1. 安装gitlab-runner
#example
docker run -d --name gitlab-runner --restart always \
-v /srv/gitlab-runner/config:/etc/gitlab-runner \
-v /var/run/docker.sock:/var/run/docker.sock \
gitlab/gitlab-runner:latest
#beta
docker run -d --name gitlab-runner-beta --restart always \
-v /srv/gitlab-runner-beta/config:/etc/gitlab-runner \
-v /var/run/docker.sock:/var/run/docker.sock \
gitlab/gitlab-runner:latest
#prod
docker run -d --name gitlab-runner-prod --restart always \
-v /srv/gitlab-runner-prod/config:/etc/gitlab-runner \
-v /var/run/docker.sock:/var/run/docker.sock \
gitlab/gitlab-runner:latest
2. 注册runner(绑定gitlab项目)
#example
docker exec -it gitlab-runner gitlab-ci-multi-runner register -n \
--url {这里填写上图中的url} \
--registration-token {这里填写上图中的token} \
--executor docker \
--description "gitlab-runner in docker" \
--tag-list "test" \
--docker-privileged=false \
--docker-pull-policy="if-not-present" \
--docker-image "docker:latest" \
--docker-volumes /var/run/docker.sock:/var/run/docker.sock
- url:
gitlab ci地址 - registration-token:
注册Runner的令牌 - tag-list:
输入与Runner关联的标签,稍后可以在GitLab的UI中进行更改 - executor:
Runner的执行者(executor: ssh, docker+machine, docker-ssh+machine, kubernetes, docker, parallels, virtualbox, docker-ssh, shell) - docker-pull-policy
设置gitlab是否从远程拉去image, 如果iamge是本地的,需要配置该属性的值为 if-not-present,这样可以避免docker 镜像每次都pull2.1 example
docker exec -it gitlab-runner gitlab-ci-multi-runner register -n \
--url https://gitlab.lazypg.com \
--registration-token xDw1iFcn6C3GzjjoMWu9 \
--executor docker \
--description "gitlab-runner in docker" \
--tag-list "test,dev" \
--docker-privileged=false \
--docker-pull-policy="if-not-present" \
--docker-image "docker:latest" \
--docker-volumes /var/run/docker.sock:/var/run/docker.sock
3. 配置CI
在项目的根目录增加一个.gitlab-ci.yml文件,内容如下: ``` stages:- build
- update
- deploy variables: REGISTRY: harbor.lazypg.com REGISTRY_IMAGE_TAG: harbor.lazypg.com/sloth/coupons-mgmt:test
cache: key: modules paths:
- node_modules/
- dist/
———-安装依赖及编译———-
build:
切换到vue环境的镜像中 在该镜像下完成编译工作
image: ebiven/vue-cli stage: build script:
- npm install
- npm run build-dev
只有代码push到test分支时才会触发该步骤
only:
- test
使用tag为test的gitlab-runner去构建
tags:
- test
———-制作镜像并上传到私有镜像仓库———-
update:
切换到docker环境的镜像中 在该镜像下完成编译镜像并推送镜像的工作
image: docker:latest stage: update script:
# 登入私有镜像仓库
- docker login -u $HARBOR_USERNAME -p $HARBOR_PASSWORD $REGISTRY
# 根据Dockerfile文件编译image镜像
- docker build -t $REGISTRY_IMAGE_TAG .
# push镜像到私有仓库
- docker push $REGISTRY_IMAGE_TAG
only:
- test
tags:
- test
————————部署————————-
deploy:
切换ubuntu作为deploy任务的镜像
image: kroniak/ssh-client stage: deploy script:
# Run ssh-agent (inside the build environment)
- eval $(ssh-agent -s)
##
## Add the SSH key stored in SSH_PRIVATE_KEY variable to the agent store
## We're using tr to fix line endings which makes ed25519 keys work
## without extra base64 encoding.
## https://gitlab.com/gitlab-examples/ssh-private-key/issues/1#note_48526556
##
- echo "$SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add - > /dev/null
# 创建SSH目录并给它正确的权限
- mkdir -p ~/.ssh
- chmod 700 ~/.ssh
# 给runner配置ssh登录不验证HostKey
- '[[ -f /.dockerenv ]] && echo -e "Host *\\n\\tStrictHostKeyChecking no\\n\\n" > ~/.ssh/config'
# 采用docker-compose的方式部署服务,提前将项目中的docker-compose-ui.yml文件上传到目标服务器
- scp -P $SSH_TEST_SERVER_PORT ./docker-compose-ui.yml root@$SSH_TEST_SERVER_IP:/data/docker/
# 使用ssh远程登录目标服务器,并拉取之前build上传好的镜像进行部署
- ssh root@$SSH_TEST_SERVER_IP -p $SSH_TEST_SERVER_PORT "docker-compose -f /data/docker/docker-compose-ui.yml pull && docker-compose -f /data/docker/docker-compose-ui.yml up -d;"
manual表示需要手动触发
when: manual
allow_failure: false only:
- test
tags:
- test
3.1 配置加密变量
有些敏感的参数我们是不希望明文暴露在.gitlab-ci.yml 中的,比如密码、私钥等. 对此,官方提供了很好的方案 GitLab CI/CD Variables,设置后,我们可以直接使用参数来代替铭感信息
3.2 查看构建部署情况
- 查看Pipeline
- 查看每个Stages运行情况(或者直接在Jobs菜单下查看)
- 查看stages
4.参考文档:
https://www.jianshu.com/p/e4d12ac90439
https://www.jianshu.com/p/b1e098cdb46b
https://gitlab.com/gitlab-examples/ssh-private-key/blob/master/.gitlab-ci.yml
https://gitlab.com/jyf-share/gitlab-ci-cd/blob/master/.gitlab-ci.yml