1. 安装gitlab-runner
#exampledocker run -d --name gitlab-runner --restart always -v /srv/gitlab-runner/config:/etc/gitlab-runner -v /var/run/docker.sock:/var/run/docker.sock gitlab/gitlab-runner:latest2. 注册runner(绑定gitlab项目)
2.1 格式
docker exec -it gitlab-runner gitlab-ci-multi-runner register -n --url {这里填写上图中的url} --registration-token {这里填写上图中的token} --executor docker --description "gitlab-runner in docker" --tag-list "test" --docker-privileged=false --docker-pull-policy="if-not-present" --docker-image "docker:latest" --docker-volumes /var/run/docker.sock:/var/run/docker.sock2.2 example
docker exec -it gitlab-runner gitlab-ci-multi-runner register -n --url https://gitlab.lazypg.com --registration-token xDw1iFcn6C3GzjjoMWu9 --executor docker --description "gitlab-runner in docker" --tag-list "test,dev" --docker-privileged=false --docker-pull-policy="if-not-present" --docker-image "docker:latest" --docker-volumes /var/run/docker.sock:/var/run/docker.sock3. 配置CI
在项目的根目录增加一个.gitlab-ci.yml文件,内容如下:
# REGISTRY REGISTRY_USERNAME REGISTRY_PASSWORD# SERVICE_SSH_PRIVATE_KEY# TEST_SERVER_IP BETA_SERVER_IP PROD_SERVER_IPstages: - build_and_push_image - remote_deployvariables: GIT_SSL_NO_VERIFY: "true"# REGISTRY: registry.us-west-1.aliyuncs.com REGISTRY_IMAGE_TAG: /mobikok/ecoupons/review-site:${CI_COMMIT_REF_NAME} LOCAL_DOCKER_COMPOSE_FILE_PATH: ./docker-compose.review-site-test.yml REMOTE_DOCKER_COMPOSE_FILE_PATH: /data/docker/docker-compose.review-site-test.yml# ------- 1. 安装依赖,编译,打包镜像并推送到镜像仓库 -------test_env_build: # 切换到带有node, npm, docker环境的镜像中 在该镜像下完成编译和打包推送镜像的工作 image: ${REGISTRY}/mobikok/open/docker-alpine-nodejs-v12.15.0-npm-6.13.4:latest stage: build_and_push_image script: - echo $SERVICE_IP # 安装依赖编译打包 - npm install - npm run build:${CI_COMMIT_REF_NAME} # 登录远程仓库 并build镜像和推送镜像 - docker login -u $REGISTRY_USERNAME -p $REGISTRY_PASSWORD $REGISTRY - docker build -t ${REGISTRY}${REGISTRY_IMAGE_TAG} . - docker push ${REGISTRY}${REGISTRY_IMAGE_TAG} cache: key: ${CI_COMMIT_REF_SLUG} paths: - node_modules/ # 只有代码push到以下分支时才会触发该步骤 only: - test - beta - prod # 指定gitlab-runner 为以下tag的去执行构建 tags: - frontend_test - frontend_beta# ---------------- 2. 测试环境部署 -----------------test_env_deploy: # 切换ubuntu作为deploy任务的镜像 image: kroniak/ssh-client stage: remote_deploy script: # Run ssh-agent (inside the build environment) - eval $(ssh-agent -s) ## ## Add the SSH key stored in SSH_PRIVATE_KEY variable to the agent store ## We're using tr to fix line endings which makes ed25519 keys work ## without extra base64 encoding. ## https://gitlab.com/gitlab-examples/ssh-private-key/issues/1#note_48526556 ## - echo "$SERVICE_SSH_PRIVATE_KEY" | tr -d '' | ssh-add - > /dev/null # 创建SSH目录并给它正确的权限 - mkdir -p ~/.ssh - chmod 700 ~/.ssh # 给runner配置ssh登录不验证HostKey - '[[ -f /.dockerenv ]] && echo -e "Host *StrictHostKeyChecking no" > ~/.ssh/config' # 采用docker-compose的方式部署服务,提前将项目中的docker-compose-frontend-test.yml文件上传到目标服务器 - scp $LOCAL_DOCKER_COMPOSE_FILE_PATH root@$TEST_SERVICE_IP:$REMOTE_DOCKER_COMPOSE_FILE_PATH # 使用ssh远程登录目标服务器,并拉取之前build上传好的镜像进行部署 - ssh root@$TEST_SERVICE_IP "docker login -u $REGISTRY_USERNAME -p $REGISTRY_PASSWORD $REGISTRY && docker-compose -f $REMOTE_DOCKER_COMPOSE_FILE_PATH pull && docker-compose -f $REMOTE_DOCKER_COMPOSE_FILE_PATH up -d;" # manual表示需要手动触发 # when: manual # 是否容错 allow_failure: false only: - test - beta # 指定gitlab-runner 为以下tag的去执行构建 tags: - frontend_test - frontend_beta# ---------------- 2. 正式环境部署 -----------------prod_env_deploy: # 切换ubuntu作为deploy任务的镜像 image: kroniak/ssh-client stage: remote_deploy script: # Run ssh-agent (inside the build environment) - eval $(ssh-agent -s) ## ## Add the SSH key stored in SSH_PRIVATE_KEY variable to the agent store ## We're using tr to fix line endings which makes ed25519 keys work ## without extra base64 encoding. ## https://gitlab.com/gitlab-examples/ssh-private-key/issues/1#note_48526556 ## - echo "$SERVICE_SSH_PRIVATE_KEY" | tr -d '' | ssh-add - > /dev/null # 创建SSH目录并给它正确的权限 - mkdir -p ~/.ssh - chmod 700 ~/.ssh # 给runner配置ssh登录不验证HostKey - '[[ -f /.dockerenv ]] && echo -e "Host *StrictHostKeyChecking no" > ~/.ssh/config' # 采用docker-compose的方式部署服务,提前将项目中的docker-compose-frontend-test.yml文件上传到目标服务器 - scp $LOCAL_DOCKER_COMPOSE_FILE_PATH root@$PROD_SERVICE_ID:/home/docker/ # 使用ssh远程登录目标服务器,并拉取之前build上传好的镜像进行部署 - ssh root@$PROD_SERVICE_ID "docker login -u $REGISTRY_USERNAME -p $REGISTRY_PASSWORD $REGISTRY && docker-compose -f $REMOTE_DOCKER_COMPOSE_FILE_PATH pull && docker-compose -f $REMOTE_DOCKER_COMPOSE_FILE_PATH up -d;" # manual表示需要手动触发 # when: manual # 是否容错 allow_failure: false only: - prod # 指定gitlab-runner 为以下tag的去执行构建 tags: - frontend_prod3.1 配置加密变量
有些敏感的参数我们是不希望明文暴露在.gitlab-ci.yml 中的,比如密码、私钥等. 对此,官方提供了很好的方案 GitLab CI/CD Variables,设置后,我们可以直接使用参数来代替敏感信息
3.2 查看构建部署情况
查看Pipeline
查看每个Stages运行情况(或者直接在Jobs菜单下查看)
查看stages
4.参考文档:
https://www.jianshu.com/p/e4d12ac90439 https://www.jianshu.com/p/b1e098cdb46b https://gitlab.com/gitlab-examples/ssh-private-key/blob/master/.gitlab-ci.ymlhttps://gitlab.com/jyf-share/gitlab-ci-cd/blob/master/.gitlab-ci.yml
扫一扫
4977
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
