--- kind: pipeline type: docker name: catlink-ci # Trigger настройки trigger: branch: - master - main - develop event: - push - pull_request # Глобальные переменные environment: DOCKER_BUILDKIT: 1 COMPOSE_DOCKER_CLI_BUILD: 1 # Этапы пайплайна steps: # 1. Установка зависимостей и подготовка - name: prepare image: docker:20.10-dind volumes: - name: docker path: /var/run/docker.sock commands: - apk add --no-cache make curl git bash - docker --version - echo "Repository:$${DRONE_REPO}" - echo "Branch:$${DRONE_BRANCH}" - echo "Commit:$${DRONE_COMMIT_SHA:0:8}" - chmod +x scripts/ci/*.sh # 2. Линтинг и проверка кода - name: lint image: docker:20.10-dind volumes: - name: docker path: /var/run/docker.sock commands: - echo "🔍 Running code quality checks..." - ./scripts/ci/lint.sh depends_on: - prepare # 3. Сборка приложения - name: build image: docker:20.10-dind volumes: - name: docker path: /var/run/docker.sock commands: - echo "🏗️ Building application..." - ./scripts/ci/build.sh depends_on: - lint # 4. Тестирование - name: test image: docker:20.10-dind volumes: - name: docker path: /var/run/docker.sock environment: DATABASE_URL: postgres://catlink:catlink@postgres:5432/catlink_test commands: - echo "🧪 Running tests..." - ./scripts/ci/test.sh depends_on: - build # 5. Анализ безопасности - name: security-scan image: docker:20.10-dind volumes: - name: docker path: /var/run/docker.sock commands: - echo "🔒 Running security scans..." - ./scripts/ci/security-scan.sh depends_on: - test failure: ignore # Не останавливаем пайплайн при проблемах безопасности # 6. Сборка Docker образов для продакшена - name: build-production image: docker:20.10-dind volumes: - name: docker path: /var/run/docker.sock commands: - echo "🚀 Building production images..." - ./scripts/ci/build-production.sh - docker images | grep catlink depends_on: - security-scan when: branch: - master - main # 7. Публикация образов в Registry - name: publish image: docker:20.10-dind volumes: - name: docker path: /var/run/docker.sock environment: DOCKER_USERNAME: from_secret: docker_username DOCKER_PASSWORD: from_secret: docker_password DOCKER_REGISTRY: from_secret: docker_registry commands: - echo "📦 Publishing to registry..." - ./scripts/ci/publish.sh depends_on: - build-production when: branch: - master - main event: - push # 8. Деплой на staging - name: deploy-staging image: docker:20.10-dind volumes: - name: docker path: /var/run/docker.sock environment: STAGING_HOST: from_secret: staging_host STAGING_USER: from_secret: staging_user STAGING_KEY: from_secret: staging_ssh_key commands: - echo "🎭 Deploying to staging..." - ./scripts/ci/deploy-staging.sh depends_on: - publish when: branch: - develop event: - push # 9. Деплой на продакшен - name: deploy-production image: docker:20.10-dind volumes: - name: docker path: /var/run/docker.sock environment: PRODUCTION_HOST: from_secret: production_host PRODUCTION_USER: from_secret: production_user PRODUCTION_KEY: from_secret: production_ssh_key DEPLOY_KEY: from_secret: deploy_key commands: - echo "🚀 Deploying to production..." - ./scripts/ci/deploy-production.sh depends_on: - publish when: branch: - master - main event: - push # 10. Уведомления через Slack (если настроено) - name: notify-slack image: plugins/slack settings: webhook: from_secret: slack_webhook channel: "#catlink-ci" username: "Drone CI" template: | {{#success build.status}} ✅ *Build {{build.number}} succeeded* 📁 Repository: {{repo.name}} 🌿 Branch: {{build.branch}} 👤 Author: {{build.author}} 📝 Commit: {{truncate build.commit 8}} 🔗 {{build.link}} {{else}} ❌ *Build {{build.number}} failed* 📁 Repository: {{repo.name}} 🌿 Branch: {{build.branch}} 👤 Author: {{build.author}} 📝 Commit: {{truncate build.commit 8}} 🔗 {{build.link}} {{/success}} depends_on: - deploy-production - deploy-staging when: status: - success - failure failure: ignore # Не падаем если Slack не настроен # 11. Простые уведомления в логах - name: notify-console image: alpine:latest commands: - | if [ "$${DRONE_BUILD_STATUS}" = "success" ]; then echo "✅ BUILD SUCCESS!" echo "📁 Repository: $${DRONE_REPO}" echo "🌿 Branch: $${DRONE_BRANCH}" echo "👤 Author: $${DRONE_COMMIT_AUTHOR}" echo "📝 Commit: $${DRONE_COMMIT_SHA:0:8}" echo "🕐 Duration: $$(date -d @$${DRONE_BUILD_STARTED} '+%H:%M:%S')" else echo "❌ BUILD FAILED!" echo "📁 Repository: $${DRONE_REPO}" echo "🌿 Branch: $${DRONE_BRANCH}" echo "👤 Author: $${DRONE_COMMIT_AUTHOR}" echo "📝 Commit: $${DRONE_COMMIT_SHA:0:8}" fi depends_on: - deploy-production - deploy-staging when: status: - success - failure # Сервисы для тестирования services: # PostgreSQL для тестов - name: postgres image: postgres:14-alpine environment: POSTGRES_DB: catlink_test POSTGRES_USER: catlink POSTGRES_PASSWORD: catlink POSTGRES_HOST_AUTH_METHOD: trust tmpfs: - /var/lib/postgresql/data # Redis для кеширования (если потребуется) - name: redis image: redis:7-alpine # Volumes volumes: - name: docker host: path: /var/run/docker.sock --- # Пайплайн для релизов kind: pipeline type: docker name: release steps: - name: create-release image: plugins/github-release settings: api_key: from_secret: github_token title: "CatLink v${DRONE_TAG}" note: "Release ${DRONE_TAG}" files: - "dist/*" checksum: - md5 - sha1 - sha256 trigger: event: - tag --- # Signature для верификации (если используется) kind: signature hmac: