drone secret 使用

时间:2021-11-05 06:04:32
 

drone 的secret 可以让我们方便的对于需要保密的信息的隐藏,减少账户信息的泄密

环境准备

  • docker-compose 文件
version: '3'
services:
drone-server:
image: drone/drone:1.0.0-rc.1
ports:
- "80:80"
volumes:
- ./drone:/var/lib/drone/
environment:
- DRONE_OPEN=true
- DRONE_SERVER_HOST=drone-server
- DRONE_DEBUG=true
- DRONE_GIT_ALWAYS_AUTH=false
- DRONE_GOGS=true
- DRONE_GOGS_SKIP_VERIFY=false
- DRONE_GOGS_SERVER=http://gogs:3000
- DRONE_PROVIDER=gogs
- DRONE_DATABASE_DATASOURCE=/var/lib/drone/drone.sqlite
- DRONE_DATABASE_DRIVER=sqlite3
- DRONE_SERVER_PROTO=http
- DRONE_RPC_SECRET=ALQU2M0KdptXUdTPKcEw
gogs:
image: gogs/gogs
ports:
- "10022:22"
- "3000:3000"
volumes:
- ./data/gogs:/data
depends_on:
- mysql
mysql:
image: mysql:5.7.16
volumes:
- ./gogs/mysql:/var/lib/mysql
command: --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci
environment:
MYSQL_ROOT_PASSWORD: dalongrong
MYSQL_DATABASE: gogs
MYSQL_USER: gogs
MYSQL_PASSWORD: dalongrong
TZ: Asia/Shanghai
drone-agent:
image: drone/agent:1.0.0-rc.1
depends_on:
- drone-server
environment:
- DRONE_RPC_SERVER=http://drone-server
- DRONE_RPC_SECRET=ALQU2M0KdptXUdTPKcEw
- DRONE_DEBUG=true
- DOCKER_HOST=tcp://docker-bind:2375
docker-bind:
image: docker:dind
privileged: true
# command: --storage-driver=overlay
  • 启动&&配置
docker-compose up -d
配置,直接输入数据库信息就可以了
  • 添加简单项目&&添加drone集成
    drone 配置
kind: pipeline
name: default
steps:
- name: infoapp
image: busybox
commands:
- echo "appdemo"
- echo $USERNAME, $PASSWORD
environment:
USERNAME:
from_secret: username
PASSWORD:
from_secret: password

secret 配置&&运行

  • drone 集成secret
    上边的drone文件已经集成了
  • 添加drone secret
    drone  secret 使用
  • 测试效果
    drone  secret 使用

参考资料

https://docs.drone.io/config/secrets/pre-repository/
https://docs.drone.io/
https://docs.drone.io/config/pipeline/steps/
https://github.com/rongfengliang/drone-1.0-gogs