kind: pipeline
type: docker
name: security-vue

steps:
  - name: build-package-react
    image: node:16.18.0
    volumes:
      - name: cache
        path: /drone/src/node_modules
      - name: build
        path: /app/build
    commands:
      - export CI=false
      - rm -rf /app/build/react/*
      - cp deployment.yml /app/build/react/
      - cp Dockerfile /app/build/react/
      - cp .dockerignore /app/build/react/
      - cp default.conf /app/build/react/
      - cp docker.sh /app/build/react/
      - cp nginx.conf /app/build/react/
      - npm -v
      - mkdir -p ./node_modules
      - export NODE_MODULES_PATH=`pwd`/node_modules
#      - npm config set registry https://registry.npm.taobao.org
#      - set NODE_OPTIONS=--openssl-legacy-provider
      - npm install
      - npm run build
      - ls /app/build/react/
      - echo $NODE_MODULES_PATH
      - mkdir -p /app/build/react
      - cp -r build /app/build/react


  - name: build-docker # 制作docker镜像
    image: docker # 使用官方docker镜像
    volumes: # 将容器内目录挂载到宿主机
      - name: build
        path: /app/build
      - name: docker
        path: /var/run/docker.sock # 挂载宿主机的docker
      - name: config
        path: /config
    environment: # 获取到密文的docker用户名和密码
      DOCKER_USERNAME:
        from_secret: docker_username
      DOCKER_PASSWORD:
        from_secret: docker_password
      REGISTRY:
        from_secret: registry
      REGISTRY_NAMESPACE:
        from_secret: registry_namespace
    commands: # 定义在Docker容器中执行的shell命令
      - cd /app/build/react/
      - cat Dockerfile
      - sed -i 's/$REGISTRY/'"$REGISTRY"'/' deployment.yml
      - sed -i 's/$REGISTRY_NAMESPACE/'"$REGISTRY_NAMESPACE"'/' deployment.yml
      - sed -i 's/$DRONE_REPO_NAME/'"$DRONE_REPO_NAME"'/' deployment.yml
      - sed -i 's/$DRONE_COMMIT/'"$DRONE_COMMIT"'/' deployment.yml
#      - sed -i 's/$DRONE_COMMIT/'"$DRONE_COMMIT"'/' docker.sh
#      - sed -i 's/$DRONE_REPO_NAME/'"$DRONE_REPO_NAME"'/' docker.sh
      # docker登录,不能在脚本中登录,并且不能使用docker login -u -p
      - echo $DOCKER_PASSWORD | docker login $REGISTRY --username $DOCKER_USERNAME --password-stdin
      - chmod +x docker.sh
      - cat docker.sh
      - sh docker.sh
      # 执行完脚本删除本次制作的docker镜像,避免多次后当前runner空间不足
      - docker rmi -f $(docker images | grep $DRONE_REPO_NAME | awk '{print $3}')

  - name: drone-rancher # rancher运行
    image: registry.cn-hangzhou.aliyuncs.com/claywang/kubectl #阿里云的kubectl镜像,里面包含kubectl命令行工具
    volumes: # 将容器内目录挂载到宿主机
      - name: build
        path: /app/build # 将应用打包好的Jar和执行脚本挂载出来
      - name: config
        path: /app/config # 将kubectl 配置文件挂载出来
    commands: # 定义在Docker容器中执行的shell命令
      - cd /app/build/react/
      # 将deployment中定义的变量替换为drone中的内置变量
      - cat deployment.yml
      # 通过kubectl指令运行deployment.yml,并指定授权文件kubectl_conf.yml
      # - kubectl apply -f deployment.yml -n $DRONE_COMMIT_BRANCH --kubeconfig=/app/config/kubectl_conf.yml
      - kubectl apply -f deployment.yml -n dev --kubeconfig=/app/config/kubectl_conf.yml


volumes:
  - name: build
    host:
      path: /home/build
  - name: cache
    host:
      path: /var/lib/npm/cache
  - name: config # k8s对接的配置文件
    host:
      path: /.kube/config
  - name: maven-cache # maven的缓存文件
    host:
      path: /home/data/maven/cache
  - name: docker # 宿主机中的docker
    host:
      path: /var/run/docker.sock