昨天完成了SonarQube與Maven的整合，今天想繼續把CICD平台繼續堆疊起來，Maven那段可以改在腳本執行。

先說我遇到了幾個問題：

1. gitlab docker啟動後，root密碼需要下指令查找

sudo docker exec -it gitlab grep 'Password:' /etc/gitlab/initial_root_password

參考：
https://docs.gitlab.com/ee/install/docker.html

2. gitlab有內建healthcheck機制，可直接使用，不過drone沒有，所以runner暫時等drone啟動後獨立執行。
3. gitlab設定的application redirect URI要留意，注意可以讓gitlab跟drone連線的到的路徑。

4. gitlab針對main有保護，所以remote push要特別開。
   參考：
   https://hoohoo.top/blog/resolved-gitlab-forcepush-to-master-error-you-are-not-allowed-to-force-push-push/
   

5. Drone無法activate repository，問題來自於gitlab有限制本地網路的請求。
   參考：
   https://www.58jb.com/html/there-was-a-problem-enabling-your-repository.html
   

6. drone執行腳本時會去找gitlab的external_url，這部份的連線目前我還沒排除，不確定是HOST要連得到還是drone container要連得到，會出現連線錯誤，所以目前一直在config/gitlab.rb修改external_url，看是那一個ip才會正常，另外也發現external_url不能塞:8080這類port。
   參考：
   https://docs.gitlab.com/omnibus/settings/configuration.html#configuring-the-external-url-f

7. drone需要信任gitlab repos，才可以啟動priviledged的docker，必須指定管理帳號(gitlab跟drone溝通的帳號)，才能設定gitlab repos為trusted。

參考：
https://docs.drone.io/server/user/admin/
https://0-8-0.docs.drone.io/privileged-mode/
https://blog.csdn.net/qq_32828933/article/details/107244631

compsoe yaml

• CICD docker-compose yaml

version: "3"
name: cicd
services:
 gitlab:
    image: gitlab/gitlab-ce:16.4.1-ce.0
    restart: always
    networks:
     ap_net:
       ipv4_address: 172.18.0.2
    ports:
      - 8080:80
      - 8443:443
      - 22:22
    volumes:
      - "/home/ted/project/gitlab/config:/etc/gitlab"
      - "/home/ted/project/gitlab/logs:/var/log/gitlab"
      - "/home/ted/project/gitlab/data:/var/opt/gitlab"
 sonarqube:
    image: sonarqube:8.9.10-community
    volumes:
      - "/home/ted/project/sonarqube/data:/opt/sonarqube/data"
      - "/home/ted/project/sonarqube/logs:/opt/sonarqube/logs"
      - "/home/ted/project/sonarqube/extensions:/opt/sonarqube/extensions"
    ports:
     - 9000:9000  
    networks: 
     ap_net:
       ipv4_address: 172.18.0.3
 drone:
    image: drone/drone:2.20.0
    volumes:
     - "/home/ted/project/drone:/data"
    environment:
     - DRONE_GITLAB_SERVER=http://172.18.0.2
     - DRONE_GITLAB_CLIENT_ID=0xxxxx
     - DRONE_GITLAB_CLIENT_SECRET=xxxx
     - DRONE_RPC_SECRET=xxxx
     - DRONE_SERVER_HOST=172.18.0.4
     - DRONE_SERVER_PROTO=http
    depends_on:
     gitlab:
      condition: service_healthy
    ports:
     - 80:80
     - 8000:443
    networks:
     ap_net:
       ipv4_address: 172.18.0.4
networks:
    ap_net:
     external: true

• Runner Yaml

version: "3"
name: runner
services:
 drone-runner:
    image: drone/drone-runner-docker:1
    volumes:
     - /var/run/docker.sock:/var/run/docker.sock
    ports:
     - 3000:3000
    environment:
     - DRONE_RPC_PROTO=http
     - DRONE_RPC_HOST=172.18.0.4
     - DRONE_RPC_SECRET=xxxx
     - DRONE_RUNNER_NAME=my-first-runner 
    networks: 
     ap_net:
       ipv4_address: 172.18.0.5
networks:
    ap_net:
     external: true

• 執行結果

可以看到等gitlab healthy之後，drone才會啟動。

• Runner啟動
  

目前卡在drone去讀取gitlab的程式碼執行腳本，測試過各類的ip都還是無法運作，只能繼續再除錯了...