从jenkins转到drone
- 0
#讨论区
00条评论
实时对话
loading...
个人博客和项目使用了两年多jenkins去完成 ci/cd,确实解放了双手。但是最近 jenkns 的安全漏洞越来越频繁,前段时间publish over ssh因为安全漏洞被禁用了很久。也尝试用 go 去实现一款 ci/cd 工具,最近偶然发现drone这么一款好用的工具,果断全部迁移过去
也许你需要的 jenkins 部署教程
也许有人会问,为啥不用 Github action、CircleCI、TravisCI、TeamCity
docker,一切都在docker上运行yaml 配置go好用我们使用docker-compose 安装 drone server和和runner
docker network create dronedocker-compose.yml
Drone 的部署分为 Server(Drone-Server) 和 Agent(Drone-agent):为了便于管理容器,采用docker-compose.yml去部署
yaml
DRONE_RPC_SECRET DRONE_GITHUB_CLIENT_ID DRONE_GITHUB_CLIENT_SECRETdocker compose up -dsql
插件其实就是一个个的docker容器,使用插件也很简单
yaml
如果官方插件市场没有我们需要的插件我们可以自己去实现一个插件,我已经实现了4个插件,大家可以使用
version: '3.9'
networks:
drone:
name: drone
driver: bridge
services:
db:
image: postgres:latest
container_name: drone_db
restart: always
networks:
- drone
ports:
- '5432:5432'
environment:
- POSTGRES_USER=drone
- POSTGRES_PASSWORD=drone
- POSTGRES_DB=drone
volumes:
- /volumes/drone/db:/var/lib/postgresql/data
server:
image: drone/drone:2
container_name: drone_server
restart: always
networks:
- drone
ports:
- '80:80'
- '443:443'
environment:
- DRONE_TLS_AUTOCERT=true
- DRONE_SERVER_PROTO=https
- DRONE_SERVER_HOST=https://drone.your-domain.com
- DRONE_RPC_SECRET=DRONE_RPC_SECRET
- DRONE_WEBHOOK_ENDPOINT=http://webhook:3000
- DRONE_WEBHOOK_SECRET=add8b88f1a7ff15cbcb5bdb6bd081b70
- DRONE_DATABASE_DRIVER=postgres
- DRONE_WEBHOOK_EVENTS=build:created,build:updated
- DRONE_DATABASE_DATASOURCE=postgres://drone:drone@db/drone?sslmode=disable
- DRONE_USER_CREATE=username:zzfn,admin:true
- DRONE_USER_CREATE=username:prometheus,admin:true,machine:true,token:c576f2bd2d218d1ffd583c2db868d8c7
- DRONE_GITHUB_CLIENT_ID=DRONE_GITHUB_CLIENT_ID
- DRONE_USER_FILTER=zzfn,prometheus
- DRONE_GITHUB_CLIENT_SECRET=DRONE_GITHUB_CLIENT_SECRET
volumes:
- /var/lib/drone:/data
depends_on:
- db
runner:
image: drone/drone-runner-docker:1
container_name: drone_runner
restart: always
networks:
- drone
ports:
- '3000:3000'
environment:
- DRONE_RUNNER_NAME=docker-runner
- DRONE_RUNNER_CAPACITY=2
- DRONE_RPC_PROTO=http
- DRONE_RPC_HOST=server
- DRONE_RPC_SECRET=DRONE_RPC_SECRET
volumes:
- /var/run/docker.sock:/var/run/docker.sock
depends_on:
- server
webhook:
image: registry.cn-shanghai.aliyuncs.com/zzf2001/drone-webhook:latest
container_name: drone_webhook
restart: always
networks:
- drone
ports:
- '6000:3000'
environment:
- DRONE_SECRET=DRONE_SECRET
- PLUGIN_WEBHOOK=https://open.feishu.cn/open-apis/bot/v2/hook/xxxxxx
- PLUGIN_SECRET=PLUGIN_SECRET
- PLUGIN_BASE=https://drone.your-domain.com/
SELECT setval('orgsecrets_secret_id_seq', 100);
//找出最大值设置
SELECT setval('orgsecrets_secret_id_seq', COALESCE((SELECT MAX(secret_id)+1 FROM orgsecrets), 1), false);
kind: pipeline
type: docker
name: default
steps:
- name: webhook
image: zzfn/webhook
settings:
url: http://hook.zzfn.com
method: post
body: |
hello world