持续集成流程说明
Gitlab代码托管服务器安装
- Gitlab 安装
停止服务及确认服务状态
gitlab-ctl stop
gitlab-ctl status
卸载旧包
[root @VM-16-13-centos packages]# rpm -qa gitlab-ce
gitlab-ce-12.10.14-ce.0.el7.x86_64
安装过程时间较长，耐心等待：
packages]# rpm -ivh gitlab-ce-13.0.14-ce.0.el7.x86_64.rpm
部分服务启动失败，等待5分钟后执行如下命令：
[root @VM-16-13-centos packages]# gitlab-ctl restart
ok: run: alertmanager: (pid 29869) 0s
ok: run: gitaly: (pid 29881) 0s
ok: run: gitlab-exporter: (pid 29889) 0s
ok: run: gitlab-workhorse: (pid 29901) 1s
ok: run: grafana: (pid 29915) 0s
ok: run: logrotate: (pid 29933) 0s
ok: run: nginx: (pid 29939) 1s
ok: run: node-exporter: (pid 29943) 0s
ok: run: postgres-exporter: (pid 29953) 1s
timeout: down: postgresql: 0s, normally up, want up
ok: run: prometheus: (pid 30153) 0s
ok: run: redis: (pid 30165) 0s
ok: run: redis-exporter: (pid 30170) 1s
ok: run: sidekiq: (pid 30177) 0s
ok: run: unicorn: (pid 30183) 1s
加载配置：
gitlab-ctl reconfigure
看日志版本问题导致
[root @VM-16-13-centos gitlab]# gitlab-ctl tail postgresql
> /var/log/gitlab/postgresql/current <
2021-11-09_02:43:48.27844 FATAL: database files are incompatible with server
2021-11-09_02:43:48.27846 DETAIL: The data directory was initialized by PostgreSQL version 10, which is not compatible with this version 11.7.
2021-11-09_02:43:49.31173 FATAL: database files are incompatible with server
2021-11-09_02:43:49.31175 DETAIL: The data directory was initialized by PostgreSQL version 10, which is not compatible with this version 11.7.
- Gitlab 创建组、创建用户、创建项目
源码上传到Gitlab仓库
Jenkins安装
- 1、安装JDK
- 2、获取Jenkins 安装包
Jenkins插件管理
Jenkins用户权限管理
Jenkins凭证管理
Maven安装和配置
- 安装Maven
- 配置环境变量
  - 先查找下java 安装目录
全局工具配置关联JDK 和Maven
Tomcat安装和配置
- 安装tomcat8.5
- 配置Tomcat用户权限

持续集成流程说明

Gitlab代码托管服务器安装

Gitlab 安装

1、安装依赖

yum -y install policycoreutils openssh-server openssh-clients postfix

centos8出现
Errors during downloading metadata for repository ‘AppStream’:
- Status code: 404 for http://mirrors.cloud.aliyuncs.com/centos/8/AppStream/x86_64/os/repodata/repomd.xml (IP: 100.100.2.148)
Error: Failed to download metadata for repo ‘AppStream’: Cannot download repomd.xml: Cannot download repodata/repomd.xml: All mirrors were tried

错误解决方案：https://help.aliyun.com/document_detail/405635.html

2、启动ssh 服务设置为开机启动

systemctl enable sshd && sudo systemctl start sshd

3、设置postfix 开机自启并启动，postfix 支持gitlab发信功能

systemctl enable postfix && systemctl start postfix

4、开放ssh以及http服务，然后重新加载防火墙列表

firewall-cmd —add-service=ssh —permanent
firewall-cmd —add-service=http —permanent
firewall-cmd —reload

如果关闭防火墙就不需要做以上配置

5、下载gitlab 包，并且安装

进入到指定目录下

wget https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el8/gitlab-ce-12.10.0-ce.0.el8.x86_64.rpm

出现如下错误
—2022-02-11 21:29:48— https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el8/gitlab-ce-12.10.0-ce.0.el8.x86_64.rpm
正在解析主机 mirrors.tuna.tsinghua.edu.cn (mirrors.tuna.tsinghua.edu.cn)… 101.6.15.130, 2402:f000:1:400::2
正在连接 mirrors.tuna.tsinghua.edu.cn (mirrors.tuna.tsinghua.edu.cn)|101.6.15.130|:443… 已连接。
错误: 无法验证 mirrors.tuna.tsinghua.edu.cn 的由 “/C=US/O=Let’s Encrypt/CN=R3” 颁发的证书:
颁发的证书已经过期。
要以不安全的方式连接至 mirrors.tuna.tsinghua.edu.cn，使用“—no-check-certificate”。

使用如下命令
wget —no-check-certificate https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el8/gitlab-ce-12.10.0-ce.0.el8.x86_64.rpm

如果未安装 wget 安装命令
yum -y install wget
yum -y install setup
yum -y install perl

rpm -ivh gitlab-ce-12.10.0-ce.0.el8.x86_64.rpm

出错：错误：依赖检测失败：
policycoreutils-python-utils 被 gitlab-ce-12.10.0-ce.0.el8.x86_64 需要

执行： yum install policycoreutils-python-utils
出错：没有可用软件包 policycoreutils-python-utils。
执行： yum install -y epel-release
ps: 上述rpm 文件根据下载的文件

6、修改gitlab配置

vi /etc/gitlab/gitlab.rb
修改gitlab 访问地址和端口，默认为80 改为 82
external_url ‘http://gitlab.example.com‘
此处设置为域名或者云服务的外网ip
设置端口
nginx[‘listen_port’] = 82

7、重载配置及启动gitlab

gitlab-ctl reconfigure
gitlab-ctl restart

8、把端口号添加到防火墙（云服务，需要开通安全组中的端口）

firewall-cmd —zone=public —add-port =82/tcp -permanent
firewall-cmd —reload

9、测试gitlab是否部署成功，访问

http://ip(云服务的外网ip):端口（上述指定的端口）
出现如下界面，表示安装成功

10、卸载

rpm -e gitlab-ce

11、升级

1、确认安装方式： rpm -qa gitlab-ce

gitlab-ce-12.3.5-ce.0.el7.x86_643

2、查看当前版本：cat /opt/gitlab/embedded/service/gitlab-rails/VERSION

12.10.0

3、暂停gitlab ：gitlab-ctl stop

4、查看当前gitlab的状态： gitlab-ctl status

5、先升级到 12.10.14下载安装包，根据对应yum源网站的链接

参考：https://www.cnblogs.com/nf01/articles/15532069.html

wget —no-check-certificate https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el8/gitlab-ce-12.10.14-ce.0.el8.x86_64.rpm

wget —no-check-certificate https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el8/gitlab-ce-13.0.14-ce.0.el8.x86_64.rpm

wget —no-check-certificate https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el8/gitlab-ce-13.1.11-ce.0.el8.x86_64.rpm

升级前检查：

[root@VM-16-13-centos gitlab]# rpm -qa gitlab-ce
gitlab-ce-12.10.14-ce.0.el7.x86_64

查看服务状态

gitlab-ctl status

gitlab-rake gitlab:check SANITIZE=true —trace
gitlab-rake gitlab:check
gitlab-rake gitlab:check SANITIZE=true

停止服务及确认服务状态
gitlab-ctl stop
gitlab-ctl status

卸载旧包
[root@VM-16-13-centos packages]# rpm -qa gitlab-ce
gitlab-ce-12.10.14-ce.0.el7.x86_64

[root@VM-16-13-centos packages]# rpm -e rpm -qa gitlab-ce
Preparing… ################################# [100%]
Cleaning up / removing…
1:gitlab-ce-12.10.14-ce.0.el7 ################################# [100%]

安装过程时间较长，耐心等待：
packages]# rpm -ivh gitlab-ce-13.0.14-ce.0.el7.x86_64.rpm

部分服务启动失败，等待5分钟后执行如下命令：
[root@VM-16-13-centos packages]# gitlab-ctl restart
ok: run: alertmanager: (pid 29869) 0s
ok: run: gitaly: (pid 29881) 0s
ok: run: gitlab-exporter: (pid 29889) 0s
ok: run: gitlab-workhorse: (pid 29901) 1s
ok: run: grafana: (pid 29915) 0s
ok: run: logrotate: (pid 29933) 0s
ok: run: nginx: (pid 29939) 1s
ok: run: node-exporter: (pid 29943) 0s
ok: run: postgres-exporter: (pid 29953) 1s
timeout: down: postgresql: 0s, normally up, want up
ok: run: prometheus: (pid 30153) 0s
ok: run: redis: (pid 30165) 0s
ok: run: redis-exporter: (pid 30170) 1s
ok: run: sidekiq: (pid 30177) 0s
ok: run: unicorn: (pid 30183) 1s

加载配置：
gitlab-ctl reconfigure

再执行：
gitlab-ctl status
gitlab-ctl restart

5分钟后postgresql依然启动失败：
gitlab-ctl tail postgresql

看日志版本问题导致
[root@VM-16-13-centos gitlab]# gitlab-ctl tail postgresql
> /var/log/gitlab/postgresql/current <
2021-11-09_02:43:48.27844 FATAL: database files are incompatible with server
2021-11-09_02:43:48.27846 DETAIL: The data directory was initialized by PostgreSQL version 10, which is not compatible with this version 11.7.
2021-11-09_02:43:49.31173 FATAL: database files are incompatible with server
2021-11-09_02:43:49.31175 DETAIL: The data directory was initialized by PostgreSQL version 10, which is not compatible with this version 11.7.

]# cat /var/opt/gitlab/postgresql/data/PG_VERSION
10
]# /opt/gitlab/embedded/bin/pg_ctl —version
pg_ctl (PostgreSQL) 11.7
]# /opt/gitlab/embedded/bin/psql —version
psql (PostgreSQL) 11.7

grep “postgres|pg” /etc/gitlab/gitlab.rb

postgresql命令详解:
https://www.postgresql.org/docs/11/app-initdb.html

postgresql升级方法：
https://docs.gitlab.com/omnibus/settings/database.html#upgrade-packaged-postgresql-server

gitlab-ctl restart postgresql

13.0.14 升级遇到了postgresql版本11.7不兼容问题，我的解决方法是回滚到上一个版本12.10.14确保回滚成功，服务启动，页面访问正常。
然后按照官方文档执行https://docs.gitlab.com/omnibus/settings/database.html#upgrade-packaged-postgresql-server：
gitlab-ctl pg-upgrade
gitlab-psql -c “SELECT relname, last_analyze, last_autoanalyze FROM pg_stat_user_tables WHERE last_analyze IS NULL AND last_autoanalyze IS NULL;”
sudo gitlab-psql -c ‘SET statement_timeout = 0; ANALYZE VERBOSE;’

然后再升级13.0.14 后启动成功：
[root@VM-16-13-centos packages]# gitlab-ctl status
run: alertmanager: (pid 11690) 475s; run: log: (pid 1564) 250062s
run: gitaly: (pid 11705) 474s; run: log: (pid 1581) 250062s
run: gitlab-exporter: (pid 11721) 474s; run: log: (pid 1563) 250062s
run: gitlab-workhorse: (pid 11725) 474s; run: log: (pid 1562) 250062s
run: grafana: (pid 11742) 473s; run: log: (pid 1574) 250062s
run: logrotate: (pid 11755) 473s; run: log: (pid 1560) 250062s
run: nginx: (pid 11762) 472s; run: log: (pid 1575) 250062s
run: node-exporter: (pid 11767) 472s; run: log: (pid 1571) 250062s
run: postgres-exporter: (pid 11781) 472s; run: log: (pid 1559) 250062s
run: postgresql: (pid 11791) 471s; run: log: (pid 1587) 250062s
run: prometheus: (pid 11793) 471s; run: log: (pid 1561) 250062s
run: puma: (pid 11894) 470s; run: log: (pid 10587) 688s
run: redis: (pid 11899) 470s; run: log: (pid 1598) 250062s
run: redis-exporter: (pid 11904) 469s; run: log: (pid 1565) 250062s
run: sidekiq: (pid 11911) 469s; run: log: (pid 1580) 250062s

[root@VM-16-13-centos packages]# rpm -qa gitlab-ce
gitlab-ce-13.0.14-ce.0.el7.x86_64
[root@VM-16-13-centos packages]# cat /opt/gitlab/embedded/service/gitlab-rails/VERSION
13.0.14

页面访问验证ok
xxxx.gitlab.com

Gitlab 创建组、创建用户、创建项目

创建组

创建用户

创建项目

源码上传到Gitlab仓库

Jenkins安装

https://blog.csdn.net/gao112212/article/details/122620293

1、安装JDK

yum install java-1.8.0-openjdk* -y
安装目录为： /usr/lib/jvm

2、获取Jenkins 安装包

下载页面：https://www.jenkins.io/

下载并安装Jenkins

下载安装包
sudo wget -O /etc/yum.repos.d/jenkins.repo https://pkg.jenkins.io/redhat-stable/jenkins.repo
下载秘钥
sudo rpm —import https://pkg.jenkins.io/redhat-stable/jenkins.io.key
执行安装
yum install epel-release # repository that provides ‘daemonize’
已经安装jdk 无需安装
yum install java-11-openjdk-devel
安装Jenkins
yum install jenkins

编辑配置文件

vim /etc/sysconfig/jenkins
修改
JENKINS_USER=”jenkins” 改为 JENKINS_USER=”root”
JENKINS_PORT=”8080” 改为 JENKINS_PORT=”8070”

启动Jenkins

systemctl start jenkins
可能出现的问题

1、权限设置

chown -R root:root /var/lib/jenkins
chown -R root:root /var/cache/jenkins
chown -R root:root /var/log/Jenkins

2、如果未安装jdk，jenkins启动报错：Starting Jenkins bash: /usr/bin/java: 没有那个文件或目录

方式一：修改配置jenkins文件。
vim /etc/init.d/jenkins
将jdk 路径加入到此处

重新加载
systemctl daemon-reload
重启Jenkins
systemctl start jenkins
查看状态
systemctl status jenkins

访问测试

如果使用的是云服务记得开启安全组中端口号
访问 http://云服务外网地址:8070

安装成功！！！

由于Jenkins安装插件很慢，需要配置国内下载地址，此处选择：选择插件来安装

创建一个账号：例如 jenkins 123456

创建好了

Jenkins插件管理

这样做是为了把 Jenkins官方的插件列表下载到本地，接着修改地址文件，替换为国内插件地址
cd /var/lib/jenkins/updates

sed -i ‘s/http:\/\/updates.jenkins- ci.org\/download/https:\/\/mirrors.tuna.tsinghua.edu.cn\/jenkins/g’ default.json && sed -i ‘s/http:\/\/www.google.com/https:\/\/www.baidu.com/g’ default.json

然后在Manage Plugin 中点击Advanced，把Update Site改为国内插件下载地址
https://updates.jenkins.io/update-center.json 改为 https://mirrors.tuna.tsinghua.edu.cn/jenkins/updates/update-center.json

在8070后/restart 重启Jenkins

先安装汉化插件
Localization: Chinese (Simplified)

可以从这里安装插件

Jenkins用户权限管理

安装Role-based Authorization Strategy 权限

安装成功后设置

参考
https://blog.csdn.net/mcfnhm/article/details/119112712

Jenkins凭证管理

安装Credentials Binding 插件

配置git

安装git插件

Centos7上安装Git 工具

yum install git -y
git —version

用户密码类型

1、创建凭证

在项目中配置gitlab 地址

SSH 类型

1、使用root用户生成公钥和私钥

ssh-keygen -t rsa
在/root/.ssh/ 目录保存了公钥和使用
id_rsa : 私钥文件
id_rsa.pub : 公钥文件

2、把生成的公钥放在gitlab中

以root账户登录 -> 点击头像 -》 setting -》SSH Keys
复制id_rsa.pub 文件的内容到这里，点击“Add Key”

在Jenkins中添加私钥

Maven安装和配置

安装Maven

mkdir -p download

首先上传maven 软件到服务器
也可以直接下载 maven 到对应文件
wget https://dlcdn.apache.org/maven/maven-3/3.8.4/binaries/apache-maven-3.8.4-bin.tar.gz
解压
tar -xzf apache-maven-3.8.4-bin.tar.gz
创建目录
mkdir -p /opt/maven
移动
mv apache-maven-3.8.4 /opt/maven

配置环境变量

先查找下java 安装目录

[root@fwt usr]# which java
/usr/bin/java
[root@fwt usr]# ls -lrt /usr/bin/java
lrwxrwxrwx 1 root root 22 2月  14 14:30 /usr/bin/java -> /etc/alternatives/java
[root@fwt usr]# ls -lrt /etc/alternatives/java
lrwxrwxrwx 1 root root 73 2月  14 14:30 /etc/alternatives/java -> /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.312.b07-2.el8_5.x86_64/jre/bin/java
[root@fwt usr]# cd /usr/lib/jvm
[root@fwt jvm]# ll
总用量 0
lrwxrwxrwx 1 root root  26 2月  14 14:30 java -> /etc/alternatives/java_sdk
lrwxrwxrwx 1 root root  32 2月  14 14:30 java-1.8.0 -> /etc/alternatives/java_sdk_1.8.0
lrwxrwxrwx 1 root root  40 2月  14 14:30 java-1.8.0-openjdk -> /etc/alternatives/java_sdk_1.8.0_openjdk
drwxr-xr-x 9 root root 176 2月  14 14:30 java-1.8.0-openjdk-1.8.0.312.b07-2.el8_5.x86_64
drwxr-xr-x 3 root root  17 2月  14 14:30 java-1.8.0-openjdk-1.8.0.312.b07-2.el8_5.x86_64-slowdebug
lrwxrwxrwx 1 root root  34 2月  14 14:30 java-openjdk -> /etc/alternatives/java_sdk_openjdk
lrwxrwxrwx 1 root root  21 2月  14 14:30 jre -> /etc/alternatives/jre
lrwxrwxrwx 1 root root  27 2月  14 14:30 jre-1.8.0 -> /etc/alternatives/jre_1.8.0
lrwxrwxrwx 1 root root  35 2月  14 14:30 jre-1.8.0-openjdk -> /etc/alternatives/jre_1.8.0_openjdk
lrwxrwxrwx 1 root root  51 11月 13 16:29 jre-1.8.0-openjdk-1.8.0.312.b07-2.el8_5.x86_64 -> java-1.8.0-openjdk-1.8.0.312.b07-2.el8_5.x86_64/jre
lrwxrwxrwx 1 root root  61 11月 13 16:29 jre-1.8.0-openjdk-1.8.0.312.b07-2.el8_5.x86_64-slowdebug -> java-1.8.0-openjdk-1.8.0.312.b07-2.el8_5.x86_64-slowdebug/jre
lrwxrwxrwx 1 root root  29 2月  14 14:30 jre-openjdk -> /etc/alternatives/jre_openjdk

vi /etc/profile

# 方案一
export  JAVA_HOME=/usr/lib/jvm/java-1.8.0-openjdk
export  MAVEN_HOME=/opt/maven/apache-maven-3.8.4
export  PATH=$PATH:$JAVA_HOME/bin:$MAVEN_HOME/bin


# 方案二

export  JAVA_HOME=/usr/lib/jvm/java-1.8.0-openjdk
export CLASSPATH=.:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/jre/lib/rt.jar:$JAVA_HOME/lib/tools.jar

export  MAVEN_HOME=/opt/maven/apache-maven-3.8.4
export  PATH=$PATH:$JAVA_HOME/bin:$MAVEN_HOME/bin

配置生效
source /etc/profile
mvn -v

全局工具配置关联JDK 和Maven

配置jdk

添加jerkins 全局变量

配置JAVA_HOME 、MAVEN_HOME 、PATH+EXTRA

JAVA_HOME : /usr/lib/jvm/java-1.8.0-openjdk
M2_HOME : /opt/maven/apache-maven-3.8.4
PATH+EXTRA : $M2_HOME/bin

修改maven的setting.xml

创建仓库
mkdir /root/repo
vi /opt/maven/apache-maven-3.8.4/conf/setting.xml
修改仓库
/root/repo

添加阿里云私服地址

<mirror>  
      <id>alimaven</id>  
      <name>aliyun maven</name>  
      <url>https://maven.aliyun.com/repository/public/</url>  
      <mirrorOf>central</mirrorOf>          
    </mirror>

Tomcat安装和配置

安装tomcat8.5

安装jdk (已安装)
wget https://dlcdn.apache.org/tomcat/tomcat-8/v8.5.75/bin/apache-tomcat-8.5.75.tar.gz

解压
tar -xzf apache-tomcat-8.5.75.tar.gz
创建目录
mkdir -p /opt/tomcat
移动文件
mv /download/apache-tomcat-8.5.75 /opt/tomcat
启动tomcat
/opt/tomcat/bin
启动Tomcat
./startup.sh

配置Tomcat用户权限

进入到tomcat 配置文件
cd /opt/tomcat/apache-tomcat-8.5.75/conf
修改 tomcat-users.xml
但是，后续Jenkins部署项目到Tomcat服务器，需要用到Tomcat的用户，所以修改tomcat以下配置，
添加用户及权限
vi tomcat-users.xml
内容如下：

<tomcat-users>
  <role rolename="tomcat"/>
  <role rolename="role1"/>
  <role rolename="manager-script"/>
  <role rolename="manager-gui"/>
  <role rolename="manager-status"/>
  <role rolename="admin-gui"/>
  <role rolename="admin-script"/>
  <user username="tomcat" password="tomcat" roles="manager-gui,manager-script,tomcat,admin-gui,admin-script"/>
</tomcat-users>

用户和密码都是：tomcat
注意：为了能够刚才配置的用户登录到Tomcat，还需要修改以下配置
vi /opt/tomcat/apache-tomcat-8.5.75/webapps/manager/META-INF/context.xml

<!--
<Valve className="org.apache.catalina.valves.RemoteAddrValve"
allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" />
--
>

把上面这行注释掉即可！
重启Tomcat，访问测试
/opt/tomcat/bin/shutdown.sh 停止
/opt/tomcat/bin/startup.sh 启动

2、Jenkins安装和持续集成环境配置