123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363 |
- kind: pipeline
- name: default
- # 内置变量,通知用
- # https://docs.drone.io/pipeline/environment/reference/
- # dingtalk 官方文档: https://open.dingtalk.com/document/orgapp/enterprise-internal-robots-send-markdown-messages
- # type: ssh # 定义流水线类型,还有kubernetes、exec、docker等类型
- #server:
- # host: 127.0.0.1
- # user: root
- # password:
- # from_secret: passwdlocal # 可以在你的drone web界面设置里进行设置,这儿直接引用
- # 用的是树莓派所以架构要用arm64 正常 platform 这项就不用写了
- #platform:
- # os: linux
- # arch: amd64
- # 指定运行 runner,不需要
- # node:
- # name: pi-runner
- clone:
- depth: 1 # 定义git克隆的深度,这里只需要完整的克隆项目就行,之前的提交并不需要去克隆
- disable: false
-
- # CICD 常用插件说明 https://notes.lzwang.ltd/DevOps/CICD/drone_plugin_review/
- # 远程与运维¶
- # git clone 仓库(默认启用): Drone Plugins - Git
- # 执行 git push 到指定仓库: Drone Plugins - Git Push
- # 执行 Ansible Playbook: Drone Plugins - Ansible
- # SSH登录到远程主机: Drone Plugins - SSH
- # 制品上传下载与签名¶
- # 对制品进行GPG签名: Drone Plugins - GPG Sign
- # 上传制品到WebDAV服务器上: Drone Plugins - WebDAV
- # 上传制品到FTP服务器上: Drone Plugins - FTP(S)
- # 上传制品到SCP服务器上: Drone Plugins - SCP
- # 下载文件到本地用于此次构建: Drone Plugins - Download
- # 发布¶
- # 推送文件到Codecov进行覆盖率检查: Drone Plugins - Codecov
- # 发布镜像到Docker Registry: (1) Drone Plugins - Docker (2) Drone Plugins - Drone Buildah
- # 发布npm包到指定registry: Drone Plugins - NPM
- # 发布Python包到PyPi: Drone Plugins - PyPI
- # GitHub相关¶
- # 发布静态页面到GitHub: Drone Plugins - GitHub Pages
- # 发布新的Release到GitHub: Drone Plugins - Github Release
- # 生成ChangeLog: Drone Plugins - Github-changelog-generator
- # 发布Comment到GitHub的Pull Request: Drone Plugins - Github Comment
- # Gitea相关¶
- # 发布新的Release到Gitea: Drone Plugins - Gitea Release
- # 发布Comment到Gitea的Pull Request: Drone Plugins - Gitea Comment
- # 触发其他构建¶
- # 触发一组Drone下游构建: Drone Plugins - Downstream Build
- # 触发CircleCI构建: Drone Plugins - CircleCI
- # 触发GitlabCI构建: Drone Plugins - Gitlab-CI
- # 触发Jenkins构建: Drone Plugins - Jenkins
- # 消息通知¶
- # 发送Webhook消息: Drone Plugins - Webhook
- # 发送微信消息通知: Drone Plugins - Wechat
- # 发送企业微信消息通知: Drone Plugins - Wechat for Work
- # 发送邮件通知: Drone Plugins - Email
- # 发送丁丁消息通知: Drone Plugins - DingTalk
- # 发送及时达推送给微信用户通知: Drone Plugins - InstantAccess(即时达)
- # 发送Telegram消息通知: Drone Plugins - Telegram
- # 其他¶
- # 同步豆瓣标记的数据到csv、json或者Notion数据库: Drone Plugins - Doumark
- # 相关工具链¶
- # Testspace¶
- # 云托管测试: Test Management Software - Testspace
- # 在Drone中配置: CI/CD Support | Testspace
- # Codecov¶
- # 覆盖率检测: Codecov - The Leading Code Coverage Solution
- # 在Drone中配置: Drone Plugins - Codecov
- # Badge¶
- # 自定义Badge: Shields.io: Quality metadata badges for open source projects
- # 参考¶
- # Drone一直卡在pending状态FAQ: Builds are Stuck in Pending Status - FAQ - Drone
- # Drone插件市场: Drone Plugins
- # 插件开发: Overview | Drone
- #######################################################
- ###### steps : https://drone.cool/pipeline/docker/syntax/steps/
- #######################################################
- # step为执行的步骤,drone的步骤每一步都是使用临时docker的容器来实现的,每一步docker容器执行完会被自动销毁,所以本配置中的第一个用的是docker的ssh镜像,可以用来执行指定容器的命令。settings中配置了ssh要登录的host、username等,由于我们把username的信息放入drone来配置,这样保证了这些敏感字段的安全
- #- name: run-python
- # image: appleboy/drone-ssh
- # settings:
- # host: 192.168.1.246
- # username:
- # from_secret: pi_user
- # password:
- # from_secret: pi_password
- # port: 22
- # environment:
- # GOOS: linux
- # command_timeout: 5m
- # script:
- # - echo success
- # - cd /buildCache
- # - chmod 777 run.sh
- # - bash run.sh
- # 条件
- # when:
- # branch:
- # - master
- # when:
- # status:
- # - failure
- # - success
- # failure: ignore 失败后如何?
- #failure: ""
- #failure: "fail"
- #failure: "fail-fast"
- #failure: "fast"
- #failure: "always" #
- #failure: "ignore" # 单个失败,不影响整个 pipline
- #
- # detach: true # 后台异步执行,并且忽略其结果
- #
- # privileged: true 给容器赋予访问主机权限
- #
- # 任意阶段任意命令返回非0,则全部按照失败终止
- #######################################################
- ###### service : https://drone.cool/pipeline/docker/syntax/services/
- #######################################################
- #######################################################
- ###### plugins : https://plugins.drone.io/
- #######################################################
- # 比如单侧单独用 redis,这里可以异步起动一个服务,pipline完成后关闭
- #steps:
- #- name: ping
- # image: redis
- # commands:
- # - redis-cli -h cache ping
- #services:
- #- name: cache
- # image: redis
- ##################################### 编译 ##################################
- steps:
- - name: 编译
- image: maven:3-jdk-11
- pull: if-not-exists
- volumes:
- - name: mvnCache
- path: /root/.m2
- commands:
- - mvn compile -DskipTests=true -Dmaven.javadoc.skip=true -B -V
- - echo 'STATUS ALL FINISHED!'
-
- # - echo 'STATUS mvn package FINISHED!'
- # - cp xxxxx.jar unionbuildCache
- # - cp Dockerfile ...
- # - cp run.sh build/run.sh
- #- name: build-java-app
- # image: docker.io/kameshsampath/drone-java-maven-plugin:v1.0.0
- # pull: if-not-exists
- ##################################### quality ##################################
- # Sonar 代码质量,包含 FindBugs、PMD等
- # Fortity 代码安全扫描 收费
- # pom 漏洞扫描
- # SonarQube https://github.com/mibexsoftware/sonar-bitbucket-plugin
- # OWASP ZAP
- # Brakeman
- # CodeClimate
- # Coverity
- # Klocwork
- # PMD
- # SonarLint
- # FindBugs 官网 15年停更
- # 代码规范:Alibaba Java Coding Guidelines、checkStyle
- # https://juejin.cn/post/6844904018297225224
- #- name: sonar-scan
- # image: newtmitch/sonar-scanner:4.0.0-alpine
- # environment:
- # SONAR_TOKEN:
- # from_secret: sonar_token
- # GITHUB_ACCESS_TOKEN_FOR_SONARQUBE:
- # from_secret: github_access_token_for_sonarqube
- # commands:
- # - >
- # sonar-scanner
- # -Dsonar.host.url=https://sonarqube.company-beta.com/
- # -Dsonar.login=?SONAR_TOKEN
- # -Dsonar.projectKey=smcp-service-BE
- # -Dsonar.projectName=smcp-service-BE
- # -Dsonar.projectVersion=${DRONE_BUILD_NUMBER}
- # -Dsonar.sources=src/main/java
- # -Dsonar.tests=src/test/java
- # -Dsonar.language=java
- # -Dsonar.java.coveragePlugin=jacoco
- # -Dsonar.modules=smcp-api,smcp-web
- # -Dsonar.java.binaries=target
- # -Dsonar.projectBaseDir=.
- # -Dsonar.analysis.mode=preview
- # -Dsonar.github.repository=Today_Group/SMCP-Service
- # -Dsonar.github.oauth=?GITHUB_ACCESS_TOKEN_FOR_SONARQUBE
- # -Dsonar.github.pullRequest=${DRONE_PULL_REQUEST}
- # -Dsonar.github.disableInlineComments=false
- # when:
- # event:
- # - pull_request
- # branch:
- # - develop
- #
- # # post sonarscan result back to git PR (not in preview mode)
- # - name: sonar-scan-feedback
- # image: newtmitch/sonar-scanner:4.0.0-alpine
- # environment:
- # SONAR_TOKEN:
- # from_secret: sonar_token
- # GITHUB_ACCESS_TOKEN_FOR_SONARQUBE:
- # from_secret: github_access_token_for_sonarqube
- # commands:
- # - >
- # sonar-scanner
- # -Dsonar.host.url=https://sonarqube.company-beta.com/
- # -Dsonar.login=?SONAR_TOKEN
- # -Dsonar.projectKey=smcp-service-BE
- # -Dsonar.projectName=smcp-service-BE
- # -Dsonar.projectVersion=${DRONE_BUILD_NUMBER}
- # -Dsonar.sources=src/main/java
- # -Dsonar.tests=src/test/java
- # -Dsonar.language=java
- # -Dsonar.java.coveragePlugin=jacoco
- # -Dsonar.modules=smcp-api,smcp-web
- # -Dsonar.java.binaries=target
- # -Dsonar.projectBaseDir=.
- # -Dsonar.analysis.gitRepo=Today_Group/SMCP-Service
- # -Dsonar.analysis.pullRequest=${DRONE_PULL_REQUEST}
- # when:
- # event:
- # - pull_request
- # branch:
- # - develop
- ##################################### NOTIFY ####################################
- ---
- kind: pipeline
- type: docker
- name: notify
- # 以下内容不再需要clone代码
- clone:
- disable: true
- steps:
- - name: 钉钉通知
- image: guoxudongdocker/drone-dingtalk
- settings:
- token: 178f267b9b16b168e0a0afb223b3d41f3a58e62180ab5288aa576db02965dd72
- type: markdown
- #5f6c32b36e771df227b1ccb8898325158e12d851ae61982d1ec225a1aa58e251
- - name: dingtalk
- image: lddsb/drone-dingtalk-message
- settings:
- token: 178f267b9b16b168e0a0afb223b3d41f3a58e62180ab5288aa576db02965dd72
- type: markdown
- success_color: 008000
- failure_color: FF0000
- success_pic: http://82.157.141.169:16666/avatars/1
- msg_at_mobiles: 15858193327
-
- - name: email-notify
- image: drillster/drone-email
- settings:
- # true 只发送给指定邮件收件人 false: 只发给流水线触发人
- recipients_only: true
- recipients:
- from_secret: email_sender
- subject: "Drone build: [{{ build.status }}] {{ repo.name }} ({{ repo.branch }}) #{{ build.number }}"
- host: smtp.qq.com
- port: 465
- username:
- from_secret: email_sender
- password:
- from_secret: email_pwd
- from:
- from_secret: email_sender
-
-
- - name: wechat notify
- image: lizheming/drone-wechat
- settings:
- corpid: ww01cb42e24566126d
- corp_secret: un_CtWqThxc11MKWPK5SNWsFEgU9MkI7MIjvyvV9KjA
- agent_id: 1000002
- to_tag: ${DRONE_REPO_NAME}
- msg_url: ${DRONE_BUILD_LINK}
- safe: 1
- btn_txt: more
- title: ${DRONE_REPO_NAME}
- message: >
- {%if success %}
- build {{build.number}} succeeded. Good job.
- {% else %}
- build {{build.number}} failed. Fix me please.
- {% endif %}
- - name: wechat
- image: clem109/drone-wechat
- settings:
- corpid: ww01cb42e24566126d
- corp_secret: un_CtWqThxc11MKWPK5SNWsFEgU9MkI7MIjvyvV9KjA
- agent_id: 1000002
- title: ${DRONE_REPO_NAME}
- description: "Build Number: ${DRONE_BUILD_NUMBER} failed. ${DRONE_COMMIT_AUTHOR} please fix. Check the results here: ${DRONE_BUILD_LINK} "
- msg_url: ${DRONE_BUILD_LINK}
- btn_txt: bt
-
- #- name: webhook
- # image: plugins/webhook
- # settings:
- # username: myusername
- # password: mypassword
- # urls: https://oapi.dingtalk.com/robot/send?access_token=
- # content_type: application/json
- # template: |
- # {
- # "msgtype": "markdown",
- # "markdown": {
- # "content": "{{#success build.status}}✅{{else}}❌{{/success}}**{{ repo.owner }}/{{ repo.name }}** (Build #{{build.number}})\n
- # >**构建结果**: {{ build.status }}
- # >**构建详情**: [点击查看]({{ build.link }})
- # >**代码分支**: {{ build.branch }}
- # >**提交标识**: {{ build.commit }}
- # >**提交发起**: {{ build.author }}
- # >**提交信息**: {{ build.message }}
- # "
- # }
- # }
-
- volumes:
- - name: mvnCache
- host:
- path: /tmp/cache/.m2
- trigger:
- branch:
- - master
- event:
- - push
-
- # 构建完了在执行通知
- depends_on: [default]
|