ZhenYi/gitdataai
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
92be1ce948
gitdataai/.drone.yml
ZhenYi 92be1ce948
Some checks reported errors
continuous-integration/drone/push Build encountered an error
Details
fix(drone): use environment variable for kaniko docker config
2026-04-15 00:07:16 +08:00

129 lines
5.0 KiB
YAML
Raw Blame History

---
# Drone CI Pipeline
kind: pipeline
type: kubernetes
name: default
clone:
disable: true
trigger:
event:
- push
- tag
branch:
- main
environment:
REGISTRY: harbor.gitdata.me/gta_team
CARGO_TERM_COLOR: always
BUILD_TARGET: x86_64-unknown-linux-gnu
steps:
- name: clone
image: bitnami/git:latest
commands:
- |
if [ -n "${DRONE_TAG}" ]; then
git checkout ${DRONE_TAG}
fi
- name: frontend-deps
image: node:22-alpine
commands:
- cd apps/frontend && corepack enable && corepack prepare pnpm@10 --activate && pnpm install --frozen-lockfile
- name: frontend-build
image: node:22-alpine
commands:
- cd apps/frontend && pnpm build
- name: docker-build
image: gcr.io/kaniko-project/executor:latest
environment:
DOCKER_CONFIG:
from_secret: kaniko_secret
commands:
- |
TAG="${DRONE_TAG:-${DRONE_COMMIT_SHA:0:8}}"
echo "==> Building images with tag: ${TAG}"
/kaniko/executor --context . --dockerfile docker/app.Dockerfile --destination ${REGISTRY}/app:${TAG} --destination ${REGISTRY}/app:latest
/kaniko/executor --context . --dockerfile docker/gitserver.Dockerfile --destination ${REGISTRY}/gitserver:${TAG} --destination ${REGISTRY}/gitserver:latest
/kaniko/executor --context . --dockerfile docker/email-worker.Dockerfile --destination ${REGISTRY}/email-worker:${TAG} --destination ${REGISTRY}/email-worker:latest
/kaniko/executor --context . --dockerfile docker/git-hook.Dockerfile --destination ${REGISTRY}/git-hook:${TAG} --destination ${REGISTRY}/git-hook:latest
/kaniko/executor --context . --dockerfile docker/migrate.Dockerfile --destination ${REGISTRY}/migrate:${TAG} --destination ${REGISTRY}/migrate:latest
/kaniko/executor --context . --dockerfile docker/operator.Dockerfile --destination ${REGISTRY}/operator:${TAG} --destination ${REGISTRY}/operator:latest
/kaniko/executor --context . --dockerfile docker/static.Dockerfile --destination ${REGISTRY}/static:${TAG} --destination ${REGISTRY}/static:latest
/kaniko/executor --context . --dockerfile docker/frontend.Dockerfile --destination ${REGISTRY}/frontend:${TAG} --destination ${REGISTRY}/frontend:latest
echo "==> All images pushed"
depends_on: [ frontend-build ]
- name: prepare-kubeconfig
image: alpine:latest
commands:
- apk add --no-cache kubectl
- mkdir -p ~/.kube
- echo "${KUBECONFIG}" | base64 -d > ~/.kube/config
- chmod 600 ~/.kube/config
- name: helm-deploy
image: alpine/helm:latest
commands:
- apk add --no-cache curl kubectl
- curl -fsSL -o /tmp/helm.tar.gz https://get.helm.sh/helm-v3.15.0-linux-amd64.tar.gz
- tar -xzf /tmp/helm.tar.gz -C /tmp
- mv /tmp/linux-amd64/helm /usr/local/bin/helm && chmod +x /usr/local/bin/helm
- |
TAG="${DRONE_TAG:-${DRONE_COMMIT_SHA:0:8}}"
helm upgrade --install gitdata deploy/ \
--namespace gitdataai \
-f deploy/values.yaml \
-f deploy/secrets.yaml \
--set image.registry=${REGISTRY} \
--set app.image.tag=${TAG} \
--set gitserver.image.tag=${TAG} \
--set emailWorker.image.tag=${TAG} \
--set gitHook.image.tag=${TAG} \
--set operator.image.tag=${TAG} \
--set static.image.tag=${TAG} \
--set frontend.image.tag=${TAG} \
--wait \
--timeout 5m \
--atomic
depends_on: [ docker-build, prepare-kubeconfig ]
when:
branch: [ main ]
- name: verify-rollout
image: bitnami/kubectl:latest
commands:
- kubectl rollout status deployment/gitdata-frontend -n gitdataai --timeout=300s
- kubectl rollout status deployment/gitdata-app -n gitdataai --timeout=300s
- kubectl rollout status deployment/gitdata-gitserver -n gitdataai --timeout=300s
- kubectl rollout status deployment/gitdata-email-worker -n gitdataai --timeout=300s
- kubectl rollout status deployment/gitdata-git-hook -n gitdataai --timeout=300s
depends_on: [ helm-deploy ]
when:
branch: [ main ]
# =============================================================================
# Secrets (register via drone CLI)
# =============================================================================
# Harbor username
# drone secret add --repository <org/repo> --name drone_secret_docker_username --data <username>
#
# Harbor password
# drone secret add --repository <org/repo> --name drone_secret_docker_password --data <password>
#
# kubeconfig (base64)
# drone secret add --repository <org/repo> --name kubeconfig --data "$(cat ~/.kube/config | base64 -w 0)"
#
# Kaniko dockerconfigjson (for private registry)
# drone secret add --repository <org/repo> --name kaniko_secret --data "$(cat ~/.docker/config.json | base64 -w 0)"
#
# Local exec:
# drone exec --trusted \
# --secret=DRONE_SECRET_DOCKER_USERNAME=<username> \
# --secret=DRONE_SECRET_DOCKER_PASSWORD=<password> \
# --secret=KUBECONFIG=$(base64 -w 0 ~/.kube/config)
Reference in New Issue View Git Blame Copy Permalink