drone 的流水线操作配置文件
配了两天关于 drone 的流水线文件,这个支持回滚操作,暂时不算完美。
这里面有几个十分关键的点要注意,一个是超时重试。我在正常的构建中,分的流程比较多,常常会出现超时的情况,而事情已经做到一半了,所以有时候因为超时中断导致原先的服务已断开,新的起不来。
通过这几行代码加入超时
...
retry:
limit: 2
delay: 25s
...
需要特别注意,如果是将 secret 传入到基于 ssh 连接的服务器中时,变量不会生效。要操作这三步才会生效:
# 第一步,在environment中声明
environment:
PROJECT_API_NAME:
from_secret: PROJECT_API_NAME
# 第二步,在 envs 中将这个变量加进去
envs: [PROJECT_API_NAME]
# 第三步,在scripts中调用时,写法为
script:
- echo $${PROJECT_API_NAME}
做到上述配置之后,最终执行时,drone自带的控制面板会以 ** 替代变量的值
整个pipeline可通过定义 trigger 来决定何时触发部署,也可以将 tigger 放在某一个 step 中。其中要特别注意 event,它可以使用 include
和 exclude
来配置包含和排除。其中的 custom
表示手动触发的情况。
trigger:
branch:
- master
- develop
event:
include:
- custom
- merge_request
- push
完整例子
kind: pipeline
type: docker
name: service-deploy
steps:
- name: CI
image: docker:git
environment:
PROJECT_API_NAME:
from_secret: PROJECT_API_NAME
PROJECT_RPC_NAME:
from_secret: PROJECT_RPC_NAME
DOMAIN_PREFIX:
from_secret: DOMAIN_PREFIX
commands:
- export DOCKER_TAG=prod_${DRONE_COMMIT:0:10}
- docker build -f api/Dockerfile -t $PROJECT_API_NAME:latest .
- docker tag $PROJECT_API_NAME:latest harbor.xxx.com/kkkk/$PROJECT_API_NAME:${DRONE_COMMIT:0:10}
- docker login harbor.xxx.com -u admin -p xxx
- docker push harbor.xxx.com/kkkk/$PROJECT_API_NAME:${DRONE_COMMIT:0:10}
- echo "API构建完成, 你可以通过 docker pull harbor.xxx.com/kkkk/$PROJECT_API_NAME:${DRONE_COMMIT:0:10} 获取镜像"
- |
if [ -d "rpc" ]; then
docker build -f rpc/Dockerfile -t $PROJECT_RPC_NAME:latest .
docker tag $PROJECT_RPC_NAME:latest harbor.xxx.com/kkkk/$PROJECT_RPC_NAME:${DRONE_COMMIT:0:10}
docker push harbor.xxx.com/kkkk/$PROJECT_RPC_NAME:${DRONE_COMMIT:0:10}
echo "RPC构建完成, 你可以通过 docker pull harbor.xxx.com/kkkk/$PROJECT_RPC_NAME:${DRONE_COMMIT:0:10} 获取镜像"
fi
volumes:
- name: docker-sock
path: /var/run/docker.sock
when:
branch:
- develop
- master
retry:
limit: 2
delay: 10m
- name: stage-publish
image: appleboy/drone-ssh
environment:
STAGE_DOMAIN_PREFIX:
from_secret: STAGE_DOMAIN_PREFIX
PROJECT_API_NAME:
from_secret: PROJECT_API_NAME
PROJECT_RPC_NAME:
from_secret: PROJECT_RPC_NAME
settings:
host:
from_secret: STAGE_HOST_IP
username:
from_secret: STAGE_HOST_NAME
password:
from_secret: STAGE_HOST_PWD
port: 22
command_timeout: 360s
envs: [PROJECT_API_NAME,STAGE_DOMAIN_PREFIX,PROJECT_RPC_NAME]
script:
- cd /home/kkkk/app_project/${DRONE_REPO_NAME}
- cat ./docker-compose.yml
#- git pull https://userName:userPwd@gitea.xxx.com/path/${DRONE_REPO_NAME}.git
#- docker login harbor.xxx.com -u admin -p xxx
- git pull origin
- git branch
- git fetch origin
- git checkout develop
- docker-compose down
- export DOMAIN_PREFIX=$${STAGE_DOMAIN_PREFIX}
- export GIT_COMMIT=${DRONE_COMMIT:0:10}
- export ENV=""
- docker images | grep $${PROJECT_RPC_NAME} | awk '{print $3}' | xargs docker rmi -f
- docker images | grep $${PROJECT_API_NAME} | awk '{print $3}' | xargs docker rmi -f
- docker-compose up -d
#- echo "CI构建完成 ${DRONE_COMMIT_MESSAGE} ${DRONE_COMMIT:0:10}"
when:
branch:
- develop
- name: prod-publish
image: appleboy/drone-ssh
environment:
PROD_DOMAIN_PREFIX:
from_secret: PROD_DOMAIN_PREFIX
PROJECT_API_NAME:
from_secret: PROJECT_API_NAME
PROJECT_RPC_NAME:
from_secret: PROJECT_RPC_NAME
settings:
host:
from_secret: PROD_HOST_IP
username:
from_secret: PROD_HOST_NAME
password:
from_secret: PROD_HOST_PWD
port: 22
command_timeout: 360s
envs: [PROJECT_API_NAME,PROD_DOMAIN_PREFIX,PROJECT_RPC_NAME]
script:
- bash
- cd /kkkk/app_project/${DRONE_REPO_NAME}
- git pull https://userName:userPwd@gitea.xxx.com/path/${DRONE_REPO_NAME}.git
- docker login harbor.xxx.com -u admin -p xxx
- git pull origin
- git branch
- git fetch origin
- git checkout master
- export ENV="-prod"
- export DOMAIN_PREFIX=$${PROD_DOMAIN_PREFIX}
- export GIT_COMMIT=${DRONE_COMMIT:0:10}
- docker-compose down
- docker images | grep $${PROJECT_API_NAME} | awk '{print $3}' | xargs docker rmi -f
- docker images | grep $${PROJECT_RPC_NAME} | awk '{print $3}' | xargs docker rmi -f
- docker-compose up -d
#- echo "CI构建完成 ${DRONE_COMMIT_MESSAGE} ${DRONE_COMMIT:0:10}"
when:
branch:
- master
retry:
limit: 2
delay: 360s
- name: notify
image: drillster/drone-email
settings:
host:
username:
password:
port: 465
from:
when:
status:
- failure
volumes:
- name: docker-sock
host:
path: /var/run/docker.sock
trigger:
branch:
- develop
- master
event:
include:
- push
- custom
- merge_request
---
kind: pipeline
type: docker
name: promote/rollback
steps:
- name: stage-rollback
image: appleboy/drone-ssh
environment:
PROJECT_API_NAME:
from_secret: PROJECT_API_NAME
PROJECT_RPC_NAME:
from_secret: PROJECT_RPC_NAME
DOMAIN_PREFIX:
from_secret: DOMAIN_PREFIX
settings:
host:
from_secret: STAGE_HOST_IP
username:
from_secret: STAGE_HOST_NAME
password:
from_secret: STAGE_HOST_PWD
port: 22
command_timeout: 300s
envs: [PROJECT_API_NAME,STAGE_DOMAIN_PREFIX,PROJECT_RPC_NAME]
script:
- cd /home/kkkk/app_project/${DRONE_REPO_NAME}
- export GIT_COMMIT=${DRONE_COMMIT:0:10}
- export DOMAIN_PREFIX=$${STAGE_DOMAIN_PREFIX}
- export ENV=""
- docker-compose down
- docker-compose up -d
- echo "版本已经更新到 ${DRONE_COMMIT:0:10}, ${DRONE_COMMIT_MESSAGE}"
when:
branch:
- develop
- name: prod-rollback
image: appleboy/drone-ssh
environment:
PROJECT_API_NAME:
from_secret: PROJECT_API_NAME
PROJECT_RPC_NAME:
from_secret: PROJECT_RPC_NAME
DOMAIN_PREFIX:
from_secret: DOMAIN_PREFIX
settings:
host:
from_secret: PROD_HOST_IP
username:
from_secret: PROD_HOST_NAME
password:
from_secret: PROD_HOST_PWD
port: 22
command_timeout: 300s
envs: [PROJECT_API_NAME,STAGE_DOMAIN_PREFIX,PROJECT_RPC_NAME]
script:
- cd /kkkk/app_project/${DRONE_REPO_NAME}
- export GIT_COMMIT=${DRONE_COMMIT:0:10}
- export DOMAIN_PREFIX=$${STAGE_DOMAIN_PREFIX}
- export ENV="-prod"
- docker-compose down
- docker-compose up -d
- echo "版本已经更新到 ${DRONE_COMMIT:0:10}, ${DRONE_COMMIT_MESSAGE}"
when:
branch:
- master
volumes:
- name: docker-sock
host:
path: /var/run/docker.sock
trigger:
branch:
- develop
- master
event:
- rollback
- promote
构建时整个流程链路
从 git 拉取代码
docker build 打镜像
docker push 推送到私有镜像
ssh 登录到远程主机拉取代码
docker compose 运行 此过程通常会拉取私有镜像中的新镜像
回滚时整个流程链路
由于在创建镜像的时候将git的commit放在了镜像后面作为tag,所以回滚时直接指定 git commit 值进行回滚,在docker-compose中引用的镜像格式为 image:gitcommit 所以很方便。
后来我发现这种方式太慢了,而且很不稳定,有时候会卡住完全不动,所以改成了直接在宿主机构建,这时候需要做以下修改
kind: pipeline
# type 使用 exec
type: exec
name: CI-building
第二种方式,type 使用 exec,此时则需要安装一个扩展,否则这个机制使用不了
curl -L https://github.com/drone-runners/drone-runner-exec/releases/latest/download/drone_runner_exec_linux_amd64.tar.gz | tar zx
sudo install -t /usr/local/bin drone-runner-exec
vim /etc/drone-runner-exec/config
将这些变量保存到config中:
DRONE_RPC_PROTO=http
DRONE_RPC_HOST=drone.yoururl.com
DRONE_RPC_SECRET=之前部署时的自定义secret
完成以上操作后,安装并启动它
drone-runner-exec service install
drone-runner-exec service start
# drone-runner-exec service stop
这样就可以直接在 Drone 执行自定以的bash命令了。
下有完整的配置文件
kind: pipeline
type: exec
name: CI-building
environment:
GOOS: linux
GOARCH: amd64
steps:
- name: CI
# 这里一定要在变量中配置go环境,否则 go mod tidy 这类命令如果有下载依赖包,每次构建都不会缓存
environment:
GOPATH: /root/go
PROJECT_API_NAME:
from_secret: PROJECT_API_NAME
PROJECT_RPC_NAME:
from_secret: PROJECT_RPC_NAME
DOMAIN_PREFIX:
from_secret: DOMAIN_PREFIX
commands:
- pwd
- cd /home/xxx/app_project/${DRONE_REPO_NAME}
- git switch ${DRONE_COMMIT_BRANCH}
- git branch --set-upstream-to=origin/${DRONE_COMMIT_BRANCH} ${DRONE_COMMIT_BRANCH}
- git pull
- export PATH=$PATH:/usr/local/go/bin
- go env
- go version
- go build -ldflags="-s -w" -o ./app api/*.go
- docker build -f api/Dockerfile -t $${PROJECT_API_NAME}:latest .
- docker tag $${PROJECT_API_NAME}:latest harbor.xxx.com/xxx/$${PROJECT_API_NAME}:${DRONE_COMMIT:0:10}
- docker login harbor.xxx.com -u admin -p xxx
- docker push harbor.xxx.com/xxx/$${PROJECT_API_NAME}:${DRONE_COMMIT:0:10}
- echo "API构建完成, 你可以通过 docker pull harbor.xxx.com/xxx/$PROJECT_API_NAME:${DRONE_COMMIT:0:10} 获取镜像"
- |
if [ -d "rpc" ]; then
go build -ldflags="-s -w" -o ./rpc_app rpc/*.go
docker build -f rpc/Dockerfile -t $${PROJECT_RPC_NAME}:latest .
docker tag $${PROJECT_RPC_NAME}:latest harbor.xxx.com/xxx/$${PROJECT_RPC_NAME}:${DRONE_COMMIT:0:10}
docker push harbor.xxx.com/xxx/$${PROJECT_RPC_NAME}:${DRONE_COMMIT:0:10}
echo "RPC构建完成, 你可以通过 docker pull harbor.xxx.com/xxx/$${PROJECT_RPC_NAME}:${DRONE_COMMIT:0:10} 获取镜像"
fi
- name: stage-publish
environment:
PROJECT_API_NAME:
from_secret: PROJECT_API_NAME
PROJECT_RPC_NAME:
from_secret: PROJECT_RPC_NAME
DOMAIN_PREFIX:
from_secret: DOMAIN_PREFIX
when:
branch:
- develop
commands:
- echo ">>>>>>>>>>>>>>>>>>>>"
- cd /home/xxx/app_project/${DRONE_REPO_NAME}
- docker-compose down
- export DOMAIN_PREFIX=$${STAGE_DOMAIN_PREFIX}
- export GIT_COMMIT=${DRONE_COMMIT:0:10}
- export ENV=""
- |
if [ -d "rpc" ]; then
echo $PROJECT_RPC_NAME 12345
docker tag $PROJECT_RPC_NAME:latest harbor.xxx.com/xxx/$PROJECT_RPC_NAME:${DRONE_COMMIT:0:10}
docker push harbor.xxx.com/xxx/$PROJECT_RPC_NAME:${DRONE_COMMIT:0:10}
docker images | grep $${PROJECT_RPC_NAME} | awk '{print $3}' | xargs docker rmi -f
fi
- docker images | grep $${PROJECT_API_NAME} | awk '{print $3}' | xargs docker rmi -f
- docker-compose up -d
volumes:
- name: docker-sock
host:
path: /var/run/docker.sock
trigger:
branch:
- develop
- master
event:
include:
- push
- custom
- merge_request
---
kind: pipeline
type: docker
name: CI-Master-publish
depends_on:
- CI-building
steps:
- name: prod-publish
image: appleboy/drone-ssh
environment:
PROD_DOMAIN_PREFIX:
from_secret: PROD_DOMAIN_PREFIX
PROJECT_API_NAME:
from_secret: PROJECT_API_NAME
PROJECT_RPC_NAME:
from_secret: PROJECT_RPC_NAME
settings:
host:
from_secret: PROD_HOST_IP
username:
from_secret: PROD_HOST_NAME
password:
from_secret: PROD_HOST_PWD
port: 22
command_timeout: 360s
envs: [PROJECT_API_NAME,PROD_DOMAIN_PREFIX,PROJECT_RPC_NAME]
script:
- bash
- cd /xxx/app_project/${DRONE_REPO_NAME}
- git pull https://userName:userPwd@gitea.xxx.com/xxx/${DRONE_REPO_NAME}.git
- docker login harbor.xxx.com -u admin -p xxx
- git pull origin
- git branch
- git fetch origin
- git checkout master
- export ENV="-prod"
- export DOMAIN_PREFIX=$${PROD_DOMAIN_PREFIX}
- export GIT_COMMIT=${DRONE_COMMIT:0:10}
- docker-compose down
- docker images | grep $${PROJECT_API_NAME} | awk '{print $3}' | xargs docker rmi -f
- docker images | grep $${PROJECT_RPC_NAME} | awk '{print $3}' | xargs docker rmi -f
- docker-compose up -d
retry:
limit: 2
delay: 360s
volumes:
- name: docker-sock
host:
path: /var/run/docker.sock
trigger:
branch:
- master
event:
include:
- push
- custom
- merge_request
---
kind: pipeline
type: docker
name: promote/rollback
steps:
- name: stage-rollback
image: appleboy/drone-ssh
environment:
PROJECT_API_NAME:
from_secret: PROJECT_API_NAME
PROJECT_RPC_NAME:
from_secret: PROJECT_RPC_NAME
DOMAIN_PREFIX:
from_secret: DOMAIN_PREFIX
settings:
host:
from_secret: STAGE_HOST_IP
username:
from_secret: STAGE_HOST_NAME
password:
from_secret: STAGE_HOST_PWD
port: 22
command_timeout: 300s
envs: [PROJECT_API_NAME,STAGE_DOMAIN_PREFIX,PROJECT_RPC_NAME]
script:
- cd /home/xxx/app_project/${DRONE_REPO_NAME}
- export GIT_COMMIT=${DRONE_COMMIT:0:10}
- export DOMAIN_PREFIX=$${STAGE_DOMAIN_PREFIX}
- export ENV=""
- docker-compose down
- docker-compose up -d
- echo "版本已经更新到 ${DRONE_COMMIT:0:10}, ${DRONE_COMMIT_MESSAGE}"
when:
branch:
- develop
- name: prod-rollback
image: appleboy/drone-ssh
environment:
PROJECT_API_NAME:
from_secret: PROJECT_API_NAME
PROJECT_RPC_NAME:
from_secret: PROJECT_RPC_NAME
DOMAIN_PREFIX:
from_secret: DOMAIN_PREFIX
settings:
host:
from_secret: PROD_HOST_IP
username:
from_secret: PROD_HOST_NAME
password:
from_secret: PROD_HOST_PWD
port: 22
command_timeout: 300s
envs: [PROJECT_API_NAME,STAGE_DOMAIN_PREFIX,PROJECT_RPC_NAME]
script:
- cd /xxx/app_project/${DRONE_REPO_NAME}
- export GIT_COMMIT=${DRONE_COMMIT:0:10}
- export DOMAIN_PREFIX=$${STAGE_DOMAIN_PREFIX}
- export ENV="-prod"
- docker-compose down
- docker-compose up -d
- echo "版本已经更新到 ${DRONE_COMMIT:0:10}, ${DRONE_COMMIT_MESSAGE}"
when:
branch:
- master
volumes:
- name: docker-sock
host:
path: /var/run/docker.sock
trigger:
branch:
- develop
- master
event:
- rollback
- promote
声明: 因编程语言版本更新较快,当前文章所涉及的语法或某些特性相关的信息并不一定完全适用于您当前所使用的版本,请仔细甄别。文章内容仅作为学习和参考,若有错误,欢迎指正。
开发者
-
windows wsl 子系统 ubuntu 安装 golang 服务器
09-25
-
git 多帐户登录操作
09-24
-
debian 更换镜像源
09-24
-
drone CI/CD 时的特殊配置
08-25
-
Linux 通过 ntp 命令同步时间
08-03