Drone.io: Cheap and Effective CI

Updated Note 3/8/24: github actions have basically made any of the facts in this article out of date and I wouldn't recommend using drone anymore.

Open source projects have a few good choices for free CI namely in travis/circle/gitlab ect. A small issue arises for dev's who have private repo's or code they don't want to be publicly available yet. I recently ran into this issue while working on a few projects that were not my own and the owners eventually were going to open source them but just not yet.

So I had a small issue my normal goto CI tools were not available and many of them have had pricing increases or very constrained minute requirements which is cool they are full fledged companies providing a seamless service. So I started looking around at a number of host your own build tools and was hit by the thought, whats the cheapest way I can deliver CI to these private projects!

Enter drone.io a simple no fills CI tool thats based on docker giving you the tools and abstraction of most other CI tools but with a bent toward simplicity. The first feature that sticks out to be is the Drone-CLI lets you test your pipeline right there on your dev machine! This is nothing earth shattering there are many tools that also have this feature but its normally not front and center of the experience requiring some setup to get at. Being able to just run drone exec to test my .drone.yml file and make sure my build steps work was welcome and refreshing compared to that dark secret every ops person has with a new ci tool a branch or series of squashed commits consisting of

chore(build stuff): o god please work this time attempt 4000

Im a big fan of digital ocean there droplets pack a decent bunch for the price though it for sure lacks the almost overwhelming feature sets of Aws or Azure. The 5$ a month droplet is what we will be selecting for this exercise, you can probably get this price alot cheaper via the managed kubernetes service if your hosting a few things as there service scales pretty well and for sure the topic of another blog post.

Manual

I will be providing a manual and automated process to setup your drone server but its always good to get a feel for a service outside of some automation tool like terraform. As luck would have it the deployment steps for drone are quite honestly crazy simple!

https://docs.drone.io/installation/github/single-machine/

First lets make a github sso app its located under developer settings, you want to click the new Oauth app selection.

now step lets make a droplet in digital ocean (or the provider of your choice)

I prefer the fedora atomic container distro but you can use anyone you want, this is basically just a generic container with docker installed and a good base for running docker containers that are self contained.

once the container is up ssh into and run the following

docker pull drone/drone:1

docker run \
  --volume=/var/run/docker.sock:/var/run/docker.sock \
  --volume=/var/lib/drone:/data \
  --env=DRONE_GITHUB_SERVER=https://github.com \
  --env=DRONE_GITHUB_CLIENT_ID={% your-github-client-id %} \
  --env=DRONE_GITHUB_CLIENT_SECRET={% your-github-client-secret %} \
  --env=DRONE_RUNNER_CAPACITY=1 \
  --env=DRONE_SERVER_HOST={% your-drone-server-host %} \
  --env=DRONE_SERVER_PROTO=https \
  --env=DRONE_TLS_AUTOCERT=true \
  --publish=80:80 \
  --publish=443:443 \
  --restart=always \
  --detach=true \
  --name=drone \
  drone/drone:1

Fill in the github client id and secret to allow for github to be the SSO provider, and the host information. The runner capacity in this example is set to 1 because frankly the $5 tier server does not have enough to spare for concurrent builds, however the 10$ droplet can do two pretty handily so consider bumping it up if thats a requirement.

Thats it your set! your drone server should be on the hostname or ip you provided!

Automated

<insert terraform script + instructions here!>

Usage

usage is very straight forward, almost all the config except for secrets lives inside your .drone.yml file, this is great because it means almost all of your settings and config is version controlled!

to activate a repo select one from the list of repo's pulled in by your github auth and click activate repo, this will cause drone to start watching your repo for pull requests and commits. You can also select if you want the build pages to be public or private i recommend private if you are using any secrets that may get printed to the logs.

Example .drone.yml for a simple python project

kind: pipeline
name: default

steps:
  - name: Test
    image: python:3.7
    commands:
      - chmod +x ./cc-test-reporter
      - pip install pipenv
      - pipenv install --dev
      - pipenv run pytest

Now with those two steps taken care of lets push a trivial commit

Your commit and build status should show up almost instantly!

you can then drill down and get the details from your specific steps, clone is the first one by default followed by the one we defined in the config earlier.

here you have all the details of the run this is one i had laying around from back during the advent of code exercises so it also has a code climate push in it.

Conclusion

So thats the gist of it, there are more complicated configs you can do but those will be covered in another blog post on getting the most out of a drone ci server. I have to say I am very impressed with the ease of use and performance of this tool. They have container support for windows and arm as well as the normal selection of linux architectures which at-least for me personally checks all the needed boxes all for free! The hardware hosting being at 5$'s a month is the icing on the cake putting it lower than most hosted solutions.