gogs
/
testcicd


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252
							kind: pipeline
name: default
# type: ssh     # 定义流水线类型，还有kubernetes、exec、docker等类型

#server:
#  host: 127.0.0.1
#  user: root
#  password:
#    from_secret: passwdlocal       # 可以在你的drone web界面设置里进行设置，这儿直接引用

# 用的是树莓派所以架构要用arm64 正常 platform 这项就不用写了
#platform:
#  os: linux
#  arch: amd64

# 指定运行 runner，不需要
# node:
#   name: pi-runner

clone:
  depth: 1         # 定义git克隆的深度，这里只需要完整的克隆项目就行，之前的提交并不需要去克隆
  disable: false
  

#######################################################
###### steps ： https://drone.cool/pipeline/docker/syntax/steps/
#######################################################
# step为执行的步骤，drone的步骤每一步都是使用临时docker的容器来实现的，每一步docker容器执行完会被自动销毁，所以本配置中的第一个用的是docker的ssh镜像，可以用来执行指定容器的命令。settings中配置了ssh要登录的host、username等，由于我们把username的信息放入drone来配置，这样保证了这些敏感字段的安全
#- name: run-python
#  image: appleboy/drone-ssh
#  settings:
#    host: 192.168.1.246
#    username:
#      from_secret: pi_user
#    password:
#      from_secret: pi_password
#    port: 22
#    environment:
#      GOOS: linux
#    command_timeout: 5m
#    script:
#      - echo success
#      - cd /home/pi/python/dnspod
#      - git pull
#      - bash run.sh
# 条件
#  when:
#    branch:
#    - master
#  when:
#    status:
#    - failure
#    - success
#   failure: ignore 失败后如何？
#failure: ""
#failure: "fail"
#failure: "fail-fast"
#failure: "fast"
#failure: "always" # 
#failure: "ignore" # 单个失败，不影响整个 pipline
# 
#  detach: true # 后台异步执行，并且忽略其结果
#
# privileged: true 给容器赋予访问主机权限
#
# 任意阶段任意命令返回非0，则全部按照失败终止

#######################################################
###### service ： https://drone.cool/pipeline/docker/syntax/services/
#######################################################


#######################################################
###### plugins ： https://plugins.drone.io/
#######################################################

# 比如单侧单独用 redis，这里可以异步起动一个服务，pipline完成后关闭
#steps:
#- name: ping
#  image: redis
#  commands:
#  - redis-cli -h cache ping

#services:
#- name: cache
#  image: redis

steps:    
- name: 编译
  image: maven:3-jdk-11
  pull: if-not-exists
  volumes:
  - name: mvnCache
    path: /root/.m2  
  commands:
  - mvn compile -DskipTests=true -Dmaven.javadoc.skip=true -B -V
  - echo 'FINISHED!'


#- name: build-java-app
#  image: docker.io/kameshsampath/drone-java-maven-plugin:v1.0.0
#  pull: if-not-exists

##################################### quality ##################################
# Sonar 代码质量，包含 FindBugs、PMD等

# Fortity 代码安全扫描 收费

# pom 漏洞扫描
# SonarQube https://github.com/mibexsoftware/sonar-bitbucket-plugin
# OWASP ZAP
# Brakeman
# CodeClimate
# Coverity
# Klocwork
# PMD
# SonarLint
# FindBugs 官网 15年停更
# 代码规范：Alibaba Java Coding Guidelines、checkStyle


# https://juejin.cn/post/6844904018297225224
#- name: sonar-scan
#    image: newtmitch/sonar-scanner:4.0.0-alpine
#    environment:
#    SONAR_TOKEN:
#    from_secret: sonar_token
#    GITHUB_ACCESS_TOKEN_FOR_SONARQUBE:
#    from_secret: github_access_token_for_sonarqube
#    commands:
#      - >
#    sonar-scanner
#    -Dsonar.host.url=https://sonarqube.company-beta.com/
#    -Dsonar.login=?SONAR_TOKEN
#    -Dsonar.projectKey=smcp-service-BE
#    -Dsonar.projectName=smcp-service-BE
#    -Dsonar.projectVersion=${DRONE_BUILD_NUMBER}
#    -Dsonar.sources=src/main/java
#    -Dsonar.tests=src/test/java
#    -Dsonar.language=java
#    -Dsonar.java.coveragePlugin=jacoco
#    -Dsonar.modules=smcp-api,smcp-web
#    -Dsonar.java.binaries=target
#    -Dsonar.projectBaseDir=.
#    -Dsonar.analysis.mode=preview
#    -Dsonar.github.repository=Today_Group/SMCP-Service
#    -Dsonar.github.oauth=?GITHUB_ACCESS_TOKEN_FOR_SONARQUBE
#    -Dsonar.github.pullRequest=${DRONE_PULL_REQUEST}
#    -Dsonar.github.disableInlineComments=false
#    when:
#    event:
#      - pull_request
#    branch:
#      - develop
#      
#      # post sonarscan result back to git PR (not in preview mode)
#      - name: sonar-scan-feedback
#    image: newtmitch/sonar-scanner:4.0.0-alpine
#    environment:
#    SONAR_TOKEN:
#    from_secret: sonar_token
#    GITHUB_ACCESS_TOKEN_FOR_SONARQUBE:
#    from_secret: github_access_token_for_sonarqube
#    commands:
#      - >
#    sonar-scanner
#    -Dsonar.host.url=https://sonarqube.company-beta.com/
#    -Dsonar.login=?SONAR_TOKEN
#    -Dsonar.projectKey=smcp-service-BE
#    -Dsonar.projectName=smcp-service-BE
#    -Dsonar.projectVersion=${DRONE_BUILD_NUMBER}
#    -Dsonar.sources=src/main/java
#    -Dsonar.tests=src/test/java
#    -Dsonar.language=java
#    -Dsonar.java.coveragePlugin=jacoco
#    -Dsonar.modules=smcp-api,smcp-web
#    -Dsonar.java.binaries=target
#    -Dsonar.projectBaseDir=.
#    -Dsonar.analysis.gitRepo=Today_Group/SMCP-Service
#    -Dsonar.analysis.pullRequest=${DRONE_PULL_REQUEST}
#    when:
#    event:
#      - pull_request
#    branch:
#      - develop
##################################### NOTIFY ####################################

- name: 钉钉通知
  image: guoxudongdocker/drone-dingtalk
  settings:
    token: 178f267b9b16b168e0a0afb223b3d41f3a58e62180ab5288aa576db02965dd72
    type: markdown  
#5f6c32b36e771df227b1ccb8898325158e12d851ae61982d1ec225a1aa58e251

- name: dingtalk
  image: lddsb/drone-dingtalk-message
  settings:
    token: 178f267b9b16b168e0a0afb223b3d41f3a58e62180ab5288aa576db02965dd72
    type: markdown
    success_color: 008000
    failure_color: FF0000
    success_pic: http://82.157.141.169:16666/avatars/1
    msg_at_mobiles: 15858193327
    
#- name: email-notify
#  image: drillster/drone-email
#  settings:
#    host: smtp.some-server.com
#    username: foo
#    password: bar
#    from: drone@your-domain.com    
    
- name: wechat notify
  image: lizheming/drone-wechat
  settings:
    corpid: ww01cb42e24566126d
    corp_secret: un_CtWqThxc11MKWPK5SNWsFEgU9MkI7MIjvyvV9KjA
    agent_id: 1000002
    to_tag: ${DRONE_REPO_NAME}
    msg_url: ${DRONE_BUILD_LINK}
    safe: 1
    btn_txt: more
    title: ${DRONE_REPO_NAME}
    message: >
      {%if success %}
        build {{build.number}} succeeded. Good job.
      {% else %}
        build {{build.number}} failed. Fix me please.
      {% endif %}

- name: wechat
  image: clem109/drone-wechat
  settings:
    corpid: ww01cb42e24566126d
    corp_secret: un_CtWqThxc11MKWPK5SNWsFEgU9MkI7MIjvyvV9KjA
    agent_id: 1000002
    title: ${DRONE_REPO_NAME}
    description: "Build Number: ${DRONE_BUILD_NUMBER} failed. ${DRONE_COMMIT_AUTHOR} please fix. Check the results here: ${DRONE_BUILD_LINK} "
    msg_url: ${DRONE_BUILD_LINK}
    btn_txt: bt
    
volumes:
- name: mvnCache
  host:
    path: /tmp/cache/.m2

trigger:
  branch:
  - master    
  event:
  - push