It's really great to do CI/CD based on drone. Compared with jekins, the big brother in the industry, I prefer drone. In comparison, I think it has the following advantages
- Plug in does not require additional management
- Based on yaml file, easy to write, configuration can be version management
- Can be built according to different conditions
- More user-friendly UI interface
For our back-end java projects, what do we CI do?
The general submission code flow is as follows
- Clone project to local, create a branch to complete the development of new functions, GIT checkout - B feature / sync status. Modify some code in this branch
- git add., write a Commit that meets the specification and submit the code, git commit -m "sync article status"
- Push the code to the corresponding branch of the code base, GIT push origin feature / sync status
- If the function has been developed, you can initiate a Pull Request to the development (or Master) branch and ask the project leader Code Review
- After the Review is approved, the project leader merges the branch into the main branch
As can be seen from the above figure, when we submit the code, the entire CI process will be executed. The following two points need to be noted
- When executing build or unit test, if it fails, it will send a message to Slack. At this time, developers can notice this problem. Of course, they can also send email or wechat
- When executing SonarQube check, if there is a problem, the result will be written back to github, and the developers will look at the problem
First, let's look at the results of the check that SonarQube wrote back to github
When the sonar qube detection is completed, the results will be sent to github through oauth, so you need to create a personal access token in github (this should be noted down)
When you activate your code repository, Drone automatically adds Webhooks to the version control system, such as GitHub, without having to configure them manually
kind: pipeline name: default steps: # build for push and pull_request - name: build-pr image: maven:latest pull: if-not-exists commands: - mvn clean org.jacoco:jacoco-maven-plugin:prepare-agent install -Dmaven.test.skip=true -s settings.xml when: branch: - feature/* - issue/* - develop event: - push - pull_request - name: unittest image: maven:latest pull: if-not-exists commands: - mvn test -s settings.xml when: branch: - develop event: include: - pull_request - push # Here we use the command to customize our scan in depth, rather than using the drone sonar plugin - name: sonar-scan image: newtmitch/sonar-scanner:4.0.0-alpine environment: SONAR_TOKEN: from_secret: sonar_token GITHUB_ACCESS_TOKEN_FOR_SONARQUBE: from_secret: github_access_token_for_sonarqube commands: - > sonar-scanner -Dsonar.host.url=https://sonarqube.company-beta.com/ -Dsonar.login=$$SONAR_TOKEN -Dsonar.projectKey=smcp-service-BE -Dsonar.projectName=smcp-service-BE -Dsonar.projectVersion=${DRONE_BUILD_NUMBER} -Dsonar.sources=src/main/java -Dsonar.tests=src/test/java -Dsonar.language=java -Dsonar.java.coveragePlugin=jacoco -Dsonar.modules=smcp-api,smcp-web -Dsonar.java.binaries=target -Dsonar.projectBaseDir=. -Dsonar.analysis.mode=preview -Dsonar.github.repository=Today_Group/SMCP-Service -Dsonar.github.oauth=$$GITHUB_ACCESS_TOKEN_FOR_SONARQUBE -Dsonar.github.pullRequest=${DRONE_PULL_REQUEST} -Dsonar.github.disableInlineComments=false when: event: - pull_request branch: - develop # post sonarscan result back to git PR (not in preview mode) - name: sonar-scan-feedback image: newtmitch/sonar-scanner:4.0.0-alpine environment: SONAR_TOKEN: from_secret: sonar_token GITHUB_ACCESS_TOKEN_FOR_SONARQUBE: from_secret: github_access_token_for_sonarqube commands: - > sonar-scanner -Dsonar.host.url=https://sonarqube.company-beta.com/ -Dsonar.login=$$SONAR_TOKEN -Dsonar.projectKey=smcp-service-BE -Dsonar.projectName=smcp-service-BE -Dsonar.projectVersion=${DRONE_BUILD_NUMBER} -Dsonar.sources=src/main/java -Dsonar.tests=src/test/java -Dsonar.language=java -Dsonar.java.coveragePlugin=jacoco -Dsonar.modules=smcp-api,smcp-web -Dsonar.java.binaries=target -Dsonar.projectBaseDir=. -Dsonar.analysis.gitRepo=Today_Group/SMCP-Service -Dsonar.analysis.pullRequest=${DRONE_PULL_REQUEST} when: event: - pull_request branch: - develop
The above configuration of drone is the basic process of the whole CI, which should be noted as follows
- The above steps are triggered only when the branch name starts with feature /, issue /, and development. For unit test, only the development branch takes effect (you can customize it according to your needs)
- The sonar.projectkey and the sonar.projectname in the sonar configuration must be the same as the name when you create a project in the sonar server (the address specified by sonar.host.url)
- The value of sonar_token is created on the sonar server, and then it is set in the secrets of drone (click a warehouse in drone and enter Settings to set it)
- github token and sonar'u token are the same way, they need to be preset in drone (the advantage is that you will not expose your password in the file, which is more secure)
- Because the Java project is a multi module project, you can specify multiple module names in sonar.modules
- Don't specify preview mode when the content of sonar scan feedback goes to pr
- Jacoco (analysis unit test coverage) is used in build ing, so this plugin needs to be introduced into pom.xml in java project
<plugin> <groupId>org.jacoco</groupId> <artifactId>jacoco-maven-plugin</artifactId> <version>${jacoco.version}</version> <executions> <execution> <id>prepare-agent</id> <goals> <goal>prepare-agent</goal> </goals> </execution> <execution> <id>default-report</id> <phase>test</phase> <goals> <goal>report</goal> </goals> <configuration> <dataFile>target/jacoco.exec</dataFile> <outputDirectory>target/jacoco</outputDirectory> </configuration> </execution> </executions> </plugin>
Other possible problems:
- How to send email or message to wechat group after ci execution
A: drone provided information about mail and Wechat plug in
- Can sonarqube integrate Alibaba's p3c or custom checkstyle
A: there is no p3c plug-in, but it can be integrated through PMD
Integrated p3c: https://www.jianshu.com/p/a3a58ac368be
Custom checkstyle: https://www.jianshu.com/p/a3a58ac368be
- What should I do according to the information of build (success, time, etc.)?
A: drone provides a plugin for webhook. You only need to write your own statistical program. You can set the information you need to send according to the template settings
- What can I do without the plug-in I want?
A: you can write a plug-in by yourself. There are bash/go examples on the official website. You can also use a familiar language
Don't get lost
