参考:https://www.qikqiak.com/post/gitlab-ci-k8s-cluster-feature/
1. 创建部署令牌和变量
Kubernetes需要从项目的GitLab容器注册表中获取定制的Docker映像
- 在GitLab中创建docker 镜像库部署令牌
- 使用我们的部署令牌凭据创建环境变量
- 创造和使用 kubernetes image pull secret
(1)创建部署令牌
项目 -> 设置 -> 仓库 -> 部署令牌 -> 创建部署令牌
gitlab+deploy-token-1
Wt7soWvUeRkHg2f79J1C
(2)创建变量
项目 -> 设置 -> CI/CD -> 变量
2. 部署
// .gitalb-ci.yml
variables:
REGISTRY: $CI_REGISTRY/edu-java-demo/edu-java-spring
MAVEN_OPTS: "-Dmaven.repo.local=.m2"
stages:
- test
- build
- package
- review
test:
stage: test
image: harbor.xiodi.cn/tools/openjdk:11.0.6
tags:
- docker
- host20133-docker
script:
- chmod +x ./mvnw && ./mvnw test
cache:
key: maven-repo-cache
paths:
- .m2
build:
stage: build
image: harbor.xiodi.cn/tools/openjdk:11.0.6
tags:
- docker
- host20133-docker
script:
- chmod +x ./mvnw && ./mvnw package
cache:
key: maven-repo-cache
paths:
- .m2
artifacts:
paths:
- target/*.jar
expire_in: 1 week
docker-package:
stage: package
image: harbor.xiodi.cn/tools/docker:18.09.9
services:
- docker:18.09-dind
tags:
- docker
- host20133-docker
variables:
REGISTRY_VERSION: $CI_COMMIT_SHORT_SHA
script:
- export
- docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
- docker build -t $REGISTRY:$CI_COMMIT_SHORT_SHA -f Dockerfile .
- docker push $REGISTRY:$CI_COMMIT_SHORT_SHA
deploy_review:
stage: review
image: harbor.xiodi.cn/tools/kubectl:1.14.8
variables:
INGRESS_HOST: ${CI_COMMIT_REF_SLUG}.xiodi.cn
REGISTRY_VERSION: $CI_COMMIT_SHORT_SHA
tags:
- docker
- host20133-docker
environment:
name: review/$CI_COMMIT_REF_NAME
url: http://${CI_COMMIT_REF_SLUG}.xiodi.cn/hello
on_stop: stop_review
auto_stop_in: 7 day
script:
- kubectl delete --ignore-not-found=true secret regcred
- kubectl create secret docker-registry regcred --docker-server=$CI_REGISTRY --docker-username=$GITLAB_DEPLOY_USER --docker-password=$GITLAB_DEPLOY_PW
- cat Deploy/kubernetes/deployment-edu-java-spring.yml | envsubst | kubectl apply -f -
- cat Deploy/kubernetes/service-edu-java-spring.yml | envsubst | kubectl apply -f -
- cat Deploy/kubernetes/ingress-edu-java-spring.yml | envsubst | kubectl apply -f -
stop_review:
stage: review
image: harbor.xiodi.cn/tools/kubectl:1.14.8
variables:
GIT_STRATEGY: none
tags:
- docker
- host20133-docker
environment:
name: review/$CI_COMMIT_REF_NAME
action: stop
script:
- kubectl delete --ignore-not-found=true secret regcred
- kubectl delete --ignore-not-found=true -f Deploy/kubernetes/ingress-edu-java-spring.yml
- kubectl delete --ignore-not-found=true -f Deploy/kubernetes/service-edu-java-spring.yml
- kubectl delete --ignore-not-found=true -f Deploy/kubernetes/deployment-edu-java-spring.yml
when: manual