共计 4331 个字符,预计需要花费 11 分钟才能阅读完成。
gitlab-CICD 共享 runner 根本配置
- 应用 docker 部署 runner
- 多个我的项目应用共享 runner
- 部署机器与 runner 不在同一台服务器上(应用 ssh 部署)
部署 runner
- 部署镜像
docker pull gitlab/gitlab-runner:latest
docker run -d --name gitlab-runner-shared \
--restart always \
-v /var/run/docker.sock:/var/run/docker.sock \
gitlab/gitlab-runner:latest- 注册 runner
docker exec -it gitlab-runner-shared gitlab-runner \
register -n \
--tag-list "gitlab-runner-shared" \
--description "形容" \
--url < 公有 gitlab 地址 > \
--registration-token < 我的项目 / 共享 token> \
--executor docker \
--docker-privileged \
--docker-image "alpine:latest" \
--docker-pull-policy "if-not-present" \
--docker-volumes "/var/run/docker.sock:/var/run/docker.sock"SSH 相干配置
-
在 linux 服务器应用 ssh-keygen 创立一个 ssh key
ssh-keygen -t rsa -P "" ~/.ssh/id_rsa -
推送到部署服务器上
ssh-copy-id -i ~/.ssh/id_rsa.pub < 近程服务器 ip> - 测试登录
ssh < 近程服务器登录名 >@< 近程服务器 ip>
# 按提醒输出明码 -
将私钥复制下来
cat ~/.ssh/id_rsa - 将私钥设置到 Gitlab 的变量中(例如:SSH_PRIVATE_KEY)
-
近程部署(编写 ci 文件)
image_build: stage: build image: alpine:latest before_script: - sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories # 设置国内镜像源 - 'which ssh-agent || (apk update && apk add openssh-client)' # 装置 ssh - eval $(ssh-agent -s) - echo "$SSH_PRIVATE_KEY" > deploy.key # 设置 ssh 私钥 - chmod 0600 deploy.key # 设置私钥权限 - ssh-add deploy.key # 增加到缓存中 - mkdir -p ~/.ssh - '[[-f /.dockerenv]] && echo -e"Host *\n\tStrictHostKeyChecking no\n\n"> ~/.ssh/config' # 第一次登录不须要询问 script: - ssh < 用户名 >@< 服务器 ip> "ls && exit" # 近程执行语句
应用 docker 打包
image-build:
stage: build
image: docker:18.09.7
services:
- docker:18.09.7-dind
script:
- docker build --no-cache -t < 镜像 >:< 镜像 tag> . # 生成镜像
- docker login -u <docker 用户名 > -p <docker 明码 > <docker 库地址 > # 登录云端
- docker push < 镜像 >:< 镜像 tag> # 镜像推送到云端
after_script:
- docker rmi -f < 镜像 >:< 镜像 tag> # 已上传云端,清理本地镜像,缩小占用内存
retry:
max: 2
when: always告诉(curl)
build-job-failure:
stage: build-notify
when: on_failure # 失败时告诉
image: alpine:latest
before_script:
- sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories # 设置国内镜像源
- apk update && apk add curl # 装置 curl
script:
- if ["$CI_COMMIT_REF_NAME" == "dev"]; then env_name="dev"; else env_name="prod"; fi
- echo '{"content":"@'$GITLAB_USER_LOGIN' '${CI_COMMIT_TITLE}'\n'$CI_PROJECT_NAME' 构建 '$env_name' 环境 [失败]"}' > content.json # 防止提交文字中有空格导致报错,应用 json 的形式
- curl -X POST -H "Content-Type:application/json" -d @content.json "$NOTIFY_URL"残缺.gitlab-ci.yml
default:
tags:
- gitlab-runner-shared
variables:
NOTIFY_URL: "告诉地址"
IMAGE_REPOSITORIES: "docker 地址"
IMAGE_NAME: "docker 镜像名"
SSH_USERNAME: "SSH 用户名"
SSH_IP: "部署服务端 IP"
workflow:
rules:
- if: $CI_COMMIT_TITLE =~ /^[skip ci]/
when: never
- when: always
stages:
- build
- deploy
- notify
# 应用 docker 构建镜像
image-build:
stage: build
image: docker:18.09.7
services:
- docker:18.09.7-dind
script:
- docker build --no-cache -t $IMAGE_NAME:$CI_COMMIT_REF_NAME .
- docker login -u $IMAGE_REPOSITORY_USER -p $IMAGE_REPOSITORY_PASSWORD $IMAGE_REPOSITORIES
- docker push $IMAGE_NAME:$CI_COMMIT_REF_NAME
after_script:
- docker rmi -f $IMAGE_NAME:$CI_COMMIT_REF_NAME
retry:
max: 2
when: always
# 部署镜像
image-deploy:
stage: deploy
image: alpine:latest
rules:
- if: $CI_COMMIT_REF_NAME == "dev"
variables:
PORT: "8180"
- if: $CI_COMMIT_REF_NAME == "master"
variables:
PORT: "8181"
before_script:
- sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories
- 'which ssh-agent || (apk update && apk add openssh-client)'
- eval $(ssh-agent -s)
- echo "$SSH_PRIVATE_KEY" > deploy.key
- chmod 0600 deploy.key
- ssh-add deploy.key
- mkdir -p ~/.ssh
- '[[-f /.dockerenv]] && echo -e"Host *\n\tStrictHostKeyChecking no\n\n"> ~/.ssh/config'
script:
- ssh $SSH_USERNAME@$SSH_IP "docker rm -f frontend-$CI_COMMIT_REF_NAME && docker run -itd --restart=always --name frontend-$CI_COMMIT_REF_NAME -p $PORT:80 $IMAGE_NAME:$CI_COMMIT_REF_NAME && exit"
retry:
max: 2
when: always
success:
stage: notify
when: on_success
image: alpine:latest
before_script:
- sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories
- apk update && apk add curl
script:
- if ["$CI_COMMIT_REF_NAME" == "dev"]; then env_name="dev"; else env_name="prod"; fi
- echo '{"content":"@'$GITLAB_USER_NAME'\n'$CI_PROJECT_NAME' 部署 '$env_name' 环境 [ 胜利]\n'${CI_COMMIT_TITLE}'"}' > content.json
- curl -X POST -H "Content-Type:application/json" -d @content.json "$NOTIFY_URL"
retry:
max: 2
when: always
failure:
stage: notify
when: on_failure
image: alpine:latest
before_script:
- sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories
- apk update && apk add curl
script:
- if ["$CI_COMMIT_REF_NAME" == "dev"]; then env_name="dev"; else env_name="prod"; fi
- echo '{"content":"@'$GITLAB_USER_NAME'\n'$CI_PROJECT_NAME' 部署 '$env_name' 环境 [ 失败]\n'${CI_COMMIT_TITLE}'\n'$CI_PIPELINE_URL'"}' > content.json
- curl -X POST -H "Content-Type:application/json" -d @content.json "$NOTIFY_URL"
retry:
max: 2
when: always参考文章:
gitlab ssh ci 文件
apline ssh 免密登录
正文完