drone secret 使用
drone 的secret 可以让我们方便的对于需要保密的信息的隐藏,减少账户信息的泄密
环境准备
- docker-compose 文件
version: '3'
services:
drone-server:
image: drone/drone:1.0.0-rc.1
ports:
- "80:80"
volumes:
- ./drone:/var/lib/drone/
environment:
- DRONE_OPEN=true
- DRONE_SERVER_HOST=drone-server
- DRONE_DEBUG=true
- DRONE_GIT_ALWAYS_AUTH=false
- DRONE_GOGS=true
- DRONE_GOGS_SKIP_VERIFY=false
- DRONE_GOGS_SERVER=http://gogs:3000
- DRONE_PROVIDER=gogs
- DRONE_DATABASE_DATASOURCE=/var/lib/drone/drone.sqlite
- DRONE_DATABASE_DRIVER=sqlite3
- DRONE_SERVER_PROTO=http
- DRONE_RPC_SECRET=ALQU2M0KdptXUdTPKcEw
gogs:
image: gogs/gogs
ports:
- "10022:22"
- "3000:3000"
volumes:
- ./data/gogs:/data
depends_on:
- mysql
mysql:
image: mysql:5.7.16
volumes:
- ./gogs/mysql:/var/lib/mysql
command: --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci
environment:
MYSQL_ROOT_PASSWORD: dalongrong
MYSQL_DATABASE: gogs
MYSQL_USER: gogs
MYSQL_PASSWORD: dalongrong
TZ: Asia/Shanghai
drone-agent:
image: drone/agent:1.0.0-rc.1
depends_on:
- drone-server
environment:
- DRONE_RPC_SERVER=http://drone-server
- DRONE_RPC_SECRET=ALQU2M0KdptXUdTPKcEw
- DRONE_DEBUG=true
- DOCKER_HOST=tcp://docker-bind:2375
docker-bind:
image: docker:dind
privileged: true
# command: --storage-driver=overlay- 启动&&配置
docker-compose up -d
配置,直接输入数据库信息就可以了- 添加简单项目&&添加drone集成
drone 配置
kind: pipeline
name: default
steps:
- name: infoapp
image: busybox
commands:
- echo "appdemo"
- echo $USERNAME, $PASSWORD
environment:
USERNAME:
from_secret: username
PASSWORD:
from_secret: passwordsecret 配置&&运行
- drone 集成secret
上边的drone文件已经集成了 - 添加drone secret
- 测试效果
参考资料
https://docs.drone.io/config/secrets/pre-repository/
https://docs.drone.io/
https://docs.drone.io/config/pipeline/steps/
https://github.com/rongfengliang/drone-1.0-gogs
