参考:https://www.qikqiak.com/post/gitlab-ci-k8s-cluster-feature/

1. 创建部署令牌和变量

Kubernetes需要从项目的GitLab容器注册表中获取定制的Docker映像

  • 在GitLab中创建docker 镜像库部署令牌
  • 使用我们的部署令牌凭据创建环境变量
  • 创造和使用 kubernetes image pull secret

(1)创建部署令牌

项目 -> 设置 -> 仓库 -> 部署令牌 -> 创建部署令牌

7.2 部署令牌和映像拉取 secrets - 图1

gitlab+deploy-token-1
Wt7soWvUeRkHg2f79J1C

(2)创建变量

项目 -> 设置 -> CI/CD -> 变量

7.2 部署令牌和映像拉取 secrets - 图2

2. 部署

// .gitalb-ci.yml

  1. variables:
  2.   REGISTRY: $CI_REGISTRY/edu-java-demo/edu-java-spring
  3.   MAVEN_OPTS: "-Dmaven.repo.local=.m2"
  5. stages:
  6.   - test
  7.   - build
  8.   - package
  9.   - review
  11. test:
  12.   stage: test
  13.   image: harbor.xiodi.cn/tools/openjdk:11.0.6
  14.   tags:
  15.     - docker
  16.     - host20133-docker
  17.   script:
  18.     - chmod +x ./mvnw && ./mvnw test
  19.   cache:
  20.     key: maven-repo-cache
  21.     paths:
  22.       - .m2
  24. build:
  25.   stage: build
  26.   image: harbor.xiodi.cn/tools/openjdk:11.0.6
  27.   tags:
  28.     - docker
  29.     - host20133-docker
  30.   script:
  31.     - chmod +x ./mvnw && ./mvnw package
  32.   cache:
  33.     key: maven-repo-cache
  34.     paths:
  35.       - .m2
  36.   artifacts:
  37.     paths:
  38.       - target/*.jar
  39.     expire_in: 1 week
  41. docker-package:
  42.   stage: package
  43.   image: harbor.xiodi.cn/tools/docker:18.09.9
  44.   services:
  45.     - docker:18.09-dind
  46.   tags:
  47.     - docker
  48.     - host20133-docker
  49.   variables:
  50.     REGISTRY_VERSION: $CI_COMMIT_SHORT_SHA
  51.   script:
  52.     - export
  53.     - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
  54.     - docker build -t $REGISTRY:$CI_COMMIT_SHORT_SHA -f Dockerfile .
  55.     - docker push $REGISTRY:$CI_COMMIT_SHORT_SHA
  57. deploy_review:
  58.   stage: review
  59.   image: harbor.xiodi.cn/tools/kubectl:1.14.8
  60.   variables:
  61.     INGRESS_HOST: ${CI_COMMIT_REF_SLUG}.xiodi.cn
  62.     REGISTRY_VERSION: $CI_COMMIT_SHORT_SHA
  63.   tags:
  64.     - docker
  65.     - host20133-docker
  66.   environment:
  67.     name: review/$CI_COMMIT_REF_NAME
  68.     url: http://${CI_COMMIT_REF_SLUG}.xiodi.cn/hello
  69.     on_stop: stop_review
  70.     auto_stop_in: 7 day
  71.   script:
  72.     - kubectl delete --ignore-not-found=true secret  regcred
  73.     - kubectl create secret docker-registry regcred --docker-server=$CI_REGISTRY --docker-username=$GITLAB_DEPLOY_USER --docker-password=$GITLAB_DEPLOY_PW
  74.     - cat Deploy/kubernetes/deployment-edu-java-spring.yml | envsubst | kubectl apply -f -
  75.     - cat Deploy/kubernetes/service-edu-java-spring.yml | envsubst | kubectl apply -f -
  76.     - cat Deploy/kubernetes/ingress-edu-java-spring.yml | envsubst | kubectl apply -f -
  78. stop_review:
  79.   stage: review
  80.   image: harbor.xiodi.cn/tools/kubectl:1.14.8
  81.   variables:
  82.     GIT_STRATEGY: none
  83.   tags:
  84.     - docker
  85.     - host20133-docker
  86.   environment:
  87.     name: review/$CI_COMMIT_REF_NAME
  88.     action: stop
  89.   script:
  90.     - kubectl delete --ignore-not-found=true secret regcred
  91.     - kubectl delete --ignore-not-found=true -f Deploy/kubernetes/ingress-edu-java-spring.yml
  92.     - kubectl delete --ignore-not-found=true -f Deploy/kubernetes/service-edu-java-spring.yml
  93.     - kubectl delete --ignore-not-found=true -f Deploy/kubernetes/deployment-edu-java-spring.yml
  94.   when: manual