From 8ac36806357a1b85faf3fa80ca32b3afe524c6be Mon Sep 17 00:00:00 2001
From: Dominik Meyer <dmeyer@hsu-hh.de>
Date: Sun, 3 Sep 2023 21:12:27 +0200
Subject: [PATCH] ADD: updated drone configuration

---
 .drone.yml                  | 170 +++++++++++++++++++++++++-----------
 scripts/setupEnvironment.sh |   3 +
 2 files changed, 120 insertions(+), 53 deletions(-)
 create mode 100644 scripts/setupEnvironment.sh

diff --git a/.drone.yml b/.drone.yml
index d4b1043..f72759c 100644
--- a/.drone.yml
+++ b/.drone.yml
@@ -1,52 +1,10 @@
 kind: pipeline
 type: kubernetes
-name: arm64-pipeline
-
-platform:
-  arch: arm64
-
-workspace:
-  path: /cache
-
-volumes:
-- name: fedhq-ca-crt
-  config_map:
-    name: fedhq-ca-crt
-    default_mode: 420     # same as 644 in octal, or u+w,a+r
-    optional: false
-- name: cache
-  claim:
-    name: federationhq-drone-cache-pvc
-    read_only: false 
-
-steps:
-  - name: Build Image
-    image:  registry.cloud.federationhq.de/drone-buildah-plugin:latest
-    privileged: true
-    volumes:
-    - name: fedhq-ca-crt
-      path: /etc/ssl/certs2/
-    - name: cache
-      path: /var/lib/containers/storage
-    settings:
-      dockerfile: Dockerfile
-      pullfirst: true
-      ca_cert: "/etc/ssl/certs2/federationHQ-CA.pem"
-      registry: "registry.cloud.federationhq.de"
-      tag: latex:latest
-
-
---- 
-
-kind: pipeline
-type: kubernetes
-name: amd64-pipeline
-
+name: prepare-manifest
 platform:
   arch: amd64
-
-workspace:
-  path: /cache
+node_selector:
+  kubernetes.io/arch: amd64
 
 volumes:
 - name: fedhq-ca-crt
@@ -60,17 +18,123 @@ volumes:
     read_only: false 
 
 steps:
-  - name: Build Image
-    image:  registry.cloud.federationhq.de/drone-buildah-plugin:latest
+  - name: prepare manifest
+    image: quay.io/buildah/stable
     privileged: true
     volumes:
     - name: fedhq-ca-crt
       path: /etc/ssl/certs2/
     - name: cache
       path: /var/lib/containers/storage
-    settings:
-      dockerfile: Dockerfile
-      pullfirst: true
-      ca_cert: "/etc/ssl/certs2/federationHQ-CA.pem"
-      registry: "registry.cloud.federationhq.de"
-      tag: latex:latest
\ No newline at end of file
+    commands:
+      - scripts/setupEnvironment.sh
+      - buildah manifest rm latex|| true
+      - buildah manifest create latex
+
+
+
+
+---
+kind: pipeline
+type: kubernetes
+name: build-amd64
+platform:
+  arch: amd64
+node_selector:
+  kubernetes.io/arch: amd64
+
+volumes:
+- name: fedhq-ca-crt
+  config_map:
+    name: fedhq-ca-crt
+    default_mode: 420     # same as 644 in octal, or u+w,a+r
+    optional: false
+- name: cache
+  claim:
+    name: federationhq-drone-cache-pvc
+    read_only: false 
+
+steps:
+  - name: build amd64
+    image: quay.io/buildah/stable
+    privileged: true
+    volumes:
+    - name: fedhq-ca-crt
+      path: /etc/ssl/certs2/
+    - name: cache
+      path: /var/lib/containers/storage
+    commands:
+      - scripts/setupEnvironment.sh
+      - buildah bud --network host -t "registry.cloud.federationhq.de/latex:latest" --manifest latex --arch amd64 .
+depends_on:
+  - prepare-manifest 
+
+---
+kind: pipeline
+type: kubernetes
+name: build-arm64
+platform:
+  arch: arm64
+node_selector:
+  kubernetes.io/arch: arm64
+
+volumes:
+- name: fedhq-ca-crt
+  config_map:
+    name: fedhq-ca-crt
+    default_mode: 420     # same as 644 in octal, or u+w,a+r
+    optional: false
+- name: cache
+  claim:
+    name: federationhq-drone-cache-pvc
+    read_only: false 
+
+steps:
+  - name: build arm64
+    image: quay.io/buildah/stable
+    privileged: true
+    volumes:
+    - name: fedhq-ca-crt
+      path: /etc/ssl/certs2/
+    - name: cache
+      path: /var/lib/containers/storage
+    commands:
+      - scripts/setupEnvironment.sh
+      - buildah bud -t "registry.cloud.federationhq.de/latex:latest" --net=host --manifest latex --arch arm64 .
+depends_on:
+  - prepare-manifest 
+  - build-amd64
+
+---
+kind: pipeline
+type: kubernetes
+name: push
+node_selector:
+  kubernetes.io/arch: amd64
+       
+volumes:
+- name: fedhq-ca-crt
+  config_map:
+    name: fedhq-ca-crt
+    default_mode: 420     # same as 644 in octal, or u+w,a+r
+    optional: false
+- name: cache
+  claim:
+    name: federationhq-drone-cache-pvc
+    read_only: false 
+
+steps:
+  - name: push
+    image: quay.io/buildah/stable
+    privileged: true
+    volumes:
+    - name: fedhq-ca-crt
+      path: /etc/ssl/certs2/
+    - name: cache
+      path: /var/lib/containers/storage
+    commands:
+      - scripts/setupEnvironment.sh
+      - buildah push --all  latex docker://registry.cloud.federationhq.de/latex:latest" 
+depends_on:
+  - build-amd64
+  - build-arm64
\ No newline at end of file
diff --git a/scripts/setupEnvironment.sh b/scripts/setupEnvironment.sh
new file mode 100644
index 0000000..2761ce0
--- /dev/null
+++ b/scripts/setupEnvironment.sh
@@ -0,0 +1,3 @@
+#!/bin/bash
+cp /etc/ssl/certs2/federationHQ-CA.pem /etc/pki/ca-trust/source/anchors/
+update-ca-trust