Update to working config

2025-04-19 23:36:04 -04:00 · 2022-10-09 23:55:28 -06:00 · 2022-10-09 23:55:28 -06:00 · d4d3186521
commit d4d3186521
parent 97c664a200
4 changed files with 60 additions and 9 deletions
--- a/cicd/README.md
+++ b/cicd/README.md
@ -15,7 +15,7 @@ droplet that we expect. First, we will export our access token as an environment
 variable:

 ```shell
-export DO_PAT="$(cat .config/doctl/config.yaml | yq e '.access-token' -)"
+export DO_PAT="$(cat ~/.config/doctl/config.yaml | yq e '.access-token' -)"
 ```

 Then we can run our plan:
@ -23,7 +23,8 @@ Then we can run our plan:
 ```shell
 terraform plan \
  -var "do_token=${DO_PAT}" \
-  -var "pvt_key=$HOME/.ssh/id_rsa"
+  -var "pvt_key=$HOME/.ssh/id_rsa" \
+  -var "ssh_key=$KEYNAME"
 ```

 If the output is what was expected, we may now create the droplet:
@ -31,7 +32,17 @@ If the output is what was expected, we may now create the droplet:
 ```shell
 terraform apply \
  -var "do_token=${DO_PAT}" \
-  -var "pvt_key=$HOME/.ssh/id_rsa"
+  -var "pvt_key=$HOME/.ssh/id_rsa" \
+  -var "ssh_key=$KEYNAME"
+```
+
+## Destroying the runner
+
+```shell
+terraform destroy \
+  -var "do_token=${DO_PAT}" \
+  -var "pvt_key=$HOME/.ssh/id_rsa" \
+  -var "ssh_key=$KEYNAME"
 ```

 **TODO**
--- a/cicd/docker-install.yml
+++ b/cicd/docker-install.yml
@ -0,0 +1,20 @@
+- name: Prepare Docker Executor
+  become: yes
+  hosts: all
+  tasks:
+    - name: Install Dependencies
+      ansible.builtin.apt:
+        pkg:
+        - ca-certificates
+        - curl
+        - gnupg
+        - lsb-release
+    - name: Install Docker Sources
+      ansible.builtin.script: ./docker-sources.sh
+    - name: Install Docker Packages
+      ansible.builtin.apt:
+        pkg:
+          - docker-ce
+          - docker-ce-cli
+          - containerd.io
+          - docker-compose-plugin
--- a/cicd/docker-sources.sh
+++ b/cicd/docker-sources.sh
@ -0,0 +1,17 @@
+#!/usr/bin/env bash
+
+set -e
+
+KEYRING=/etc/apt/keyrings/docker.gpg
+
+# Download Docker source keyring
+mkdir -p /etc/apt/keyrings
+curl -fsSL https://download.docker.com/linux/debian/gpg \
+  | gpg --dearmor -o ${KEYRING}
+
+# Set Docker apt source
+echo "deb [arch=$(dpkg --print-architecture) signed-by=${KEYRING}] https://download.docker.com/linux/debian $(lsb_release -cs) stable" \
+  | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+
+# Update sources
+apt-get update
--- a/cicd/runner.tf
+++ b/cicd/runner.tf
@ -18,12 +18,15 @@ resource "digitalocean_droplet" "veilid-runner-1" {
  provisioner "remote-exec" {
    inline = [
      "apt-get update",
-      "apt-get -y install ca-certificates curl gnupg lsb-release",
-      "mkdir -p /etc/apt/keyrings/",
-      "curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg",
-      "echo \"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable\" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null",
-      "apt-get update",
-      "apt-get install -y docker-ce docker-ce-cli containerd.io docker-compose-plugin"
+      "apt-get install python3-apt -y"
    ]
  }
+
+  provisioner "local-exec" {
+    command = "ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -u root -i '${self.ipv4_address},' --private-key ${var.pvt_key} docker-install.yml"
+  }
+}
+
+output "droplet_ip_address" {
+  value = digitalocean_droplet.veilid-runner-1
 }