Currently, the project is built and tested using DroneCI. The infra project takes care of provisioning and setting up this service. The root of this project contains .drone.yml file. This file is used to tell DroneCI how and what steps to take to build and test the project.

Since we don't want to place application and/or production secrets statically into code, we use environment variables. Therefore, we need to tell Drone what secrets it should make available during the build, test, and deployment phases of the project pipeline.

Here is a list of required secrets needed for the odyssey project:

AWS_DEFAULT_REGION
ODYSSEY_STACK_PASSPHRASE_PROD
AWS_ACCESS_KEY_ID
AWS_SECRET_ACCESS_KEY
ODYSSEY_STACK_PASSPHRASE_STAGE

To setup and configure the drone database to properly accept connections from Github and to be able to deploy builds to the stage and prod environment, a number of steps need to be followed.

Assuming we are starting from scratch, the drone database is gone or corrupt for some reason or another. Salt and the infra project will get us pretty close to being able to use drone successfully. However, a few more steps are required.

Namely,

Login into drone with your github:

HomeCU Drone
Go to account, show token. You will need to update the infra project, specifically, Salt Stack, with the new token.
Update Salt with the new JWT and deploy the related pillar data, deploy the new pillar data to the drone instance.
Add/enable the odyssey repository to the build list
- Be sure to also enable the "trusted" property in the settings for the odyssey project
Add the secrets to drone for the odyssey project, the commands will follow something similar to the following (as root on drone):

drone# ./drone/drone.cli secret add --skip-verify homecu/odyssey <key> <value>

If the key being added is the AWS secret key, or a stack passphrase, the --conceal argument MUST also be used to ensure it is kept out of the build logs.

drone# ./drone/drone.cli secret add --skip-verify --conceal homecu/odyssey <key> <value>