quiz_test/.drone.yml

kind: pipeline
type: docker
name: quiz-bot-ci-cd

# Триггеры для запуска pipeline
trigger:
  branch:
    - main
    - develop
    - devops
  event:
    - push
    - pull_request

# Глобальные переменные
environment:
  IMAGE_NAME: quiz-bot
  REGISTRY: localhost:5000  # Локальный registry или замените на ваш

steps:
  # 1. Клонирование и подготовка
  - name: prepare
    image: alpine/git:latest
    commands:
      - echo "Pipeline started for branch $DRONE_BRANCH"
      - echo "Commit: $DRONE_COMMIT_SHA"
      - echo "Author: $DRONE_COMMIT_AUTHOR"
      - git --version

  # 2. Линтинг Python кода
  - name: lint
    image: python:3.12-slim
    commands:
      - pip install --no-cache-dir flake8 black isort mypy
      - echo "Running Black formatter check..."
      - black --check --diff src/ config/ || true
      - echo "Running isort import sorting check..."
      - isort --check-only --diff src/ config/ || true
      - echo "Running flake8 linting..."
      - flake8 src/ config/ --max-line-length=88 --extend-ignore=E203,W503 || true
      - echo "Linting completed"

  # 3. Тестирование
  - name: test
    image: python:3.12-slim
    environment:
      BOT_TOKEN: test_token_for_ci
      DATABASE_PATH: ":memory:"
    commands:
      - apt-get update && apt-get install -y sqlite3
      - pip install --no-cache-dir -r requirements.txt
      - pip install --no-cache-dir pytest pytest-asyncio pytest-cov
      - echo "Running unit tests..."
      - python -m pytest test_*.py -v --tb=short || true
      - echo "Testing completed"

  # 4. Проверка безопасности
  - name: security-scan
    image: python:3.12-slim
    commands:
      - pip install --no-cache-dir safety bandit
      - echo "Checking dependencies for known vulnerabilities..."
      - safety check || true
      - echo "Running security analysis with bandit..."
      - bandit -r src/ -f json || true
      - echo "Security scan completed"

  # 5. Сборка Docker образа
  - name: build-image
    image: plugins/docker
    settings:
      dry_run: true  # Только сборка, без push
      dockerfile: Dockerfile
      context: .
      tags:
        - ${DRONE_BRANCH}-${DRONE_BUILD_NUMBER}
        - ${DRONE_BRANCH}-latest
    when:
      event:
        - push

  # 6. Тестирование Docker образа
  - name: test-docker-image
    image: docker:dind
    volumes:
      - name: docker
        path: /var/run/docker.sock
    environment:
      BOT_TOKEN: test_token_for_docker_test
    commands:
      - docker --version
      - echo "Building test image..."
      - docker build -t quiz-bot:test .
      - echo "Testing container startup..."
      - docker run --rm -d --name quiz-bot-test -e BOT_TOKEN=test_token quiz-bot:test sleep 30
      - sleep 5
      - docker logs quiz-bot-test
      - docker stop quiz-bot-test || true
      - echo "Container test completed"
    when:
      event:
        - push

  # 7. Проверка качества кода
  - name: code-quality
    image: python:3.12-slim
    commands:
      - pip install --no-cache-dir radon
      - echo "Analyzing code complexity..."
      - radon cc src/ -a || true
      - radon mi src/ || true
      - echo "Code quality analysis completed"

  # 8. Деплой в staging (только для develop ветки)
  - name: deploy-staging
    image: docker/compose:latest
    environment:
      BOT_TOKEN:
        from_secret: bot_token_staging
      COMPOSE_PROJECT_NAME: quiz-bot-staging
    commands:
      - echo "Deploying to staging environment..."
      - export IMAGE_TAG=${DRONE_BRANCH}-${DRONE_BUILD_NUMBER}
      - docker-compose -f docker-compose.yml up -d --build
      - sleep 10
      - docker-compose -f docker-compose.yml ps
      - echo "Staging deployment completed"
    when:
      branch:
        - develop
      event:
        - push

  # 9. Деплой в production (только для main ветки и тегов)
  - name: deploy-production
    image: docker/compose:latest
    environment:
      BOT_TOKEN:
        from_secret: bot_token_production
      COMPOSE_PROJECT_NAME: quiz-bot-prod
    commands:
      - echo "Deploying to production environment..."
      - export IMAGE_TAG=${DRONE_TAG:-${DRONE_BRANCH}-${DRONE_BUILD_NUMBER}}
      - docker-compose -f docker-compose.prod.yml up -d --build
      - sleep 15
      - docker-compose -f docker-compose.prod.yml ps
      - echo "Production deployment completed"
    when:
      branch:
        - main
      event:
        - push
        - tag

  # 10. Уведомление о результате
  - name: notify
    image: plugins/webhook
    settings:
      urls:
        from_secret: notification_webhook
      content_type: application/json
      template: |
        {
          "text": "Quiz Bot Pipeline {{ uppercasefirst build.status }}: {{ build.link }}",
          "attachments": [
            {
              "color": "{{ #success build.status }}good{{ else }}danger{{ /success }}",
              "fields": [
                {
                  "title": "Branch",
                  "value": "{{ build.branch }}",
                  "short": true
                },
                {
                  "title": "Commit",
                  "value": "{{ truncate build.commit 8 }}",
                  "short": true
                },
                {
                  "title": "Author",
                  "value": "{{ build.author }}",
                  "short": true
                }
              ]
            }
          ]
        }
    when:
      status:
        - success
        - failure

# Volumes для Docker-in-Docker
volumes:
  - name: docker
    host:
      path: /var/run/docker.sock

---
# Отдельный pipeline для очистки старых образов
kind: pipeline
type: docker
name: cleanup

trigger:
  cron:
    - cleanup
  event:
    - cron

steps:
  - name: cleanup-images
    image: docker:dind
    volumes:
      - name: docker
        path: /var/run/docker.sock
    commands:
      - echo "Cleaning up old Docker images..."
      - docker image prune -f --filter "until=72h"
      - docker container prune -f --filter "until=24h"
      - echo "Cleanup completed"

volumes:
  - name: docker
    host:
      path: /var/run/docker.sock

depends_on:
  - quiz-bot-ci-cd