
Ma kēiaʻatikala, e kaʻana aku au i koʻu ʻike no ka hoʻonohonoho ʻana iā CI/CD me ka hoʻohana ʻana i ka Plesk Control Panel a me nā hana Github. I kēia lā e aʻo mākou pehea e kau ai i kahi papahana maʻalahi me ka inoa paʻakikī ʻole "Helloworld". Ua kākau ʻia ma ka Flask Python framework, me nā mea hana Celery a me kahi Angular 8 frontend.
Nā loulou i nā waihona: , .
Ma ka ʻāpana mua o ka ʻatikala, e nānā mākou i kā mākou papahana a me kāna mau ʻāpana. I ka lua, e noʻonoʻo mākou pehea e hoʻonohonoho ai iā Plesk a hoʻokomo i nā mea hoʻonui a me nā mea pono (DB, RabbitMQ, Redis, Docker, etc.).
Ma ka ʻaoʻao ʻekolu, e noʻonoʻo mākou pehea e hoʻonohonoho ai i kahi pipeline no ka lawe ʻana i kā mākou papahana i kahi kikowaena ma kahi dev a prod environment. A laila e hoʻomaka mākou i ka pūnaewele ma ke kikowaena.
A ʻae, poina iaʻu e hoʻolauna iaʻu iho. ʻO Oleg Borzov koʻu inoa, he mea hoʻomohala piha wau i ka hui CRM no nā luna moraki ma Domclick.
Hōʻike manaʻo papahana
ʻO ka mea mua, e nānā kākou i ʻelua mau waihona waihona - backend a me mua - a hele ma luna o ke code.
Hopena: Flask+Celery
No ka ʻaoʻao hope, ua lawe au i kahi puʻupuʻu i kaulana loa i waena o nā mea hoʻomohala Python: ka Flask framework (no ka API) a me Celery (no ka queue hana). Hoʻohana ʻia ʻo SQLAchemy e like me ORM. Hoʻohana ʻia ʻo Alembic no ka neʻe ʻana. No ka hōʻoia ʻana o JSON i nā lima - Marshmallow.
В aia kahi faila Readme.md me ka wehewehe kikoʻī o ke ʻano a me nā ʻōlelo aʻoaʻo no ka holo ʻana i ka papahana.
maʻalahi loa, aia nā peni 6:
/ping- e nānā i ka loaʻa;- nā lima no ka hoʻopaʻa inoa ʻana, ka ʻae ʻana, ka ʻae ʻana a me ka loaʻa ʻana o kahi mea hoʻohana i ʻae ʻia;
- he leka uila e kau ana i kahi hana ma ka pila Celery.
ʻoi aku ka maʻalahi, hoʻokahi wale nō pilikia send_mail_task.
Ma nā palapala ʻelua waihona waihona:
dockerme ʻelua Dockerfiles (base.dockerfilee kūkulu i kahi kiʻi kumu hoʻololi kakaʻikahi aDockerfileno nā hui nui);.env_files- me nā faila me nā mea hoʻololi kaiapuni no nā kaiapuni like ʻole.
ʻEhā mau faila docker-compose ma ke kumu o ka papahana:
docker-compose.local.db.ymle hoʻāla i kahi ʻikepili kūloko no ka hoʻomohala ʻana;docker-compose.local.workers.ymlno ka hoʻoulu ʻana i ka mea hana, waihona, Redis a me RabbitMQ;docker-compose.test.ymle holo i nā hoʻokolohua i ka wā o ka hoʻolaha ʻana;docker-compose.ymlno ka hoʻolaha ʻana.
A ʻo ka waihona hope a mākou e makemake ai - . Loaʻa iā ia nā palapala shell no ka hoʻolaha ʻana:
deploy.sh- ka hoʻomaka ʻana o ka neʻe ʻana a me ke kau ʻana. Holo ma ke kikowaena ma hope o ke kūkulu ʻana a me ka holo ʻana i nā hoʻokolohua ma Github Actions;rollback.sh- ka hoʻihoʻi ʻana o nā ipu i ka mana mua o ka hui;curl_tg.sh- ka hoʻouna ʻana i nā leka hoʻolaha i Telegram.
Ke alo ma ka Angular
ʻoi aku ka maʻalahi ma mua o kā Beck. He ʻekolu ʻaoʻao ka mua:
- ʻO ka ʻaoʻao nui me kahi palapala no ka hoʻouna ʻana i ka leka uila a me kahi pihi puka.
- ʻaoʻao komo.
- Palapala kakau.
He ascetic ka ʻaoʻao nui:

Aia ʻelua faila ma ke kumu Dockerfile и docker-compose.yml, a me ka waihona maʻa .ci-cd me ka liʻiliʻi liʻiliʻi ma mua o ka waihona hope (wehe ʻia nā palapala no ka holo ʻana i nā hoʻokolohua).
E hoʻomaka ana i kahi papahana ma Plesk
E hoʻomaka kākou ma ka hoʻonohonoho ʻana iā Plesk a me ka hana ʻana i kahi kau inoa no kā mākou pūnaewele.
Ke kau nei i nā mea hoʻonui
Ma Plesk, pono mākou i ʻehā mau hoʻonui:
Dockere hoʻokele a hōʻike maka i ke kūlana o nā pahu i ka papa admin Plesk;Gite hoʻonohonoho i ka pae hoʻolaha ma ke kikowaena;Let's Encrypte hoʻopuka (a hoʻololi hou) i nā palapala hōʻoia TLS manuahi;Firewalle hoʻonohonoho i ka kānana ʻana i nā kaʻa komo.
Hiki iā ʻoe ke hoʻouka iā lākou ma o ka Plesk admin panel ma ka ʻāpana Extensions:

ʻAʻole mākou e noʻonoʻo i nā kikoʻī kikoʻī no nā hoʻonui, e hana nā hoʻonohonoho paʻamau no kā mākou mau hana demo.
E hana i kahi kau inoa a me kahi pūnaewele
A laila, pono mākou e hana i kahi inoa inoa no kā mākou pūnaewele helloworld.ru a hoʻohui i ka subdomain dev.helloworld.ru ma laila.
- E hana i kau inoa no ka domain helloworld.ru a e kuhikuhi i ka ʻōlelo huna no ka mea hoʻohana pūnaewele:

E nānā i ka pahu ma lalo o ka ʻaoʻao Hoʻopaʻa i ka pūnaewele me Let's Encryptinā makemake mākou e hoʻonohonoho i ka HTTPS no ka pūnaewele:
- A laila, ma kēia kau inoa, hana i kahi subdomain dev.helloworld.ru (no laila hiki iā ʻoe ke hoʻopuka i kahi palapala TLS manuahi):

Ke hoʻokomo nei i nā mea kikowaena
Loaʻa iā mākou kahi kikowaena me OS Debian Hoʻolōʻihi 9.12 a hoʻokomo i ka papa mana ʻO Plesk Obsidian 18.0.27.
Pono mākou e hoʻokomo a hoʻonohonoho no kā mākou papahana:
- PostgreSQL (i kā mākou hihia, aia hoʻokahi kikowaena me ʻelua mau ʻikepili no nā dev a me prod environment).
- RabbitMQ (like, like like me nā vhosts like ʻole no nā kaiapuni).
- ʻElua mau hiʻohiʻona Redis (no ka dev a me ka prod environment).
- Docker Registry (no ka mālama ʻana i nā kiʻi Docker i kūkulu ʻia).
- UI no ka hoʻopaʻa inoa Docker.
PostgreSQL
Ua hele mai ʻo Plesk me PostgreSQL DBMS, akā ʻaʻole ka mana hou loa (i ka manawa e kākau ai iā Plesk Obsidian Nā mana o ka Postgres 8.4–10.8). Makemake mākou i ka mana hou loa no kā mākou noi (12.3 i ka manawa o kēia kākau ʻana), no laila e hoʻokomo mākou iā ia me ka lima.
Nā kuhikuhi kikoʻī no ke kau ʻana iā Postgres ma Debian nui nā mea ma ka pūnaewele (), no laila ʻaʻole wau e wehewehe kikoʻī iā lākou, e hāʻawi wale wau i nā kauoha:
wget -q https://www.postgresql.org/media/keys/ACCC4CF8.asc -O - | sudo apt-key add -
sudo sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt/ stretch-pgdg main" >> /etc/apt/sources.list.d/pgdg.list'
sudo apt-get update
sudo apt-get install postgresql postgresql-contrib
Ke noʻonoʻo nei ʻo PostgreSQL i nā hoʻonohonoho paʻamau mediocre, pono e hoʻoponopono i ka hoʻonohonoho. E kōkua kēia iā mākou : pono ʻoe e hoʻokele i nā ʻāpana o kāu kikowaena a hoʻololi i nā hoʻonohonoho i ka faila /etc/postgresql/12/main/postgresql.confi ka poe i haawiia. Pono e hoʻomaopopo ʻia ma ʻaneʻi ʻaʻole he pōkā kilokilo ia mau helu helu, a pono e hoʻokani pololei ʻia ke kumu, e pili ana i kāu hāmeʻa, noi, a me ka paʻakikī o ka nīnau. Akā ua lawa kēia e hoʻomaka ai.
Ma waho aʻe o nā hoʻonohonoho i manaʻo ʻia e ka calculator, hoʻololi pū mākou i loko postgresql.confka port default 5432 i kekahi (i kā mākou hiʻohiʻona - 53983).
Ma hope o ka hoʻololi ʻana i ka faila hoʻonohonoho, hoʻomaka hou i ka postgresql-server me ke kauoha:
service postgresql restart
Ua hoʻonohonoho a hoʻonohonoho mākou i ka PostgreSQL. I kēia manawa, e hana mākou i kahi waihona, nā mea hoʻohana no nā dev a me prod environments, a hāʻawi i nā kuleana o nā mea hoʻohana e hoʻokele i ka waihona:
$ su - postgres
postgres:~$ create database hw_dev_db_name;
CREATE DATABASE
postgres:~$ create user hw_dev_db_user with password 'hw_dev_db_password';
CREATE ROLE
postgres:~$ grant ALL privileges ON database hw_dev_db_name to hw_dev_db_user;
GRANT
postgres:~$ create database hw_prod_db_name;
CREATE DATABASE
postgres:~$ create user hw_prod_db_user with password 'hw_prod_db_password';
CREATE ROLE
postgres:~$ grant ALL privileges ON database hw_prod_db_name to hw_prod_db_user;
GRANT
ʻO RabbitMQ
E neʻe kākou i ka hoʻouka ʻana iā RabbitMQ, kahi mea kūʻai leka no Celery. Ua hoʻouka ʻia ma Debian He mea maʻalahi loa ia:
wget https://packages.erlang-solutions.com/erlang-solutions_1.0_all.deb
sudo dpkg -i erlang-solutions_1.0_all.deb
sudo apt-get update
sudo apt-get install erlang erlang-nox
sudo add-apt-repository 'deb http://www.rabbitmq.com/debian/ testing main'
wget -O- https://www.rabbitmq.com/rabbitmq-release-signing-key.asc | sudo apt-key add -
sudo apt-get update
sudo apt-get install rabbitmq-server
Ma hope o ke kau ʻana, pono mākou e hana vhosts, mea hoʻohana a hāʻawi i nā pono kūpono:
sudo rabbitmqctl add_user hw_dev_amqp_user hw_dev_amqp_password
sudo rabbitmqctl set_user_tags hw_dev_amqp_user administrator
sudo rabbitmqctl add_vhost hw_dev_vhost
sudo rabbitmqctl set_permissions -p hw_dev_vhost hw_dev_amqp_user ".*" ".*" ".*"
sudo rabbitmqctl add_user hw_prod_amqp_user hw_prod_amqp_password
sudo rabbitmqctl set_user_tags hw_prod_amqp_user administrator
sudo rabbitmqctl add_vhost hw_prod_vhost
sudo rabbitmqctl set_permissions -p hw_prod_vhost hw_prod_amqp_user ".*" ".*" ".*"
Ho'ōla
I kēia manawa e hoʻokomo a hoʻonohonoho i ka mea hope loa no kā mākou noi - Redis. E hoʻohana ʻia ia i hope no ka mālama ʻana i nā hopena o nā hana Celery.
E hoʻokiʻekiʻe mākou i ʻelua pahu Docker me Redis no nā dev a me nā prod environment e hoʻohana ana i ka hoʻonui Docker no Plesk.
- Hele mākou i Plesk, hele i ka ʻāpana Extensions, e ʻimi i ka extension Docker a hoʻokomo iā ia (pono mākou i kahi mana manuahi):

- E hele i ka hoʻonui i kau ʻia, e ʻimi i ke kiʻi ma o ka ʻimi
redis bitnamia hoʻokomo i ka mana hou loa:
- Hele mākou i loko o ka pahu i hoʻoiho ʻia a hoʻoponopono i ka hoʻonohonoho ʻana: e kuhikuhi i ke awa, ka nui o ka nui o ka RAM i hāʻawi ʻia, ka ʻōlelo huna i nā ʻano hoʻololi o ke kaiapuni, a kau i ka leo:

- Hana mākou i nā ʻanuʻu 2-3 no ka pahu prod, i nā hoʻonohonoho ke hoʻololi wale nei mākou i nā ʻāpana: port, password, RAM nui a me ke ala i ka waihona volume ma ke kikowaena:

Kakau inoa Docker
Ma kahi o nā lawelawe maʻamau, maikaʻi e kau i kāu waihona kiʻi Docker ponoʻī ma ka kikowaena. ʻO ka mea pōmaikaʻi, ʻoi aku ka liʻiliʻi o ke kikowaena kikowaena (ʻoi aku ka liʻiliʻi ma mua o ke kau inoa DockerHub), a maʻalahi loa ke kaʻina hana o ka hoʻonohonoho ʻana i kahi waihona pilikino.
Makemake mākou e loaʻa:
- Hiki ke loaʻa ka waihona Docker pale huna huna ma kahi subdomain ;
- UI no ka nānā ʻana i nā kiʻi ma ka waihona, loaʻa ma .
No kēia:
- E hana mākou i ʻelua subdomains ma Plesk i kā mākou kau inoa: docker.helloworld.ru a me docker-ui.helloworld.ru, a hoʻonohonoho i nā palapala Let's Encrypt no lākou.
- E hoʻohui i ka faila i ka waihona kikowaena docker.helloworld.ru
docker-compose.ymlme nā mea e like me kēia:version: "3" services: docker-registry: image: "registry:2" restart: always ports: - "53985:5000" environment: REGISTRY_AUTH: htpasswd REGISTRY_AUTH_HTPASSWD_REALM: basic-realm REGISTRY_AUTH_HTPASSWD_PATH: /auth/.htpasswd REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY: /data volumes: - ./.docker-registry.htpasswd:/auth/.htpasswd - ./data:/data docker-registry-ui: image: konradkleine/docker-registry-frontend:v2 restart: always ports: - "53986:80" environment: VIRTUAL_HOST: '*, https://*' ENV_DOCKER_REGISTRY_HOST: 'docker-registry' ENV_DOCKER_REGISTRY_PORT: 5000 links: - 'docker-registry' - Ma lalo o SSH, e hana mākou i ka faila .htpasswd no ka mana kumu ma ka waihona Docker:
htpasswd -bBc .htpasswd hw_docker_admin hw_docker_password - E hōʻiliʻili a hāpai i nā ipu:
docker-compose up -d - A pono mākou e hoʻohuli iā Nginx i kā mākou pahu. Hiki ke hana i kēia ma o Plesk.
Pono e hana ʻia kēia mau hana no ka docker.helloworld.ru a me docker-ui.helloworld.ru subdomains:
pauku Nā pono hana hele kā mākou pūnaewele i Nā Rula Kūlana Docker:

A hoʻohui i kahi lula i ke koho ʻana i nā kaʻa komo i kā mākou pahu:

- Nānā mākou i hiki iā mākou ke komo i kā mākou pahu mai ka mīkini kūloko:
$ docker login docker.helloworld.ru -u hw_docker_admin -p hw_docker_password WARNING! Using --password via the CLI is insecure. Use --password-stdin. Login Succeeded - E nānā pū kākou i ka hana o ka docker-ui.helloworld.ru subdomain:

Ke kaomi nei ʻoe i ka Browse repositories, e hōʻike ka polokalamu kele i kahi puka mana e pono ai ʻoe e hoʻokomo i ka inoa inoa a me ka ʻōlelo huna no ka waihona. Ma hope o kēlā, e hoʻoneʻe ʻia mākou i kahi ʻaoʻao me kahi papa inoa o nā repositories (no kēia manawa, e nele ia no ʻoe):
E wehe ana i nā awa ma Plesk Firewall
Ma hope o ka hoʻokomo ʻana a me ka hoʻonohonoho ʻana i nā ʻāpana, pono mākou e wehe i nā awa i hiki ke ʻike ʻia nā ʻāpana mai nā pahu Docker a me ka pūnaewele waho.
E ʻike pehea e hana ai i kēia me ka hoʻohana ʻana i ka pā ahi no Plesk i hoʻokomo mua mākou.
- E hele Nā mea hana a me nā hoʻonohonoho > Nā hoʻonohonoho > Firewall:

- E hele Hoʻololi i nā lula Pākuʻi Plesk > Hoʻohui i ke kānāwai maʻamau a wehe i kēia mau awa TCP no ka subnet Docker (172.0.0.0 / 8):
RabbitMQ: 1883, 4369, 5671-5672, 25672, 61613-61614
Hana hou: 32785, 32786
- E hoʻohui pū mākou i kahi lula e wehe i nā awa PostgreSQL a me nā panela hoʻokele RabbitMQ i ka honua o waho:

- E hoʻohana i nā lula e hoʻohana ana i ka pihi Apply Changes:

Hoʻonohonoho i ka CI/CD ma nā hana Github
E iho kākou i ka mea hoihoi loa - hoʻonohonoho i kahi paipu hoʻohui hoʻomau a hāʻawi i kā mākou papahana i ke kikowaena.
He ʻelua ʻāpana kēia pipeline:
- ke kūkulu ʻana i kiʻi a me ka hoʻāʻo ʻana (no ka hope) - ma ka ʻaoʻao Github;
- e holo ana i ka neʻe ʻana (no ke kua hope) a me ka waiho ʻana i nā ipu - ma ke kikowaena.
E hoʻouka iā Plesk
E hana mua kākou i ka helu ʻelua (no ka mea, pili ka mea mua ma luna).
E hoʻonohonoho mākou i ke kaʻina hana e hoʻohana ana i ka extension Git no Plesk.
E noʻonoʻo i kahi laʻana me kahi kaiapuni Prod no kahi waihona Backend.
- Hele mākou i ke kau inoa o kā mākou pūnaewele Helloworld a hele i ka ʻāpana Git:

- E hoʻokomo i kahi loulou i kā mākou waihona Github i loko o ke kahua "Remote Git repository" a hoʻololi i ka waihona paʻamau
httpdocsi kekahi (eg./httpdocs/hw_back):
- E kope i ke kī SSH Public mai ka pae mua a aia ma nā hoʻonohonoho Github.
- Kaomi OK ma ka pale ma ka pae 2, a laila e hoʻihoʻi ʻia mākou i ka ʻaoʻao waihona ma Plesk. I kēia manawa pono mākou e hoʻonohonoho i ka waihona e hoʻonui ʻia i nā hana i ka lālā kumu. No ka hana ʻana i kēia, hele i Nā hoʻonohonoho waihona a mālama i ka waiwai
Webhook URL(pono mākou ma hope i ka hoʻonohonoho ʻana i nā hana Github):
- Ma ke kahua Actions ma ka pale mai ka paukū mua, e hoʻokomo i ka palapala e hoʻomaka i ka hoʻolālā:
cd {REPOSITORY_ABSOLUTE_PATH} .ci-cd/deploy.sh {ENV} {DOCKER_REGISTRY_HOST} {DOCKER_USER} {DOCKER_PASSWORD} {TG_BOT_TOKEN} {TG_CHAT_ID}kahi:
{REPOSITORY_ABSOLUTE_PATH}- ala i ka waihona prod o ka waihona backend ma ke kikowaena;
{ENV}- kaiapuni (dev / prod), i kā mākou hihiaprod;
{DOCKER_REGISTRY_HOST}- ka pūʻali o kā mākou waihona docker
{TG_BOT_TOKEN}— Telegram bot hōʻailona;
{TG_CHAT_ID}- ID o ke kamaʻilio / kaila no ka hoʻouna ʻana i nā leka.Laʻana palapala:
cd /var/www/vhosts/helloworld.ru/httpdocs/hw_back/ .ci-cd/deploy.sh dev docker.helloworld.ru docker_user docker_password 12345678:AAbcdEfghCH1vGbCasdfSAs0K5PALDsaw -1001234567890 - Hoʻohui i kahi mea hoʻohana mai kā mākou kau inoa i ka hui Docker (i hiki iā lākou ke hoʻokele i nā ipu):
sudo usermod -aG docker helloworld_admin
Hoʻonohonoho ʻia ke ʻano dev no ka waihona backend a me ka frontend ma ke ʻano like.
Hoʻopili i ka pipeline ma Github Actions
E neʻe kākou i ka hoʻonohonoho ʻana i ka hapa mua o kā mākou pipeline CI/CD ma Github Actions.
Hoʻihoʻi
Ua wehewehe ʻia ka pipeline ma .
Akā ma mua o ka hoʻopili ʻana, e hoʻopiha i nā mea huna huna e pono ai mākou ma Github. No ka hana ʻana i kēia, hele i Nā hoʻonohonoho -> Nā mea huna:
DOCKER_REGISTRY- ka pūʻali o kā mākou waihona Docker (docker.helloworld.ru);DOCKER_LOGIN- e komo i ka waihona Docker;DOCKER_PASSWORD- ʻōlelo huna iā ia;DEPLOY_HOST- hoʻokipa kahi i loaʻa ai ka papa hoʻokele Plesk (laʻana: : 8443 a i ʻole :8443);DEPLOY_BACK_PROD_TOKEN- he hōʻailona no ka waiho ʻana i ka prod-repository ma ke kikowaena (loaʻa iā mākou ma Deployment in Plesk p. 4);DEPLOY_BACK_DEV_TOKEN- hōʻailona no ka waiho ʻana i ka waihona dev ma ke kikowaena.
He maʻalahi ke kaʻina hana a loaʻa i ʻekolu mau ʻanuʻu nui:
- ke kūkulu ʻana a me ka hoʻolaha ʻana i ke kiʻi ma kā mākou waihona;
- e holo ana i nā hoʻokolohua i loko o kahi pahu e pili ana i kahi kiʻi hou i kūkulu ʻia;
- ka hoʻouka ʻana i ka wahi i makemake ʻia ma muli o ka lālā (dev/master).
eIOAaOAaEO
ʻokoʻa iki mai kā Beck. Loaʻa ʻole kahi ʻanuʻu me ka holo ʻana i nā hoʻokolohua a hoʻololi i nā inoa o nā hōʻailona no ka waiho ʻana. ʻO nā mea huna no ka waihona mua, ma ke ala, pono e hoʻopiha kaʻawale.
Hoʻonohonoho pūnaewele
Ke hoʻolaha nei i nā kaʻa ma o Nginx
ʻAe, ua hiki mākou i ka hopena. Ke waiho wale nei i ka hoʻonohonoho ʻana i ka proxying o ka hele ʻana a me ka puka i waho i kā mākou pahu ma o Nginx. Ua uhi mākou i kēia kaʻina hana ma ka pae 5 o ka hoʻonohonoho Docker Registry. Pono e hana hou ʻia no nā ʻaoʻao hope a me mua i nā wahi dev a prod.
E hāʻawi wau i nā screenshots o nā hoʻonohonoho.
Hoʻihoʻi

eIOAaOAaEO

Ka wehewehe nui. E hoʻopili ʻia nā URL āpau i ka ipu mua, koe wale nā mea e hoʻomaka me /api/ - e hoʻopili ʻia lākou i ka ipu hope (no laila i loko o ka ipu hope, pono nā mea lawelawe a pau e hoʻomaka me /api/).
Nā hopena
I kēia manawa pono e loaʻa kā mākou pūnaewele ma helloworld.ru a me dev.helloworld.ru (prod- a me dev-environments, kēlā me kēia).
Ma ka huina, ua aʻo mākou pehea e hoʻomākaukau ai i kahi noi maʻalahi ma Flask a me Angular a hoʻonohonoho i kahi pipeline ma Github Actions e ʻōwili iā ia i kahi kikowaena e holo ana i Plesk.
E kope au i nā loulou i nā waihona me ke code: , .
Source: www.habr.com
