ansible playbook to set up a laminar container Ci build
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
meskio 829ac0f2ea
Use mmdebstrap instead of debootstrap
2 months ago
keys Update keys 9 months ago
README.md Add a diagram of the architecture 2 years ago
base_image.run Use mmdebstrap instead of debootstrap 2 months ago
build_image Make it work 2 years ago
build_image.run Check versions of upstream software 2 months ago
check_updates Check versions of upstream software 2 months ago
check_updates.run Keep the repos of the images 2 years ago
keys.asc Update keys 9 months ago
nginx-registry Build base image 2 years ago
playbook.yml Use mmdebstrap instead of debootstrap 2 months ago
update_images Keep the repos of the images 2 years ago
vars.yml Add collaborator keys and vaulted secret 12 months ago
webhook.conf Make it work 2 years ago

README.md

Set a laminar CI to build your containers.

architecture

                  ...................----------.
.-------.         .  .---------.    | build VM |
| gitea |---http---->| webhook |    '----------'
'-------'         .  '---------'               .
    .             .       |                    .
    .             .       v                    .
    .             .  .---------.               .
    '....git pull...>| laminar |.........      .
                  .  '---------'        v      .
                  .       |    ^   gpg verify  .
                  . docker|    '...git commits .
                  .  push |                    .
                  .       v                    .
                  . .----------.               .
                  . | registry |               .
                  . '----------'               .
                  .       .                    .
                  .  proxy.                    .
                  .       v                    .
                  .   .-------.                .
                  .   | nginx |                .
                  .   '-------'                .
                  ........^.....................
 .--------.               |
 | docker |---------------'
 '--------'  docker pull

webhook

It will configure a webhook to listen in: http://ip:9000/hooks/build_image

The gitea of your organization should be configured to ping this url with {{ secret }} on each push event.

keys

The openpgp keys used to sign git commits are in the keys folder, ansible uses keys.asc to configure them in the server. We can generate this file by concatenating all the keys in one file:

$ cat keys/* > keys.asc