(1) Drone CI For Github — Build their own CI/CD workflow

Understand the Drone

Drone is a continuous delivery system based on container technology. Drone uses a simple YAML configuration file (a superset of Docker-compose) to define and execute Pipelines in Docker containers.

Drone integrates seamlessly with popular source code management systems, including GitHub, GitHub Enterprise, Bitbucket and more.

Drone CI For Github

Let’s start to practice the deployment and use of Drone together

The preparatory work

In this case, the domain I used for Drone Server is dronetest. Yiranzai.top

Understand the Docker – compose

The Compose project is Docker’s official open source project, which is responsible for the rapid choreography of Docker container clusters.

Docker-compose has written a small Demo to help you learn about Docker-compose more quickly

Apply for a Github OAuth Application

Github OAuth Application authorizes Drone Server to read your Github messages.

Github Create an OAuth Application

Note down the generated Client ID and Client Secret

Write the docker – compose. Yml

We need to

  • drone-server(Central Drone server)
  • drone-agent(Receives instructions from the central Drone server to execute building pipelines)
  • mysqldroneThe default datastore issqllite3, here we use MySQL.
  • nginx(using thenginxTo be an external service agent. Don’t letdrone-serverDirect external services)

Reference:

  • Github installs Drone official documentation
  • Drone Administrator’s official manual
  • Drone variable reference manual
  • MySQL form DockerHub
version: "3.7"
services:
  nginx:
    image: nginx:alpine
    container_name: drone_nginx
    ports:
      - "80:80"
    restart: always
    networks:
      - dronenet
  mysql:
    image: Mysql: 5.7
    restart: always
    container_name: drone_mysql
    environment:
      - MYSQL_ROOT_PASSWORD=root_password
      - MYSQL_DATABASE=drone
      - MYSQL_USER=drone
      - MYSQL_PASSWORD=drone_password
    networks:
      - dronenet
    volumes:
      - /path/to/conf/my.cnf:/etc/mysql/my.cnf:rw
      - /path/to/data:/var/lib/mysql/:rw
      - /path/to/logs:/var/log/mysql/:rw
  drone-server:
    image: Drone/drone: 1.0.0 - rc. 5 # Do not use "latest", "latest" is not a stable version
    container_name: dronetest_server
    networks: 
      - dronenet
    volumes:
      - ${DRONE_DATA}:/var/lib/drone/:rw
      - /var/run/docker.sock:/var/run/docker.sock:rw
    restart: always
    environment:
      - DRONE_DEBUG=true
      - DRONE_DATABASE_DATASOURCE=drone:drone_password@tcp(drone_mysql:3306)/drone? parseTime=true   Mysql > select * from mysql
      - DRONE_DATABASE_DRIVER=mysql
      - DRONE_GITHUB_SERVER=https://github.com
      - DRONE_GITHUB_CLIENT_ID=${Your-Github-Client-Id}  #Github Client ID
      - DRONE_GITHUB_CLIENT_SECRET=${Your-Github-Client-Secret} #Github Client Secret
      - DRONE_RUNNER_CAPACITY=2
      - DRONE_RPC_SECRET=YOU_KEY_ALQU2M0KdptXUdTPKcEw  # RPC secret key
      - DRONE_SERVER_PROTO=http			This configuration determines the proTO of the webhook address in the repository when you activate it
      - DRONE_SERVER_HOST=dronetest.yiranzai.top
      - DRONE_USER_CREATE=username:yiranzai,admin:true  This is your Github username
  drone-agent:
    image: Drone/agent: 1.0.0 - rc. 5
    container_name: dronetest_agent
    restart: always
    networks: 
      - dronenet
    depends_on:
      - drone-server  # rely on drone_server and start later
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:rw
    environment:
      - DRONE_RPC_SERVER=http://drone_server	# Drone uses HTTP request package, URL must write protocol to support
      - DRONE_RPC_SECRET=YOU_KEY_ALQU2M0KdptXUdTPKcEw  The RPC key must be the same as that in drone_server
      - DRONE_DEBUG=true
networks:
  dronenet:
Copy the code

Run the service

Create containers and networks

$ docker-compose up -d  
Creating drone_mysql      ... done
Creating dronetest_server ... done
Creating drone_nginx      ... done
Creating dronetest_agent  ... done$ docker-compose ps Name Command State Ports ---------------------------------------------------------------------------- drone_mysql docker-entrypoint.sh mysqld Up 3306/tcp, 33060/tcp drone_nginx nginx -g daemon off; Up 0.0.0.0:80->80/ TCP dronetest_agent /bin/ dronedrone -agent Up dronetest_server /bin/drone-server Up 443/ TCP, 80/ TCPCopy the code

writenginxThe configuration file

$ docker-compose exec nginx ash
# vim /etc/nginx/conf.d/drone.conf
server {
    listen       80;
    server_name dronetest.yiranzai.top;
    location / {
        proxy_pass http://dronetest_server;
        proxy_set_header   Host             $host;
        proxy_set_header   X-Real-IP        $remote_addr;
        proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
    }
}
# nginx -s reload
Copy the code

Access the service

There will be an OAuth validation and then synchronization will begin for all your warehouses.

Writing here, Drone CI for Github has been successfully built, isn’t it very happy, isn’t it very satisfied? Is it over? No!

We will also test Drone Server to test the availability of the service.

Go ahead and do it.

The validation service

An untried project is not a usable project

Create an empty warehouse and synchronize toDroneThe activation

How to create warehouse will not repeat, here, I create a warehouse named Dronetest, and back to Drone synchronization warehouse

  1. Synchronous warehouse

  1. Activate the warehouse

Once activated, check for Webhooks for the GIthub repository

  1. Add the Secrets

    Here I created two Secret names: Yiranzai Word: Hello World!

write.drone.yml

Since the server configuration is sensitive information, we need to use Secret to store it

Set up the host Username RSA port that you need to log in to the deployment server and the deploy_path that you want to deploy

reference

  • Drone User Manual
  • Drone Plug-in Manual
  • Drone plug-in warehouse
  • Drone SCP plug-in manual

---
kind: pipeline
name: drone

workspace:
  base: /app
  path: git/drone

steps:
  - name: build
    image: node:alpine
    volumes:
      - name: webroot
        path: /wwwroot
    commands:
      - /bin/sh bash.sh
    environment:
      host:
        from_secret: host
      port:
        from_secret: port
      abc: abctest
  - name: deploy
    image: appleboy/drone-scp
    when:
      status:
        - success
    settings:
      host:
        from_secret: host
      port:
        from_secret: port
      key:
        from_secret: rsa
      username:
        from_secret: username
      target:
        from_secret: deploy_path
      source: . / *

volumes:
  - name: webroot
    host:
      path: /opt
  - name: cache
    host:
      path: /tmp/cache

trigger:
  branch:
    - master
  event:
    - push
Copy the code

Write bash.sh to print variables

echo $host

echo $abc

echo $port
Copy the code

Push it to the warehouse and check it out

  1. push to repo
git init git add .; git commit -m'init test'
git remote add origin [email protected]:yiranzai/dronetest.git
git push -u origin master
Copy the code
  1. To viewDroneACTIVITY FEED

If successful, it should look something like this

If it fails, an error message is displayed

This is because the Node image I’m using is Node :alpine, without bash

  1. Check the server

    See both bash.sh and.drone.yml uploaded here (just testing, not really asking you to do it)

$ pwd
/home/www
$ ll -a
total 40
drwx------  4 www  www  4096 Feb 20 04:23 .
drwxr-xr-x. 4 root root 4096 Feb 20 03:55 ..
-rw-------  1 www  www    61 Feb 19 03:00 .bash_history
-rw-r--r--  1 www  www    18 Oct 30 13:07 .bash_logout
-rw-r--r--  1 www  www   193 Oct 30 13:07 .bash_profile
-rw-r--r--  1 www  www   231 Oct 30 13:07 .bashrc
-rw-r--r--  1 www  www    35 Feb 20 04:23 bash.sh
-rw-r--r--  1 www  www   812 Feb 20 04:23 .drone.yml
drwxr-xr-x  8 www  www  4096 Feb 20 04:23 .git
drwxr-xr-x  2 www  www  4096 Feb 19 02:40 .ssh
Copy the code

conclusion

The deployment of Drone CI for Github really came to an end here. Along the way, there were a lot of pits. After you slowly read the documents of Drone, you will find how bad it is, which makes you feel tired and want to cry.

Summarize your mistakes and mistakes

  • yamlThe file suffix of the format isyml(I’m mentally retarded)
  • drone-serverMake sure you have an administrator
  • drone-serverThe variables in theDRONE_SERVER_PROTODRONE_SERVER_HOSTDetermine your warehousewebhookAddress if your domain name is donehttp to httpsAnd yoursDRONE_SERVER_PROTOhttp, will result in a 301 redirect,methodpostintogetWill happen,error 405
  • droneIt was developed in GO,droneThe use ofhttpPackages without written protocols are not supportedurl, e.g.dronetest.yiranzai.topIt can’t be recognized. It should be written ashttp(s)://dronetest.yiranzai.top
  • You are advised to enable debug during the test phase to facilitate deployment and debugging

series

  • Create your own CI/CD workflow based on Gitea+Drone CI+Vault
  • (1) Drone CI For Github — Build their own CI/CD workflow
  • Drone CI uses Vault as credential storage — to build its own CI/CD workflow
  • (3) Lightweight self-built Drone CI For Gitea — to create their own CI/CD workflow
  • Fyi: Build your own code hosting platform based on Gitea

END

Anyway, I went to adjust my mindset and produce bugs.