gitlab-ci自动化构建配置与通知
创建注册Runner
https://docs.gitlab.com/runner/install/docker.html
mkdir /root/gitlab-runner
vim docker-compose.yml
version: '3.3'
services:
gitlab-runner:
container_name: gitlab-runner
restart: always
volumes:
- './config:/etc/gitlab-runner'
- '/var/run/docker.sock:/var/run/docker.sock'
image: 'gitlab/gitlab-runner:latest'
# 运行docker
docker-compose up -d
# 进入docker配置gitlab runner
docker exec -it gitlab-runner bash
# 获取gitlab runner token去注册 注册2次
gitlab-runner register --url <http://192.168.11.202/> --registration-token iBaYd2fPi6YhecwWmu9
# Enter an executor 执行器选择docker 第二次shell
docker shell
# 出现以下内容 注册成功
# Runner registered successfully. Feel free to start it, but if it's running already the config should be automatically reloaded!
这里注册2次runnder是因为 一个CI用 ,一个CD用。 为了编译的环境隔离CI的执行器选择使用docker,CD的时候执行器选择shell通过rasyc统一部署文件。
配置CICD环境变量
SERVER_IP 服务器IP
PORT 服务器SSH端口
DEPLOY_RSA 文件类型变量 存的密钥对 私钥 (提前把rsa密钥对生成好,windows复制到gitlab文本框可能存在编码不对的问题导致ssh验证权限失败)
Java gitlab-ci.yml
stages:
- build-maven
- deploy
variables:
PROJECT_FILE_NAME: "data-big-screen-1.0.jar" # 自定义项目名称变量
PROJECT_DIR: "/home/big-screen/service" # 自定义项目部署服务器的文件夹位置
MAVEN_OPTS: "-Dmaven.repo.local=$CI_PROJECT_DIR/.m2/repository"
maven:
stage: build-maven
image: maven:3-jdk-11
only:
- master
cache:
paths:
- .m2/repository
script:
- mvn clean package -DskipTests=true --settings ./settings.xml
tags:
- ci
artifacts:
expire_in: 6 months # 设置制品在 6 个月后过期
name: "Maven artifacts from $CI_PROJECT_NAME on $CI_COMMIT_REF_SLUG"
paths:
- "target/$PROJECT_FILE_NAME"
job-release:
only:
- master
stage: deploy
dependencies:
- maven
tags:
- cd
- shell
script:
# 以下命令执行前首先要生成RSA公私密钥对 把id_rsa.pub 公钥copy扔到服务器上 ~/.ssh/authorized_keys里面 没有就创建此文件
- mkdir -p ~/.ssh
- cp $DEPLOY_RSA ~/.ssh/id_rsa
- chmod 600 ~/.ssh/id_rsa
- ssh-keyscan -H -p $PORT $SERVER_IP >> ~/.ssh/known_hosts
- chmod 644 ~/.ssh/known_hosts
# 创建项目目录
- ssh -p $PORT root@$SERVER_IP "mkdir -p $PROJECT_DIR"
# 检查rsync是否安装
- ssh -p $PORT root@$SERVER_IP "command -v rsync >/dev/null 2>&1 || { echo 'Installing rsync...'; apt-get update && apt-get install -y rsync; }"
- rsync -avzP -e "ssh -p $PORT" target/$PROJECT_FILE_NAME startup.sh root@$SERVER_IP:$PROJECT_DIR/
# 运行重启脚本
- ssh -p $PORT root@$SERVER_IP "PROJECT_FILE_NAME=$PROJECT_FILE_NAME PROJECT_DIR=$PROJECT_DIR bash $PROJECT_DIR/startup.sh"
Javastartup.sh启动脚本,放在项目的根目录下
#!/bin/bash
PROJECT_FILE_NAME="${PROJECT_FILE_NAME:-app.jar}" # Default if not set
PROJECT_DIR="${PROJECT_DIR:-/home/service}"
LOG_FILE="$PROJECT_DIR/logs.log"
# Check if the JAR is running and stop it if so
if pgrep -f "$PROJECT_FILE_NAME" > /dev/null; then
echo "$PROJECT_FILE_NAME is currently running. Stopping the application..."
pkill -f "$PROJECT_FILE_NAME"
else
echo "$PROJECT_FILE_NAME is not running."
fi
# Start the new JAR file
nohup java -jar -Xmx2G -Xms2G "$PROJECT_DIR/$PROJECT_FILE_NAME" > "$LOG_FILE" 2>&1 &
echo "Application started."
前端 gitlab-ci.yml
推荐先配置好nginx目录地址然后再执行构建测试,比如我这里ng的文件目录为home/cmgp3/front
stages:
- npm-build
- deploy
variables:
PROJECT_DIR: "/home/cmgp3/front" # 自定义项目部署服务器的文件夹位置
ARTIFACT_NAME: "dist.tar.gz" # 压缩产物
build-node:
image: node:20-alpine
stage: npm-build
only:
- ahswj
tags:
- ops
- ci
cache:
key:
files:
- package-lock.json
paths:
- .npm/
script:
- npm config set registry <https://registry.npmmirror.com>
- npm ci --cache .npm --prefer-offline
- NODE_ENV=production npm run build
- tar -czf $ARTIFACT_NAME -C dist .
artifacts:
expire_in: 1 year
paths:
- $ARTIFACT_NAME
job-release:
stage: deploy
only:
- ahswj
dependencies:
- build-node
tags:
- ops
- cicd
script:
- mkdir -p ~/.ssh
- cp $AHSWJ_22_SSH_RSA ~/.ssh/id_rsa
- chmod 600 ~/.ssh/id_rsa
- ssh-keyscan -H -p $SERVER_IP_PORT $SERVER_IP >> ~/.ssh/known_hosts
- chmod 644 ~/.ssh/known_hosts
- echo "Deploying to $SERVER_IP:$SERVER_IP_PORT"
- ssh -p $SERVER_IP_PORT $SERVER_IP "mkdir -p $PROJECT_DIR &&rm -rf $PROJECT_DIR/* || true"
- rsync -avzP -e "ssh -p $SERVER_IP_PORT" $ARTIFACT_NAME $SERVER_IP:$PROJECT_DIR/
- ssh -p $SERVER_IP_PORT $SERVER_IP "tar -xzf $PROJECT_DIR/$ARTIFACT_NAME -C $PROJECT_DIR"
拓展gitlab ci构建或其他消息通知到企业微信
https://github.com/jahn1612/gitlab-bot
clone 此项目并根据文档编辑compose
version: '3.0'
services:
bot:
build: .
restart: unless-stopped
ports:
- 7001:7001
environment:
- "CONTEXT_PATH=/"
- "WEBHOOK_URL_BENBU=https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=06e2eb3-61ed-4da4-3e7-6704a54acd34"
deploy:
replicas: 1
resources:
reservations:
cpus: '1'
memory: 64M
limits:
cpus: '2'
memory: 256M
update_config:
parallelism: 1
delay: 10s
restart_policy:
condition: on-failure
如以上配置后根据文档填入gitlab的webhook中, _BENBU是推送组 为:benbu
这里的组可以是项目组,或者成员组,具体看企业微信机器人群中的服务范围。