gohorsejobs/.drone.yml

kind: pipeline
type: kubernetes
name: deploy-backend

steps:
  - name: build-and-push-backend
    image: plugins/docker:latest
    settings:
      registry: in.gohorsejobs.com
      repo: in.gohorsejobs.com/gohorsejobs/gohorsejobs-backend
      tags:
        - latest
      context: backend
      dockerfile: backend/Dockerfile
      insecure: true
      insecure_skip_verify: true
      debug: true
      username:
        from_secret: HARBOR_USERNAME
      password:
        from_secret: HARBOR_PASSWORD

  - name: export-infisical-to-k8s
    image: infisical/infisical:latest
    environment:
      INFISICAL_TOKEN:
        from_secret: INFISICAL_TOKEN
      KUBERNETES_SERVER:
        from_secret: K3S_SERVER
      KUBERNETES_CA:
        from_secret: K3S_CA_CERT
      KUBERNETES_CLIENT_CERT:
        from_secret: K3S_CLIENT_CERT
      KUBERNETES_CLIENT_KEY:
        from_secret: K3S_CLIENT_KEY
    commands:
      - infisical export --env=production --format=dotenv > .env.k8s
      - echo "$KUBERNETES_CA" | base64 -d > /tmp/ca.crt
      - echo "$KUBERNETES_CLIENT_CERT" | base64 -d > /tmp/client.crt
      - echo "$KUBERNETES_CLIENT_KEY" | base64 -d > /tmp/client.key
      - kubectl config set-cluster k3s --server="${KUBERNETES_SERVER}" --certificate-authority=/tmp/ca.crt
      - kubectl config set-credentials drone --client-certificate=/tmp/client.crt --client-key=/tmp/client.key
      - kubectl config set-context drone-context --cluster=k3s --namespace=gohorsejobs --user=drone
      - kubectl config use-context drone-context
      - kubectl -n gohorsejobs delete secret backend-secrets --ignore-not-found
      - kubectl -n gohorsejobs create secret generic backend-secrets --from-env-file=.env.k8s

  - name: deploy-backend
    image: bitnami/kubectl:latest
    environment:
      KUBERNETES_SERVER:
        from_secret: K3S_SERVER
      KUBERNETES_CA:
        from_secret: K3S_CA_CERT
      KUBERNETES_CLIENT_CERT:
        from_secret: K3S_CLIENT_CERT
      KUBERNETES_CLIENT_KEY:
        from_secret: K3S_CLIENT_KEY
    commands:
      - mkdir -p ~/.kube
      - |
        cat <<EOF > ~/.kube/config
        apiVersion: v1
        kind: Config
        clusters:
        - name: k3s
          cluster:
            server: ${KUBERNETES_SERVER}
            certificate-authority-data: ${KUBERNETES_CA}
        users:
        - name: drone
          user:
            client-certificate-data: ${KUBERNETES_CLIENT_CERT}
            client-key-data: ${KUBERNETES_CLIENT_KEY}
        contexts:
        - name: drone-context
          context:
            cluster: k3s
            user: drone
            namespace: gohorsejobs
        current-context: drone-context
        EOF        
      - echo "Deploying backend..."
      - kubectl apply -f k8s/backend-deployment.yaml
      - kubectl apply -f k8s/backend-service.yaml