K3S_SERVER KUBERNETES_CA: from_secret: K3S_CA_CERT KUBERNETES_CLIENT_CERT: from_secret: K3S_CLIENT_CERT KUBERNETES_CLIENT_KEY: from_secret: K3S_CLIENT_KEY commands: - mkdir -p ~/.kube - | cat < ~/.kube/config apiVersion: v1 kind: Config clusters: - name: k3s cluster: server: ${KUBERNETES_SERVER} certificate-authority-data: ${KUBERNETES_CA} users: - name: drone user: client-certificate-data: ${KUBERNETES_CLIENT_CERT} client-key-data: ${KUBERNETES_CLIENT_KEY} contexts: - name: drone-context context: cluster: k3s user: drone namespace: gohorsejobs current-context: drone-context EOF - echo "Deploying backend..." - kubectl apply -f k8s/backend-deployment.yaml - kubectl apply -f k8s/backend-service.yaml