Drone CI

I am a huge fan of GitLab CI, however, I do think it is a bit of a heavy stack for personal use. I use GitLab at work and think it is a great fit - the whole eco system regarding pull requests, CI pipelines, and environments works really well. The biggest reason for using it at home was to get that awesome CI pipeline, while keeping some repos private. Having moved all my private repos to GitHub, I can now utilize other CI tools - such as Drone CI.

For my public repos I use GitHub and do not currently have any that requires a CI pipeline. However, since GitHub is now offering unlimited private repos, I no longer see a need for having private repos in a home GitLab setup. And as mentioned, I do think GitLab is a heavy stack to run, for that limited use.

Drone CI has that awesome pipeline configuration, running stages in a container based on a specified image. It offers the minimum required CI configuration, which is fine, since what I really want is to specifiy my Docker flows in Dockerfiles. It is a given here that the repositories that you want to use Drone CI for are repositories that produce a Docker image.

Setting up Drone CI

Fastest way to get going is by running the official Docker image. Here is the configuration I am currently using.

version: '3.7'
    - "80:80"
    - "443:443"
    - /data:/data
    - /var/run/docker.sock:/var/run/docker.sock
    - DRONE_GITHUB_SERVER=https://github.com
    - DRONE_SERVER_HOST=drone.mikelk.dk
    - DRONE_USER_FILTER=mikaelelkiaer
    - DRONE_USER_CREATE=username:mikaelelkiaer,admin:true

This is a setup allowing only myself to use Drone CI for my GitHub repos (including private ones). The /var/run/docker.sock volume (with write access!) is needed for Drone to spawn containers for pipelines. The environment variables have the following meanings:

  • DRONE_GITHUB_XXX variables are used for configuring a GitHub OAuth app, which needs to be created on a GitHub user first.
  • DRONE_RUNNER_CAPACITY limits the amount of concurrently running pipelines.
  • DRONE_SERVER_XXX variables are used for setting up where the Web UI will be available.
  • DRONE_TLS_AUTOCERT should be disabled if you use a reverse proxy, otherwise the service will try to generate its own certificates using Let’s Encrypt.
  • DRONE_USER_FILTER is very important if you want to ensure that it is only a limited set of users who can connect and run pipelines.
  • DRONE_USER_CREATE is used for automatically setting up users and is needed for specifying an admin user.

Running a pipeline

A repository that needs to run a pipeline needs very a very small Drone configuration file .drone.yml. The following is a sample configuration I use for a private .NET Core repo. The repo has a Dockerfile used for building the image. In my home setup I also have a private Docker registry ‘registry.mikelk.dk’ which I use for private images.

kind: pipeline
name: default

- name: dockerize
  image: plugins/docker
    repo: registry.mikelk.dk/privateimage
    tags: latest
Written on July 24, 2019