Create md page about Drone CI
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/push Build is passing
Details
parent
91ac86b63f
commit
87f01dfc2c
|
|
@ -0,0 +1,39 @@
|
|||
# selfprivacy-nixos-infect
|
||||
## Drone configuration
|
||||
|Secret|Value|
|
||||
|---|---|
|
||||
|CHANNEL_SWITCHER_KEY|Bearer token for [Channel Rest Api](https://git.selfprivacy.org/inex/nix-channel-redirect/src/branch/master/nix_channel_server) of selfprivacy.org|
|
||||
|CLOUDFLARE_TOKEN|Bearer token for Cloudflare to communicate with [DNS entires](https://api.cloudflare.com/#dns-records-for-a-zone-list-dns-records)|
|
||||
|DOMAIN|Full domain that points out to our testing server|
|
||||
|HETZNER_TOKEN|Bearer token for Hetzner to request server [creation](https://docs.hetzner.cloud/#servers-create-a-server) and [destruction](https://docs.hetzner.cloud/#servers-delete-a-server)|
|
||||
|TEST_EMAIL_PASS| ??? |
|
||||
|USER_PASS| ??? |
|
||||
|ZONE_ID|Identificator of [a zone](https://www.cloudflare.com/learning/dns/glossary/dns-zone/) to which all our DNS entries are related|
|
||||
|
||||
|
||||
|Cronjob Title|Branch|Cronjob Value||
|
||||
|---|---|---|---|
|
||||
|weekly-build|[development](https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-infect/src/branch/development)|````@weekly````| Our main job we run every week to ensure the upstream of our application is able to deploy onto a clean server completely. We'd like to build everyday, but for now we need to solve acme problem, since it rejects our requests if we do it every 24 hours...|
|
||||
# Drone pipeline
|
||||
Stage Default:
|
||||
|
||||
| Step | |
|
||||
|---|---|
|
||||
|clone|Checkout the HEAD commit|
|
||||
|deploy|Create infect.sh script and send it with a POST request to the clean server to deploy our testing environment|
|
||||
|dns|Create DNS entries for subdomains to ensure networking and certificates for properly|
|
||||
|sleep|Wait for the environment to build (it takes a while...)|
|
||||
|test|Request for overall status, do basic checks on the server|
|
||||
|teardown|Destroy the environment and all DNS entries, tests are over!|
|
||||
|switch-channel|Update upstream NixOS channel at selfprivacy.org|
|
||||
|
||||
It is ensured that teardown step must happen whether the pipeline fails or succeeds, because we need the server to be clean before every new job. It is done by forcing the step to be called with [status trigger](https://docs.drone.io/pipeline/exec/syntax/conditions/#by-status):
|
||||
|
||||
```yaml
|
||||
- name: teardown
|
||||
. . .
|
||||
when:
|
||||
status:
|
||||
- failure
|
||||
- success
|
||||
```
|
||||
Loading…
Reference in New Issue