一、使用Docker搭建Gitlab CI Runner
1:拉去镜像
docker pull gitlab/gitlab-runner:latest
2:启动gitlab-runner容器
docker run -d --name gitlab-runner --restart always -v /var/run/docker.sock:/var/run/docker.sock -v /srv/gitlab-runner/config:/etc/gitlab-runner gitlab/gitlab-runner:latest
3:为项目注册runner
在Gitlab中打开项目->setting->CI/CD->找到Runners点击Expand
执行注册命令 docker exec -it gitlab-runner gitlab-ci-multi-runner register
URL和token输入第一步中Runners查看到的信息,description输入runner的描述,tags输入runner的标签(这个在构建文件中要用到),executor这个执行者选项有好多种本文介绍docker、shell和ssh,Docker image当executor为docker时需要指定docker使用的镜像名称(我是java项目所以使用了maven:3-jdk-8,可以根据不同的项目来选择)
注册成功后在Runners下面会显示刚刚注册成功的runner信息,在这里也可以禁用和删除runner
4:修改runner配置
当executor为docker时挂载宿主机的docker和maven仓库
vim /srv/gitlab-runner/config/config.toml 修改volumes并添加pull_policy
volumes = ["/cache", "/var/run/docker.sock:/var/run/docker.sock", "/root/.m2:/root/.m2"]
pull_policy = "if-not-present"
extra_hosts=["localhost:127.0.0.1"] 可以指定docker中的host可以解决clone_url无法访问IP的问题
重启 docker restart gitlab-runner
5:获取日志
docker logs gitlab-runner
6:停止并删除runner容器
docker stop gitlab-runner && docker rm gitlab-runner
二、使用gitlab-runner
1:executor为docker时在镜像外打包编译部署
# Dockerfile内容
# 在容器外编译---job_compile job_build
FROM openjdk:8-jdk
COPY target/*.jar mytest.jar
ENV PORT 5000
EXPOSE $PORT
ENTRYPOINT ["java","-Dserver.port=${PORT}","-jar","mytest.jar"]
# .gitlab-ci.yml文件内容
image: docker:stable #指定镜像不指定时默认使用runner注册时的镜像
stages:
- compile
- build
job_compile:
image: maven:3-jdk-8-alpine
stage: compile
script:
- mvn clean package -Dmaven.test.skip=true
# only:#master指定git分支或tag
# - develop
tags:
- test
artifacts:#将本job的产物保留供下面的job使用
expire_in: 5 mins
paths:
- target/*.jar
job_build:
stage: build
script:
- echo "deploy start..."
- docker build -t my/test:v1 .
- if [ $(docker ps -aq --filter name=mytest) ]; then docker rm -f mytest;fi
- docker run -d --name mytest -p 5000:5000 my/test:v1
- echo "deploy over..."
# only:
# - develop
tags:
- test
2:executor为docker时在镜像内打包编译部署
# Dockerfile文件内容
# 在容器中编译---job_deploy
FROM maven:3-jdk-8-alpine
WORKDIR /usr/src/app
COPY . /usr/src/app
RUN mvn clean package -Dmaven.test.skip=true
ENV PORT 5000
EXPOSE $PORT
CMD [ "sh", "-c", "mvn -Dserver.port=${PORT} spring-boot:run" ]
# .gitlab-ci.yml文件内容
job_deploy:
stage: deploy
script:
- echo "deploy start..."
- docker build -t my/test:v1 .
- if [ $(docker ps -aq --filter name=mytest) ]; then docker rm -f mytest;fi
- docker run -d --name mytest -p 5000:5000 my/test:v1
- echo "deploy over..."
tags:
- test
3:executor为ssh时(gitlab-runner官方现在不推荐使用)打包部署,注册ssh的runner时最好使用非root用户(adduser gitlab-runner;passwd gitlab-runner;useradd -g gitlab-runner gitlab-runner;ssh gitlab-runner gitlab-runner@ip;ssh-keygen; 如果为非root用户可能无权限执行宿主机的有些命令需要给用户赋予对应权限,比如docker执行权限需要把用户添加到docker用户组中“usermod -G docker 用户名”)。这种方式的runner创建时需要指定ssh公钥路径(如果gitlab-runner是在宿主机上安装的那么路径为宿主机的.ssh/id_rsa路径,如果是docker安装的gitlab-runner填写的是容器中的.ssh/id_rsa路径)
# 制作docker maven 用于打包也可以使用宿主机maven打包(方式二配置)
FROM maven:3-jdk-8-alpine
RUN addgroup -S gitlab-runner && adduser -S gitlab-runner -G gitlab-runner && chown -R gitlab-runner:gitlab-runner /usr/share/maven/ref && chown -R gitlab-runner:gitlab-runner /root && mkdir /app && chown -R gitlab-runner:gitlab-runner /app
RUN apk --no-cache add openssh-client git
USER gitlab-runner
COPY settings.xml /usr/share/maven/conf/
# settings 内容
<?xml version="1.0" encoding="UTF-8"?>
<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 http://maven.apache.org/xsd/settings-1.0.0.xsd">
<localRepository>/usr/share/maven/ref/repository</localRepository>
<mirrors>
<mirror>
<id>alimaven</id>
<name>aliyun maven</name>
<url>https://maven.aliyun.com/repository/public</url>
<mirrorOf>*</mirrorOf>
</mirror>
</mirrors>
</settings>
制作docker build -t my/mavenbuild .
# Dockerfile文件内容
# 在容器中编译---job_test
FROM openjdk:8-jdk
COPY xxx/target/*.jar mytest.jar
ENV PORT 5000
EXPOSE $PORT
ENTRYPOINT ["java","-jar","mytest.jar"]
# docker-compose 文件内容
version: '2'
services:
xxx_sys:
build:
context: ./
dockerfile: ./Dockerfile
restart: always
ports:
- 9999:9999
logging:
driver: "json-file"
options:
max-size: "500m"
volumes:
- /etc/localtime:/etc/localtime
- /docker-services/logs/xxx_sys:/logs/:rw
environment:
spring.profiles.active: dev
TZ=Asia/Shanghai
container_name: xxx_sys
hostname: xxx_sys
image: xxx/xxx-sys:1.0.0
# .gitlab-ci.yml文件内容
# 使用ssh方式打包部署--适合在宿主机上直接打包运行(也可以用docker-compose)
job_test:
stage: test
before_script:
- pwd
script:
- echo "deploy start..."
- mvn clean package -Dmaven.test.skip=true
# - docker run -u 1000:1000 -i --rm -v "$(pwd)":/app -w /app -v /docker-services/mavendata/repository:/usr/share/maven/ref/repository my/mavenbuild mvn clean package -DskipTests=true(方式二)
# - docker rmi $(docker images -f "dangling=true" -q)(方式二清除none空dangling)
- docker-compose down --rmi all -v
- docker-compose up -d
- echo "deploy over..."
# - mvn test
# only:
# - develop
after_script:
- rm -rf ../*
tags:
- test_ssh
# 方式三 runner直接调用宿主机sh(避免build镜像时产生none空dangling docker rmi $(docker images -f "dangling=true" -q)) 此方式和方式二类似也需要制作my/mavenbuild打包镜像
# .gitlab-ci.yml文件内容
# 使用ssh方式打包部署--适合在宿主机上直接打包运行(也可以用docker-compose)
job_deploy:
stage: deploy
before_script:
- pwd
script:
- echo "deploy start..."
- sh /docker-services/services/xxx/build-deploy.sh "$(pwd)"
- echo "deploy over..."
# - mvn test
only:
- develop
after_script:
- rm -rf ../*
tags:
- wfzd_ssh
# build-deploy.sh内容
#!/bin/sh
echo "start..."
cd $1
# cd /home/gitlab-runner/builds/M1CoryXr/0/xxx-group/xxx
echo "----------maven build----------"
docker run -u 1000:1000 -i --rm -v "$(pwd)":/app -w /app -v /docker-services/mavendata/repository:/usr/share/maven/ref/repository my/mavenbuild mvn clean package -DskipTests=true
echo "----------deploy----------"
#走全局 docker-compose 时可以使用此方式
#cd /docker-services
#docker-compose stop xxx_sys
#docker-compose rm -f xxx_sys
#cd $1
#docker rmi xxx/xxx-sys:1.0.0
#docker built -t xxx/xxx-sys:1.0.0 .
#cd /docker-services
#docker-compose up -d xxx_sys
#docker-compose logs xxx_sys
#docker rm $(docker ps -a -q)
#走全局 docker-compose 时可以使用此方式
docker-compose stop xxx_sys
docker-compose rm -f xxx_sys
docker rmi xxx/xxx-sys:1.0.0
docker-compose build xxx_sys
docker-compose up -d xxx_sys
docker-compose logs xxx_sys
docker rm $(docker ps -a -q)
echo "end"
exit
# 给build-deploy.sh分权限
chown gitlab-runner:gitlab-runner build-deploy.sh
4:executor为shell,这种适合gitlab-runner安装在宿主机上使用,如果是docker中会有权限问题(比如docker-compose命令即使将宿主机的docker-compose挂载到容器也会出现权限问题,有人通过在before_script时在容器中安装docker-compose的方式来解决,个人感觉可以使用ssh方式来解决)