forked from ovotech/circleci-orbs
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathorb.yml
73 lines (67 loc) · 2.79 KB
/
orb.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
version: 2.1
description: |
Orb provides helper command to execute git operations using sepcific
SSH key from an ssh agent.
Useful when you need to work with another private repository accessible by SSH.
SSH key is identified by a fingerprint and must be available in an SSH agent and
can be added in CircleCI project settings.
commands:
do:
description: |
Executes git commands selecting sepcific SSH key from an ssh agent.
This command restores $BASH_ENV to the state, before it started, therefore
if your `git_steps` modify $BASH_ENV, these changes will be revereted.
parameters:
git_steps:
type: steps
description: "Steps, usually git clone/push commands, to execute using an SSH key selected by the ssh_key_fingerprint param."
default: []
ssh_key_fingerprint:
type: string
description: "SSH Public key fingerprint to use. Must be exactly as seen in CircleCI UI. Example aa:bb:cc:dd:..."
steps:
- run:
name: "Configuring SSH environment"
command: |
f=$(mktemp)
ssh-add -L | while read -r l; do
if [[ $(ssh-keygen -l -E md5 -f <(echo "$l")) =~ "<< parameters.ssh_key_fingerprint >>" ]]; then
echo "$l" >"$f"; break
fi
done
[[ -s "$f" ]] || { >&2 echo "Fingerprint not found, did you add key to your CircleCI project settings?"; exit 1; }
oldenv=$(mktemp)
[[ ! -f "$BASH_ENV" ]] || cp "$BASH_ENV" $oldenv
echo "export GIT_SSH_COMMAND='ssh -i $f'" >> $BASH_ENV
echo "export ORB_GIT_CLONE_WITH_KEY_OLD_ENV=$oldenv" >> $BASH_ENV
- steps: << parameters.git_steps >>
- run:
name: "Restore SSH environment"
command: |
mv "${ORB_GIT_CLONE_WITH_KEY_OLD_ENV:?}" "$BASH_ENV"
examples:
gitops:
description: Clone and push to another private Git repository
usage:
version: 2.1
orbs:
with-git-deploy-key: ovotech/with-git-deploy-key@1
jobs:
gitops_image_update:
machine: true
parameters:
image: {type: string}
steps:
- with-git-deploy-key/do:
ssh_key_fingerprint: "00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff"
git_steps:
- run: git clone git@github.com:myorg/gitops.git gitops
- run:
name: "Gitops: update image"
command: |
cd gitops
#
# Update image here, for instance 'kustomize edit set image << parameters.image >>'
#
git commit -m "CircleCI deploy ${CIRCLE_PROJECT_REPONAME}" -m "Build URL: ${CIRCLE_BUILD_URL}" -a
git push