diff --git a/drone/README.md b/drone/README.md index 429c8ff..a60430c 100644 --- a/drone/README.md +++ b/drone/README.md @@ -83,3 +83,7 @@ Drone外部访问配置: - 需要先在Gitea中配置OAuth应用 - 所有服务都运行在 `default` 命名空间 - 使用相同的TLS证书确保HTTPS访问 + + +在Gitea中提交代码 +在drone中点击同步 diff --git a/drone/drone-pipeline-serviceaccount.yaml b/drone/drone-pipeline-serviceaccount.yaml new file mode 100644 index 0000000..1ee0e65 --- /dev/null +++ b/drone/drone-pipeline-serviceaccount.yaml @@ -0,0 +1,30 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: drone-pipeline + namespace: default +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: drone-pipeline +rules: +- apiGroups: [""] + resources: ["pods", "services", "deployments", "replicasets", "secrets"] + verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] +- apiGroups: ["apps"] + resources: ["deployments", "replicasets"] + verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: drone-pipeline +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: drone-pipeline +subjects: +- kind: ServiceAccount + name: drone-pipeline + namespace: default diff --git a/drone/drone-runner-deployment.yaml b/drone/drone-runner-deployment.yaml index 2c863b1..ad2c57a 100644 --- a/drone/drone-runner-deployment.yaml +++ b/drone/drone-runner-deployment.yaml @@ -13,6 +13,7 @@ spec: labels: app: drone-runner spec: + serviceAccountName: drone-pipeline nodeSelector: node-role.kubernetes.io/control-plane: "true" containers: diff --git a/drone/install-drone.sh b/drone/install-drone.sh index d3b7352..f19ed54 100755 --- a/drone/install-drone.sh +++ b/drone/install-drone.sh @@ -1,7 +1,12 @@ #!/bin/bash echo "开始安装 Drone..." +# 创建必要的目录 +echo "创建Drone数据目录..." +ssh -i ~/.ssh/id_rsa_newinstall -p 2222 th@47.117.247.14 "sudo mkdir -p /opt/drone/data && sudo chown -R 1000:1000 /opt/drone" + # 应用所有yaml文件 +kubectl apply -f drone-pipeline-serviceaccount.yaml kubectl apply -f drone-server-deployment.yaml kubectl apply -f drone-server-service.yaml kubectl apply -f drone-runner-deployment.yaml