From d4d3186521c57e6adecb98a7cd03b90c7619023c Mon Sep 17 00:00:00 2001 From: Adam Shamblin Date: Sun, 9 Oct 2022 23:55:28 -0600 Subject: [PATCH] Update to working config --- cicd/README.md | 17 ++++++++++++++--- cicd/docker-install.yml | 20 ++++++++++++++++++++ cicd/docker-sources.sh | 17 +++++++++++++++++ cicd/runner.tf | 15 +++++++++------ 4 files changed, 60 insertions(+), 9 deletions(-) create mode 100644 cicd/docker-install.yml create mode 100755 cicd/docker-sources.sh diff --git a/cicd/README.md b/cicd/README.md index 11fbf336..cfef9216 100644 --- a/cicd/README.md +++ b/cicd/README.md @@ -15,7 +15,7 @@ droplet that we expect. First, we will export our access token as an environment variable: ```shell -export DO_PAT="$(cat .config/doctl/config.yaml | yq e '.access-token' -)" +export DO_PAT="$(cat ~/.config/doctl/config.yaml | yq e '.access-token' -)" ``` Then we can run our plan: @@ -23,7 +23,8 @@ Then we can run our plan: ```shell terraform plan \ -var "do_token=${DO_PAT}" \ - -var "pvt_key=$HOME/.ssh/id_rsa" + -var "pvt_key=$HOME/.ssh/id_rsa" \ + -var "ssh_key=$KEYNAME" ``` If the output is what was expected, we may now create the droplet: @@ -31,7 +32,17 @@ If the output is what was expected, we may now create the droplet: ```shell terraform apply \ -var "do_token=${DO_PAT}" \ - -var "pvt_key=$HOME/.ssh/id_rsa" + -var "pvt_key=$HOME/.ssh/id_rsa" \ + -var "ssh_key=$KEYNAME" +``` + +## Destroying the runner + +```shell +terraform destroy \ + -var "do_token=${DO_PAT}" \ + -var "pvt_key=$HOME/.ssh/id_rsa" \ + -var "ssh_key=$KEYNAME" ``` **TODO** diff --git a/cicd/docker-install.yml b/cicd/docker-install.yml new file mode 100644 index 00000000..7966face --- /dev/null +++ b/cicd/docker-install.yml @@ -0,0 +1,20 @@ +- name: Prepare Docker Executor + become: yes + hosts: all + tasks: + - name: Install Dependencies + ansible.builtin.apt: + pkg: + - ca-certificates + - curl + - gnupg + - lsb-release + - name: Install Docker Sources + ansible.builtin.script: ./docker-sources.sh + - name: Install Docker Packages + ansible.builtin.apt: + pkg: + - docker-ce + - docker-ce-cli + - containerd.io + - docker-compose-plugin diff --git a/cicd/docker-sources.sh b/cicd/docker-sources.sh new file mode 100755 index 00000000..0e2b88d0 --- /dev/null +++ b/cicd/docker-sources.sh @@ -0,0 +1,17 @@ +#!/usr/bin/env bash + +set -e + +KEYRING=/etc/apt/keyrings/docker.gpg + +# Download Docker source keyring +mkdir -p /etc/apt/keyrings +curl -fsSL https://download.docker.com/linux/debian/gpg \ + | gpg --dearmor -o ${KEYRING} + +# Set Docker apt source +echo "deb [arch=$(dpkg --print-architecture) signed-by=${KEYRING}] https://download.docker.com/linux/debian $(lsb_release -cs) stable" \ + | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null + +# Update sources +apt-get update diff --git a/cicd/runner.tf b/cicd/runner.tf index 491a7bd6..6267dd19 100644 --- a/cicd/runner.tf +++ b/cicd/runner.tf @@ -18,12 +18,15 @@ resource "digitalocean_droplet" "veilid-runner-1" { provisioner "remote-exec" { inline = [ "apt-get update", - "apt-get -y install ca-certificates curl gnupg lsb-release", - "mkdir -p /etc/apt/keyrings/", - "curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg", - "echo \"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable\" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null", - "apt-get update", - "apt-get install -y docker-ce docker-ce-cli containerd.io docker-compose-plugin" + "apt-get install python3-apt -y" ] } + + provisioner "local-exec" { + command = "ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -u root -i '${self.ipv4_address},' --private-key ${var.pvt_key} docker-install.yml" + } +} + +output "droplet_ip_address" { + value = digitalocean_droplet.veilid-runner-1 }