git + drone搭建项目自动部署
step1:下载安装gitea
docker-compose.yml
version: "3.7"
networks:
www:
external: true
services:
gitea:
image: gitea/gitea:1.16.9
container_name: gitea
environment:
- USER_UID=1000
- USER_GID=1000
- DB_TYPE=mysql
- DB_HOST= mysql:3306
- DB_NAME=gitea
- DB_USER=root
- DB_PASSWD=lican520
restart: always
networks:
- www
volumes:
- ./gitea:/data
- ./etc/timezone:/etc/timezone:ro
- ./etc/localtime:/etc/localtime:ro
expose:
- 22
- 3000
logging:
driver: json-file
options:
max-size: "100M" # 单个文件大小为200k
max-file: "10" # 最多10个文件
注意:当docker-compose无法拉取gitea安装包时,可以从gitea.tar拉取,我们通过
docker save -o gitea.tar gitea/gitea:1.16.9
保存的安装包,下载后, 仅需docker load -i gitea.tar即可
安装之前,需要先安装一个mysql容器,gitea依赖mysql存储
服务启动后,可以配置nginx转发,配置域名,通过域名访问
server {
listen 80;
listen 443 ssl;
ssl_certificate ./ssl/*.nongbotech.com/fullchain.pem;
ssl_certificate_key ./ssl/*.nongbotech.com/key.pem;
server_name git.nongbotech.com;
if ($args ~* "^go-get=1") {
set $condition goget;
}
if ($uri ~ ^/([a-zA-Z0-9_-]+)/([a-zA-Z0-9_-]+)/.*$) {
set $condition "${condition}path";
}
if ($condition = gogetpath) {
return 200 "<!DOCTYPE html><html><head><meta content='git.nongbotech.com/$1/$2 git https://git.nongbotech.com/$1/$2.git' name='go-import'></head></html>";
}
location / {
add_header Access-Control-Allow-Origin *;
proxy_pass http://gitea:3000;
}
}
通过域名访问后,配置数据库登录参数,即可来到登录页面,登录后,可创建代码仓库
创建gitea和drone授权应用
右上角->设置->应用->创建应用
应用名称:自定义,我暂且填drone
重定向URL: 跳转到drone的地址,为drone访问地址加上/login,例如我配置的drone访问地址是https://drone.nongbotech.com. 所以此处填写https://drone.nongbotech.com/login
创建完gitea应用后,会有客户端ID,和客户端密钥
step 2: 下载安装drone-server和drone-runner
docker-compose.yml
version: '3.7'
services:
drone-server:
image: drone/drone:2.8.0
container_name: drone-server
ports:
- "3003:3000"
volumes:
- ./drone:/data
- /etc/localtime:/etc/localtime:ro
environment:
- DRONE_USER_CREATE=username:lican,admin:true
- DRONE_GITEA_CLIENT_ID=bcb76646-56b0-42ab-8f11-ecd2e5a1bea2 // gitea应用的客户端ID
- DRONE_GITEA_CLIENT_SECRET=0VHtKBja73k6Oe7yMGGzbfOvogjKYITpiOzsmoHej6X1 // gitea应用的客户端密钥
- DRONE_GITEA_SERVER=http://git.nongbotech.com #gitea访问地址
- DRONE_GIT_ALWAYS_AUTH=false
- DRONE_RPC_SECRET=50f491d1154873d72f3cedc710d01d59 // drone-server和drone-runner间的通信密钥,可通过指令生成[openssl rand -hex 16]
- DRONE_SERVER_HOST=drone.nongbotech.com // drone访问地址
- DRONE_SERVER_PROTO=https
restart: always
networks:
- www
drone-runner:
image: drone/drone-runner-docker:1.8.0
container_name: drone-runner
volumes:
- /var/run/docker.sock:/var/run/docker.sock
environment:
- DRONE_RPC_PROTO=http
- DRONE_RPC_HOST=drone-server
- DRONE_RPC_SECRET=50f491d1154873d72f3cedc710d01d59 // drone-server和drone-runner间的通信密钥,可通过指令生成[openssl rand -hex 16]
- DRONE_RUNNER_CAPACITY=3
- DRONE_RUNNER_NAME=drone_runner
- DRONE_CPU_SHARES=300
- DRONE_MEMORY_LIMIT=2000000000
- DRONE_RUNNER_VOLUMES=./nbi_dev:/www_dev
restart: always
networks:
- www
networks:
www:
external: true
配置nginx转发drone服务
server {
listen 80;
listen 443 ssl;
ssl_certificate ./ssl/*.nongbotech.com/fullchain.pem;
ssl_certificate_key ./ssl/*.nongbotech.com/key.pem;
server_name drone.nongbotech.com;
location / {
proxy_pass http://drone-server:80;
}
}
1.drone-server和drone-runner服务启动后, 点击右上角的SYNC按钮即可同步gitea刚刚创建的代码仓库
2.点击同步到的代码仓库,进入页面后点击Settings按钮
-
General: 最下面一行配置超时时间和钩子执行的.drone.yml文件
-
Secrets: 配置drone访问服务器的基本参数,该参数在.drone.yml文件中通过该变量访问服务器
Name Value Remark DRONE_SSH_HOST 120.77.213.80 服务器ip地址 DRONE_SSH_USER root 用户名 DRONE_SSH_PORT 22 端口号 DRONE_SSH_KEY —–BEGIN OPENSSH PRIVATE KEY—– —–END OPENSSH PRIVATE KEY—– 服务器访问私钥——–登录服务器后,通过运行指令ssh-keygen -t rsa -b 4096生成后,进入~/.ssh后,打开id_rsa文件,复制可得。 当远程失败时,复制id_rsa.pub到同级目录的authorized_keys中,每个公钥都单独一行。并使用命令如 ssh -i /path/to/private_key user@host 进行测试 配置完成之后,推送代码到gitea的仓库中,即可看到触发了drone的运行,需要在项目的指定位置放置.drone.yml文件
.drone.yml文件示例
kind: pipeline #对象类型 type: docker #管道类型,drone支持不同的类型 name: "brewing-sass" #管道名称,一个项目可以有多个管道 #克隆设置 clone: disable: true #触发条件 #trigger: # event: # - tag #管道步骤 steps: # base-setup # 基础后台设置服务 - name: brewing-sass clone image: alpine/git environment: GOOS: linux GOARCH: amd64 commands: - git clone http://git.dev.nongbotech.cn/back-end-3.0/brewing-sass.git brewing-sass #编译 - name: brewing-sass build #管道步骤名称 image: golang:1.16.9 #执行shell命令的docker镜像 environment: GOOS: linux GOARCH: amd64 commands: #定义在docker容器内作为容器入口点执行的shell命令列表 - go env -w GOPRIVATE=git.dev.nongbotech.cn - go env -w GOPROXY=https://goproxy.cn # - go get -u -v git.dev.nongbotech.cn/back-end-3.0/pkg # - go get -u -v brewing-sass/gopkg/logger - cd brewing-sass - go mod tidy - go build -o brewing_sass_app # 发布 - name: brewing-sass publish image: appleboy/drone-scp settings: host: from_secret: DRONE_SSH_HOST port: from_secret: DRONE_SSH_PORT user: from_secret: DRONE_SSH_USER key: from_secret: DRONE_SSH_KEY target: /data/nbi_dev/soa/dev-soa_backend/brewing-sass source: - brewing-sass/etc/app.yaml - brewing-sass/etc/rsa/private.pem - brewing-sass/etc/rsa/public.pem - brewing-sass/brewing_sass_app strip_components: 1 # 去除前缀 # 服务重启 - name: brewing-sass reboot image: appleboy/drone-ssh settings: host: from_secret: DRONE_SSH_HOST port: from_secret: DRONE_SSH_PORT username: from_secret: DRONE_SSH_USER key: from_secret: DRONE_SSH_KEY script: - cd /data/nbi_dev/soa/dev-soa_backend - docker-compose down - docker-compose up -d