More complex default values in substitution

gypapp · May 7, 2020, 11:03pm

I am using plugins/ecr to build and push images to our AWS ECR repositories. In that repository, a tag-based retention policy is defined to delete unneeded images after a while. A tag for such a snapshot build must be prefixed with a fixed string due to ECR Lifecycle Policy Evaluation Rules
It would be awesome if I could use the same ecr step to build both the snapshot and final images For that purpose I would have liked to use the following substitution and expansion in the tag section:

tags:
  - ${DRONE_TAG:-SNAPSHOT.${DRONE_COMMIT}}

(foreword: it works in bash.)

The rationale behind that the pipeline could be triggered by either the tag or push event. If the tag event triggers the build then that tag name will be used for the image. Otherwise, DRONE_TAG is empty (or undefined) and the tag will default to one prefixed with SNAPSHOT. falling under the scope of the retention policy.

Unfortunately, it does not work in drone. I have also tried to specify ${DRONE_TAG} in the tags list as an optional tag but ecr plugin does not cope with an empty value. The expression above without the SNAPSHOT. prefix, that is, ${DRONE_TAG:-${DRONE_COMMIT}} also works because the basic nested substitution is already supported. I read the manual and I have been warned not to expect full compatibility because such an expression is evaluated by a bash emulator written in go.

Anyway, I would be glad if someone could provide a workaround. Of course, I could duplicate this specific pipeline step combined with proper conditions but it would be nice to solve it by this one-liner. What do you think?

coltenkrauter · February 16, 2021, 8:06pm

Yes, I am also looking for a way to set a default value that requires double substitution.

- name: build
  image: plugins/ansible:3
  settings:
    playbook: .ansible/build.yaml
    inventory: ".ansible/inventories/${${DRONE_TAG/?*/production}=$DRONE_BRANCH}/hosts"
    vault_password:
      from_secret: ansible_vault_password

Specifically, what I need is to use the DRONE_BRANCH env var for the inventory directory, unless DRONE_TAG is set, in which case I want to use ‘production’ for the inventory directory.

The only way I can think to pull this off would be with double substitution, which is not working… Or if there was some way to set a new var during the Drone build.

Any ideas?

coltenkrauter · February 17, 2021, 5:49am

Okay, I found a workaround. I just override the plugin entrypoint command with my own so that I could add some bash commands (notice the commands at the end).

- name: build
  image: plugins/ansible:3
  settings:
    playbook: .ansible/build.yaml
    vault_password:
      from_secret: ansible_vault_password
  commands:
  - version=$DRONE_BRANCH
  - if [ -n $DRONE_TAG ]; then version=production; fi
  - /bin/drone-ansible --inventory .ansible/inventories/$$version/hosts