相关服务
forgejo : 源码版本控制, 前身是gitea, 由于 gitea有闭源风险, 社区不再信任,fork出forgejo继续开发开源版本, ps gitea也是从其他项目继续过来开发的
drone : ci/cd
drone服务 通过 weebhook 监听git 仓库事件,分发任务给runner执行CI/CD
CI/CD 需要执行什么, 取决于添加到drone配置文件,通常名为 .drone.yml
服务相关的docker compose放在附录之中了
上传已有git仓库到forgejo
先在forgejo上创建仓库
创建时,需要关注几个仓库的属性
- 拥有者, 设置组织,如SW组织,
- 可见性, 一般都设置私有仓库, 再添加协作者
- 默认分支,一般设置为master ,和gitlab保持一致
创建完后把drone 用户添加到git仓库协作者, ci的docker环境会设置drone的ssh代理,让drone有权限访问代码
再本地的代码库中设置远程库直接推送
1
2
|
git remote add forgejo ssh://git@git3.deepvision-tech.net:222/SW/ci_demo_0.git
git push
|
激活git仓库的drone
激活之前,git项目不会创建webhook,
需要登录drone 激活 drone : http://10.1.8.129
不需要填写用户名密码,点登录后自动以forgejo登录信息登录drone
点击右上角同步项目信息,同步完会看到刚才新建的项目
点击项目进制配置界面,点击
默认设置点击保存
保存后forgejo上的项目会生成一个webhook
可以这weebhook中设置需要关注的git事件类型和git 分支
通常是只有关键分支才需要ci/cd, 开发分支不需要,
开发分支 合到关键分支,需要提交合并请求或拉取申请,待审核后合并后自动触发 持续集成
weebook还可以试触发, 在调试ci/cd时很方便
.drone.yml
example
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
|
kind: pipeline
type: docker
name: build
# https://github.com/devth/drone-docs/blob/master/content/usage/cloning.md
clone:
disable: true # 禁止自动拉取代码
steps:
- name: build-all
image: dv_ci_qt5.15:0.1
environment:
PKG_VERSION: "1.0.0"
PKG_NAME: "dv_algorithm"
#https://docs.drone.io/pipeline/environment/reference/
DRONE_BRANCH: $DRONE_BRANCH
DRONE_BUILD_CREATED: $DRONE_BUILD_CREATED
DRONE_BUILD_EVENT: $DRONE_BUILD_EVENT
DRONE_BUILD_FINISHED: $DRONE_BUILD_FINISHED
DRONE_COMMIT: $DRONE_COMMIT
DRONE_COMMIT_AFTER: $DRONE_COMMIT_AFTER
DRONE_COMMIT_AUTHOR: $DRONE_COMMIT_AUTHOR
DRONE_COMMIT_AUTHOR_AVATAR: $DRONE_COMMIT_AUTHOR_AVATAR
DRONE_COMMIT_AUTHOR_EMAIL: $DRONE_COMMIT_AUTHOR_EMAIL
DRONE_COMMIT_AUTHOR_NAME: $DRONE_COMMIT_AUTHOR_NAME
DRONE_COMMIT_BEFORE: $DRONE_COMMIT_BEFORE
DRONE_COMMIT_BRANCH: $DRONE_COMMIT_BRANCH
DRONE_COMMIT_LINK: $DRONE_COMMIT_LINK
DRONE_COMMIT_MESSAGE: $DRONE_COMMIT_MESSAGE
DRONE_COMMIT_REF: $DRONE_COMMIT_REF
DRONE_COMMIT_SHA: $DRONE_COMMIT_SHA
DRONE_STAGE_ARCH: $DRONE_STAGE_ARCH
DRONE_STAGE_FINISHED: $DRONE_STAGE_FINISHED
DRONE_STAGE_OS: $DRONE_STAGE_OS
DRONE_STAGE_MACHINE: $DRONE_STAGE_MACHINE
settings:
detach: false
entrypoint: [""]
commands:
- cd /source/repos
- bash -c "rm -rf dv_app_solution"
- bash -c "git clone ssh://git@git1.deepvision-tech.net:222/SW/dv_app_solution.git"
- cd /source/repos/dv_app_solution
- bash -c "rsync -ah ../vcpkg_installed . >/dev/null 2>&1 "
- bash -c "git submodule update --init --recursive"
- git c -t origin/$DRONE_BRANCH | true
- git frsm "git c -t origin/$DRONE_BRANCH | true"
- bash -c "./clear.sh && ./build.sh"
# 129没有部署exec runner
---
kind: pipeline
type: exec
name: upload
clone:
disable: true
steps:
- name: upload_to_ftp
environment:
DRONE_BRANCH: $DRONE_BRANCH
commands:
- cd /root/source/repos/dv_app_solution/bin/x86_64/
- /root/ftp_upload.sh "/ci/$DRONE_BRANCH" libdv_algorithm.do
depends_on:
- build
|
手动添加构建流水线任务
如果希望使图中的PKG_VERSION覆盖.drone.yml中的同名变量,可以使用go模板语法
${参数:-默认值}
如果没有paramete 就显示为默认值,
1
2
|
environment:
PKG_VERSION: ${PKG_VERSION:-1.0.0} #如果没有传递PKG_VERSION变量,默认值为1.0.0
|
server 默认的ui dashboard 比较简陋,如果需要定制ui,可以自己写app,相送的api 在官网都可以找到
可以使用http post的方式创建 构建任务
挂载到docer容器上的目录
源码本来不应该挂载到docker中,但考虑到二进制体积较大的情况,挂了两个目录到容器上
只在docker中有访问权限的
/home/drone/source/repos : /repos
所有人有访问权限的
/storage/sw_ci/ : /sw_ci
也可以写脚本上传到其他服务器
ssh-agent
容器中会自动设置ssh代理,
可以使用drone用户的ssh id 进行ssh的认证,例如git clone,
1
|
ssh-add -l #可以查看已经代理的密钥签名
|
附录:docker compose
forjejo server
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
|
version: "3"
networks:
forgejo:
external: false
services:
server:
image: codeberg.org/forgejo/forgejo:1.20
container_name: forgejo
environment:
- USER_UID=1001
- USER_GID=1001
- FORGEJO__database__DB_TYPE=postgres
- FORGEJO__database__HOST=db:5432
- FORGEJO__database__NAME=forgejo
- FORGEJO__database__USER=forgejo
- FORGEJO__database__PASSWD=123456
restart: always
networks:
- forgejo
volumes:
- type: volume
source: nfs-forgejo-data
target: /data
volume:
nocopy: true
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
ports:
- "80:3000"
- "222:22"
depends_on:
- db
db:
image: postgres:14
restart: always
environment:
- POSTGRES_USER=forgejo
- POSTGRES_PASSWORD=123456
- POSTGRES_DB=forgejo
networks:
- forgejo
volumes:
- type: volume
source: nfs-forgejo-postgres
target: /var/lib/postgresql/data
volume:
nocopy: true
volumes:
nfs-forgejo-data:
driver_opts:
type: "nfs"
o: "addr=10.1.8.83,nolock,soft,rw"
device: ":/volume1/repo-03/forgejo"
nfs-forgejo-postgres:
driver_opts:
type: "nfs"
o: "addr=10.1.8.83,nolock,soft,rw"
device: ":/volume1/repo-03/postgres"
|
drone server
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
|
version: "3"
services:
drone:
image: drone/drone:2
container_name: drone
environment:
- DRONE_GITEA_SERVER=http://forgejo.net
- DRONE_GITEA_CLIENT_ID=1660a088-d5d7-4aee-951e-cae874282f13
- DRONE_GITEA_CLIENT_SECRET=gto_a4uwqotic2oenrx6ez6b4triae7hpphirviqsdxyq5unyj5smfrq
- DRONE_RPC_SECRET=78d59e651522607da0f7242e6965ce26
- DRONE_SERVER_HOST=10.1.8.129
- DRONE_SERVER_PROTO=http
restart: always
volumes:
- ./drone:/data
ports:
- 80:80
|
DRONE_GITEA_CLIENT_ID 和DRONE_GITEA_CLIENT_ID用于 drone oauth2 登录, 需要在gitea或forgejo 设置面板设置中创建 oauth2 应用 后获取以填充
drone docker runner
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
version: "3"
services:
runner:
image: drone/drone-runner-docker:1
container_name:runner
environment:
- DRONE_RPC_PROTO=http
- DRONE_RPC_HOST=server_host
- DRONE_RPC_SECRET=78d59e651522607da0f7242e6965ce26
- DRONE_RUNNER_CAPACITY=1
- DRONE_RUNNER_NAME=drone-runner
- DRONE_RUNNER_VOLUMES=/home/drone/.ssh/known_hosts:/root/.ssh/known_hosts,/home/drone/source:/source,/storage/sw_ci:/sw_ci,/tmp/ssh-n0ryHZ9GmCn5/agent.2507215:/tmp/ssh-n0ryHZ9GmCn5/agent.2507215
- DRONE_RUNNER_ENVIRON=SSH_AUTH_SOCK:/tmp/ssh-n0ryHZ9GmCn5/agent.2507215
restart: always
volumes:
- /var/run/docker.sock:/var/run/docker.sock
ports:
- 3000:3000
|
Comments