Drone CI
Overview
| Field | Value |
|---|---|
| Purpose | Execute repository pipelines |
| Business function | Build and publish software and documentation |
| Owner | IT Operations |
| Criticality | High |
| Images | drone/drone:2.24, drone/drone-runner-docker:latest |
Architecture
Forgejo sends repository events to Drone. The Drone server is exposed through Traefik; the runner launches jobs through the Docker socket.
Installation
Docker Compose at /root/drone/docker-compose.yml.
Configuration
| Item | Value |
|---|---|
| Server data | /root/drone/data:/data |
| Runner socket | /var/run/docker.sock |
| Networks | Server: aproxy, backend; runner: backend |
| Restart policy | unless-stopped |
/root/drone/.env contains Forgejo OAuth and RPC secret values. Do not expose them in logs or documentation.
Operational Procedures
cd /root/drone
docker compose ps
docker compose logs --tail=200 drone drone-runner
docker compose restart drone drone-runner
docker compose pull
docker compose up -d
Back up /root/drone/data, Compose, and .env. After changes, run a non-destructive test pipeline.
Troubleshooting
- No builds: verify webhook delivery and Forgejo OAuth.
- Pending builds: check runner connectivity and labels.
- Docker job failure: inspect runner logs and Docker socket permissions.
- Documentation publish failure: use the publishing runbook.