CI/CD with Drone

关于Drone

Open source Continuous Delivery platform that automates your testing and release workflows, which is container natively. For more detail, see here.

配置Drone Server

  1. 安装Drone

docker pull drone/drone:0.8

  1. 配置版本控制服务(以GitHub为例),创建OAuth application

Login GitHub->Settings->Developer settings->New OAuth App

CI/CD with Drone_第1张图片
image

NOTE:
a) 用部署机器的地址替换上图中https://drone.server.com。如IP为101.100.1.1,则为https://101.100.1.1
b) 拷贝Client ID和Client Secret,并有它们替换步骤3中的DRONE_GITHUB_CLIENT和DRONE_GITHUB_SECRET

  1. 准备docker-compose.yaml
    如若没有证书,可以直接去掉代码中相应的行,并使用HTTP

version: '2'

services:

  drone-server:

    image: drone/drone:0.8

    ports:

      - 80:8000

      - 443:443

      - 9000

    volumes:

      - ./drone:/var/lib/drone/

      - ./cert/selfsigned.crt:/etc/certs/server.crt

      - ./cert/selfsigned.key:/etc/certs/server.key

      - /var/run/docker.sock:/var/run/docker.sock

    restart: always

    environment:

      - DRONE_OPEN=true

      - DRONE_HOST=https://drone.server.com    #replace with your address

      - DRONE_GITHUB_URL=https://github.com

      - DRONE_SERVER_CERT=/etc/certs/server.crt

      - DRONE_SERVER_KEY=/etc/certs/server.key

      - DRONE_GITHUB=true

      - DRONE_GITHUB_SKIP_VERIFY=false

      - DRONE_GITHUB_CLIENT=xxxxxxxxx    # replace with Client ID

      - DRONE_GITHUB_SECRET=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx   # replace with Client Secret

      - DRONE_SECRET=Flesh-Treasure-Anything-Law-9    # use any string

      - DRONE_DEBUG=true

  drone-agent:

    image: drone/agent:0.8

    command: agent

    restart: always

    depends_on:

      - drone-server

    volumes:

      - /var/run/docker.sock:/var/run/docker.sock

    environment:

      - DRONE_SERVER=drone-server:9000

      - DRONE_DEBUG=true

      - DRONE_SECRET=Flesh-Treasure-Anything-Law-9    // use any string, but should consist with drone-server

  1. 启动Drone server

cd /path/to/docker-compose/file

docker-compose up

  1. 打开浏览器,登陆Drone server。如https://drone.server.com

  2. 查看Token,并设置相应环境变量


export DRONE_SERVER=xxxxxxxx

export DRONE_TOKEN=xxxxxx

准备工程

  1. 使用已有工程或新建一个工程(以下以HelloWorld工程为例),将这个工程push到GitHub。
  2. 在Drone server主页中激活HelloWorld工程
  3. 添加.drone.yml文件
workspace:
  base: /go
  path: src/github.com/isaactl/HelloWorld
 
pipeline:
  build:
    image: library/golang:1.8-alpine
    environment:
      - CGO_ENABLED=0
      - GOOS=linux
      - GOARCH=amd64
    commands:
      - go get
      - go build
 
  publish:
    image: plugins/docker
    repo: isaactl/helloworld      # you can try with Docker Hub account
    tag: latest
    secrets: [docker_username, docker_password]    # your Docker Hub credential
  1. 编写Dockerfile
FROM alpine:3.5
 
MAINTAINER Tan Liang
 
LABEL Description="Hello World"
 
RUN apk update && \
    apk upgrade && \
    apk add \
        bash \
        ca-certificates \
    && rm -rf /var/cache/apk/*
 
RUN mkdir /config
 
COPY HelloWorld /usr/local/bin/HelloWorld
 
ENTRYPOINT ["/usr/local/bin/HelloWorld"]
  1. 设置secrets(参考下面的 关于secrets
  2. 将新添加的两个文件Push到GitHub。你会在https://drone.server.com看到HelloWorld工程正在自己编译,并将生成的image发布到Docker Hub上

关于secrets

secrets有几种添加方法。详情请查看这里

  1. 通过浏览器添加
    Visit drone server→Click repository→Select "Secrets" from top right menu→Create secrets and save
  2. drone cli
drone secret add \
  --repository  \
  --image  \
  --name  \
  --value 

例如

drone secret add --repository=isaactl/HelloWorld \
  --image=plugins/docker \
  --name=docker_username \
  --value=isaactl
  1. 从文件中读入
  2. 对.drone.yml加密

部署

编写脚本或生成新的image来完成以下步骤

  1. 登陆目标机器(部署image的机器)
  2. 将build好的image从repo中pull下来
  3. 启动container

你可能感兴趣的:(CI/CD with Drone)