GitOps-gitlab-runner流水线

gitlab-runner注册新加runner节点

有二进制和docker注册两种方式。详细见官方:https://docs.gitlab.com/runner/install/docker.html

如果需要的依赖较多，则使用二进制方式，安装项目代码所需的依赖，比如maven仓库、jdk环境等

二进制注册方法：

gitlab-runner stop

gitlab-runner register #输入此命令后，进入交互式界面

[root@wkr01-runner-d1 docker]# gitlab-runner register
Runtime platform arch=amd64 os=linux pid=9309 revision=738bbe5a version=13.3.1
Running in system-mode.

Please enter the gitlab-ci coordinator URL (e.g. https://gitlab.com/):
https://git.sxxxxi.com
Please enter the gitlab-ci token for this runner:
EESKnXsXY1ksPbHVK-Ch
Please enter the gitlab-ci description for this runner:

Please enter the gitlab-ci tags for this runner (comma separated):
shell
Registering runner… succeeded runner=EESKnXsX
Please enter the executor: ssh, virtualbox, custom, docker, shell, docker+machine, docker-ssh+machine, kubernetes, docker-ssh, parallels:
shell
Runner registered successfully. Feel free to start it, but if it’s running already the config should be automatically reloaded!

vim /etc/gitlab-runner/config.toml
#把旧的注册数据删除

gitlab-runner restart

runner流水线脚本(适用docker19以上版本)

需要注意，脚本的变量名字要从gitlab项目级的设置里面添加

在gitlab项目仓库里添加脚本，自定义修改自己的需求和逻辑
.gitlab-ci.yml

variables:
  REGISTRY_USER_VAR: "robot$$${CI_PROJECT_NAMESPACE}+${CI_PROJECT_NAMESPACE}"
  REGISTRY_USER_LOCAL: "robot$$${CI_PROJECT_NAMESPACE}+${CI_PROJECT_NAMESPACE}"
  REGISTRY_HOST_VAR: "${REGISTRY_HOST_LOCAL}"
  REGISTRY_TOKEN_VAR: "${REGISTRY_TOKEN_LOCAL}"

  MODULES_NAME: crmxxxx
  MODULES_PROD_NAME: crm-xxxx
  MODULES_VERSION: 1.0.25

  DOCKER_HOST: tcp://localhost:2376
  DOCKER_TLS_CERTDIR: "/certs"
  DOCKER_TLS_VERIFY: 1
  DOCKER_CERT_PATH: "$DOCKER_TLS_CERTDIR/client"

# 仅记录版本号
  IMG_NAME: crm-client
  VERSION: 5.44.0
image: docker:20-git
services:
  - docker:20-dind

stages:
  - pre-build
  - unittest
  - build

# 生产仓库xxxxxxx，供UAT,PRD发版使用
workflow:
  rules:
    - if: $CI_COMMIT_TAG =~ /^([1-9]\d|[1-9])(\.([1-9]\d|\d)){2}$/ || $CI_COMMIT_REF_NAME =~ /^(master|release)[\s\S]*/
      variables:
        REGISTRY_HOST_VAR: ${REGISTRY_HOST}
        REGISTRY_TOKEN_VAR: ${REGISTRY_TOKEN}
        REGISTRY_USER_VAR: "robot$$${CI_PROJECT_NAMESPACE}"
    - when: always

unittest:
  stage: unittest
  only:
    - dev
  when: manual
  tags:
    - k8s
  image: docker:stable
  services:
    - docker:dind
  script:
    - sleep 10   #增加睡眠
    - ls -R /certs/client 
    - docker login ${REGISTRY_HOST_VAR} -u ${REGISTRY_USER_VAR} -p ${REGISTRY_TOKEN_VAR}
    - docker pull rexxxxx/library/node:12.16.3-alpine
    - docker tag rexxxx/library/node:12.16.3-alpine node:12.16.3-alpine
    - docker run -d -it -v ${CI_PROJECT_DIR}:/usr/src -w /usr/src --name testing --rm node:12.16.3-alpine
    - docker exec testing sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories
    - docker exec testing apk add --update gcc g++ git
    - docker exec testing npm install
    - docker exec testing npm run unittest
    - docker stop testing
    # ${SONAR_HOST}、${SONAR_USERNAME}与${SONAR_PASSWORD}为ci中的sonar链接信息，直接使用
    - docker pull rxxxxxx/sonarsource/sonar-scanner-cli:4.5
    - docker tag rexxxxxx/sonarsource/sonar-scanner-cli:4.5 sonar-scanner-cli
    - docker run -e SONAR_HOST_URL=${SONAR_HOST} -e SONAR_LOGIN=${SONAR_USERNAME} -e SONAR_PASSWORD=${SONAR_PASSWORD} -v ${CI_PROJECT_DIR}:/usr/src --rm sonar-scanner-cli

pre-build:
  stage: pre-build
  only:
    - tags
  when: manual
  tags:
    - k8s
  script:
    - sleep 10   #增加睡眠
    - ls -R /certs/client 
    - docker login ${REGISTRY_HOST_LOCAL} -u ${REGISTRY_USER_LOCAL} -p ${REGISTRY_TOKEN_LOCAL}
    - docker build -f docker/Dockerfile.env -t ${REGISTRY_HOST_LOCAL}/${CI_PROJECT_NAMESPACE}/${MODULES_NAME}:${MODULES_VERSION} --build-arg PROD=false --rm .
    - docker push ${REGISTRY_HOST_LOCAL}/${CI_PROJECT_NAMESPACE}/${MODULES_NAME}:${MODULES_VERSION}
    - docker build -f docker/Dockerfile.env -t ${REGISTRY_HOST_LOCAL}/${CI_PROJECT_NAMESPACE}/${MODULES_PROD_NAME}:${MODULES_VERSION} --rm .
    - docker push ${REGISTRY_HOST_LOCAL}/${CI_PROJECT_NAMESPACE}/${MODULES_PROD_NAME}:${MODULES_VERSION}

build:
  stage: build
  only:
    - tags
  tags:
    - k8s
  # variables:
  #   IMAGE_NAME: ${REGISTRY_HOST_VAR}/${CI_PROJECT_NAMESPACE}/${CI_PROJECT_NAME}:${CI_COMMIT_TAG}
  script:
    - echo "REGISTRY_HOST_VAR is ${REGISTRY_HOST_VAR}, CI_COMMIT_TAG is ${CI_COMMIT_TAG}, CI_COMMIT_REF_NAME is ${CI_COMMIT_REF_NAME}"
    - sleep 10   #增加睡眠
    - ls -R /certs/client 
    - docker login ${REGISTRY_HOST_LOCAL} -u ${REGISTRY_USER_LOCAL} -p ${REGISTRY_TOKEN_LOCAL}
    - docker pull ${REGISTRY_HOST_LOCAL}/${CI_PROJECT_NAMESPACE}/${MODULES_NAME}:${MODULES_VERSION}
    - docker tag ${REGISTRY_HOST_LOCAL}/${CI_PROJECT_NAMESPACE}/${MODULES_NAME}:${MODULES_VERSION} ${MODULES_NAME}:latest
    - docker pull ${REGISTRY_HOST_LOCAL}/${CI_PROJECT_NAMESPACE}/${MODULES_PROD_NAME}:${MODULES_VERSION}
    - docker tag ${REGISTRY_HOST_LOCAL}/${CI_PROJECT_NAMESPACE}/${MODULES_PROD_NAME}:${MODULES_VERSION} ${MODULES_PROD_NAME}:latest
    - docker logout ${REGISTRY_HOST_LOCAL}
    - docker login ${REGISTRY_HOST_VAR} -u ${REGISTRY_USER_VAR} -p ${REGISTRY_TOKEN_VAR}
    - docker build -f docker/Dockerfile -t ${REGISTRY_HOST_VAR}/${CI_PROJECT_NAMESPACE}/${CI_PROJECT_NAME}:${CI_COMMIT_TAG} --build-arg CI_COMMIT_TAG=${CI_COMMIT_TAG} --build-arg PRD_OSS_ACCESS_ID=${PRD_OSS_ACCESS_ID} --build-arg PRD_OSS_ACCESS_SECRET=${PRD_OSS_ACCESS_SECRET} --build-arg PRD_OSS_BUCKET_NAME=${PRD_OSS_BUCKET_NAME} --build-arg PRD_OSS_REGION=${PRD_OSS_REGION} --rm .
    - docker push ${REGISTRY_HOST_VAR}/${CI_PROJECT_NAMESPACE}/${CI_PROJECT_NAME}:${CI_COMMIT_TAG}

gitlab-runner注册新加runner节点

runner流水线脚本(适用docker19以上版本)

Gitlab-runner流水线报错，无法找到ca.pem文件

Kubernetes调整Worker节点快速驱逐pod的时间