123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252 |
- kind: pipeline
- name: default
- # type: ssh # 定义流水线类型,还有kubernetes、exec、docker等类型
- #server:
- # host: 127.0.0.1
- # user: root
- # password:
- # from_secret: passwdlocal # 可以在你的drone web界面设置里进行设置,这儿直接引用
- # 用的是树莓派所以架构要用arm64 正常 platform 这项就不用写了
- #platform:
- # os: linux
- # arch: amd64
- # 指定运行 runner,不需要
- # node:
- # name: pi-runner
- clone:
- depth: 1 # 定义git克隆的深度,这里只需要完整的克隆项目就行,之前的提交并不需要去克隆
- disable: false
-
- #######################################################
- ###### steps : https://drone.cool/pipeline/docker/syntax/steps/
- #######################################################
- # step为执行的步骤,drone的步骤每一步都是使用临时docker的容器来实现的,每一步docker容器执行完会被自动销毁,所以本配置中的第一个用的是docker的ssh镜像,可以用来执行指定容器的命令。settings中配置了ssh要登录的host、username等,由于我们把username的信息放入drone来配置,这样保证了这些敏感字段的安全
- #- name: run-python
- # image: appleboy/drone-ssh
- # settings:
- # host: 192.168.1.246
- # username:
- # from_secret: pi_user
- # password:
- # from_secret: pi_password
- # port: 22
- # environment:
- # GOOS: linux
- # command_timeout: 5m
- # script:
- # - echo success
- # - cd /home/pi/python/dnspod
- # - git pull
- # - bash run.sh
- # 条件
- # when:
- # branch:
- # - master
- # when:
- # status:
- # - failure
- # - success
- # failure: ignore 失败后如何?
- #failure: ""
- #failure: "fail"
- #failure: "fail-fast"
- #failure: "fast"
- #failure: "always" #
- #failure: "ignore" # 单个失败,不影响整个 pipline
- #
- # detach: true # 后台异步执行,并且忽略其结果
- #
- # privileged: true 给容器赋予访问主机权限
- #
- # 任意阶段任意命令返回非0,则全部按照失败终止
- #######################################################
- ###### service : https://drone.cool/pipeline/docker/syntax/services/
- #######################################################
- #######################################################
- ###### plugins : https://plugins.drone.io/
- #######################################################
- # 比如单侧单独用 redis,这里可以异步起动一个服务,pipline完成后关闭
- #steps:
- #- name: ping
- # image: redis
- # commands:
- # - redis-cli -h cache ping
- #services:
- #- name: cache
- # image: redis
- steps:
- - name: 编译
- image: maven:3-jdk-11
- pull: if-not-exists
- volumes:
- - name: mvnCache
- path: /root/.m2
- commands:
- - mvn compile -DskipTests=true -Dmaven.javadoc.skip=true -B -V
- - echo 'FINISHED!'
- #- name: build-java-app
- # image: docker.io/kameshsampath/drone-java-maven-plugin:v1.0.0
- # pull: if-not-exists
- ##################################### quality ##################################
- # Sonar 代码质量,包含 FindBugs、PMD等
- # Fortity 代码安全扫描 收费
- # pom 漏洞扫描
- # SonarQube https://github.com/mibexsoftware/sonar-bitbucket-plugin
- # OWASP ZAP
- # Brakeman
- # CodeClimate
- # Coverity
- # Klocwork
- # PMD
- # SonarLint
- # FindBugs 官网 15年停更
- # 代码规范:Alibaba Java Coding Guidelines、checkStyle
- # https://juejin.cn/post/6844904018297225224
- #- name: sonar-scan
- # image: newtmitch/sonar-scanner:4.0.0-alpine
- # environment:
- # SONAR_TOKEN:
- # from_secret: sonar_token
- # GITHUB_ACCESS_TOKEN_FOR_SONARQUBE:
- # from_secret: github_access_token_for_sonarqube
- # commands:
- # - >
- # sonar-scanner
- # -Dsonar.host.url=https://sonarqube.company-beta.com/
- # -Dsonar.login=?SONAR_TOKEN
- # -Dsonar.projectKey=smcp-service-BE
- # -Dsonar.projectName=smcp-service-BE
- # -Dsonar.projectVersion=${DRONE_BUILD_NUMBER}
- # -Dsonar.sources=src/main/java
- # -Dsonar.tests=src/test/java
- # -Dsonar.language=java
- # -Dsonar.java.coveragePlugin=jacoco
- # -Dsonar.modules=smcp-api,smcp-web
- # -Dsonar.java.binaries=target
- # -Dsonar.projectBaseDir=.
- # -Dsonar.analysis.mode=preview
- # -Dsonar.github.repository=Today_Group/SMCP-Service
- # -Dsonar.github.oauth=?GITHUB_ACCESS_TOKEN_FOR_SONARQUBE
- # -Dsonar.github.pullRequest=${DRONE_PULL_REQUEST}
- # -Dsonar.github.disableInlineComments=false
- # when:
- # event:
- # - pull_request
- # branch:
- # - develop
- #
- # # post sonarscan result back to git PR (not in preview mode)
- # - name: sonar-scan-feedback
- # image: newtmitch/sonar-scanner:4.0.0-alpine
- # environment:
- # SONAR_TOKEN:
- # from_secret: sonar_token
- # GITHUB_ACCESS_TOKEN_FOR_SONARQUBE:
- # from_secret: github_access_token_for_sonarqube
- # commands:
- # - >
- # sonar-scanner
- # -Dsonar.host.url=https://sonarqube.company-beta.com/
- # -Dsonar.login=?SONAR_TOKEN
- # -Dsonar.projectKey=smcp-service-BE
- # -Dsonar.projectName=smcp-service-BE
- # -Dsonar.projectVersion=${DRONE_BUILD_NUMBER}
- # -Dsonar.sources=src/main/java
- # -Dsonar.tests=src/test/java
- # -Dsonar.language=java
- # -Dsonar.java.coveragePlugin=jacoco
- # -Dsonar.modules=smcp-api,smcp-web
- # -Dsonar.java.binaries=target
- # -Dsonar.projectBaseDir=.
- # -Dsonar.analysis.gitRepo=Today_Group/SMCP-Service
- # -Dsonar.analysis.pullRequest=${DRONE_PULL_REQUEST}
- # when:
- # event:
- # - pull_request
- # branch:
- # - develop
- ##################################### NOTIFY ####################################
- - name: 钉钉通知
- image: guoxudongdocker/drone-dingtalk
- settings:
- token: 178f267b9b16b168e0a0afb223b3d41f3a58e62180ab5288aa576db02965dd72
- type: markdown
- #5f6c32b36e771df227b1ccb8898325158e12d851ae61982d1ec225a1aa58e251
- - name: dingtalk
- image: lddsb/drone-dingtalk-message
- settings:
- token: 178f267b9b16b168e0a0afb223b3d41f3a58e62180ab5288aa576db02965dd72
- type: markdown
- success_color: 008000
- failure_color: FF0000
- success_pic: http://82.157.141.169:16666/avatars/1
- msg_at_mobiles: 15858193327
-
- #- name: email-notify
- # image: drillster/drone-email
- # settings:
- # host: smtp.some-server.com
- # username: foo
- # password: bar
- # from: drone@your-domain.com
-
- - name: wechat notify
- image: lizheming/drone-wechat
- settings:
- corpid: ww01cb42e24566126d
- corp_secret: un_CtWqThxc11MKWPK5SNWsFEgU9MkI7MIjvyvV9KjA
- agent_id: 1000002
- to_tag: ${DRONE_REPO_NAME}
- msg_url: ${DRONE_BUILD_LINK}
- safe: 1
- btn_txt: more
- title: ${DRONE_REPO_NAME}
- message: >
- {%if success %}
- build {{build.number}} succeeded. Good job.
- {% else %}
- build {{build.number}} failed. Fix me please.
- {% endif %}
- - name: wechat
- image: clem109/drone-wechat
- settings:
- corpid: ww01cb42e24566126d
- corp_secret: un_CtWqThxc11MKWPK5SNWsFEgU9MkI7MIjvyvV9KjA
- agent_id: 1000002
- title: ${DRONE_REPO_NAME}
- description: "Build Number: ${DRONE_BUILD_NUMBER} failed. ${DRONE_COMMIT_AUTHOR} please fix. Check the results here: ${DRONE_BUILD_LINK} "
- msg_url: ${DRONE_BUILD_LINK}
- btn_txt: bt
-
- volumes:
- - name: mvnCache
- host:
- path: /tmp/cache/.m2
- trigger:
- branch:
- - master
- event:
- - push
|