---
kind: pipeline
type: docker
name: docker-build-and-push

trigger:
  branch:
    - master

image_pull_secrets:
  - DOCKER_AUTH

services:
  - name: docker
    # https://hub.docker.com/r/library/docker
    image: hub.docker.struchkov.dev/docker:27.1.2-dind-alpine3.20
    privileged: true
    volumes:
      - name: dockersock
        path: /var/run

volumes:
  - name: dockersock
    temp: {}

steps:
  - name: build site
    # https://hub.docker.com/r/library/docker
    image: hub.docker.struchkov.dev/docker:27.1.2-dind-alpine3.20
    volumes:
      - name: dockersock
        path: /var/run
    commands:
      - sleep 15
      - docker run -v ./.quartz/quartz.config.ts:/usr/src/app/quartz.config.ts -v .:/usr/src/app/content -v ./public:/usr/src/app/public --rm docker.struchkov.dev/quartz:latest build
  - name: publish to server
    image: hub.docker.struchkov.dev/docker:27.1.2-dind-alpine3.20
    environment:
      SSH_DEPLOY_KEY:
        from_secret: SSH_DEPLOY_KEY
      SSH_DEPLOY_HOST:
        from_secret: SSH_DEPLOY_HOST
      SSH_DEPLOY_PORT:
        from_secret: SSH_DEPLOY_PORT
      SSH_DEPLOY_PATH:
        from_secret: SSH_DEPLOY_PATH
      SSH_DEPLOY_USER:
        from_secret: SSH_DEPLOY_USER
    commands:
      - eval $(ssh-agent -s)
      - mkdir -p ~/.ssh
      - echo "$SSH_DEPLOY_KEY" >> ~/.ssh/id_rsa
      - chmod 700 ~/.ssh
      - chmod 600 ~/.ssh/id_rsa
      - ssh-keyscan -p $SSH_DEPLOY_PORT $SSH_DEPLOY_HOST >> ~/.ssh/known_hosts
      - chmod 644 ~/.ssh/known_hosts
      - scp -r -P $SSH_DEPLOY_PORT ./* $SSH_DEPLOY_USER@$SSH_DEPLOY_HOST:$SSH_DEPLOY_PATH


# drone sign --save upagge/digital-garden
---
kind: signature
hmac: c15fd8ef6d134d2dacfed30e4c331a6deb91d6a4cecf81a94ea01b54f79bf865

...