Drone是一個go開發的用來CI/CD的好工具,比jenkins和gitlab-ci更加簡單好用,部署方便
1.準備環境
gitea和go proxy
docker倉庫harbor
gitea
創建一個組織test,在該組織下創建倉庫demo,倉庫設置裏把開發者賬號加入到協作者
創建一個具有創建鉤子權限的管理員賬號,把它加入到demo倉庫的協作者中,並對倉庫有可讀權限
harbor
創建一個公開項目test,並創建一個用戶例如drone,把drone用戶加入到test項目的開發人員中去
假設harbor所在地址192.168.41.34
192.168.41.34/test/demo鏡像的三種tag格式:
canary 開發版,不管什麼分支
v0.0.1 穩定版,和git tag保持一致
latest 穩定版,指向最新的具體tag如v0.0.1
2.部署Drone
注意:drone的新版部署方式發生了改變,請看官網(2019.11.8更新)
假設Drone所在機器是192.168.41.35
drone server
#!/bin/bash
gitea_server=http://192.168.40.131:3333
proto=http
http_port=5566
drone_server=192.168.41.35:${http_port}
secret=1edbfb9d6690bdad7743f7d67fbfe374 #可以用openssl rand -hex 16 生成,drone的agent和server之間通信用的
name=drone
docker run \
--name=${name} \
--volume=/var/lib/drone:/data \
--env=DRONE_GIT_ALWAYS_AUTH=false \
--env=DRONE_GITEA_SERVER=${gitea_server} \
--env=DRONE_RPC_SECRET=${secret} \
--env=DRONE_SERVER_HOST=${drone_server} \
--env=DRONE_SERVER_PROTO=${proto} \
--env=DRONE_TLS_AUTOCERT=false \
--env=DRONE_AGENTS_ENABLED=true \
--publish=${http_port}:80 \
--publish=4443:443 \
--restart=always \
--detach=true \
drone/drone:1.2.1
drone agent
#!/bin/bash
# 一個server可以對應多個agent,可以在多個機器部署agent來執行任務,尤其團隊人多的時候
# 這裏agent和server都在同一臺機器
drone_server=http://192.168.41.35:5566
secret=1edbfb9d6690bdad7743f7d67fbfe374
name=agent
runner_name=s35 #可以用主機名之類的
docker run \
--name=${name} \
--volume=/var/run/docker.sock:/var/run/docker.sock \
--env=DRONE_RPC_SERVER=${drone_server} \
--env=DRONE_RPC_SECRET=${secret} \
--env=DRONE_RUNNER_CAPACITY=2 \
--env=DRONE_RUNNER_NAME=${runner_name} \
--restart=always \
--detach=true \
drone/agent:1.2.1
3.項目代碼
├── Dockerfile
├── go.mod
├── go.sum
└── main.go
main.go
package main
import (
"fmt"
"net/http"
"github.com/rs/xid"
)
var port = ":8080"
func main() {
//一個簡單的web應用
http.HandleFunc("/", func(w http.ResponseWriter, req *http.Request) {
id := xid.New().String()
s := fmt.Sprintf("你好, id: %s", id)
fmt.Fprintf(w, "%v\n", s)
})
if err := http.ListenAndServe(port, nil); err != nil {
fmt.Println(err)
}
}
Dockerfile
FROM golang:1.12 as builder
WORKDIR /build
COPY . .
RUN CGO_ENABLED=0 GOPROXY=http://192.168.40.131:4000 go build -o demo
FROM alpine:3.10 as runner
LABEL description="the image is a demo"
WORKDIR /app
COPY --from=builder /build/demo /app/
EXPOSE 8080
ENTRYPOINT ["./demo"]
其實golang和node這樣的常用鏡像可以放到自己的私有倉庫上,比如
FROM 192.168.41.34/pub/golang:1.12
.drone.yml
kind: pipeline
name: default
clone:
depth: 10
steps:
# 開發版
- name: docker-${DRONE_BRANCH}
image: plugins/docker:18.09
settings:
username: drone
password:
from_secret: DOCKER_PASSWORD
registry: 192.168.41.34
repo: 192.168.41.34/test/demo
insecure: true
debug: true
dockerfile: Dockerfile
tags:
- canary
when:
branch:
- master
- dev
event:
- push
# 穩定版
- name: docker-release
image: plugins/docker:18.09
settings:
username: drone
password:
from_secret: DOCKER_PASSWORD
registry: 192.168.41.34
repo: 192.168.41.34/test/demo
insecure: true
dockerfile: Dockerfile
tags:
- ${DRONE_TAG}
- latest
when:
event:
- tag
# 開發版部署在192.168.41.35
- name: deploy-${DRONE_BRANCH}
image: appleboy/drone-ssh
settings:
host:
- 192.168.41.35
username: root
password:
from_secret: HOST_PASSWORD
port: 22
command_timeout: 2m
script:
- echo "deploy ssh!"
- name=test-demo
- image=192.168.41.34/test/demo:canary
- echo ${DRONE_BRANCH}
- docker pull $image
- docker rm -f test-demo || true
- docker image prune -f
- docker run --name=$name -d -p 8001:8080 $image
when:
branch:
- master
- dev
event:
- push
# 穩定版部署在192.168.41.36
- name: deploy-release
image: appleboy/drone-ssh
settings:
host:
- 192.168.41.36
username: root
password:
from_secret: HOST_PASSWORD
port: 22
command_timeout: 2m
script:
- echo "deploy ssh!"
- name=demo-test
- image=192.168.41.34/test/demo:latest
- docker pull $image
- docker rm -f test-demo || true
- docker image prune -f
- docker run --name=$name -d -p 8001:8080 $image
when:
event:
- tag
go.mod
module git.bmk.top/test/demo
go 1.12
require github.com/rs/xid v1.2.1
git.bmk.top是我的gitea的域名
4.操作Drone
訪問192.168.41.35:5566
用你的gitea的管理員賬號和密碼登錄,激活項目
激活後可以用你的gitea開發者賬號登錄查看了
(注意:賬號要對倉庫的權限)
01
02
03
DOCKER_PASSWORD
是docker倉庫的drone用戶密碼, 見.drone.yml
HOST_PASSWORD
是兩臺部署機器的root用戶的密碼,見.drone.yml
這種方式避免了密碼暴露在代碼中
04. 提交代碼觸發
05
06
5.測試
curl http://192.168.41.35:8001