Arkon/NeveTimePanel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
551d733dc423fcce0baef2bcd190b17abfaa9e3c
NeveTimePanel/.drone.yml
arkonsadter 9a1e2df04d Added Dockerfile
2026-01-15 15:08:33 +06:00

265 lines
6.5 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
---
kind: pipeline
type: docker
name: code-quality
# Триггеры для пайплайна проверки качества
trigger:
event:
- push
- pull_request
steps:
# Проверка качества Python кода
- name: python-lint
image: python:3.11-slim
commands:
- cd backend
- pip install flake8 pylint black isort
- echo "Running flake8..."
- flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics
- flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics
- echo "Running pylint..."
- pylint **/*.py --exit-zero --max-line-length=127
- echo "Checking code formatting with black..."
- black --check --diff .
- echo "Checking imports with isort..."
- isort --check-only --diff .
# Проверка качества JavaScript/React кода
- name: frontend-lint
image: node:18-alpine
commands:
- cd frontend
- npm ci
- echo "Running ESLint..."
- npm run lint || true
- echo "Checking code formatting..."
- npx prettier --check "src/**/*.{js,jsx,ts,tsx,json,css,md}" || true
# Проверка безопасности зависимостей Python
- name: python-security
image: python:3.11-slim
commands:
- cd backend
- pip install safety bandit
- echo "Checking for known security vulnerabilities..."
- safety check --file=requirements.txt --exit-zero
- echo "Running bandit security linter..."
- bandit -r . -f json -o bandit-report.json --exit-zero || true
- bandit -r . --exit-zero
# Проверка безопасности зависимостей Node.js
- name: frontend-security
image: node:18-alpine
commands:
- cd frontend
- npm ci
- echo "Running npm audit..."
- npm audit --audit-level=moderate || true
---
kind: pipeline
type: docker
name: build-and-publish
# Триггеры для пайплайна сборки
trigger:
event:
- push
- tag
branch:
- main
- master
- develop
# Зависимость от пайплайна проверки качества
depends_on:
- code-quality
steps:
# Сборка и публикация Docker образа
- name: build-and-push
image: plugins/docker
settings:
# Настройки реестра (замените на свои)
registry: registry.example.com
repo: registry.example.com/mc-panel
# Теги для образа
tags:
- latest
- ${DRONE_COMMIT_SHA:0:8}
- ${DRONE_BRANCH}
# Автоматическое тегирование при push тега
auto_tag: true
auto_tag_suffix: ${DRONE_BUILD_NUMBER}
# Dockerfile
dockerfile: Dockerfile
context: .
# Учетные данные (настройте в Drone secrets)
username:
from_secret: docker_username
password:
from_secret: docker_password
# Build args (опционально)
build_args:
- BUILD_DATE=${DRONE_BUILD_CREATED}
- VCS_REF=${DRONE_COMMIT_SHA}
- VERSION=${DRONE_TAG:-${DRONE_BRANCH}}
when:
event:
- push
- tag
# Сканирование образа на уязвимости (опционально)
- name: scan-image
image: aquasec/trivy
commands:
- trivy image --exit-code 0 --severity HIGH,CRITICAL registry.example.com/mc-panel:${DRONE_COMMIT_SHA:0:8}
when:
event:
- push
- tag
depends_on:
- build-and-push
# Уведомление об успешной сборке (опционально)
- name: notify-success
image: plugins/slack
settings:
webhook:
from_secret: slack_webhook
channel: deployments
username: drone
template: >
✅ Build #{{build.number}} succeeded!
Repository: {{repo.name}}
Branch: {{build.branch}}
Commit: {{build.commit}}
Author: {{build.author}}
Docker image: registry.example.com/mc-panel:{{build.commit}}
when:
status:
- success
event:
- push
- tag
depends_on:
- build-and-push
# Уведомление об ошибке (опционально)
- name: notify-failure
image: plugins/slack
settings:
webhook:
from_secret: slack_webhook
channel: deployments
username: drone
template: >
❌ Build #{{build.number}} failed!
Repository: {{repo.name}}
Branch: {{build.branch}}
Commit: {{build.commit}}
Author: {{build.author}}
Link: {{build.link}}
when:
status:
- failure
event:
- push
- tag
---
kind: pipeline
type: docker
name: deploy-staging
# Пайплайн для деплоя на staging (опционально)
trigger:
event:
- push
branch:
- develop
depends_on:
- build-and-publish
steps:
- name: deploy-to-staging
image: appleboy/drone-ssh
settings:
host:
from_secret: staging_host
username:
from_secret: staging_username
key:
from_secret: staging_ssh_key
port: 22
script:
- cd /opt/mc-panel
- docker-compose pull
- docker-compose up -d
- docker-compose ps
---
kind: pipeline
type: docker
name: deploy-production
# Пайплайн для деплоя на production (только для тегов)
trigger:
event:
- tag
ref:
- refs/tags/v*
depends_on:
- build-and-publish
steps:
- name: deploy-to-production
image: appleboy/drone-ssh
settings:
host:
from_secret: production_host
username:
from_secret: production_username
key:
from_secret: production_ssh_key
port: 22
script:
- cd /opt/mc-panel
- docker-compose pull
- docker-compose up -d
- docker-compose ps
- echo "Deployed version ${DRONE_TAG}"
- name: notify-production-deploy
image: plugins/slack
settings:
webhook:
from_secret: slack_webhook
channel: deployments
username: drone
template: >
🚀 Production deployment successful!
Version: {{build.tag}}
Repository: {{repo.name}}
Author: {{build.author}}
Docker image: registry.example.com/mc-panel:{{build.tag}}
when:
status:
- success
Reference in New Issue View Git Blame Copy Permalink