服务器说明:
192.168.192.120:项目服务器
192.168.192.121:GitLab
为了可以使用gitlab的cicd功能,我们需要先安装GitLab Runner
安装GitLab Runner参考:
GitLab实现CICD自动化部署_gitlab cidi_程序员xiaoQ的博客-CSDN博客
手动在 GNU/Linux 上安装极狐GitLab Runner | 极狐GitLab
安装好GitLab Runner,我们主要编写.gitlab-ci.yml
在GitLab管理员界面,找到Settings -> CI/CD -> Variables,添加STAGING_PRIVATE_KEY变量
需要在192.168.192.120服务器执行ssh-keygen生成密钥对,其中STAGING_PRIVATE_KEY的值为私钥
在192.168.192.120服务器执行下面操作:
1.ssh-keygen,不要输入密码,直接回车
2.cat ~/.ssh/id_rsa,复制私钥到STAGING_PRIVATE_KEY
3.cd /root/.ssh/ && cat id_rsa.pub >> authorized_keys, 把 ssh 公钥添加到认证授权文件,这样可以不需要输入密码
以上操作参考:基于 gitlab 的持续集成2 · 大专栏
gitlab管理后台,增加变量
.gitlab-ci.yml内容:
# This file is a template, and might need editing before it works on your project.
# This is a sample GitLab CI/CD configuration file that should run without any modifications.
# It demonstrates a basic 3 stage CI/CD pipeline. Instead of real tests or scripts,
# it uses echo commands to simulate the pipeline execution.
#
# A pipeline is composed of independent jobs that run scripts, grouped into stages.
# Stages run in sequential order, but jobs within stages run in parallel.
#
# For more information, see: https://docs.gitlab.com/ee/ci/yaml/index.html#stages
#
# You can copy and paste this template into a new `.gitlab-ci.yml` file.
# You should not add this template to an existing `.gitlab-ci.yml` file by using the `include:` keyword.
#
# To contribute improvements to CI/CD templates, please follow the Development guide at:
# https://docs.gitlab.com/ee/development/cicd/templates.html
# This specific template is located at:
# https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Getting-Started.gitlab-ci.yml
before_script:
- 'which ssh-agent || ( apt-get update -y && apt-get install openssh-client -y )'
- eval $(ssh-agent -s)
- ssh-add <(echo "$STAGING_PRIVATE_KEY")
- echo $STAGING_PRIVATE_KEY
stages: # List of stages for jobs, and their order of execution
- build
- test
- deploy
variables:
PROJECT_NAME: ${CI_PROJECT_NAME}
PROJECT_DIR: ${CI_PROJECT_DIR}
build-job: # This job runs in the build stage, which runs first.
stage: build
script:
- echo ${PROJECT_NAME}
- echo ${PROJECT_DIR}
- cd ${PROJECT_DIR} && cd ..
- tar -cf "${PROJECT_NAME}.tar" ${PROJECT_NAME}
- scp -o StrictHostKeyChecking=no project.tar root@192.168.192.120:/root/gitlab/
- ssh -o StrictHostKeyChecking=no root@192.168.192.120 "
cd /root/gitlab &&
tar -xf project.tar &&
pwd &&
ls &&
echo 'exit' &&
exit
"
- echo "Compiling the code..."
- echo "Compile complete."
unit-test-job: # This job runs in the test stage.
stage: test # It only starts when the job in the build stage completes successfully.
script:
- echo "Running unit tests... This will take about 60 seconds."
- sleep 60
- echo "Code coverage is 90%"
lint-test-job: # This job also runs in the test stage.
stage: test # It can run at the same time as unit-test-job (in parallel).
script:
- echo "Linting code... This will take about 10 seconds."
- sleep 10
- echo "No lint issues found."
deploy-job: # This job runs in the deploy stage.
stage: deploy # It only runs when *both* jobs in the test stage complete successfully.
environment: production
script:
- echo "Deploying application..."
- echo "Application successfully deployed."
部分说明: # 不存在ssh-agent就下载安装 'which ssh-agent || ( apt-get update -y && apt-get install openssh-client -y )' # ssh-agent是一个密钥管理器,运行ssh-agent以后,使用ssh-add将私钥交给ssh-agent保管,其他程序需要身份验证的时候可以将验证申请交给ssh-agent来完成整个认证过程 eval $(ssh-agent -s) # ssh-add命令是把专用密钥添加到ssh-agent的高速缓存中,从而提高ssh的认证速度 ssh-add <(echo "$STAGING_PRIVATE_KEY") # scp -o StrictHostKeyChecking=no,ssh -o StrictHostKeyChecking=no中的 StrictHostKeyChecking=no去掉对主机的验证检查 scp -o StrictHostKeyChecking=no project.tar root@192.168.192.120:/root/gitlab/ ssh -o StrictHostKeyChecking=no root@192.168.192.120 # 在192.168.192.120服务器执行以下命令 cd /root/gitlab && tar -xf project.tar && pwd && ls && echo 'exit' && exit
分支内容:
执行情况:
192.168.192.120服务器上的内容:
可能出现的报错:
"Enter passphrase for /dev/fd/63" error (#1) · Issues · GitLab-examples / ssh-private-key · GitLab
[Gitlab CI/CD] Error loading key "/dev/fd/63": invalid format_wifiiiiiiii的博客-CSDN博客
参考:
在 GitLab CI/CD 中通过 SCP 运行 Composer 和 npm 脚本 | 极狐GitLab
linux - .gitlab-ci.yml 中最简洁明了的SSH命令描述方式 - IT工具网
ssh远程执行多个命令_ssh远程执行多条命令_IT超人的博客-CSDN博客
lib/gitlab/ci/templates · master · GitLab.org / GitLab FOSS · GitLab