Pulogalamu ya ProHoster > Blog > Ulamuliro > CI/CD mu Github Actions ya pulojekiti ya Flask+Angular

CI/CD mu Github Actions ya pulojekiti ya Flask+Angular

CI/CD mu Github Actions ya pulojekiti ya Flask+Angular
M'nkhaniyi, ndigawana zomwe ndakumana nazo pakukhazikitsa CI / CD pogwiritsa ntchito Plesk Control Panel ndi Github Actions. Lero tiphunzira momwe tingagwiritsire ntchito pulojekiti yosavuta ndi dzina losavuta "Helloworld". Zalembedwa mu Flask Python framework, ndi antchito a Selari ndi Angular 8 frontend.

Maulalo ku nkhokwe: kumbuyo, kumaso.

M’chigawo choyamba cha nkhaniyi, tiona ntchito yathu komanso mbali zake. Chachiwiri, tiwona momwe tingakhazikitsire Plesk ndikuyika zowonjezera ndi zigawo zofunika (DB, RabbitMQ, Redis, Docker, etc.).

Mu gawo lachitatu, tiwona momwe tingakhazikitsire payipi yotumizira pulojekiti yathu ku seva pamalo opangira ma prod. Kenako tidzakhazikitsa tsambalo pa seva.

Ndipo inde, ndinayiwala kudzidziwitsa ndekha. Dzina langa ndine Oleg Borzov, ndine wopanga zinthu zonse mu gulu la CRM la oyang'anira nyumba zanyumba ku Domclick.

Chidule cha polojekiti

Choyamba, tiyeni tiwone nkhokwe ziwiri za polojekiti - kumbuyo ndi kutsogolo - ndikudutsa pa code.

Kumbuyo: Botolo + Selari

Kumbuyo, ndinatenga gulu lomwe limadziwika kwambiri pakati pa opanga Python: Flask framework (ya API) ndi Selari (pamzere wantchito). SQLAchemy imagwiritsidwa ntchito ngati ORM. Alembic amagwiritsidwa ntchito kusamuka. Kwa kutsimikizika kwa JSON pamahatchi - Marshmallow.

Π’ nkhokwe pali fayilo ya Readme.md yofotokoza mwatsatanetsatane kapangidwe kake ndi malangizo oyendetsera ntchitoyi.

Web Part API zovuta kwambiri, zimakhala ndi zolembera 6:

  • /ping - kuyang'ana kupezeka;
  • amagwirizira kulembetsa, kuvomereza, kuchotsera chilolezo komanso kupeza wogwiritsa ntchito wovomerezeka;
  • cholembera cha imelo chomwe chimayika ntchito pamzere wa Selari.

Selari gawo ngakhale zosavuta, pali vuto limodzi lokha send_mail_task.

Mu foda /conf pali ma subfolders awiri:

  • docker ndi ma Dockerfiles awiri (base.dockerfile kupanga chithunzi chapansi chomwe sichisintha kawirikawiri ndi Dockerfile pamisonkhano yayikulu);
  • .env_files - ndi mafayilo okhala ndi zosintha zachilengedwe zamalo osiyanasiyana.

Pali mafayilo anayi a docker-compose pamizu ya polojekitiyi:

  • docker-compose.local.db.yml kukweza nkhokwe yachitukuko mdera lanu;
  • docker-compose.local.workers.yml pakukwezera antchito, database, Redis ndi RabbitMQ;
  • docker-compose.test.yml kuyendetsa mayeso panthawi yotumiza;
  • docker-compose.yml za kutumiza.

Ndipo chikwatu chomaliza chomwe timakonda - .ci-cd. Ili ndi zolemba za shell kuti zitumizidwe:

  • deploy.sh - kukhazikitsidwa kwa kusamuka ndi kutumiza. Imathamanga pa seva mutatha kumanga ndi kuyesa mayesero mu Github Actions;
  • rollback.sh - kubwezeretsanso zotengera ku mtundu wakale wa msonkhano;
  • curl_tg.sh - kutumiza zidziwitso za kutumiza ku Telegraph.

Frontend pa Angular

Posungira ndi kutsogolo zosavuta kwambiri kuposa Beck's. Kutsogolo kuli masamba atatu:

  • Tsamba lalikulu lokhala ndi fomu yotumizira imelo ndi batani lotuluka.
  • Tsamba lolowera.
  • Tsamba lolembetsa.

Tsamba lalikulu likuwoneka ngati lopanda pake:

CI/CD mu Github Actions ya pulojekiti ya Flask+Angular
Pali mafayilo awiri pamizu Dockerfile ΠΈ docker-compose.yml, komanso chikwatu chodziwika bwino .ci-cd yokhala ndi zolembera zocheperako kuposa zomwe zili kumbuyo (zolemba zochotsedwa zoyesa mayeso).

Kuyambitsa ntchito ku Plesk

Tiyeni tiyambe ndikukhazikitsa Plesk ndikupanga zolembetsa patsamba lathu.

Kuyika zowonjezera

Ku Plesk, tikufuna zowonjezera zinayi:

  • Docker kuyang'anira ndikuwonetsa mawonekedwe a zotengera mu gulu la admin la Plesk;
  • Git kukonza sitepe yotumizira pa seva;
  • Let's Encrypt kupanga (ndi kukonzanso) ziphaso zaulere za TLS;
  • Firewall kukonza kusefa kwa magalimoto omwe akubwera.

Mutha kuziyika kudzera pagulu la admin la Plesk mugawo la Zowonjezera:

CI/CD mu Github Actions ya pulojekiti ya Flask+Angular
Sitidzaganiziranso zatsatanetsatane pazowonjezera, zosintha zosasinthika zidzakwaniritsa zolinga zathu.

Pangani zolembetsa ndi tsamba

Kenako, tifunika kupanga zolembetsa patsamba lathu la helloworld.ru ndikuwonjezera dev.helloworld.ru subdomain pamenepo.

  1. Pangani zolembetsa za helloworld.ru ndikutchula dzina lachinsinsi la wogwiritsa ntchito:

    CI/CD mu Github Actions ya pulojekiti ya Flask+Angular
    Chongani bokosi pansi pa tsamba Tetezani domain ndi Let Encryptngati tikufuna kukhazikitsa HTTPS patsambali:

    CI/CD mu Github Actions ya pulojekiti ya Flask+Angular

  2. Kenako, pakulembetsa uku, pangani subdomain dev.helloworld.ru (yomwe muthanso kutulutsa satifiketi yaulere ya TLS):

    CI/CD mu Github Actions ya pulojekiti ya Flask+Angular

Kukhazikitsa Zida Zapa Server

Tili ndi seva OS Debian Stretch 9.12 ndi anaika control panel Plesk Obsidian 18.0.27.

Tiyenera kukhazikitsa ndikukonzekera polojekiti yathu:

  • PostgreSQL (kwa ife, padzakhala seva imodzi yokhala ndi ma database awiri a dev ndi prod environments).
  • RabbitMQ (yomweyi, chitsanzo chomwecho ndi ma vhosts osiyanasiyana madera).
  • Zochitika ziwiri za Redis (za malo a dev ndi prod).
  • Docker Registry (yosungirako komweko zithunzi za Docker).
  • UI ya registry ya Docker.

PostgreSQL

Plesk amabwera kale ndi PostgreSQL DBMS, koma osati mtundu waposachedwa (panthawi yolemba Plesk Obsidian kuthandizidwa Mitundu ya Postgres 8.4-10.8). Tikufuna mtundu waposachedwa kwambiri wa pulogalamu yathu (12.3 panthawi yolemba), ndiye tiyiyika pamanja.

Pali malangizo atsatanetsatane oyika Postgres pa Debian pa ukonde (chitsanzo), kotero sindiwafotokozera mwatsatanetsatane, ndingopereka malamulo:

wget -q https://www.postgresql.org/media/keys/ACCC4CF8.asc -O - | sudo apt-key add -
sudo sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt/ stretch-pgdg main" >> /etc/apt/sources.list.d/pgdg.list'

sudo apt-get update
sudo apt-get install postgresql postgresql-contrib

Poganizira kuti PostgreSQL ili ndi makonda osasintha, ndikofunikira kukonza kasinthidwe. Izi zidzatithandiza calculator: muyenera kuyendetsa mu magawo a seva yanu ndikusintha makonda mu fayilo /etc/postgresql/12/main/postgresql.confkwa omwe amaperekedwa. Zindikirani apa kuti zowerengera zotere sizinthu zamatsenga, ndipo maziko akuyenera kusinthidwa bwino kwambiri, kutengera zida zanu, kugwiritsa ntchito, komanso kuvutikira kwamafunso. Koma izi ndi zokwanira kuti tiyambe.

Kuphatikiza pa makonda omwe aperekedwa ndi chowerengera, timasinthanso postgresql.confdoko lokhazikika 5432 kupita ku lina (muchitsanzo chathu - 53983).

Mukasintha fayilo yosinthira, yambitsaninso postgresql-server ndi lamulo:

service postgresql restart

Takhazikitsa ndikusintha PostgreSQL. Tsopano tiyeni tipange nkhokwe, ogwiritsa ntchito ma dev ndi ma prod, ndikupatsa ogwiritsa ntchito ufulu woyang'anira nkhokwe:

$ su - postgres
postgres:~$ create database hw_dev_db_name;
CREATE DATABASE
postgres:~$ create user hw_dev_db_user with password 'hw_dev_db_password';
CREATE ROLE
postgres:~$ grant ALL privileges ON database hw_dev_db_name to hw_dev_db_user;
GRANT
postgres:~$ create database hw_prod_db_name;
CREATE DATABASE
postgres:~$ create user hw_prod_db_user with password 'hw_prod_db_password';
CREATE ROLE
postgres:~$ grant ALL privileges ON database hw_prod_db_name to hw_prod_db_user;
GRANT

KaluluMQ

Tiyeni tipitirire kukhazikitsa RabbitMQ, wotumizira uthenga wa Selari. Kuyiyika pa Debian ndikosavuta:

wget https://packages.erlang-solutions.com/erlang-solutions_1.0_all.deb
sudo dpkg -i erlang-solutions_1.0_all.deb

sudo apt-get update
sudo apt-get install erlang erlang-nox

sudo add-apt-repository 'deb http://www.rabbitmq.com/debian/ testing main'
wget -O- https://www.rabbitmq.com/rabbitmq-release-signing-key.asc | sudo apt-key add -

sudo apt-get update
sudo apt-get install rabbitmq-server

Pambuyo unsembe, tiyenera kulenga mphamvu, ogwiritsa ntchito ndikupereka ufulu wofunikira:

sudo rabbitmqctl add_user hw_dev_amqp_user hw_dev_amqp_password 
sudo rabbitmqctl set_user_tags hw_dev_amqp_user administrator
sudo rabbitmqctl add_vhost hw_dev_vhost
sudo rabbitmqctl set_permissions -p hw_dev_vhost hw_dev_amqp_user ".*" ".*" ".*"

sudo rabbitmqctl add_user hw_prod_amqp_user hw_prod_amqp_password 
sudo rabbitmqctl set_user_tags hw_prod_amqp_user administrator
sudo rabbitmqctl add_vhost hw_prod_vhost
sudo rabbitmqctl set_permissions -p hw_prod_vhost hw_prod_amqp_user ".*" ".*" ".*"

Redis

Tsopano tiyeni tiyike ndikukonzekera gawo lomaliza la pulogalamu yathu - Redis. Idzagwiritsidwa ntchito ngati backend posungira zotsatira za ntchito za Selari.

Tidzakweza zotengera ziwiri za Docker zokhala ndi Redis za malo opangira ndi prod pogwiritsa ntchito kukulitsa Docker za Plesk.

  1. Timapita ku Plesk, pitani ku gawo la Extensions, yang'anani kukulitsa kwa Docker ndikuyiyika (tikufuna mtundu waulere):

    CI/CD mu Github Actions ya pulojekiti ya Flask+Angular

  2. Pitani pazowonjezera zomwe zayikidwa, pezani chithunzicho posaka redis bitnami ndikukhazikitsa mtundu waposachedwa:

    CI/CD mu Github Actions ya pulojekiti ya Flask+Angular

  3. Timalowa mu chidebe chotsitsidwa ndikusintha masinthidwe: tchulani doko, kukula kwa RAM komwe kumaperekedwa, mawu achinsinsi pamitundu yosiyanasiyana, ndikukweza voliyumu:

    CI/CD mu Github Actions ya pulojekiti ya Flask+Angular

  4. Timachita masitepe 2-3 pachidebe cha prod, pazokonda timangosintha magawo: doko, mawu achinsinsi, kukula kwa RAM ndi njira yopita kufoda ya voliyumu pa seva:

    CI/CD mu Github Actions ya pulojekiti ya Flask+Angular

Docker Registry

Kuphatikiza pa ntchito zoyambira, zingakhale bwino kuyika malo anu azithunzi za Docker pa seva. Mwamwayi, malo a seva tsopano ndi otsika mtengo (ndiotsika mtengo kwambiri kuposa kulembetsa kwa DockerHub), ndipo njira yokhazikitsira malo osungiramochinsinsi ndiyosavuta.

Tikufuna kukhala:

Kuti muchite izi:

  1. Tiyeni tipange ma subdomain awiri ku Plesk pakulembetsa kwathu: docker.helloworld.ru ndi docker-ui.helloworld.ru, ndikukonzekera Let's Encrypt satifiketi kwa iwo.
  2. Onjezani fayilo ku docker.helloworld.ru subdomain foda docker-compose.yml ndi zinthu monga izi: 
    version: "3"

services:
  docker-registry:
    image: "registry:2"
    restart: always
    ports:
      - "53985:5000"
    environment:
      REGISTRY_AUTH: htpasswd
      REGISTRY_AUTH_HTPASSWD_REALM: basic-realm
      REGISTRY_AUTH_HTPASSWD_PATH: /auth/.htpasswd
      REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY: /data
    volumes:
      - ./.docker-registry.htpasswd:/auth/.htpasswd
      - ./data:/data

  docker-registry-ui:
    image: konradkleine/docker-registry-frontend:v2
    restart: always
    ports:
      - "53986:80"
    environment:
      VIRTUAL_HOST: '*, https://*'
      ENV_DOCKER_REGISTRY_HOST: 'docker-registry'
      ENV_DOCKER_REGISTRY_PORT: 5000
    links:
      - 'docker-registry'

  3. Pansi pa SSH, tidzapanga fayilo ya .htpasswd yovomerezeka Yoyambira munkhokwe ya Docker: 
    htpasswd -bBc .htpasswd hw_docker_admin hw_docker_password
  4. Sungani ndi kukweza zotengera: 
    docker-compose up -d
  5. Ndipo tifunika kulondoleranso Nginx ku zotengera zathu. Izi zitha kuchitika kudzera ku Plesk.

Njira zotsatirazi ziyenera kuchitidwa pa docker.helloworld.ru ndi docker-ui.helloworld.ru subdomains:

gawo Zida Zida tsamba lathu kupita Malamulo a Proxy a Docker:

CI/CD mu Github Actions ya pulojekiti ya Flask+Angular
Ndipo onjezani lamulo pamayendedwe omwe akubwera ku chidebe chathu:

CI/CD mu Github Actions ya pulojekiti ya Flask+Angular

  1. Timayang'ana kuti titha kulowa mu chidebe chathu kuchokera pamakina akomweko: 
    $ docker login docker.helloworld.ru -u hw_docker_admin -p hw_docker_password
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
Login Succeeded
  2. Tiyeni tiwonenso magwiridwe antchito a docker-ui.helloworld.ru subdomain:

    CI/CD mu Github Actions ya pulojekiti ya Flask+Angular
    Mukadina pa Sakatulani nkhokwe, msakatuli amawonetsa zenera lololeza pomwe muyenera kuyika dzina lolowera ndi mawu achinsinsi posungira. Pambuyo pake, tidzasamutsidwa kutsamba lomwe lili ndi mndandanda wazosungira (pakadali pano, sizikhala kwa inu):

    CI/CD mu Github Actions ya pulojekiti ya Flask+Angular

Kutsegula madoko ku Plesk Firewall

Pambuyo kukhazikitsa ndi kukonza zigawozo, tiyenera kutsegula madoko kuti zigawozo zipezeke kuchokera ku zida za Docker ndi maukonde akunja.

Tiyeni tiwone momwe tingachitire izi pogwiritsa ntchito zowonjezera za Firewall za Plesk zomwe tidaziyika kale.

  1. Pitani ku Zida & Zikhazikiko> Zikhazikiko> Chiwombankhanga:
    CI/CD mu Github Actions ya pulojekiti ya Flask+Angular
  2. Pitani ku Sinthani Malamulo a Plesk Firewall> Onjezani Lamulo Lachizolowezi ndikutsegula madoko otsatirawa a TCP a Docker subnet (172.0.0.0 / 8):
    RabbitMQ: 1883, 4369, 5671-5672, 25672, 61613-61614
    Redis: 32785, 32786

    CI/CD mu Github Actions ya pulojekiti ya Flask+Angular

  3. Tiwonjezeranso lamulo lomwe lidzatsegule madoko a PostgreSQL ndi mapanelo owongolera a RabbitMQ kudziko lakunja:

    CI/CD mu Github Actions ya pulojekiti ya Flask+Angular

  4. Tsatirani malamulowo pogwiritsa ntchito batani la Ikani Zosintha:

    CI/CD mu Github Actions ya pulojekiti ya Flask+Angular

Kukhazikitsa CI / CD mu Github Actions

Tiyeni titsike ku gawo losangalatsa kwambiri - kukhazikitsa payipi yophatikizira mosalekeza ndikupereka projekiti yathu ku seva.

Paipi iyi ikhala ndi magawo awiri:

  • kumanga fano ndi kuyesa mayesero (kwa backend) - kumbali ya Github;
  • kuthamanga kusuntha (kwa backend) ndikuyika zotengera - pa seva.

Pitani ku Plesk

Tiyeni tiyambe ndi mfundo yachiwiri (chifukwa yoyamba imadalira).

Tidzakonza njira yotumizira pogwiritsa ntchito kukulitsa kwa Git kwa Plesk.

Ganizirani zachitsanzo chokhala ndi malo a Prod posungirako Backend.

  1. Timapita pakulembetsa patsamba lathu la Helloworld ndikupita ku gawo la Git:

    CI/CD mu Github Actions ya pulojekiti ya Flask+Angular

  2. Ikani ulalo kunkhokwe yathu ya Github mugawo la "Remote Git repository" ndikusintha chikwatu chosasinthika. httpdocs kwa wina (mwachitsanzo. /httpdocs/hw_back):

    CI/CD mu Github Actions ya pulojekiti ya Flask+Angular

  3. Lembani kiyi ya SSH Public kuchokera pagawo lapitalo ndi onjezerani zake mu makonda a Github.
  4. Dinani Chabwino pawindo pa sitepe 2, pambuyo pake tidzatumizidwa ku tsamba losungirako ku Plesk. Tsopano tifunika kukonza zosungirako kuti zisinthidwe pazantchito ku nthambi ya master. Kuti muchite izi, pitani ku Zokonda Posungira ndi kusunga mtengo Webhook URL (tidzazifuna pambuyo pake pokhazikitsa Github Actions):

    CI/CD mu Github Actions ya pulojekiti ya Flask+Angular

  5. M'munda wa Zochita pa zenera kuchokera m'ndime yapitayi, lowetsani script kuti muyambe kutumiza: 
    cd {REPOSITORY_ABSOLUTE_PATH}
.ci-cd/deploy.sh {ENV} {DOCKER_REGISTRY_HOST} {DOCKER_USER} {DOCKER_PASSWORD} {TG_BOT_TOKEN} {TG_CHAT_ID}

    kumene:

    {REPOSITORY_ABSOLUTE_PATH} - njira yopita ku foda ya prod ya chosungira chakumbuyo pa seva;
    {ENV} - chilengedwe (dev / prod), kwa ife prod;
    {DOCKER_REGISTRY_HOST} - gulu lathu losungiramo docker
    {TG_BOT_TOKEN} - chizindikiro cha telegalamu;
    {TG_CHAT_ID} - ID ya macheza/njira yotumizira zidziwitso.

    Script chitsanzo:

    cd /var/www/vhosts/helloworld.ru/httpdocs/hw_back/
.ci-cd/deploy.sh dev docker.helloworld.ru docker_user docker_password 12345678:AAbcdEfghCH1vGbCasdfSAs0K5PALDsaw -1001234567890
  6. Onjezani wogwiritsa ntchito kuchokera pakulembetsa kwathu ku gulu la Docker (kuti athe kuyang'anira zotengera): 
    sudo usermod -aG docker helloworld_admin

Dev chilengedwe cha backend repository ndi frontend amakhazikitsidwa chimodzimodzi.

Mapaipi otumizira mu Github Actions

Tiyeni tipitirire kukhazikitsa gawo loyamba la mapaipi athu a CI/CD mu Github Actions.

Bwererani

Njirayi ikufotokozedwa mu deploy.yml fayilo.

Koma tisanayiwerenge, tiyeni tidzaze Zosintha Zachinsinsi zomwe tikufuna mu Github. Kuti muchite izi, pitani ku Zokonda -> Zinsinsi:

  • DOCKER_REGISTRY - omwe ali ndi malo athu a Docker (docker.helloworld.ru);
  • DOCKER_LOGIN - lowani kumalo osungirako a Docker;
  • DOCKER_PASSWORD - password kwa izo;
  • DEPLOY_HOST - khalani komwe gulu la admin la Plesk likupezeka (mwachitsanzo: helloworld.ru:8443 pa 123.4.56.78:8443);
  • DEPLOY_BACK_PROD_TOKEN - chizindikiro cha kutumizidwa ku prod-repository pa seva (tinachipeza mu Deployment in Plesk p. 4);
  • DEPLOY_BACK_DEV_TOKEN - chizindikiro chotumizidwa kumalo osungira pa seva.

Njira yotumizira ndi yosavuta ndipo ili ndi njira zitatu zazikulu:

  • kumanga ndi kusindikiza chithunzicho munkhokwe yathu;
  • kuyesa mayeso mu chidebe chotengera chithunzi chomangidwa chatsopano;
  • kutumizidwa kumalo omwe mukufuna kutengera nthambi (dev/master).

Frontend

Fayilo ya deploy.yml ya malo akutsogolo zosiyana pang'ono ndi Beck's. Ilibe sitepe yokhala ndi mayeso othamanga ndikusintha mayina a ma tokeni kuti atumizidwe. Zinsinsi za malo akutsogolo, mwa njira, ziyenera kudzazidwa padera.

Kupanga tsamba

Kupititsa patsogolo magalimoto kudzera mu Nginx

Chabwino, ife tafika ku mapeto. Zimangotsala pang'ono kukonza mayendedwe obwera ndi otuluka ku chidebe chathu kudzera mu Nginx. Takambirana kale izi mu gawo 5 la kukhazikitsa kwa Docker Registry. Zomwezo ziyenera kubwerezedwanso kumbuyo ndi kutsogolo m'malo a dev ndi prod.

Ndikupatsani zowonera pazokonda.

Bwererani

CI/CD mu Github Actions ya pulojekiti ya Flask+Angular

Frontend

CI/CD mu Github Actions ya pulojekiti ya Flask+Angular
Kumveketsa bwino. Ma URL onse adzatumizidwa ku chidebe chakutsogolo, kupatula omwe akuyamba nawo /api/ - Adzalumikizidwa ku chidebe chakumbuyo (chotero mu chidebe chakumbuyo, onse ogwira ntchito ayenera kuyamba nawo /api/).

Zotsatira

Tsopano tsamba lathu liyenera kupezeka helloworld.ru ndi dev.helloworld.ru (prod- and dev-environments, motsatana).

Ponseponse, taphunzira momwe tingakonzekerere ntchito yosavuta mu Flask ndi Angular ndikukhazikitsa payipi mu Github Actions kuti titulutse ku seva yomwe ikuyenda Plesk.

Ndibwereza maulalo osungiramo ndi code: kumbuyo, kumaso.

Source: www.habr.com

Kuwonjezera ndemanga