關(guān)于Drone

Open source Continuous Delivery platform that automates your testing and release workflows, which is container natively. For more detail, see here.

配置Drone Server

1. 安裝Drone

docker pull drone/drone:0.8

2. 配置版本控制服務(wù)（以GitHub為例），創(chuàng)建OAuth application

Login GitHub->Settings->Developer settings->New OAuth App

image

NOTE:
a) 用部署機(jī)器的地址替換上圖中https://drone.server.com。如IP為101.100.1.1，則為https://101.100.1.1
b) 拷貝Client ID和Client Secret，并有它們替換步驟3中的DRONE_GITHUB_CLIENT和DRONE_GITHUB_SECRET

3. 準(zhǔn)備docker-compose.yaml
   如若沒有證書，可以直接去掉代碼中相應(yīng)的行，并使用HTTP

version: '2'

services:

  drone-server:

    image: drone/drone:0.8

    ports:

      - 80:8000

      - 443:443

      - 9000

    volumes:

      - ./drone:/var/lib/drone/

      - ./cert/selfsigned.crt:/etc/certs/server.crt

      - ./cert/selfsigned.key:/etc/certs/server.key

      - /var/run/docker.sock:/var/run/docker.sock

    restart: always

    environment:

      - DRONE_OPEN=true

      - DRONE_HOST=https://drone.server.com    #replace with your address

      - DRONE_GITHUB_URL=https://github.com

      - DRONE_SERVER_CERT=/etc/certs/server.crt

      - DRONE_SERVER_KEY=/etc/certs/server.key

      - DRONE_GITHUB=true

      - DRONE_GITHUB_SKIP_VERIFY=false

      - DRONE_GITHUB_CLIENT=xxxxxxxxx    # replace with Client ID

      - DRONE_GITHUB_SECRET=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx   # replace with Client Secret

      - DRONE_SECRET=Flesh-Treasure-Anything-Law-9    # use any string

      - DRONE_DEBUG=true

  drone-agent:

    image: drone/agent:0.8

    command: agent

    restart: always

    depends_on:

      - drone-server

    volumes:

      - /var/run/docker.sock:/var/run/docker.sock

    environment:

      - DRONE_SERVER=drone-server:9000

      - DRONE_DEBUG=true

      - DRONE_SECRET=Flesh-Treasure-Anything-Law-9    // use any string, but should consist with drone-server

4. 啟動(dòng)Drone server

cd /path/to/docker-compose/file

docker-compose up

5. 打開瀏覽器，登陸Drone server。如https://drone.server.com

6. 查看Token，并設(shè)置相應(yīng)環(huán)境變量

export DRONE_SERVER=xxxxxxxx

export DRONE_TOKEN=xxxxxx

準(zhǔn)備工程

1. 使用已有工程或新建一個(gè)工程（以下以HelloWorld工程為例），將這個(gè)工程push到GitHub。
2. 在Drone server主頁中激活HelloWorld工程
3. 添加.drone.yml文件

workspace:
  base: /go
  path: src/github.com/isaactl/HelloWorld
 
pipeline:
  build:
    image: library/golang:1.8-alpine
    environment:
      - CGO_ENABLED=0
      - GOOS=linux
      - GOARCH=amd64
    commands:
      - go get
      - go build
 
  publish:
    image: plugins/docker
    repo: isaactl/helloworld      # you can try with Docker Hub account
    tag: latest
    secrets: [docker_username, docker_password]    # your Docker Hub credential

4. 編寫Dockerfile

FROM alpine:3.5
 
MAINTAINER Tan Liang
 
LABEL Description="Hello World"
 
RUN apk update && \
    apk upgrade && \
    apk add \
        bash \
        ca-certificates \
    && rm -rf /var/cache/apk/*
 
RUN mkdir /config
 
COPY HelloWorld /usr/local/bin/HelloWorld
 
ENTRYPOINT ["/usr/local/bin/HelloWorld"]

5. 設(shè)置secrets（參考下面的 關(guān)于secrets）
6. 將新添加的兩個(gè)文件Push到GitHub。你會(huì)在https://drone.server.com看到HelloWorld工程正在自己編譯，并將生成的image發(fā)布到Docker Hub上

關(guān)于secrets

secrets有幾種添加方法。詳情請(qǐng)查看這里

1. 通過瀏覽器添加
   Visit drone server→Click repository→Select "Secrets" from top right menu→Create secrets and save
2. drone cli

drone secret add \
  --repository <registry> \
  --image <image> \
  --name <name> \
  --value <value>

例如

drone secret add --repository=isaactl/HelloWorld \
  --image=plugins/docker \
  --name=docker_username \
  --value=isaactl

3. 從文件中讀入
4. 對(duì).drone.yml加密

部署

編寫腳本或生成新的image來完成以下步驟

1. 登陸目標(biāo)機(jī)器（部署image的機(jī)器）
2. 將build好的image從repo中pull下來
3. 啟動(dòng)container