gitlab-runners 流程配置
项目部署的流程如下:
- 将项目打包(build)
- 启动 web 服务器(如 nginx)
- 将打包后的文件上传到 web 服务器的指定目录下
例如:scp -r ./buildDir/* 目标服务器名称@目标服务器 ip:目标服务器下 nginx 的 root 配置目录,在当前目录下执行
- 重启 nginx(或者其他 web 服务器)
gitlab-CICD 就是要将以上的流程自动化,推送项目代码之后就能自动执行这些流程步骤。
使用 gitlab-runner 作为执行构建任务的执行器
首先安装 gitlab-runner
- bash 安装。2. docker 安装。3. 官网安装包下载
bash 安装
1
2
3
|
sudo apt-get update
sudo apt-get install gitlab-runner
|
docker 安装
1
2
3
4
5
6
7
8
9
10
|
docker pull gitlab/gitlab-runner
docker run -d --name gitlab-runner --restart always \
-v /opt/gitlab-runner/config:/etc/gitlab-runner \
-v /var/run/docker.sock:/var/run/docker.sock \
gitlab/gitlab-runner:latest
docker exec -it gitlab-runner bash
|
安装包安装
https://docs.gitlab.com/runner/install/linux-repository.html
1
2
3
4
5
6
7
|
sudo wget -O /usr/local/bin/gitlab-runner https://gitlab-ci-multi-runner-downloads.s3.amazonaws.com/latest/binaries/gitlab-ci-multi-runner-linux-amd64
sudo chmod +x /usr/local/bin/gitlab-runner
sudo useradd --comment 'GitLab Runner' --create-home gitlab-runner --shell /bin/bash
|
注册 runner(可注册多个不同 token 的 runners)
1
2
3
4
5
6
7
8
9
10
| 注册gitlab runner
sudo gitlab-runner register
- gitlab 实例的url
- 注册token,可以在gitlab的runner设置页面中获取
- runner的描述
- runner的标签(tags)
- 是否允许runner在没有tag的作业上运行
|
配置 gitlab-runner,在/etc/gitlab-runner/config.toml 文件中进行,主要配置一些并发作业数,日志级别等
启动 runner
1
2
| sudo gitlab-runner start
sudo gitlab-runner restart
|
出现以下提示说明已经成功了
1
| Runtime platform arch=amd64 os=linux pid=55297 revision=656c1943 version=16.9.0
|
验证 runner 配置
1
| sudo gitlab-runner verify
|
runner 设置完成之后,进入到 gitlab,点击查看 CICD 部分,可以看到注册好的 runner,然后在项目中添加配置文件.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
| stages:
- install
- build
- deploy
variables:
NPM_REGISTRY: https://registry.npm.taobao.org
cache:
key: ${CI_COMMIT_REF_SLUG}
paths:
- node_modules/
install-job:
stage: install
script:
- echo "starting install packages"
- echo "Complete installed packages"
only:
- main
build-job:
stage: build
image: node:latest
dependencies:
- install-job
script:
- echo "Start Building the code..."
- npm install
- npm run build
- echo "Building Code complete."
artifacts:
paths:
- out/
only:
- main
deploy-job:
stage: deploy
image: alpine:latest
dependencies:
- build-job
before_script:
- sed -i 's/dl-cdn.alpinelinux.org/mirrors.ustc.edu.cn/g' /etc/apk/repositories
- apk update
- apk add --no-cache openssh-client
- mkdir -p ~/.ssh
- chmod 700 ~/.ssh
- echo "${SSH_PRIVATE_KEY}" > ~/.ssh/id_rsa
- chmod 600 ~/.ssh/id_rsa
- ls out/
script:
- echo "Deploying application..."
- scp -r -o "StrictHostKeyChecking=no" ./out/* root@10.131.130.113:/home/wiki/
- echo "Files copied, restarting Nginx..."
- ssh -o "StrictHostKeyChecking=no" $SSH_ROOT@$SSH_HOST "sudo nginx -s reload"
- echo "Application successfully deployed."
only:
- main
|
- 配置完成之后,通过 git push origin main 就会触发构建任务
install → build → deploy
deploy 阶段有 scp 和 nginx restart 操作
scp 首先要在 alpine 镜像构建容器的时候先进行 ssh 密钥对认证
- 在容器内部新建.ssh 目录,
- 将 gitlab 的秘密变量私钥 SSH_PRIVATE_KEY 复制到.ssh/id_rsa 文件,
- 在部署服务器中的.ssh/authrization_key,添加对应的公钥,目的是为了 ssh 免密码登录
然后进行 scp 复制构建产物到服务器的对应目录
重启 web 服务器
gitlab-runner cicd 流程结束,代码部署成功
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
|
server {
listen 8000;
server_name localhost;
charset utf-8;
add_header Content-Security-Policy " object-src 'none'; script-'self' 'unsafe-inline' ";
add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff;
location / {
root /home/wiki;
try_files $uri $uri/ /index.html;
index index.html index.htm;
}
}
|
