clone: image: registry.t-aaron.com/drone/git:latest kind: pipeline type: kubernetes name: gateway volumes: - name: maven-cache host: path: /opt/maven-cache-default - name: sonar-cache host: path: /opt/sonar-cache-default steps: - name: download-dependencies image: registry.t-aaron.com/maven:3.8.6-openjdk-11-slim volumes: - name: maven-cache path: /root/.m2 commands: - echo "配置 Maven 镜像源..." - mkdir -p /root/.m2 - cp settings.xml /root/.m2/settings.xml - echo "开始下载 Maven 依赖..." - mvn dependency:go-offline -B - echo "依赖下载完成!" - echo "将本地 Maven 缓存同步到工作区用于后续构建..." - mkdir -p /drone/src/.m2 - cp -a /root/.m2/. /drone/src/.m2/ - name: package image: registry.t-aaron.com/maven:3.8.6-openjdk-11-slim volumes: - name: maven-cache path: /root/.m2 commands: - echo "配置 Maven 镜像源..." - mkdir -p /root/.m2 - cp settings.xml /root/.m2/settings.xml - echo "开始构建 JAR 包..." - mvn clean package -DskipTests -B - echo "JAR 包构建完成!" - ls -la target/*.jar when: event: [ push, pull_request ] depends_on: - download-dependencies - name: sonar-scan image: registry.t-aaron.com/maven:3.8.6-openjdk-11-slim volumes: - name: maven-cache path: /root/.m2 - name: sonar-cache path: /root/.sonar/cache commands: - echo "配置 Maven 镜像源..." - mkdir -p /root/.m2 - cp settings.xml /root/.m2/settings.xml - echo "开始 SonarQube 代码质量检查..." - echo "清理之前的构建文件..." - rm -rf target/ .mvn/ .classpath .project .settings/ - echo "编译代码..." - mvn clean compile - echo "执行 SonarQube 扫描..." - mvn sonar:sonar -Dsonar.projectKey=gateway -Dsonar.host.url=https://sonar-ops.t-aaron.com/sonar -Dsonar.login=$SONAR_TOKEN -Dsonar.projectName="Gateway" -Dsonar.projectVersion=${DRONE_COMMIT_SHA:0:8} -Dsonar.sources=src/main/java -Dsonar.java.binaries=target/classes - echo "SonarQube 代码质量检查完成!" environment: SONAR_TOKEN: from_secret: SONAR_TOKEN when: event: [ push, pull_request ] depends_on: - download-dependencies - name: build-and-push image: registry.t-aaron.com/plugins/kaniko settings: registry: registry.t-aaron.com repo: registry.t-aaron.com/tuoheng/gateway cache: true cache_repo: registry.t-aaron.com/kaniko/cache-gateway build_args: - MAVEN_MIRROR_URL=https://maven.aliyun.com/repository/public username: from_secret: REGISTRY_USERNAME password: from_secret: REGISTRY_PASSWORD tags: - latest - ${DRONE_COMMIT_SHA:0:8} dockerfile: Dockerfile context: . when: event: [ push, tag ] depends_on: - package - name: deploy-to-k8s image: registry.t-aaron.com/alpine/k8s:1.25.9 commands: - echo "部署/更新 gateway 到 default 命名空间" - | kubectl create deployment gateway \ --image=registry.t-aaron.com/tuoheng/gateway:${DRONE_COMMIT_SHA:0:8} \ --port=8080 -n default --dry-run=client -o yaml | kubectl apply -f - - kubectl set image deployment/gateway gateway=registry.t-aaron.com/tuoheng/gateway:${DRONE_COMMIT_SHA:0:8} -n default --record=true || true - kubectl create service clusterip gateway --tcp=8080:8080 -n default --dry-run=client -o yaml | kubectl apply -f - - echo "等待 Deployment 就绪..." - kubectl rollout status deployment/gateway -n default --timeout=300s - echo "查看服务与Pod状态" - kubectl get deploy,svc -n default | grep -i gateway || true - kubectl get pods -n default -l app=gateway || kubectl get pods -n default | grep gateway || true when: event: [ push ] depends_on: - build-and-push