This is a useful scripts collection for deploying with Drone CI.
- Uploading files with rsync or lftp
- Auto editing in each environments before uploading
This scripts are triggered by Drone's Deployments. It will get this file hosted on this repository. This means that changes on this repository may affect your deployment immediately. So you shouldn't use this directly, you should fork this at first, then change these parts to yours. (just replace karappo/drone-deploy/
to your-acocunt/drone-deploy/
)
Please install following this instruction.
Ref: Easily install Drone on Digital Ocean (Japanese)
This branch list shows drone compatibles.
- Activate your project on Drone.
- Add
.drone.yml
file into your project root - [Optional] Add include file and ignore file
- Commit and push as usual
The following contents are recommended.
.drone.yml
clone:
git:
image: plugins/git
recursive: true
depth: 1
submodule_override:
path/to/submodule: https://github.com:443/someone/sample.git
when:
branch: [ master ]
pipeline:
build:
image: karappo/dronedeploy:drone-0.8
environment:
- DEP_MASTER_COMMAND='rsync'
- DEP_MASTER_HOST='sample.com'
- DEP_MASTER_USER='username'
- DEP_MASTER_HOST_DIR='htdocs'
commands:
- echo "$SSH_KEY" > ~/.ssh/id_rsa && chmod 600 ~/.ssh/id_rsa
- curl https://raw.githubusercontent.com/karappo/drone-deploy/drone-compatible/v0.8/deploy.sh | bash
secrets: [ ssh_key ]
If you want to ignore submodules, you can set false
to disable git recursive clone.
This is optional. If you don't need it, you can remove the first 4 lines. Because default value is true
.
To set 1
is recommended, because of making cloning faster.
key: Set the path
value in .gitmodules
value: Replacement URL(https, needs port setting) with the url
value in .gitmodules.
Ref:
Adding conditions for cloning is recomended otherwise drone will do "cloning" after every branch pushing. Especialy you should check this configration when having heavy "build".
Setting this to karappo/dronedeploy
is recommended, because it's been installed necessary tools already, so this makes builds fater.
Ref: karappo/dronedeploy
These environment variables will be used in scripts.
Replace [BRANCH]
to your target branch name.
If DEP_[BRANCH]_XXX
won't be found, the scripts will use DEP_REMOTE_XXX
instead.
It's useful if you have some common settings between remote environments.
Key | Value | Description |
---|---|---|
DEP_[BRANCH]_COMMAND |
rsync or lftp |
Sync command (rsync is recommended) |
DEP_[BRANCH]_HOST |
e.g. sample.com |
Target remote host |
DEP_[BRANCH]_USER |
SSH or FTP username | |
DEP_[BRANCH]_PASSWORD |
Not necessary if command is rsync and allow access with RSA authentication |
|
DEP_[BRANCH]_HOST_DIR |
e.g. /home/user/www ,www |
Use absolute path if command is rsync , or related path if command is lftp |
Key | Value | Description |
---|---|---|
DEP_[BRANCH]_FTPS |
yes or no |
Default is yes . Set no only if remote doesn't accept FTPS |
DEP_[BRANCH]_PORT |
e.g. 2222 |
Activate only if command is rsync and using particular port other than 22 |
DEP_[BRANCH]_INCLUDE_FILE |
e.g. ./.depinc.sh |
URL allowed |
DEP_[BRANCH]_IGNORE_FILE |
e.g. ./.depignore , default |
URL allowed |
This is the entry point of this system. Do NOT change.
Please set secrets named ssh_key
on your drone dashboard.
You may use ssh-keygen
ssh-keygen -f ~/Desktop/ssh_key -C 'project_name@drone.your.domain'
You can define custom processes before and after syncing in this file.
- Switch DB settings by each environments
- Activate Basic Auth only on stating environment
Include file should have two methods like this.
.depinc.sh
before_sync(){
# your process here
}
after_sync(){
# your process here
}
You should set your include file with related path from your project's root.
.drone.yml
build:
environment:
- DEP_REMOTE_INCLUDE_FILE=./.depinc.sh
Or you can set this as URL.
.drone.yml
build:
environment:
- DEP_REMOTE_INCLUDE_FILE=https://raw.githubusercontent.com/karappo/drone-deploy/drone-compatible/v0.8/include-files/wordpress/.depinc.sh
If you set like above, these process below will be executed.
- Remove
#DEP_REMOTE_RM
and#DEP_[BRANCH]_RM
in.htaccess
file - Remove
//DEP_REMOTE_RM
and//DEP_[BRANCH]_RM
in.php
files - Set the recommended permissions for WordPress after syncing
Ref: .depinc.sh
In WordPress project, you can write code like this.
wp-config.php
// Database Settings -----------
// Local
// Activate only in local environment
//DEP_REMOTE_RM /*
define('DB_NAME', 'LOCAL_DATABASE');
define('DB_USER', 'root');
define('DB_PASSWORD', 'root');
define('DB_HOST', 'localhost');
//DEP_REMOTE_RM */
// Remote
// Activate only in master branch's deploy target
//DEP_MASTER_RM define('DB_NAME', 'PROD_DATABASE');
//DEP_MASTER_RM define('DB_USER', 'PROD_USER');
//DEP_MASTER_RM define('DB_PASSWORD', 'PROD_PASSWORD');
//DEP_MASTER_RM define('DB_HOST', 'PROD_HOST');
// Activate only in staging branch's deploy target
//DEP_STAGING_RM define('DB_NAME', 'STAGING_DATABASE');
//DEP_STAGING_RM define('DB_USER', 'STAGING_USER');
//DEP_STAGING_RM define('DB_PASSWORD', 'STAGING_PASSWORD');
//DEP_STAGING_RM define('DB_HOST', 'STAGING_HOST');
// Common
define('DB_CHARSET', 'utf8');
define('DB_COLLATE', '');
// ----------- / Database Settings
And you can activate Basic Auth only in staging branch's target environment with this below.
.htaccess
# Basic Authentication -----------
#DEP_STAGING_RM <Files ~ "^\.(htaccess|htpasswd)$">
#DEP_STAGING_RM deny from all
#DEP_STAGING_RM </Files>
#DEP_STAGING_RM AuthUserFile /home/example/www/.htpasswd
#DEP_STAGING_RM AuthGroupFile /dev/null
#DEP_STAGING_RM AuthName "Please enter your ID and password"
#DEP_STAGING_RM AuthType Basic
#DEP_STAGING_RM require valid-user
#DEP_STAGING_RM order deny,allow
# ----------- / Basic Authentication
This is default permissions, you can edit for each project you have.
find ./ -type d -exec chmod 705 {} \;
find ./ -type f -exec chmod 604 {} \;
chmod 606 .htaccess
chmod 600 wp/wp-config.php
There are some files for particular purposes or environments under the directory include-files
.
This is a file for exclusion in syncing.
.depignore
.git/
.sass-cache/
.gitignore
Procfile
README
README.*
/_assets/
# drone-deploy
.depignore
.depinc.sh
.drone.yml
You should set your ignore file with related path from your project's root.
.drone.yml
build:
environment:
- DEP_MASTER_IGNORE_FILE=./.depignore
If you got these errors, your remote server may not accept FTPS connection. Please set DEP_[BRANCH]_FTPS=no
.
[DEPLOY] - sync -> via FTPS
ftp://user:password@host.com
mirror: Fatal error: Certificate verification: Not trusted
[DEPLOY] - sync -> [ERROR]
You can skip deployment by adding [CI SKIP]
to the last commit message. Ammend your last commit or just add empty commit and push. Note this is case-insensitive.
git commit --allow-empty -m '[CI SKIP]'
Ref: Skip Commits (Drone Document)
- drone-deploy is licensed under the MIT License