.gitlab-ci.yml文件编写说明
大概念
- gitlab8.0开始:整合了gitlab CI,项目中增加.gitlab-ci.yml即可。
- GitLab CI:管理各个项目的构建状态。
- Runner:可安装在任意机器,连接gitlab,执行构建任务,进行持续集成。(不影响gitlab性能)
- 在项目根目录添加.gitlab-ci.yml之后,每次提交或者合并都会自动运行构建任务。
小概念
- Pipeline 流水线 构建任务
- Stages 流程 构建阶段
- Jobs 作业 构建工作
明细
- 一个pipeline就是一次构建,一个构建包括多个构建阶段stages(编译,测试,部署),每个构建阶段由具体作业jobs组成。
- 构建阶段stages是顺序执行,一个失败则后面的阶段不执行,整个构建任务失败。
- 每个构建阶段stages可以有一个或多个jobs,jobs是并行执行,全部成功,stages才会成功;任意jobs失败,整个构建任务失败。
注意
- 部署公钥:gitlab服务端增加,各项目允许。私钥通过变量传到runner
- 传输私钥放到runner(通过变量传到runner)
- 可以在提交代码时备注上
ci skip
,即可忽略本次提交的CI流程
安装gitlab
https://www.gitlab.com.cn/
yum install curl policycoreutils openssh-server openssh-clients
yum install postfix
systemctl enable postfix
systemctl start postfix
curl -sS http://packages.gitlab.com.cn/install/gitlab-ce/script.rpm.sh | sudo bash
yum install gitlab-ce
https://gems.ruby-china.org 镜像加快 gems 安装
gitlab-ctl reconfigure
迁移gitlab数据(版本要一致)
gitlab-rake gitlab:backup:create
/var/opt/gitlab/backups
gitlab-ctl stop unicorn
gitlab-ctl stop sidekiq
gitlab-rake gitlab:backup:restore BACKUP=[ID]
gitlab-ctl start
汉化
yum -y install patch
git clone https://gitlab.com/xhang/gitlab.git
cat /opt/gitlab/embedded/service/gitlab-rails/VERSION
cd gitlab/
git diff v9.5.4 v9.5.4-zh>../9.5.4-zh.diff
cd ../
gitlab-ctl stop
patch -d /opt/gitlab/embedded/service/gitlab-rails -p1 < 9.5.4-zh.diff
gitlab-ctl start
gitlab-ctl reconfigure
增加https支持
vi /etc/gitlab/gitlab.rb
external_url 'https://git.blizzmi.cn'
nginx['redirect_http_to_https'] = true
nginx['ssl_certificate'] = "/etc/gitlab/ssl/1.crt"
nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/1.key"
gitlab-ctl reconfigure
https+mail配置
grep -v "^#" /etc/gitlab/gitlab.rb|grep -v "^$"
external_url 'https://git.blizzmi.cn';
gitlab_rails['time_zone'] = 'PRC'
gitlab_rails['gitlab_email_from'] = 'system@blizzmi.com'
gitlab_rails['smtp_enable'] = true
gitlab_rails['smtp_address'] = "smtp.partner.outlook.cn"
gitlab_rails['smtp_port'] = 587
gitlab_rails['smtp_user_name'] = "system@blizzmi.com"
gitlab_rails['smtp_password'] = "Bx@mail@0066"
gitlab_rails['smtp_domain'] = "smtp.partner.outlook.cn"
gitlab_rails['smtp_authentication'] = "login"
gitlab_rails['smtp_enable_starttls_auto'] = true
gitlab_rails['smtp_openssl_verify_mode'] = 'peer'
nginx['enable'] = true
nginx['redirect_http_to_https'] = true
nginx['ssl_certificate'] = "/etc/gitlab/ssl/1.crt"
nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/1.key"
gitlab-ci runner 安装
vi /etc/yum.repos.d/gitlab-ci-multi-runner.repo
[gitlab-ci-multi-runner]
name=gitlab-ci-multi-runner
baseurl=https://mirrors.tuna.tsinghua.edu.cn/gitlab-ci-multi-runner/yum/el7
repo_gpgcheck=0
gpgcheck=0
enabled=1
gpgkey=https://packages.gitlab.com/gpg.key
sudo yum makecache
sudo yum install gitlab-ci-multi-runner
HTTPS的git需要在runner服务器增加证书
echo -n | openssl s_client -showcerts -connect git.blizzmi.cn:443 2>/dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' >> /etc/ssl/certs/ca-certificates.crt
注册runner
gitlab-runner register
ca-certificates.crt
/etc/gitlab-runner/config.toml配置实例-old
concurrent = 100
check_interval = 0
[[runners]]
name = "centos"
url = "https://git.blizzmi.com";;
token = "0f3902486ddb57314eee58cb36f42d"
executor = "shell"
environment = ["GIT_SSL_NO_VERIFY=true"]
[runners.cache]
[[runners]]
name = "testcentos"
url = "https://git.blizzmi.cn";;
token = "2fbedbb7b8f163beb5340d25f20543"
executor = "shell"
environment = ["GIT_SSL_NO_VERIFY=true"]
[runners.cache]
[[runners]]
name = "testdocker"
url = "https://git.blizzmi.cn";;
token = "447ed7cb74eb680ebdce7db6064e1a"
executor = "docker"
environment = ["GIT_SSL_NO_VERIFY=true"]
[runners.docker]
tls_verify = false
image = "cerl"
privileged = false
disable_cache = false
volumes = ["/cache","/var/log/test:/builds:rw"]
pull_policy = "if-not-present"
shm_size = 0
[runners.cache]
[[runners]]
name = "dockers"
url = "https://git.blizzmi.com";;
token = "ff943f4de586a66a9c9b8b4b15e952"
executor = "docker"
environment = ["GIT_SSL_NO_VERIFY=true"]
[runners.docker]
tls_verify = false
image = "cerl"
privileged = false
disable_cache = false
volumes = ["/cache"]
pull_policy = "if-not-present"
shm_size = 0
[runners.cache]
/etc/gitlab-runner/config.toml配置实例-last
concurrent = 100
check_interval = 0
[[runners]]
name = "centos"
url = "https://git.blizzmi.com";
token = "0f3902486ddb57314eee58cb36f42d"
executor = "shell"
environment = ["GIT_SSL_NO_VERIFY=true"]
[runners.cache]
[[runners]]
name = "testcentos"
url = "https://git.blizzmi.cn";
token = "2fbedbb7b8f163beb5340d25f20543"
executor = "shell"
environment = ["GIT_SSL_NO_VERIFY=true"]
[runners.cache]
[[runners]]
name = "testdocker"
url = "https://git.blizzmi.cn";
token = "447ed7cb74eb680ebdce7db6064e1a"
executor = "docker"
environment = ["GIT_SSL_NO_VERIFY=true"]
[runners.docker]
tls_verify = false
image = "cerl"
privileged = false
disable_cache = false
volumes = ["/cache"]
pull_policy = "if-not-present"
shm_size = 0
[runners.cache]
[[runners]]
name = "dockers"
url = "https://git.blizzmi.com";
token = "ff943f4de586a66a9c9b8b4b15e952"
executor = "docker"
environment = ["GIT_SSL_NO_VERIFY=true"]
[runners.docker]
tls_verify = false
image = "cerl"
privileged = false
disable_cache = false
volumes = ["/cache"]
pull_policy = "if-not-present"
shm_size = 0
[runners.cache]
客户端开发 .gitlab-ci.yml
#image: gulp
stages:
- build
- deploy
before_script:
#内网
- $SSH_URL=echo $CI_REPOSITORY_URL | perl -pe 's#.*@(.+?(\\:\\d+)?)/#git@\\1:#'
#外网
# - $SSH_URL=echo $CI_REPOSITORY_URL | perl -pe 's#.*@(.+?(\\:\\d+)?)/#ssh://git@\\1:#'|sed 's#com:#com:8888/#'
- $env:USERPROFILE="C:\\Windows\\System32\\config\\systemprofile\\user_profile\\$env:GITLAB_USER_EMAIL"
- New-Item $env:USERPROFILE -type directory -force
#after_script:
# - git branch -D temp
build:
stage: build
only:
- master
script:
- env
- git config --global user.name "$env:GITLAB_USER_NAME"
- git config --global user.email "$env:GITLAB_USER_EMAIL"
- cp C:\\Windows\\System32\\config\\systemprofile\\user_profile\\config $env:USERPROFILE\\.ssh\\
- gulp pack
# - git checkout -b temp
- git checkout master
- git pull
- git add .\\bin\\.
- git commit -m "[ci skip]auto add bin\\* with job $env:CI_JOB_ID"
- git push $SSH_URL
tags:
- win
deploy:
stage: deploy
only:
- sit
script:
- gulp pack
- $DIR=C:\\cygwin64\\bin\\ls.exe dist; $DIR
- ssh test-php-1@192.168.200.27 "! [[ $(dirname /home/sftp/fgslot/fgslot/) == $(dirname /home/sftp/fgslot/fgslot/$DIR/) ]] && rm -rf /home/sftp/fgslot/fgslot/$DIR || exit 1"
- scp -r dist/$DIR test-php-1@192.168.200.27:/home/sftp/fgslot/fgslot/
- ssh test-php-1@192.168.200.27 "chmod -R 775 /home/sftp/fgslot/fgslot/$DIR && ls /home/sftp/fgslot/fgslot/$DIR"
tags:
- win
服务端开发.gitlab-ci.yml
image: cerl
before_script:
- eval $(ssh-agent -s)
- ssh-add <(echo "$SSH_PRIVATE_KEY")
- export SSH_URL=`echo $CI_REPOSITORY_URL | perl -pe 's#.*@(.+?(\\:\\d+)?)/#git@\\1:#'`
- git config --global user.name "$GITLAB_USER_ID"
- git config --global user.email "$GITLAB_USER_EMAIL"
# - '[[ -f /.dockerenv ]] && echo "$SSH_PRIVATE_KEY" >~/.ssh/id_rsa'
stages:
- build
- test
- deploy
build:
stage: build
# variables:
# CI_DEBUG_TRACE: "true"
only:
- master
# - /^bug-.*$/
# - branches
# - tags
except:
- tags
# - branches
script:
- rebar3 compile
# - export
cache:
key: aa
paths:
- _build/
# artifacts:
# paths:
# - $CI_PROJECT_DIR/_build/
tags:
- testdocker
test:
stage: test
only:
- master
except:
- tags
script:
- rebar3 eunit
- git tag -a eunit$CI_JOB_ID -m "my version eunit$CI_JOB_ID"
- git push $SSH_URL eunit$CI_JOB_ID
cache:
key: aa
paths:
- _build/
# artifacts:
# paths:
# - $CI_PROJECT_DIR/_build/prod/rel/myapp/
# cache:
# untracked: true
# paths:
# - _build/
tags:
- testdocker
sit-deploy:
stage: deploy
only:
- sit
except:
- tags
script:
- rebar3 as prod tar
- APP=`basename /builds/root/myapp/_build/prod/rel/myapp/myapp-*.tar.gz`
- scp -r /builds/root/myapp/_build/prod/rel/myapp/$APP test-php-1@192.168.200.27:~/
- ssh test-php-1@192.168.200.27 "myapp/bin/myapp stop;rm -rf myapp;mkdir -p myapp;tar -zxf $APP -C myapp;myapp/bin/myapp start"
- git tag -a SIT$CI_JOB_ID-$APP -m "my version SIT$CI_JOB_ID-$APP"
- git push $SSH_URL SIT$CI_JOB_ID-$APP
tags:
- testdocker
uat-deploy:
stage: deploy
only:
- uat
except:
- tags
script:
- rebar3 as prod tar
- APP=`basename /builds/root/myapp/_build/prod/rel/myapp/myapp-*.tar.gz`
- scp -r /builds/root/myapp/_build/prod/rel/myapp/$APP test-php-1@192.168.200.27:~/
- ssh test-php-1@192.168.200.27 "myapp/bin/myapp stop;rm -rf myapp;mkdir -p myapp;tar -zxf $APP -C myapp;myapp/bin/myapp start"
- git tag -a UAT$CI_JOB_ID-$APP -m "my version UAT$CI_JOB_ID-$APP"
- git push $SSH_URL UAT$CI_JOB_ID-$APP
# dependencies: []
# dependencies:
# - build
tags:
- testdocker
README.md
Matser:[![build status](https://git.blizzmi.cn/root/myapp/badges/master/build.svg)](https://git.blizzmi.cn/root/myapp/commits/master)
[![coverage report](https://git.blizzmi.cn/root/myapp/badges/master/coverage.svg)](https://git.blizzmi.cn/root/myapp/commits/master)
Sit:[![build status](https://git.blizzmi.cn/root/myapp/badges/sit/build.svg)](https://git.blizzmi.cn/root/myapp/commits/sit)
Uat :[![build status](https://git.blizzmi.cn/root/myapp/badges/uat/build.svg)](https://git.blizzmi.cn/root/myapp/commits/uat)
MYAPP
=====
An OTP application
Build
-----
$rebar3 new release myapp
$rebar3 compile
$rebar3 eunit
$rebar3 release
$rebar3 as prod tar
环境
erlang 19.3.6
https://packages.erlang-solutions.com/erlang/esl-erlang/FLAVOUR_1_general/esl-erlang_19.3.6-1~centos~7_amd64.rpm
nodejs 6.x
curl --silent --location https://rpm.nodesource.com/setup_6.x| bash -
elixir last
git clone https://github.com/elixir-lang/elixir.git /opt/elixir
cd elixir
export LANG=en_US.UTF-8
make clean test
ln -s /opt/elixir/bin/iex /usr/local/bin/iex
ln -s /opt/elixir/bin/mix /usr/local/bin/mix
ln -s /opt/elixir/bin/elixir /usr/local/bin/elixir
ln -s /opt/elixir/bin/elixirc /usr/local/bin/elixirc
mix local.hex
mix archive.install https://github.com/phoenixframework/archives/raw/master/phx_new.ez
mix local.rebar
rebar3
git clone https://github.com/erlang/rebar3.git
cd rebar3
./bootstrap
./rebar3 local install
docker
yum remove docker docker-common docker-selinux docker-engine
yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
yum-config-manager --enable docker-ce-edge
yum-config-manager --enable docker-ce-test
yum install docker-ce
vi /lib/systemd/system/docker.service
ExecStart=/usr/bin/dockerd --registry-mirror=http://hub-mirror.c.163.com
systemctl daemon-reload
service docker restart
依赖需要git权限或者提交需要权限的解决办法
before_script:
- git config --global credential.helper store
- echo "https://gitlab-ci-token:${CI_JOB_TOKEN}@git.blizzmi.com"; > ~/.git-credentials
after_script:
- rm -rf ~/.git-credentials
before_script:
- git config --global credential.helper store
- echo "https://$user:$password@git.blizzmi.com" > ~/.git-credentials
after_script:
- rm -rf ~/.git-credentials