From 31d4c4af55e15f94d7b9da9b6912375a7fdc20c5 Mon Sep 17 00:00:00 2001
From: Khwezi <khwezi@mngoma.lab>
Date: Sat, 18 Oct 2025 14:00:17 +0200
Subject: [PATCH] Refactored the pipeline to deploy using SSH

---
 .drone.yml           |   2 +-
 manifests/deploy.yml | 188 +++++++++++++++++++++++--------------------
 2 files changed, 100 insertions(+), 90 deletions(-)

diff --git a/.drone.yml b/.drone.yml
index 7dd57fa..1533916 100644
--- a/.drone.yml
+++ b/.drone.yml
@@ -99,6 +99,6 @@ steps:
       namespace: sampleapi
       ca:
         from_secret: k8s-cert
-      server: https://lead:6443
+      server: https://lead.mngoma.lab:6443
       token:
         from_secret: k8s-token
diff --git a/manifests/deploy.yml b/manifests/deploy.yml
index e4bf3a5..8600474 100644
--- a/manifests/deploy.yml
+++ b/manifests/deploy.yml
@@ -1,92 +1,102 @@
 ---
-apiVersion: v1
-kind: Namespace
-metadata:
-  name: experiments
-  labels:
-    name: experiments
+kind: pipeline
+type: kubernetes
+name: build
+
+clone:
+  disable: true
+
+steps:
+  - name: git clone
+    image: drone/git
+    environment:
+      REPO_URL: http://gitea-server.gitea.svc.cluster.local:3000/mngomalab/sampleapi.git
+    commands:
+      - git clone $REPO_URL .
+      - git checkout $DRONE_COMMIT
+
+  - name: dotnet restore
+    image: mcr.microsoft.com/dotnet/sdk:8.0
+    commands:
+      - dotnet restore
+
+  - name: dotnet build
+    image: mcr.microsoft.com/dotnet/sdk:8.0
+    commands:
+      - dotnet build --configuration Release
+      - ls ./SampleApi/bin/Release/net8.0/
+
+  - name: dotnet test
+    image: mcr.microsoft.com/dotnet/sdk:8.0
+    commands:
+      - dotnet test --configuration Release
+
 ---
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: sampleapi-config
-  namespace: experiments
-data:
-  appname: "SampleApi"
+kind: pipeline
+type: kubernetes
+name: package
+
+depends_on:
+  - build
+
+clone:
+  disable: true
+
+steps:
+  - name: git clone
+    image: drone/git
+    environment:
+      REPO_URL: http://gitea-server.gitea.svc.cluster.local:3000/mngomalab/sampleapi.git
+    commands:
+      - git clone $REPO_URL .
+      - git checkout $DRONE_COMMIT
+
+  - name: dotnet publish
+    image: mcr.microsoft.com/dotnet/sdk:8.0
+    commands:
+      - dotnet publish --configuration Release
+      - ls ./SampleApi/bin/Release/net8.0/publish/
+
+  - name: docker build and push
+    image: plugins/docker
+    settings:
+      repo: registry-server.registry.svc.cluster.local:5000/sampleapi
+      auto_tag: true
+      registry: registry-server.registry.svc.cluster.local:5000
+      insecure: true
+      username:
+        from_secret: registry-username
+      password:
+        from_secret: registry-password
+      dockerfile: Dockerfile
+      context: ./SampleApi/bin/Release/net8.0/publish/
+
 ---
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: sampleapi
-  namespace: experiments
-  labels:
-    app: sampleapi
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: sampleapi
-  template:
-    metadata:
-      labels:
-        app: sampleapi
-    spec:
-      containers:
-        - name: sampleapi
-          image: registry.registry.svc.cluster.local:5000/experiments/sampleapi:latest
-          imagePullPolicy: Always
-          ports:
-            - name: http
-              containerPort: 8080
-            - name: https
-              containerPort: 8081
----
-apiVersion: v1
-kind: Service
-metadata:
-  name: sampleapi
-  namespace: experiments
-spec:
-  type: ClusterIP
-  selector:
-    app: sampleapi
-  ports:
-    - name: http
-      port: 80
-      targetPort: 8080
-    - name: https
-      port: 443
-      targetPort: 8081
----
-apiVersion: traefik.io/v1alpha1
-kind: IngressRoute
-metadata:
-  name: sampleapi-http
-  namespace: experiments
-spec:
-  entryPoints:
-    - web
-  routes:
-    - match: Host(`sampleapi.apps.mngoma.lab`)
-      kind: Rule
-      services:
-        - name: sampleapi
-          port: 80
-          scheme: http
----
-apiVersion: traefik.io/v1alpha1
-kind: IngressRoute
-metadata:
-  name: sampleapi-https
-  namespace: experiments
-spec:
-  entryPoints:
-    - websecure
-  routes:
-    - match: Host(`sampleapi.apps.mngoma.lab`)
-      kind: Rule
-      services:
-        - name: sampleapi
-          port: 443
-          scheme: http
-  tls: {}
+kind: pipeline
+type: kubernetes
+name: deploy
+
+depends_on:
+  - package
+
+clone:
+  disable: true
+
+steps:
+  - name: deploy via SSH
+    image: appleboy/drone-ssh
+    settings:
+      host: lead.mngoma.lab
+      username:
+        from_secret: host-username
+      password:
+        from_secret: host-password
+      port: 22
+      script:
+        - |
+          set -euo pipefail
+          echo "Applying Kubernetes manifest via SSH..."
+          ssh -o StrictHostKeyChecking=no $DRONE_REMOTE_USER@lead.mngoma.lab 'kubectl apply -f -' <<'EOF'
+          $(cat ./manifests/deploy.yml)
+          EOF
+          echo "Manifest applied successfully."