drone 的流水线操作配置文件
配了两天关于 drone 的流水线文件,这个支持回滚操作,暂时不算完美。
这里面有几个十分关键的点要注意,一个是超时重试。我在正常的构建中,分的流程比较多,常常会出现超时的情况,而事情已经做到一半了,所以有时候因为超时中断导致原先的服务已断开,新的起不来。
通过这几行代码加入超时
...retry:limit: 2delay: 25s...
需要特别注意,如果是将 secret 传入到基于 ssh 连接的服务器中时,变量不会生效。要操作这三步才会生效:
# 第一步,在environment中声明environment:PROJECT_API_NAME:from_secret: PROJECT_API_NAME# 第二步,在 envs 中将这个变量加进去envs: [PROJECT_API_NAME]# 第三步,在scripts中调用时,写法为script:- echo $${PROJECT_API_NAME}
做到上述配置之后,最终执行时,drone自带的控制面板会以 ** 替代变量的值
整个pipeline可通过定义 trigger 来决定何时触发部署,也可以将 tigger 放在某一个 step 中。其中要特别注意 event,它可以使用 include 和 exclude 来配置包含和排除。其中的 custom 表示手动触发的情况。
trigger:branch:- master- developevent:include:- custom- merge_request- push
完整例子
kind: pipelinetype: dockername: service-deploysteps:- name: CIimage: docker:gitenvironment:PROJECT_API_NAME:from_secret: PROJECT_API_NAMEPROJECT_RPC_NAME:from_secret: PROJECT_RPC_NAMEDOMAIN_PREFIX:from_secret: DOMAIN_PREFIXcommands:- export DOCKER_TAG=prod_${DRONE_COMMIT:0:10}- docker build -f api/Dockerfile -t $PROJECT_API_NAME:latest .- docker tag $PROJECT_API_NAME:latest harbor.xxx.com/kkkk/$PROJECT_API_NAME:${DRONE_COMMIT:0:10}- docker login harbor.xxx.com -u admin -p xxx- docker push harbor.xxx.com/kkkk/$PROJECT_API_NAME:${DRONE_COMMIT:0:10}- echo "API构建完成, 你可以通过 docker pull harbor.xxx.com/kkkk/$PROJECT_API_NAME:${DRONE_COMMIT:0:10} 获取镜像"- |if [ -d "rpc" ]; thendocker build -f rpc/Dockerfile -t $PROJECT_RPC_NAME:latest .docker tag $PROJECT_RPC_NAME:latest harbor.xxx.com/kkkk/$PROJECT_RPC_NAME:${DRONE_COMMIT:0:10}docker push harbor.xxx.com/kkkk/$PROJECT_RPC_NAME:${DRONE_COMMIT:0:10}echo "RPC构建完成, 你可以通过 docker pull harbor.xxx.com/kkkk/$PROJECT_RPC_NAME:${DRONE_COMMIT:0:10} 获取镜像"fivolumes:- name: docker-sockpath: /var/run/docker.sockwhen:branch:- develop- masterretry:limit: 2delay: 10m- name: stage-publishimage: appleboy/drone-sshenvironment:STAGE_DOMAIN_PREFIX:from_secret: STAGE_DOMAIN_PREFIXPROJECT_API_NAME:from_secret: PROJECT_API_NAMEPROJECT_RPC_NAME:from_secret: PROJECT_RPC_NAMEsettings:host:from_secret: STAGE_HOST_IPusername:from_secret: STAGE_HOST_NAMEpassword:from_secret: STAGE_HOST_PWDport: 22command_timeout: 360senvs: [PROJECT_API_NAME,STAGE_DOMAIN_PREFIX,PROJECT_RPC_NAME]script:- cd /home/kkkk/app_project/${DRONE_REPO_NAME}- cat ./docker-compose.yml#- git pull https://userName:userPwd@gitea.xxx.com/path/${DRONE_REPO_NAME}.git#- docker login harbor.xxx.com -u admin -p xxx- git pull origin- git branch- git fetch origin- git checkout develop- docker-compose down- export DOMAIN_PREFIX=$${STAGE_DOMAIN_PREFIX}- export GIT_COMMIT=${DRONE_COMMIT:0:10}- export ENV=""- docker images | grep $${PROJECT_RPC_NAME} | awk '{print $3}' | xargs docker rmi -f- docker images | grep $${PROJECT_API_NAME} | awk '{print $3}' | xargs docker rmi -f- docker-compose up -d#- echo "CI构建完成 ${DRONE_COMMIT_MESSAGE} ${DRONE_COMMIT:0:10}"when:branch:- develop- name: prod-publishimage: appleboy/drone-sshenvironment:PROD_DOMAIN_PREFIX:from_secret: PROD_DOMAIN_PREFIXPROJECT_API_NAME:from_secret: PROJECT_API_NAMEPROJECT_RPC_NAME:from_secret: PROJECT_RPC_NAMEsettings:host:from_secret: PROD_HOST_IPusername:from_secret: PROD_HOST_NAMEpassword:from_secret: PROD_HOST_PWDport: 22command_timeout: 360senvs: [PROJECT_API_NAME,PROD_DOMAIN_PREFIX,PROJECT_RPC_NAME]script:- bash- cd /kkkk/app_project/${DRONE_REPO_NAME}- git pull https://userName:userPwd@gitea.xxx.com/path/${DRONE_REPO_NAME}.git- docker login harbor.xxx.com -u admin -p xxx- git pull origin- git branch- git fetch origin- git checkout master- export ENV="-prod"- export DOMAIN_PREFIX=$${PROD_DOMAIN_PREFIX}- export GIT_COMMIT=${DRONE_COMMIT:0:10}- docker-compose down- docker images | grep $${PROJECT_API_NAME} | awk '{print $3}' | xargs docker rmi -f- docker images | grep $${PROJECT_RPC_NAME} | awk '{print $3}' | xargs docker rmi -f- docker-compose up -d#- echo "CI构建完成 ${DRONE_COMMIT_MESSAGE} ${DRONE_COMMIT:0:10}"when:branch:- masterretry:limit: 2delay: 360s- name: notifyimage: drillster/drone-emailsettings:host:username:password:port: 465from:when:status:- failurevolumes:- name: docker-sockhost:path: /var/run/docker.socktrigger:branch:- develop- masterevent:include:- push- custom- merge_request---kind: pipelinetype: dockername: promote/rollbacksteps:- name: stage-rollbackimage: appleboy/drone-sshenvironment:PROJECT_API_NAME:from_secret: PROJECT_API_NAMEPROJECT_RPC_NAME:from_secret: PROJECT_RPC_NAMEDOMAIN_PREFIX:from_secret: DOMAIN_PREFIXsettings:host:from_secret: STAGE_HOST_IPusername:from_secret: STAGE_HOST_NAMEpassword:from_secret: STAGE_HOST_PWDport: 22command_timeout: 300senvs: [PROJECT_API_NAME,STAGE_DOMAIN_PREFIX,PROJECT_RPC_NAME]script:- cd /home/kkkk/app_project/${DRONE_REPO_NAME}- export GIT_COMMIT=${DRONE_COMMIT:0:10}- export DOMAIN_PREFIX=$${STAGE_DOMAIN_PREFIX}- export ENV=""- docker-compose down- docker-compose up -d- echo "版本已经更新到 ${DRONE_COMMIT:0:10}, ${DRONE_COMMIT_MESSAGE}"when:branch:- develop- name: prod-rollbackimage: appleboy/drone-sshenvironment:PROJECT_API_NAME:from_secret: PROJECT_API_NAMEPROJECT_RPC_NAME:from_secret: PROJECT_RPC_NAMEDOMAIN_PREFIX:from_secret: DOMAIN_PREFIXsettings:host:from_secret: PROD_HOST_IPusername:from_secret: PROD_HOST_NAMEpassword:from_secret: PROD_HOST_PWDport: 22command_timeout: 300senvs: [PROJECT_API_NAME,STAGE_DOMAIN_PREFIX,PROJECT_RPC_NAME]script:- cd /kkkk/app_project/${DRONE_REPO_NAME}- export GIT_COMMIT=${DRONE_COMMIT:0:10}- export DOMAIN_PREFIX=$${STAGE_DOMAIN_PREFIX}- export ENV="-prod"- docker-compose down- docker-compose up -d- echo "版本已经更新到 ${DRONE_COMMIT:0:10}, ${DRONE_COMMIT_MESSAGE}"when:branch:- mastervolumes:- name: docker-sockhost:path: /var/run/docker.socktrigger:branch:- develop- masterevent:- rollback- promote
构建时整个流程链路
从 git 拉取代码docker build 打镜像docker push 推送到私有镜像ssh 登录到远程主机拉取代码docker compose 运行 此过程通常会拉取私有镜像中的新镜像
回滚时整个流程链路
由于在创建镜像的时候将git的commit放在了镜像后面作为tag,所以回滚时直接指定 git commit 值进行回滚,在docker-compose中引用的镜像格式为 image:gitcommit 所以很方便。
后来我发现这种方式太慢了,而且很不稳定,有时候会卡住完全不动,所以改成了直接在宿主机构建,这时候需要做以下修改
kind: pipeline# type 使用 exectype: execname: CI-building
第二种方式,type 使用 exec,此时则需要安装一个扩展,否则这个机制使用不了
curl -L https://github.com/drone-runners/drone-runner-exec/releases/latest/download/drone_runner_exec_linux_amd64.tar.gz | tar zxsudo install -t /usr/local/bin drone-runner-execvim /etc/drone-runner-exec/config
将这些变量保存到config中:
DRONE_RPC_PROTO=http
DRONE_RPC_HOST=drone.yoururl.com
DRONE_RPC_SECRET=之前部署时的自定义secret
完成以上操作后,安装并启动它
drone-runner-exec service installdrone-runner-exec service start# drone-runner-exec service stop
这样就可以直接在 Drone 执行自定以的bash命令了。
下有完整的配置文件
kind: pipelinetype: execname: CI-buildingenvironment:GOOS: linuxGOARCH: amd64steps:- name: CI# 这里一定要在变量中配置go环境,否则 go mod tidy 这类命令如果有下载依赖包,每次构建都不会缓存environment:GOPATH: /root/goPROJECT_API_NAME:from_secret: PROJECT_API_NAMEPROJECT_RPC_NAME:from_secret: PROJECT_RPC_NAMEDOMAIN_PREFIX:from_secret: DOMAIN_PREFIXcommands:- pwd- cd /home/xxx/app_project/${DRONE_REPO_NAME}- git switch ${DRONE_COMMIT_BRANCH}- git branch --set-upstream-to=origin/${DRONE_COMMIT_BRANCH} ${DRONE_COMMIT_BRANCH}- git pull- export PATH=$PATH:/usr/local/go/bin- go env- go version- go build -ldflags="-s -w" -o ./app api/*.go- docker build -f api/Dockerfile -t $${PROJECT_API_NAME}:latest .- docker tag $${PROJECT_API_NAME}:latest harbor.xxx.com/xxx/$${PROJECT_API_NAME}:${DRONE_COMMIT:0:10}- docker login harbor.xxx.com -u admin -p xxx- docker push harbor.xxx.com/xxx/$${PROJECT_API_NAME}:${DRONE_COMMIT:0:10}- echo "API构建完成, 你可以通过 docker pull harbor.xxx.com/xxx/$PROJECT_API_NAME:${DRONE_COMMIT:0:10} 获取镜像"- |if [ -d "rpc" ]; thengo build -ldflags="-s -w" -o ./rpc_app rpc/*.godocker build -f rpc/Dockerfile -t $${PROJECT_RPC_NAME}:latest .docker tag $${PROJECT_RPC_NAME}:latest harbor.xxx.com/xxx/$${PROJECT_RPC_NAME}:${DRONE_COMMIT:0:10}docker push harbor.xxx.com/xxx/$${PROJECT_RPC_NAME}:${DRONE_COMMIT:0:10}echo "RPC构建完成, 你可以通过 docker pull harbor.xxx.com/xxx/$${PROJECT_RPC_NAME}:${DRONE_COMMIT:0:10} 获取镜像"fi- name: stage-publishenvironment:PROJECT_API_NAME:from_secret: PROJECT_API_NAMEPROJECT_RPC_NAME:from_secret: PROJECT_RPC_NAMEDOMAIN_PREFIX:from_secret: DOMAIN_PREFIXwhen:branch:- developcommands:- echo ">>>>>>>>>>>>>>>>>>>>"- cd /home/xxx/app_project/${DRONE_REPO_NAME}- docker-compose down- export DOMAIN_PREFIX=$${STAGE_DOMAIN_PREFIX}- export GIT_COMMIT=${DRONE_COMMIT:0:10}- export ENV=""- |if [ -d "rpc" ]; thenecho $PROJECT_RPC_NAME 12345docker tag $PROJECT_RPC_NAME:latest harbor.xxx.com/xxx/$PROJECT_RPC_NAME:${DRONE_COMMIT:0:10}docker push harbor.xxx.com/xxx/$PROJECT_RPC_NAME:${DRONE_COMMIT:0:10}docker images | grep $${PROJECT_RPC_NAME} | awk '{print $3}' | xargs docker rmi -ffi- docker images | grep $${PROJECT_API_NAME} | awk '{print $3}' | xargs docker rmi -f- docker-compose up -dvolumes:- name: docker-sockhost:path: /var/run/docker.socktrigger:branch:- develop- masterevent:include:- push- custom- merge_request---kind: pipelinetype: dockername: CI-Master-publishdepends_on:- CI-buildingsteps:- name: prod-publishimage: appleboy/drone-sshenvironment:PROD_DOMAIN_PREFIX:from_secret: PROD_DOMAIN_PREFIXPROJECT_API_NAME:from_secret: PROJECT_API_NAMEPROJECT_RPC_NAME:from_secret: PROJECT_RPC_NAMEsettings:host:from_secret: PROD_HOST_IPusername:from_secret: PROD_HOST_NAMEpassword:from_secret: PROD_HOST_PWDport: 22command_timeout: 360senvs: [PROJECT_API_NAME,PROD_DOMAIN_PREFIX,PROJECT_RPC_NAME]script:- bash- cd /xxx/app_project/${DRONE_REPO_NAME}- git pull https://userName:userPwd@gitea.xxx.com/xxx/${DRONE_REPO_NAME}.git- docker login harbor.xxx.com -u admin -p xxx- git pull origin- git branch- git fetch origin- git checkout master- export ENV="-prod"- export DOMAIN_PREFIX=$${PROD_DOMAIN_PREFIX}- export GIT_COMMIT=${DRONE_COMMIT:0:10}- docker-compose down- docker images | grep $${PROJECT_API_NAME} | awk '{print $3}' | xargs docker rmi -f- docker images | grep $${PROJECT_RPC_NAME} | awk '{print $3}' | xargs docker rmi -f- docker-compose up -dretry:limit: 2delay: 360svolumes:- name: docker-sockhost:path: /var/run/docker.socktrigger:branch:- masterevent:include:- push- custom- merge_request---kind: pipelinetype: dockername: promote/rollbacksteps:- name: stage-rollbackimage: appleboy/drone-sshenvironment:PROJECT_API_NAME:from_secret: PROJECT_API_NAMEPROJECT_RPC_NAME:from_secret: PROJECT_RPC_NAMEDOMAIN_PREFIX:from_secret: DOMAIN_PREFIXsettings:host:from_secret: STAGE_HOST_IPusername:from_secret: STAGE_HOST_NAMEpassword:from_secret: STAGE_HOST_PWDport: 22command_timeout: 300senvs: [PROJECT_API_NAME,STAGE_DOMAIN_PREFIX,PROJECT_RPC_NAME]script:- cd /home/xxx/app_project/${DRONE_REPO_NAME}- export GIT_COMMIT=${DRONE_COMMIT:0:10}- export DOMAIN_PREFIX=$${STAGE_DOMAIN_PREFIX}- export ENV=""- docker-compose down- docker-compose up -d- echo "版本已经更新到 ${DRONE_COMMIT:0:10}, ${DRONE_COMMIT_MESSAGE}"when:branch:- develop- name: prod-rollbackimage: appleboy/drone-sshenvironment:PROJECT_API_NAME:from_secret: PROJECT_API_NAMEPROJECT_RPC_NAME:from_secret: PROJECT_RPC_NAMEDOMAIN_PREFIX:from_secret: DOMAIN_PREFIXsettings:host:from_secret: PROD_HOST_IPusername:from_secret: PROD_HOST_NAMEpassword:from_secret: PROD_HOST_PWDport: 22command_timeout: 300senvs: [PROJECT_API_NAME,STAGE_DOMAIN_PREFIX,PROJECT_RPC_NAME]script:- cd /xxx/app_project/${DRONE_REPO_NAME}- export GIT_COMMIT=${DRONE_COMMIT:0:10}- export DOMAIN_PREFIX=$${STAGE_DOMAIN_PREFIX}- export ENV="-prod"- docker-compose down- docker-compose up -d- echo "版本已经更新到 ${DRONE_COMMIT:0:10}, ${DRONE_COMMIT_MESSAGE}"when:branch:- mastervolumes:- name: docker-sockhost:path: /var/run/docker.socktrigger:branch:- develop- masterevent:- rollback- promote
声明: 因编程语言版本更新较快,当前文章所涉及的语法或某些特性相关的信息并不一定完全适用于您当前所使用的版本,请仔细甄别。文章内容仅作为学习和参考,若有错误,欢迎指正。
开发者
专题·造轮子
编程笔记·热门
相关文章
-
windows wsl 子系统 ubuntu 安装 golang 服务器
09-25
-
git 多帐户登录操作
09-24
-
debian 更换镜像源
09-24
-
drone CI/CD 时的特殊配置
08-25
-
Linux 通过 ntp 命令同步时间
08-03