Drone plugin
1. 简介
Drone plugin 是特殊的Docker容器,其中封装了执行特定任务的一段程序,可以使用来自Drone环境变量和.drone.yaml中的配置参数。
在.drone.yaml中配置传递给容器的参数,这些参数作为环境变量传递给容器,且前缀为 PLUGIN_
.
kind: pipeline
type: docker
name: default
steps:
- name: webhook
image: janecitizen/slack
settings:
webhook: https://hooks.slack.com/services/...
channel: general
text: hello
PLUGIN_CHANNEL=general
PLUGIN_WEBHOOK=https://hooks.slack.com/services/...
PLUGIN_TEXT=hello
2. 开发用于git push的插件
2.1 在docker容器中使用SSH keys
有关添加SSH key相关的部分
# Authorize SSH Host
RUN mkdir -p /root/.ssh && \
chmod 0700 /root/.ssh && \
ssh-keyscan github.com > /root/.ssh/known_hosts
# Add the keys and set permissions
RUN echo "$ssh_prv_key" > /root/.ssh/id_rsa && \
echo "$ssh_pub_key" > /root/.ssh/id_rsa.pub && \
chmod 600 /root/.ssh/id_rsa && \
chmod 600 /root/.ssh/id_rsa.pub
2.2 Git的SSH参数
问题:The authenticity of host ‘ip (ip)’ can’t be established.
关于Git的SSH配置:git 指定要提交的ssh key
“使用
GIT_SSH_COMMAND
环境变量(Git 2.3.0+)传递ssh参数:$ GIT_SSH_COMMAND='ssh -i ~/.ssh/id_rsa -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no'
”
2.3 插件实现
参考:
-
在使用参考中第一个插件时,当提供远程仓库的地址(SSH)时,出现“id_rsa invalid format”错误:
+ git remote add deploy ssh://git@xxx.xxx.xxx.xxx:xxxx/letitia/drone-test.git + git push deploy HEAD:master Warning: Permanently added '[xxx.xxx.xxx.xxx]:xxxx' (ECDSA) to the list of known hosts. Load key "/root/.ssh/id_rsa": invalid format git@xxx.xxx.xxx.xxx: Permission denied (publickey). fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists.
在插件的脚本中
echo -n "${PLUGIN_SSH_KEY}"
可以看到变量的内容是:-----BEGIN RSA PRIVATE KEY-----\n.......\n.......\n.......\n-----END RSA PRIVATE KEY-----
其中的
\n
没有被转义,如果是echo -en "${PLUGIN_SSH_KEY}"
转义后,可以在steps中看到的内容是:[secret:git_ssh_key]
可能需要转义后存放到
.ssh/id_rsa
-
当选择推送到远程仓库“origin”时,出现无法识别"could not read Username"错误:
+ git push origin HEAD:master fatal: could not read Username for 'http://xxx.xxx.xxx.xxx:xxxx': No such device or address
原因可能是,Drone通过http的方式克隆仓库,在克隆后仓库的origin变为
http://
,从而产生了无法读取用户名的错误 -
具体sh脚本的部分:
export GIT_SSH_COMMAND='ssh -o StrictHostKeyChecking=no' mkdir /root/.ssh chmod 700 /root/.ssh echo -en "$SSH_KEY" > /root/.ssh/id_rsa chmod 600 /root/.ssh/id_rsa touch /root/.ssh/known_hosts chmod 600 /root/.ssh/known_hosts ssh-keyscan -H xxx.xxx.xxx.xxx > /etc/ssh/ssh_known_hosts 2> /dev/null ssh-keyscan -H xxx.xxx.xxx.xxx > /root/.ssh/known_hosts
创建plugin:
FROM alpine RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories RUN apk update && apk upgrade && \ apk add --no-cache ca-certificates openssh curl bash git git-lfs ADD script.sh /bin/ RUN chmod +x /bin/script.sh ENTRYPOINT /bin/script.sh