文章加密

;

2023年3月7日 星期二

為你自己學 GitLab CI/CD - 高見龍




merge 兩個分支,不管如何B的蓋過A: 

git merge B

git checkout --theirs *<conflict file>




實作上我在runner server上裝了docker 

ubuntu默認上沒有ssh: https://linuxhint.com/configure-authorized-keys-ssh-ubuntu/


林彥成: https://linyencheng.github.io/2022/05/30/devops-gitlab-ci-and-gitlab-runner/

高見龍yt: https://www.youtube.com/watch?v=zCFFot5HnEw&list=PLBd8JGCAcUAEwyH2kT1wW2BUmcSPQzGcu&index=2

gitlab: https://gitlab.com/kaochenlong/shopping-cat-v2 (已有fork到自己的repo)

doc.gitlab variables: https://docs.gitlab.com/ee/ci/variables/predefined_variables.html


cloud server:  aws / gcp / digitalOcean

ssh username@ip   // 連線到遠端機

uname -a // 印出當前機器的環境(ex: darwin, ubuntu...),是linux指令


用自己的runner設定:

1. install gitlab runner on server (maybe cloud server)

2. use "gitlab runner register" cmd to register it to gitlab project

3. add runner tag in gitlab-ci.yml

接著

4. testing: 先在runner環境上裝docker,根據test code使用的技術安裝相關的image,例如deno

5.built(built image) 

用Dockerfile打包,寫法參考https://philipzheng.gitbook.io/docker_practice/dockerfile/instructions,可配合.dockerignore忽略不用打包的檔案

FROM node:lts-alpine3.17 (我猜這樣寫)
WORKDIR /app  (表示希望在image裡面建立一個/app的資料夾)
COPY . /app (表示複製當前位置全部到/app的資料夾,全部但不包含.dockerignore所提及的)
EXPOSE 8000 (application開起來時的port)
RUN npm i (我猜這樣寫)
RUN npm run build (我猜這樣寫)

寫好Dockerfile後

docker build -t <生成的image_name> .   // -t表示要命名,.表示在當前目錄(尋找dockerfile)


** runner沒有權限執行docker,可以在runner機器上用usermod -aG docker gitlab-runer


6.publish(push image to gitlab registry)(optional)

7.deploy_to_dev

利用ssh-keygen指令建立一組public key-private key,連線到正式機,在authorized_keys檔案裡加入公鑰=>  vi authorized_keys

在gitlab 平台>設定>cicd>變數 加入 1.私鑰  2.正式機ip  3.連線的usernae

before_script:
    - eval $(ssh-agent -s)  
    - ssh-add <(echo "$SERVER_PRIVATE_KEY") //把echo出來的內容家到ssh-add裡
script:
    - scp -o StrictHostKeyChecking=no ./docker-compose.yml $SERVER_USER@$SERVER_URL:$HOME
    - ssh -o StrictHostKeyChecking=no $SERVER_USER@$SERVER_URL 
      "
      docker compose down &&
      docker compose up -d
      " // ""裡是成功連線後要執行的指令

// 有了公私鑰的關係才能進行連線
// ssh-agent: 進行公鑰驗證時,讓遠端主機可以存取儲存您的私人鑰匙(啟動ssh-agent)
// ssh-agent — OpenSSH authentication agent
// ssh-add — adds private key identities to the OpenSSH authentication
     agent
// -o StrictHostKeyChecking=no 這段是避免第一次連線時跳出詢問"是否確定要連線到那台機器"
// scp: Secure Copy主機間進行加密安全的複製

8.deploy_to_staging
9.environment 這個寫法可以把deploy的網址跟名稱存在gitlab > Deployments > Environments裡,如下
environment:
    name: dev
    url: http://localhost:3000


10.用樣板繼承方式讓deploy_to_dev和deploy_to_staging看起來更簡潔
樣板job名稱前面通常會加.,表示為樣板,不能單獨執行會壞掉
寫法如下
.deploy:
  variables:
    SERVER_PRIVATE_KEY: ""
    SERVER_USER: ""
    SERVER_URL: ""
    HOME: ""
    ENV: ""
    APP_PORT: ""

  before_script:
    - eval $(ssh-agent -s)
    - ssh-add <(echo "$SERVER_PRIVATE_KEY")
  script:
    - scp -o StrictHostKeyChecking=no ./docker-compose.yml $SERVER_USER@$SERVER_URL:$HOME
    - ssh -o StrictHostKeyChecking=no $SERVER_USER@$SERVER_URL "
      export COMPOSE_PROJECT_NAME=$ENV
      export APP_PORT=$APP_PORT
      docker compose down &&
      docker compose up -d
      "

  environment:
    name: $ENV
    url: http://$SERVER_URL:$APP_PORT

deploy-to-dev:
  stage: deploy_to_dev
  extends: .deploy
  variables:
    SERVER_PRIVATE_KEY: $DEV_SERVER_PRIVATE_KEY
    SERVER_USER: $DEV_SERVER_USER
    SERVER_URL: $DEV_SERVER_URL
    ENV: dev
    HOME: /root
    APP_PORT: 3000 
11. 手動執行job: 加上when:manual
如下
deploy-to-do:
  stage: deploy_to_production
  needs:
    - run-test-on-staging
  extends: .deploy
  when: manual
  variables:
    SERVER_PRIVATE_KEY: $DEV_SERVER_PRIVATE_KEY
    SERVER_USER: $DEV_SERVER_USER
    SERVER_URL: $DEV_SERVER_URL
    ENV: production-do
    HOME: /root
    APP_PORT: 80

12. artifacts 
例如:
run-tests:
  stage: testing
  image: denoland/deno:latest
  script:
    - deno test > test-report.txt
  artifacts:
    paths:
      - test-report.txt
    expire_in: "30 days"




Dockerfile vs docker-compose: What's the difference?

The contents of a Dockerfile describe how to create and build a Docker image, while docker-compose is a command that runs Docker containers based on settings described in a docker-compose.yaml file.

https://www.theserverside.com/blog/Coffee-Talk-Java-News-Stories-and-Opinions/Dockerfile-vs-docker-compose-Whats-the-difference


Dockerfile 寫好這個才能用docker

docker-compose.yml 把原本的docker相關指令寫在這裡面,然後用docker-compose up 一起執行

關閉時用docker-compose down,要背景執行的話加 -d

example: https://docs.docker.com/compose/gettingstarted/



docker run -p 80:8000 -d registry.gitlab.com/xxx/xxx (image path)  

// -d: 背景執行

// 我的本地3000對到遠端機的8000

這個指令改寫成 docker-compose.yml 如下

version: "3.9"  (意義就像package.json裡會有的版號)

services:
  cat:
    image: registry.gitlab.com/xxx/xxx
    ports:
      - 80:8000
    restart: always


linux的指令: 

cat $abc > test.txt // 把變數abc的內容寫入test.txt裡


pm2

https://pm2.keymetrics.io/

https://s103071049.coderbridge.io/2021/08/12/nginx-pm2/


選用 Executor :

  • Shell:即是 Runner 直接在自己的 Local 環境執行 CI Job,因此如果你的 CI Job 要執行各種指令,例如 make、npm、composer⋯⋯,則需要事先確定在此 Runner 的 Local 環境是否已具備執行 CI Job 所需的一切相依程式與套件。

ref: https://chengweichen.com/2021/03/gitlab-ci-executor.html


How to use if-else condition on gitlabci

https://stackoverflow.com/questions/54761464/how-to-use-if-else-condition-on-gitlabci/55464100#55464100

https://docs.gitlab.com/ee/ci/yaml/#rules


shell (script)教程

业界所说的 shell 通常都是指 shell 脚本,但读者朋友要知道,shell 和 shell script 是两个不同的概念。

在一般情况下,人们并不区分 Bourne Shell 和 Bourne Again Shell,所以,像 #!/bin/sh,它同样也可以改为 #!/bin/bash

https://www.runoob.com/linux/linux-shell.html


command prompt (use shell scripting language, like bash, sh, or csh)

  • If you're unsure of what commands to use, you can type "Help" into Command Prompt. This makes a list appear with different common commands you can use.
  • Get more information about a command by typing "/?" at the end. This gives you additional information about changing how that command works. ex: cd/?
  • Keep your computer clean and issue-free by running "sfc/ scannow" in the Command Prompt window. This System File Checker tool can help you identify and fix issues by scanning all your protected files. It also repairs broken files to improve performance on your computer.

Common commands to use in Command Prompt

  • systeminfo: This displays specific properties and configurations for your computer.
  • tasklist: This displays all active tasks and services.
  • taskkill: This stops a process or application.
  • time: This sets the computer's time.
  • type: This displays all the contents within a text file.
  • ver: This shows the Windows version on your computer.
  • verify: This tells Windows whether your files are written correctly to a disk.
  • xcopy: This copies files and directory trees.


Gitlab CI/CD for npm packages: 

https://dev.to/kristijankanalas/gitlab-ci-cd-for-npm-packages-4ncj

沒有留言:

張貼留言