思路
- 合并代码到master分支,触发Pipeline Job
- GitLab Runner Job拉取最新代码
- 创建部署用docker image
- 提交docker image到GitLab Container Registry
- SSH登录部署主机,拉取最新image
- 重启docke容器
准备工作 注册自己的Gitlab runner
- 准备编译服务器Ubuntu
- 下载安装包
# Replace ${arch} with any of the supported architectures, e.g. amd64, arm, arm64
# A full list of architectures can be found here https://gitlab-runner-downloads.s3.amazonaws.com/latest/index.html
curl -LJO "https://gitlab-runner-downloads.s3.amazonaws.com/latest/deb/gitlab-runner_${arch}.deb"
- 安装deb包
dpkg -i gitlab-runner_<arch>.deb
- runner的docker权限添加
sudo usermod -aG docker gitlab-runner
- executor: 类型根据情况修改,一般使用docker
sudo gitlab-runner register \
--non-interactive \
--url "https://gitlab.com/" \
--registration-token "PROJECT_REGISTRATION_TOKEN" \
--executor "docker" \
--name "docker-runner" \
--description "docker-runner" \
--tag-list "docker,aws" \
--run-untagged="true" \
--locked="false" \
--access-level="not_protected" \
--docker-image "docker:19.03.12" \
--docker-privileged \
--docker-volumes "/certs/client"
- 查看登录情况(TLS启用情况)
cat /etc/gitlab-runner/config.toml
[[runners]]
name = "docker-runner"
url = "https://gitlab.com/"
token = TOKEN
executor = "docker"
[runners.docker]
tls_verify = false
image = "docker:19.03.12"
privileged = true
disable_cache = false
volumes = ["/certs/client", "/cache"]
[runners.cache]
[runners.cache.s3]
[runners.cache.gcs]
- GitLab分组查看注册的runner
配置GitLab与服务器
ssh-keygen -t rsa -b 2048
- 添加id_rsa.pub内容到部署服务器
- 上传文件id_rsa.pub到部署服务器
- /home/ubuntu/.ssh - 添加认证信息到authorized_keys
- cat id_rsa.pub >> ~/.ssh/authorized_keys - 部署服务器docker-compose.yml配置
- 修改.gitlab-ci.yml添加ssh命令
- 多行命令用&&链接
image: docker:19.03.12
services:
- docker:19.03.12-dind
stages:
- build
- deploy
variables:
DOCKER_TLS_CERTDIR: "/certs"
IMAGE_TAG: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG
before_script:
- echo "$CI_REGISTRY"
- echo "$IMAGE_TAG"
- echo "$CI_REGISTRY_USER"
- echo "$CI_REGISTRY_PASSWORD"
- echo "$CI_REGISTRY_PASSWORD" | docker login $CI_REGISTRY --username $CI_REGISTRY_USER --password-stdin
build:
stage: build
script:
- docker build -t $IMAGE_TAG .
- docker push $IMAGE_TAG
deploy:
stage: deploy
script:
- 'command -v ssh-agent >/dev/null || ( apt-get update -y && apt-get install openssh-client -y )'
- eval $(ssh-agent -s)
- echo "$SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add -
- mkdir -p ~/.ssh
- chmod 700 ~/.ssh
- ssh-keyscan $SSH_KNowN_HOST >> ~/.ssh/kNown_hosts
- chmod 644 ~/.ssh/kNown_hosts
- ssh $SSH_KNowN_HOST_USER@$SSH_KNowN_HOST "sudo echo $CI_REGISTRY_PASSWORD | docker login $CI_REGISTRY --username $CI_REGISTRY_USER --password-stdin && docker pull $IMAGE_TAG && docker-compose -f /home/ubuntu/docker-compose.yml restart"
only:
- main
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。