bonus-edge-proxy/.drone.yml

kind: pipeline
type: docker 
name: build-and-push-arm64

platform:
  os: linux
  arch: arm64

# 仅在打 tag 时触发 (如 v1.0.0)
trigger:
  event:
    - tag

steps:
  # ----------------------------------------------------------
  # 第一步：构建镜像并推送到 Gitea Registry
  # ----------------------------------------------------------
  - name: build-and-push-to-gitea
    image: 192.168.0.75:3000/guanyuankai/plugins-docker:latest
    privileged: true
    settings:
      registry: 192.168.0.75:3000
      username:
        from_secret: gitea_username 
      password:
        from_secret: gitea_password
      repo: 192.168.0.75:3000/guanyuankai/bonus-edge-proxy
      insecure: true
      mirror: "https://docker.m.daocloud.io"
      # 同时推送 latest 和 git tag (比如 v1.0.1)
      tags:
        - latest
        - "${DRONE_TAG}"
      dockerfile: docker/Dockerfile.prod
      context: .
      platforms: linux/arm64

  # ----------------------------------------------------------
  # 第二步：将最新的 Compose 文件同步到 RK3588 (新增步骤)
  # ----------------------------------------------------------
  - name: scp-config-to-edge
    image: appleboy/drone-scp
    settings:
      host: 
        from_secret: edge_host_ip
      username: 
        from_secret: edge_user
      password: 
        from_secret: edge_password
      port: 22
      target: /opt/edge-proxy
      source: 
        - docker-compose.prod.yml
        - mediamtx.yml
        - mosquitto/config/mosquitto.conf

  # ----------------------------------------------------------
  # 第三步：远程执行部署命令
  # ----------------------------------------------------------
  - name: deploy-to-edge
    image: appleboy/drone-ssh
    settings:
      host: 
        from_secret: edge_host_ip
      username: 
        from_secret: edge_user
      password: 
        from_secret: edge_password
      port: 22
      script:
        # 1. 确保目录存在 (防止 SCP 自动创建目录权限问题，双重保险)
        - mkdir -p /opt/edge-proxy
        - cd /opt/edge-proxy
        
        # 2. [关键] 登录私有仓库，防止 Token 过期
        #    注意：这里使用了 $ 符号，需要在 Drone Secret 里再配一套 registry_password 
        #    或者直接用明文 (不推荐)，或者复用 gitea_password
        - echo "$REGISTRY_PASSWORD" | docker login 192.168.0.75:3000 -u "$REGISTRY_USER" --password-stdin
        
        # 3. 拉取最新镜像
        - docker compose -f docker-compose.prod.yml pull
        
        # 4. 重启服务 (Up -d 会重新加载 SCP 传过来的新 yaml 配置)
        - docker compose -f docker-compose.prod.yml up -d --remove-orphans
        
        # 5. 清理无用镜像 (只清理悬空的)
        - docker image prune -f
    environment:
      REGISTRY_USER:
        from_secret: gitea_username
      REGISTRY_PASSWORD:
        from_secret: gitea_password