Arkon/NeveTimePanel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fixed drone.yml
Some checks failed
continuous-integration/drone/push Build is failing
Details

Browse Source
This commit is contained in:
arkonsadter
2026-01-18 20:27:54 +06:00
parent e66ecbf178
commit 49affe3891
1 changed files with 116 additions and 231 deletions
Download Patch File Download Diff File Expand all files Collapse all files

347
.drone.yml
View File

@@ -4,79 +4,37 @@ name: code-quality
trigger: trigger:
event: event:
- push - push
- pull_request - pull_request
steps: steps:
- name: python-lint - name: python-lint
image: python:3.11-slim image: python:3.11-slim
commands: commands:
- cd backend - cd backend
- pip install --no-cache-dir flake8 black isort - pip install flake8
- echo "Running flake8 linting..." - flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics
- flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics
- echo "Checking code formatting with black..."
- black --check --diff . || echo "WARNING Code formatting issues found"
- echo "Checking import sorting..."
- isort --check-only --diff . || echo "WARNING Import sorting issues found"
- echo "SUCCESS Python checks completed"
- name: frontend-lint - name: frontend-lint
image: node:20-alpine image: node:20-alpine
commands: commands:
- cd frontend - cd frontend
- npm ci --silent - npm ci --silent
- echo "Running TypeScript compilation check..." - npm run lint || echo "ESLint warnings found"
- npx tsc --noEmit || echo "WARNING TypeScript errors found"
- echo "Running ESLint..."
- npm run lint || echo "WARNING ESLint warnings found (non-blocking)"
- echo "SUCCESS Frontend checks completed"
- name: python-tests - name: python-security
image: python:3.11-slim image: python:3.11-slim
commands: commands:
- cd backend - cd backend
- pip install --no-cache-dir -r requirements.txt pytest pytest-asyncio pytest-cov - pip install safety
- echo "Running Python tests..." - safety check --file=requirements.txt --exit-zero || echo "Security warnings found"
- python -m pytest tests/ -v --cov=. --cov-report=term-missing || echo "WARNING Some tests failed (non-blocking)"
- echo "SUCCESS Python tests completed"
when:
event:
- push
- pull_request
- name: frontend-tests - name: frontend-security
image: node:20-alpine image: node:20-alpine
commands: commands:
- cd frontend - cd frontend
- npm ci --silent - npm ci --silent
- echo "Running frontend tests..." - npm audit --audit-level=moderate || echo "Security warnings found"
- npm test -- --run --reporter=verbose || echo "WARNING Some frontend tests failed (non-blocking)"
- echo "SUCCESS Frontend tests completed"
when:
event:
- push
- pull_request
- name: python-security
image: python:3.11-slim
commands:
- cd backend
- pip install --no-cache-dir safety bandit
- echo "Checking for known security vulnerabilities..."
- safety check --file=requirements.txt --exit-zero || echo "WARNING Security warnings found"
- echo "Running bandit security analysis..."
- bandit -r . -f json -o bandit-report.json || echo "WARNING Security issues found"
- echo "SUCCESS Security checks completed"
- name: frontend-security
image: node:20-alpine
commands:
- cd frontend
- npm ci --silent
- echo "Running npm audit..."
- npm audit --audit-level=moderate || echo "WARNING Security warnings found"
- echo "SUCCESS Frontend security checks completed"
--- ---
kind: pipeline kind: pipeline
@@ -85,84 +43,58 @@ name: build-and-publish
trigger: trigger:
event: event:
- push - push
- tag - tag
branch: branch:
- main - main
- master - master
- develop - develop
depends_on: depends_on:
- code-quality - code-quality
steps: steps:
- name: build-and-push - name: build-and-push
image: plugins/docker image: plugins/docker
settings: settings:
registry: registry.nevetime.ru registry: registry.nevetime.ru
repo: registry.nevetime.ru/mc-panel repo: registry.nevetime.ru/mc-panel
tags: tags:
- latest - latest
- ${DRONE_COMMIT_SHA:0:8} - ${DRONE_COMMIT_SHA:0:8}
- ${DRONE_BRANCH} - ${DRONE_BRANCH}
auto_tag: true auto_tag: true
dockerfile: Dockerfile dockerfile: Dockerfile
context: . context: .
username: username:
from_secret: docker_username from_secret: docker_username
password: password:
from_secret: docker_password from_secret: docker_password
build_args: build_args:
- BUILD_DATE=${DRONE_BUILD_CREATED} - BUILD_DATE=${DRONE_BUILD_CREATED}
- VCS_REF=${DRONE_COMMIT_SHA} - VCS_REF=${DRONE_COMMIT_SHA}
- VERSION=${DRONE_TAG:-${DRONE_BRANCH}-${DRONE_BUILD_NUMBER}} - VERSION=${DRONE_TAG:-${DRONE_BRANCH}}
when: when:
event: event:
- push - push
- tag - tag
- name: test-image - name: scan-image
image: docker:dind image: aquasec/trivy:latest
volumes: environment:
- name: docker-sock TRIVY_USERNAME:
path: /var/run/docker.sock from_secret: docker_username
commands: TRIVY_PASSWORD:
- echo "Testing built Docker image..." from_secret: docker_password
- docker run --rm -d --name mc-panel-test -p 8001:8000 registry.nevetime.ru/mc-panel:${DRONE_COMMIT_SHA:0:8} commands:
- sleep 30 - echo "Scanning image for vulnerabilities..."
- echo "Checking if application is responding..." - trivy image --exit-code 0 --severity HIGH,CRITICAL registry.nevetime.ru/mc-panel:${DRONE_COMMIT_SHA:0:8}
- docker exec mc-panel-test curl -f http://localhost:8000/ || echo "WARNING Health check failed" when:
- docker stop mc-panel-test event:
- echo "SUCCESS Image test completed" - push
when: - tag
event: depends_on:
- push - build-and-push
- tag
depends_on:
- build-and-push
- name: scan-image
image: aquasec/trivy:latest
environment:
TRIVY_USERNAME:
from_secret: docker_username
TRIVY_PASSWORD:
from_secret: docker_password
commands:
- echo "Scanning image for vulnerabilities..."
- trivy image --exit-code 0 --severity HIGH,CRITICAL --format table --username $TRIVY_USERNAME --password $TRIVY_PASSWORD registry.nevetime.ru/mc-panel:${DRONE_COMMIT_SHA:0:8}
- echo "SUCCESS Security scan completed"
when:
event:
- push
- tag
depends_on:
- build-and-push
volumes:
- name: docker-sock
host:
path: /var/run/docker.sock
--- ---
kind: pipeline kind: pipeline
@@ -171,35 +103,34 @@ name: deploy-staging
trigger: trigger:
event: event:
- push - push
branch: branch:
- develop - develop
depends_on: depends_on:
- build-and-publish - build-and-publish
steps: steps:
- name: deploy-to-staging - name: deploy-to-staging
image: alpine:latest image: alpine:latest
environment: environment:
STAGING_HOST: STAGING_HOST:
from_secret: staging_host from_secret: staging_host
STAGING_USER: STAGING_USER:
from_secret: staging_user from_secret: staging_user
STAGING_KEY: STAGING_KEY:
from_secret: staging_ssh_key from_secret: staging_ssh_key
commands: commands:
- apk add --no-cache openssh-client - apk add --no-cache openssh-client
- echo "Deploying to staging environment..." - echo "Deploying to staging..."
- echo "$STAGING_KEY" | base64 -d > /tmp/ssh_key - echo "$STAGING_KEY" | base64 -d > /tmp/ssh_key
- chmod 600 /tmp/ssh_key - chmod 600 /tmp/ssh_key
- ssh -o StrictHostKeyChecking=no -i /tmp/ssh_key $STAGING_USER@$STAGING_HOST "docker pull registry.nevetime.ru/mc-panel:${DRONE_COMMIT_SHA:0:8} && docker-compose -f /opt/mc-panel/docker-compose.staging.yml up -d" - ssh -o StrictHostKeyChecking=no -i /tmp/ssh_key $STAGING_USER@$STAGING_HOST "docker pull registry.nevetime.ru/mc-panel:${DRONE_COMMIT_SHA:0:8}"
- echo "SUCCESS Staging deployment completed" when:
when: event:
event: - push
- push branch:
branch: - develop
- develop
--- ---
kind: pipeline kind: pipeline
@@ -208,75 +139,29 @@ name: deploy-production
trigger: trigger:
event: event:
- tag
ref:
- refs/tags/v*
depends_on:
- build-and-publish
steps:
- name: deploy-to-production
image: alpine:latest
environment:
PROD_HOST:
from_secret: production_host
PROD_USER:
from_secret: production_user
PROD_KEY:
from_secret: production_ssh_key
commands:
- apk add --no-cache openssh-client
- echo "Deploying to production environment..."
- echo "$PROD_KEY" | base64 -d > /tmp/ssh_key
- chmod 600 /tmp/ssh_key
- ssh -o StrictHostKeyChecking=no -i /tmp/ssh_key $PROD_USER@$PROD_HOST "docker pull registry.nevetime.ru/mc-panel:${DRONE_TAG} && docker-compose -f /opt/mc-panel/docker-compose.prod.yml up -d"
- echo "SUCCESS Production deployment completed"
when:
event:
- tag - tag
ref:
--- - refs/tags/v*
kind: pipeline
type: docker
name: notify
trigger:
event:
- push
- tag
- pull_request
status:
- success
- failure
depends_on: depends_on:
- code-quality - build-and-publish
- build-and-publish
steps: steps:
- name: notify-telegram - name: deploy-to-production
image: appleboy/drone-telegram image: alpine:latest
settings: environment:
token: PROD_HOST:
from_secret: telegram_bot_token from_secret: production_host
to: PROD_USER:
from_secret: telegram_chat_id from_secret: production_user
format: markdown PROD_KEY:
message: > from_secret: production_ssh_key
{{#success build.status}} commands:
SUCCESS **MC Panel Build Success** - apk add --no-cache openssh-client
{{else}} - echo "Deploying to production..."
ERROR **MC Panel Build Failed** - echo "$PROD_KEY" | base64 -d > /tmp/ssh_key
{{/success}} - chmod 600 /tmp/ssh_key
- ssh -o StrictHostKeyChecking=no -i /tmp/ssh_key $PROD_USER@$PROD_HOST "docker pull registry.nevetime.ru/mc-panel:${DRONE_TAG}"
**Repository:** {{repo.name}} when:
**Branch:** {{build.branch}} event:
**Commit:** {{build.commit}} - tag
**Author:** {{build.author}}
**Message:** {{build.message}}
**Build:** [#{{build.number}}]({{build.link}})
when:
status:
- success
- failure