此篇文章记录一个完整的go项目构建案例, 举一反三,nodeJS, python, java 等其它项目也是这样的流程;
要点简述
- 占位置
- 占位置
步骤简述
- 占位置
- 占位置
调试截图
**成功流程
完整清单
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
|
kind: pipeline
type: kubernetes
name: cwxgoweb-dev
service_account_name: drone
clone:
disable: true
# main 分支 + push
trigger:
branch:
- main
event:
- push
volumes:
- name: gopath-cache
claim:
name: gobuild-cache
read_only: false
steps:
- name: 启动无人机
image: registry.services.wait/cwx/os/alpine:3.18.3
commands:
- echo "测试启动 drone 成功"
- name: 克隆仓库
image: registry.services.wait/cwx/drone/git
pull: if-not-exists
depends_on: [启动无人机]
settings:
# clone 时截断以前的提交记录, 即克隆深度
depth: 1
skip_verify: true
# 读取 git 的 tag 作为环境变量 ${DRONE_TAG}
tags: true
environment:
GITEA_TOKEN:
from_secret: git_token
commands:
- git config --global http.sslVerify false
# 通过 token 拉取代码
- git clone https://chenwx:$GITEA_TOKEN@git.services.wait/chenwx/cwxgoweb.git .
# 输出最近 5 次 commit 信息
- git log --oneline -n 5
- pwd
- ls -a
- name: 编译
image: registry.services.wait/cwx/golang:1.21.0
pull: if-not-exists
depends_on: [克隆仓库]
# 挂载编译缓存
volumes:
- name: gopath-cache
path: /go
commands:
- go env -w GOPROXY=http://nexus.services.wait/repository/proxy-go/
- go env -w GOSUMDB=off
- export CGO_ENABLED=0
- go build -o cwxgoweb src/main.go
# - go build -o cwxgoweb -ldflags '-s -w' src/main.go
- ls -a
# 制作镜像
- name: 生成镜像
image: registry.services.wait/cwx/kaniko-project/executor:v1.15.0-debug
pull: if-not-exists
depends_on: [ 编译 ]
environment:
CA_CERTIFICATE:
from_secret: ca_wait
DOCKER_AUTH_FILE:
from_secret: docker_user_wait_conf
commands:
# 一张内部的CA证书
- echo "$CA_CERTIFICATE" >> /kaniko/ssl/certs/additional-ca-cert-bundle.crt
# docker 仓库认证文件 .docker/config.json
- echo $DOCKER_AUTH_FILE > /kaniko/.docker/config.json
- /kaniko/executor
--context "."
--dockerfile "deploy/docker/drone/dockerfile"
--destination "registry.services.wait/cwx/cwxgoweb:latest"
# 发布k8s集群
- name: deploy
image: registry.services.wait/cwx/zc2638/drone-k8s-plugin:0.0.4
pull: if-not-exists
depends_on: [ 克隆仓库 ]
settings:
k8s_server: https://kubernetes.default.svc.cluster.local
k8s_token:
from_secret: k8s_token
k8s_ca_crt:
from_secret: k8s_ca_crt
k8s_skip_tls: false
namespace: cwx
templates:
- deploy/kubernetes/devel/deployment.yml
- deploy/kubernetes/devel/IngressRoute.yml
- deploy/kubernetes/devel/services.yml
# app_name: ${DRONE_REPO_NAME}
debug: true
---
# 流水线2
# 生产环境打包, 只对带 tag 的事件触发执行
kind: pipeline
type: kubernetes
name: cwxgoweb-pro
service_account_name: drone
# 触发器这里 tag 不能和分支一起使用, 因为 tag 和 分支是没有关系的
trigger:
event:
- tag
volumes:
- name: gobuild-cache
claim:
name: gobuild-cache
read_only: false
# 因为有个性化的 clone 需求, 所以这里关闭默认的 clone 动作
clone:
disable: true
steps:
- name: 克隆仓库
image: registry.services.wait/cwx/drone/git
pull: if-not-exists
settings:
depth: 1
skip_verify: true
tags: true
environment:
GITEA_TOKEN:
from_secret: git_token
# 注意为了避免 tag 比 main 分支先提交的情况
# 这里需要固定拉取 此 tag
commands:
- git config --global http.sslVerify false
- git clone -b ${DRONE_TAG} --depth=1 https://chenwx:$GITEA_TOKEN@git.services.wait/chenwx/cwxgoweb.git .
- pwd
- ls -a
- name: 编译
image: registry.services.wait/cwx/golang:1.21.0
pull: if-not-exists
depends_on: [克隆仓库]
volumes:
- name: gopath-cache
path: /go
commands:
# - go env -w GOPROXY=http://10.2.1.4:8081/repository/group-go/
- go env -w GOPROXY=http://nexus.services.wait/repository/proxy-go/
- go env -w GOSUMDB=off
- export CGO_ENABLED=0
- go build -o cwxgoweb src/main.go
# - go build -o cwxgoweb -ldflags '-s -w' src/main.go
- ls -a
# 有 tag 时, 制作一个 压缩包,后续上传到 release
- name: 打包
image: registry.services.wait/cwx/os/alpine:3.18.3
depends_on: [ 编译 ]
commands:
- ls -a
- tar zcvf cwxgoweb-${DRONE_TAG}.tar.gz ./cwxgoweb
# 当生产环境打包完成后, 提交一个 release 版本到 gitea
# gitea-release 插件只适用于有 tag 的情况
- name: push-release
image: registry.services.wait/cwx/drone/plugins/gitea-release
pull: if-not-exists
depends_on: [ 打包 ]
environment:
GITEA_TOKEN:
from_secret: git_token
settings:
api_key: $GITEA_TOKEN
base_url: https://git.services.wait/
files:
- cwxgoweb-${DRONE_TAG}.tar.gz
# 如果存在则覆盖
file_exists: overwrite
title: 新版本发布 -${DRONE_TAG}
# 忽略 https 证书
insecure: true
# volumes:
# - name: cwxCA
# path: /etc/ssl/certs/ca-certificates.crt
# 制作镜像
- name: 生成镜像
image: registry.services.wait/cwx/kaniko-project/executor:v1.15.0-debug
pull: if-not-exists
depends_on: [ 编译 ]
environment:
CA_CERTIFICATE:
from_secret: ca_wait
DOCKER_AUTH_FILE:
from_secret: docker_user_wait_conf
commands:
# 一张内部的CA证书
- echo "$CA_CERTIFICATE" >> /kaniko/ssl/certs/additional-ca-cert-bundle.crt
# docker 仓库认证文件 .docker/config.json
- echo $DOCKER_AUTH_FILE > /kaniko/.docker/config.json
- /kaniko/executor
--context "."
--dockerfile "deploy/docker/drone/dockerfile"
--destination "registry.services.wait/cwx/cwxgoweb:${DRONE_TAG}"
# 发布k8s集群
- name: deploy
image: registry.services.wait/cwx/zc2638/drone-k8s-plugin:0.0.4
pull: if-not-exists
depends_on: [ 生成镜像 ]
settings:
k8s_server: https://kubernetes.default.svc.cluster.local
k8s_token:
from_secret: k8s_token
k8s_ca_crt:
from_secret: k8s_ca_crt
k8s_skip_tls: false
namespace: cwx
templates:
- deploy/kubernetes/prod/deployment.yml
- deploy/kubernetes/prod/IngressRoute.yml
- deploy/kubernetes/prod/services.yml
images_tags: ${DRONE_TAG}
debug: true
|
