Kupanga unyolo wa CI / CD ndikudzipangira ntchito ndi Docker

Ndinalemba mawebusayiti anga oyamba kumapeto kwa zaka za m'ma 90. Kalelo zinali zosavuta kuziyika mu dongosolo logwirira ntchito. Panali seva ya Apache pakugawana nawo, mutha kulowa mu seva iyi kudzera pa FTP polemba ngati ftp://ftp.example.com. Kenako mumayenera kuyika dzina lanu ndi mawu achinsinsi ndikuyika mafayilo ku seva. Panali nthawi zosiyanasiyana, chirichonse chinali chosavuta kuposa tsopano.

Pazaka makumi awiri kuchokera pamenepo, zonse zasintha kwambiri. Mawebusayiti akhala ovuta kwambiri; ayenera kusonkhanitsidwa asanatulutsidwe kuti apange. Seva imodzi yokha idakhala ma seva ambiri omwe amathamangira kumbuyo kwa zolemetsa, ndipo kugwiritsa ntchito makina owongolera mtundu kudakhala kofala.

Kwa polojekiti yanga yanga ndinali ndi kasinthidwe kapadera. Ndipo ndidadziwa kuti ndikufunika kutha kugwiritsa ntchito tsambalo popanga chinthu chimodzi chokha: kulemba nambala kunthambi. master pa GitHub. Kuphatikiza apo, ndidadziwa kuti kuti ndiwonetsetse kuti pulogalamu yanga yaying'ono yapaintaneti ikugwira ntchito, sindinkafuna kuyang'anira gulu lalikulu la Kubernetes, kapena kugwiritsa ntchito ukadaulo wa Docker Swarm, kapena kusunga ma seva ambiri okhala ndi ma pod, othandizira ndi mitundu ina yonse. zovuta. Kuti ndikwaniritse cholinga chopanga ntchito kukhala yosavuta momwe ndingathere, ndinafunika kudziwa bwino za CI/CD.

Ngati muli ndi pulojekiti yaying'ono (panthawiyi, projekiti ya Node.js) ndipo mukufuna kudziwa momwe mungayendetsere pulojekitiyi, ndikuwonetsetsa kuti zomwe zasungidwa m'nkhokwe zimagwirizana ndendende ndi zomwe zimagwira ntchito popanga, ndiye ine. ndikuganiza kuti mungasangalale ndi nkhaniyi.

Zofunikira

Wowerenga nkhaniyi akuyembekezeka kukhala ndi chidziwitso choyambirira cha mzere wolamula ndikulemba zolemba za Bash. Kuphatikiza apo, adzafunika maakaunti Travis CI и Docker likulu.

Zolinga

Sindinganene kuti nkhaniyi ikhoza kutchedwa "maphunziro". Izi ndi zambiri mwa chikalata chomwe ndimalankhula za zomwe ndaphunzira ndikulongosola njira yomwe imayenera kuyesa ndikuyika ma code kuti apange, yochitidwa mu chiphaso chimodzi chokha.

Izi ndi zomwe mayendedwe anga adamaliza kukhala.

Kwa code yotumizidwa ku nthambi iliyonse yosungira kupatula master, zotsatirazi zimachitika:

• Ntchito yomanga pa Travis CI ikuyamba.
• Magawo onse, kuphatikiza ndi mayeso omaliza mpaka kumapeto amachitidwa.

Pokhapokha pama code omwe amagwera master, zotsatirazi zikuchitika:

• Zonse zomwe zanenedwa pamwambapa, kuphatikiza ...
• Kupanga chithunzi cha Docker kutengera nambala yomwe ilipo, makonda ndi chilengedwe.
• Kutumiza chithunzicho ku Docker Hub.
• Kulumikizana ndi seva yopanga.
• Kukweza chithunzi kuchokera ku Docker Hub kupita ku seva.
• Kuyimitsa chidebe chapano ndikuyamba chatsopano kutengera chithunzi chatsopano.

Ngati simukudziwa chilichonse chokhudza Docker, zithunzi ndi zotengera, musadandaule. Ine ndikuwuzani inu zonse za izo.

CI/CD ndi chiyani?

Chidule cha CI/CD chikuyimira "kuphatikizana kosalekeza/kutumiza mosalekeza."

▍Kuphatikizana mosalekeza

Kuphatikizika kopitilira muyeso ndi njira yomwe madivelopa amadzipereka ku nkhokwe yayikulu ya polojekiti (nthawi zambiri nthambi master). Panthawi imodzimodziyo, ubwino wa code umatsimikiziridwa kupyolera mu kuyesa kodzipangira.

▍Kutumiza mosalekeza

Kutumiza mosalekeza ndiko kutumizidwa pafupipafupi, kodzichitira nokha kwa ma code pakupanga. Gawo lachiwiri lachidule cha CI/CD nthawi zina limatchulidwa kuti "kutumiza mosalekeza." Izi ndizofanana ndi "kutumiza mosalekeza", koma "kutumiza mosalekeza" kumatanthauza kufunikira kotsimikizira pamanja zosintha musanayambe ntchito yotumiza.

Kuyamba

Pulogalamu yomwe ndimakonda kuphunzira zonsezi imatchedwa TakeNote. Iyi ndi pulojekiti yapaintaneti yomwe ndikugwirapo, yopangidwa kuti ndizilemba. Poyamba ndinayesera kuchita JAMStack-project, kapena kungogwiritsa ntchito kutsogolo popanda seva, kuti muthe kugwiritsa ntchito mwayi wopezekapo komanso kuthekera koperekera pulojekiti yomwe imapereka Sungani. Pamene zovuta za pulogalamuyo zidakula, ndidafunikira kupanga gawo la seva, zomwe zikutanthauza kuti ndiyenera kupanga njira yanga yophatikizira yokha ndikuyika pulojekitiyo.

Kwa ine, pulogalamuyi ndi seva ya Express yomwe ikuyenda mu Node.js, yomwe imagwiritsa ntchito tsamba limodzi la React application ndikuthandizira API yotetezedwa ya seva. Zomangamangazi zimatsata njira yomwe ingapezekemo kupatsidwa Kalozera wathunthu wotsimikizira.

Ndinakambirana ndi bwenzi, yemwe ndi katswiri wodziwa kupanga makina, ndipo adamufunsa zomwe ndimayenera kuchita kuti zonse zigwire ntchito momwe ndimafunira. Adandipatsa lingaliro la momwe mayendedwe odzipangira okha amayenera kuwoneka, ofotokozedwa mu gawo la Zolinga la nkhaniyi. Kukhala ndi zolinga izi kumatanthauza kuti ndiyenera kudziwa momwe ndingagwiritsire ntchito Docker.

Docker

Docker ndi chida chomwe, chifukwa cha ukadaulo wa zotengera, chimalola kuti mapulogalamu agawidwe mosavuta, atumizidwe ndikuyendetsedwa m'malo omwewo, ngakhale nsanja ya Docker yokha imayenda m'malo osiyanasiyana. Choyamba, ndimayenera kuyika manja anga pa zida za mzere wa Docker (CLI). Malangizo Kuwongolera kwa Docker sikungatchulidwe momveka bwino komanso komveka, koma kuchokera pamenepo mutha kuphunzira kuti kuti mutenge gawo loyamba loyika, muyenera kutsitsa Docker Desktop (ya Mac kapena Windows).

Docker Hub ndi chinthu chofanana ndi GitHub kwa git repositories, kapena registry npm kwa mapaketi a JavaScript. Ichi ndi malo osungira pa intaneti azithunzi za Docker. Izi ndi zomwe Docker Desktop imalumikizana nazo.

Chifukwa chake, kuti muyambe ndi Docker, muyenera kuchita zinthu ziwiri:

• Khazikitsani Zoyeserera za Docker.
• Kulembetsa kwa Docker likulu.

Pambuyo pake, mutha kuwona ngati Docker CLI ikugwira ntchito poyendetsa lamulo ili kuti muwone mtundu wa Docker:

docker -v

Kenako, lowani mu Docker Hub polemba dzina lanu lolowera ndi mawu achinsinsi mukafunsidwa:

docker login

Kuti mugwiritse ntchito Docker, muyenera kumvetsetsa malingaliro azithunzi ndi zotengera.

▍Zithunzi

Chithunzi ndi chinthu chonga pulani yomwe ili ndi malangizo osonkhanitsa chidebecho. Ichi ndi chithunzi chosasinthika cha fayilo ya pulogalamuyo ndi zoikamo. Madivelopa amatha kugawana zithunzi mosavuta.

# Вывод сведений обо всех образах
docker images

Lamuloli litulutsa tebulo ndi mutu wotsatirawu:

REPOSITORY     TAG     IMAGE ID     CREATED     SIZE
---

Kenako tiwona zitsanzo za malamulo amtundu womwewo - choyamba pali lamulo lokhala ndi ndemanga, kenako chitsanzo cha zomwe lingathe kutulutsa.

▍ Zotengera

Chidebe ndi phukusi lomwe lingathe kuchitika lomwe lili ndi zonse zofunika kuti mugwiritse ntchito. Kugwiritsa ntchito njira iyi nthawi zonse kumagwira ntchito mofanana, mosasamala kanthu za zomangamanga: kumalo akutali komanso malo omwewo. Mfundo ndi yakuti zitsanzo za chithunzi chomwecho zimayambitsidwa m'madera osiyanasiyana.

# Перечисление всех контейнеров
docker ps -a
CONTAINER ID     IMAGE     COMMAND     CREATED     STATUS     PORTS     NAMES
---

▍Malemba

Chizindikiro ndi chisonyezero cha mtundu wina wa chithunzi.

▍Kufotokozera mwachangu malamulo a Docker

Nawa mwachidule malamulo ena omwe amagwiritsidwa ntchito kwambiri a Docker.

timu

Nkhani

zotsatira

kupanga docker

Chithunzi

Kupanga chithunzi kuchokera ku Dockerfile

docker tag

Chithunzi

Kuyika chizindikiro

zithunzi za docker

Chithunzi

Kulemba zithunzi

docker akuthamanga

Chotsitsa

Kuyendetsa chidebe chotengera chithunzi

kukankha docker

Chithunzi

Kukweza chithunzi ku registry

kukoka docker

Chithunzi

Kutsegula chithunzi kuchokera ku registry

docker ps

Chotsitsa

Kulemba zotengera

docker system kudulira

Chithunzi/chidebe

Kuchotsa zotengera zosagwiritsidwa ntchito ndi zithunzi

▍Dockerfile

Ndikudziwa kuyendetsa pulogalamu yopangira kwanuko. Ndili ndi masinthidwe a Webpack opangidwa kuti apange pulogalamu ya React yokonzeka. Kenako, ndili ndi lamulo lomwe limayambitsa seva yochokera ku Node.js padoko 5000. Zikuwoneka motere:

npm i         # установка зависимостей
npm run build # сборка React-приложения
npm run start # запуск Node-сервера

Ndikoyenera kudziwa kuti ndilibe chitsanzo chofunsira nkhaniyi. Koma apa, pazoyeserera, ntchito iliyonse yosavuta ya Node idzachita.

Kuti mugwiritse ntchito chidebecho, muyenera kupereka malangizo kwa Docker. Izi zimachitika kudzera pa fayilo yotchedwa Dockerfile, yomwe ili m'ndandanda wa mizu ya polojekiti. Fayiloyi, poyamba, ikuwoneka ngati yosamvetsetseka.

Koma zomwe zilimo zimangofotokoza, ndi malamulo apadera, zofanana ndi kukhazikitsa malo ogwira ntchito. Nawa ena mwa malamulo awa:

• Kuchokera - Lamulo ili limayambitsa fayilo. Imatchula chithunzi chapansi chomwe chidebecho chimamangidwa.
• COPY - Kukopera mafayilo kuchokera kumalo komweko kupita ku chidebe.
• WORKDIR - Kukhazikitsa chikwatu chogwirira ntchito pamalamulo otsatirawa.
• RUN - Thamangani malamulo.
• ONERA - Zokonda padoko.
• ENTRYPOINT - Chizindikiro cha lamulo lomwe likuyenera kuperekedwa.

Dockerfile zitha kuwoneka motere:

# Загрузить базовый образ
FROM node:12-alpine

# Скопировать файлы из текущей директории в директорию app/
COPY . app/

# Использовать app/ в роли рабочей директории
WORKDIR app/

# Установить зависимости (команда npm ci похожа npm i, но используется для автоматизированных сборок)
RUN npm ci --only-production

# Собрать клиентское React-приложение для продакшна
RUN npm run build

# Прослушивать указанный порт
EXPOSE 5000

# Запустить Node-сервер
ENTRYPOINT npm run start

Kutengera ndi chithunzi chomwe mwasankha, mungafunike kukhazikitsa zodalira zina. Chowonadi ndi chakuti zithunzi zina zoyambira (monga Node Alpine Linux) zimapangidwa ndi cholinga chozipanga kukhala zophatikizika momwe zingathere. Zotsatira zake, sangakhale ndi mapulogalamu omwe mumayembekezera.

▍Kumanga, kuika chizindikiro ndi kuyendetsa chidebecho

Kusonkhana m'deralo ndi kukhazikitsa chidebe ndi pambuyo ife Dockerfile, ntchitozo ndi zosavuta. Musanakankhire chithunzicho ku Docker Hub, muyenera kuyesa kwanuko.

▍ Msonkhano

Choyamba muyenera kusonkhanitsa chithunzi, kutchula dzina ndipo, mwakufuna, tag (ngati tag sinatchulidwe, dongosololi limangopereka tag ku chithunzicho. latest).

# Сборка образа
docker build -t <image>:<tag> .

Mukamaliza lamulo ili, mutha kuwona Docker akupanga chithunzicho.

Sending build context to Docker daemon   2.88MB
Step 1/9 : FROM node:12-alpine
 ---> ...выполнение этапов сборки...
Successfully built 123456789123
Successfully tagged <image>:<tag>

Kumangako kungatenge mphindi zingapo - zonse zimatengera kuchuluka kwa zomwe mumadalira. Mukamaliza kumanga, mutha kuyendetsa lamulo docker images ndikuwona kufotokozera kwa chithunzi chanu chatsopano.

REPOSITORY          TAG               IMAGE ID            CREATED              SIZE
<image>             latest            123456789123        About a minute ago   x.xxGB

▍Kuyambitsa

Chithunzicho chapangidwa. Izi zikutanthauza kuti mutha kuyendetsa chidebe potengera izo. Chifukwa ndikufuna kuti ndizitha kupeza pulogalamu yomwe ikuyenda mu chidebecho localhost:5000, ine, kumanzere kwa awiriwo 5000:5000 mu lamulo lotsatira anaika 5000. Kumanja kuli doko la chidebe.

# Запуск с использованием локального порта 5000 и порта контейнера 5000
docker run -p 5000:5000 <image>:<tag>

Tsopano popeza chidebecho chimapangidwa ndikuyenda, mutha kugwiritsa ntchito lamulo docker ps kuti muwone zambiri za chidebe ichi (kapena mutha kugwiritsa ntchito lamulo docker ps -a, yomwe imawonetsa zambiri zamakontena onse, osati kungoyendetsa).

CONTAINER ID        IMAGE               COMMAND                  CREATED              STATUS                      PORTS                    NAMES
987654321234        <image>             "/bin/sh -c 'npm run…"   6 seconds ago        Up 6 seconds                0.0.0.0:5000->5000/tcp   stoic_darwin

Ngati tsopano pitani ku adilesi localhost:5000 - mutha kuwona tsamba la pulogalamu yomwe ikuwoneka yofanana ndendende ndi tsamba la pulogalamu yomwe ikuyenda m'malo opangira.

▍Kulemba ndi kusindikiza

Kuti tigwiritse ntchito chimodzi mwazithunzi zomwe zidapangidwa pa seva yopanga, tikuyenera kutsitsa chithunzichi kuchokera ku Docker Hub. Izi zikutanthauza kuti choyamba muyenera kupanga chosungiramo polojekiti pa Docker Hub. Pambuyo pa izi, tidzakhala ndi malo omwe tingatumize fanolo. Chithunzichi chiyenera kusinthidwanso kuti dzina lake liyambe ndi dzina lathu lolowera la Docker Hub. Izi ziyenera kutsatiridwa ndi dzina la malo osungira. Chizindikiro chilichonse chikhoza kuikidwa kumapeto kwa dzina. Pansipa pali chitsanzo cha kutchula zithunzi pogwiritsa ntchito dongosololi.

Tsopano mutha kupanga chithunzicho ndi dzina latsopano ndikuyendetsa lamulo docker push kukankhira kumalo osungirako a Docker Hub.

docker build -t <username>/<repository>:<tag> .
docker tag <username>/<repository>:<tag> <username>/<repository>:latest
docker push <username>/<repository>:<tag>

# На практике это может выглядеть, например, так:
docker build -t user/app:v1.0.0 .
docker tag user/app:v1.0.0 user/app:latest
docker push user/app:v1.0.0

Ngati zonse zikuyenda bwino, chithunzicho chidzapezeka pa Docker Hub ndipo chitha kukwezedwa ku seva kapena kusamutsidwa kwa opanga ena.

Masitepe otsatira

Pofika pano tatsimikizira kuti ntchitoyo, ngati chidebe cha Docker, ikugwira ntchito kwanuko. Takweza chidebecho ku Docker Hub. Zonsezi zikutanthauza kuti tapita kale bwino kwambiri ku cholinga chathu. Tsopano tiyenera kuyankha mafunso ena awiri:

• Kukhazikitsa chida cha CI choyesa ndi kutumiza ma code.
• Kukhazikitsa seva yopanga kuti itsitse ndikuyendetsa ma code athu.

M'malo athu, timagwiritsa ntchito Travis CI. Monga seva - DitigalOcean.

Dziwani kuti apa mutha kugwiritsa ntchito kuphatikiza kwina kwa mautumiki. Mwachitsanzo, m'malo mwa Travis CI, mutha kugwiritsa ntchito CircleCI kapena Github Actions. Ndipo m'malo mwa DigitalOcean - AWS kapena Linode.

Tinaganiza zogwira ntchito ndi Travis CI, ndipo ndili ndi kena kake kokhazikitsidwa muutumikiwu. Choncho, tsopano ine mwachidule kulankhula za mmene kukonzekera ntchito.

Travis CI

Travis CI ndi chida choyesera ndi kutumiza ma code. Sindikufuna kulowa muzovuta zokhazikitsa Travis CI, popeza polojekiti iliyonse ndi yapadera, ndipo izi sizidzabweretsa phindu lalikulu. Koma ndikuphimba zoyambira kuti muyambe ngati mutasankha kugwiritsa ntchito Travis CI. Kaya mumasankha Travis CI, CircleCI, Jenkins, kapena china, njira zofananira zofananira zidzagwiritsidwa ntchito kulikonse.

Kuti muyambe ndi Travis CI, pitani ku tsamba la polojekiti ndi kupanga akaunti. Kenako phatikizani Travis CI ndi akaunti yanu ya GitHub. Mukakhazikitsa dongosolo, muyenera kufotokoza malo omwe mukufuna kuti mugwiritse ntchito ndikusintha kuti mufike. (Ndimagwiritsa ntchito GitHub, koma ndikutsimikiza kuti Travis CI ikhoza kuphatikiza ndi BitBucket, ndi GitLab, ndi ntchito zina zofananira).

Nthawi iliyonse Travis CI ikayambika, seva imakhazikitsidwa, ikuchita malamulo omwe afotokozedwa mufayilo yosinthira, kuphatikiza kutumiza nthambi zofananirako.

▍Njira ya moyo wa ntchito

Travis CI kasinthidwe fayilo yotchedwa .travis.yml ndi kusungidwa mu chikwatu cha mizu ya polojekiti, imathandizira lingaliro la zochitika mayendedwe amoyo ntchito. Zochitika izi zandandalikidwa motere:

• apt addons
• cache components
• before_install
• install
• before_script
• script
• before_cache
• after_success или after_failure
• before_deploy
• deploy
• after_deploy
• after_script

▍Kuyesa

Mu fayilo yosinthira ndikonza seva ya Travis CI yakomweko. Ndinasankha Node 12 ngati chinenero ndipo ndinauza dongosolo kuti liyike zodalira zomwe zimayenera kugwiritsa ntchito Docker.

Chilichonse chomwe chalembedwa .travis.yml, idzaperekedwa pamene zopempha zonse zokoka ziperekedwa ku nthambi zonse za malo osungirako, pokhapokha zitanenedwa. Ichi ndi chinthu chothandiza chifukwa zikutanthauza kuti titha kuyesa ma code onse omwe akubwera munkhokwe. Izi zimakudziwitsani ngati codeyo ili yokonzeka kulembedwa kunthambi. master, komanso ngati idzaphwanya ndondomeko yomanga polojekiti. Pakusintha kwapadziko lonse lapansi, ndimayika chilichonse kwanuko, ndikuyendetsa seva ya Webpack kumbuyo (ichi ndi gawo la kayendedwe kanga), ndikuyesa mayeso.

Ngati mukufuna kuti chosungira chanu chiwonetse mabaji omwe akuwonetsa kuyesa, apa Mutha kupeza malangizo achidule ogwiritsira ntchito Jest, Travis CI ndi Coveralls kuti mutenge ndikuwonetsa izi.

Kotero apa pali zomwe zili mu fayilo .travis.yml:

# Установить язык
language: node_js

# Установить версию Node.js
node_js:
  - '12'

services:
  # Использовать командную строку Docker
  - docker

install:
  # Установить зависимости для тестов
  - npm ci

before_script:
  # Запустить сервер и клиент для тестов
  - npm run dev &

script:
  # Запустить тесты
  - npm run test

Apa ndipamene zochita zomwe zimachitidwa ku nthambi zonse za nkhokwe ndi zopempha zokoka zimatha.

▍Kutumiza

Kutengera kuganiza kuti mayeso onse odzipangira okha adamalizidwa bwino, titha, zomwe ndizosankha, kutumiza kachidindo ku seva yopanga. Popeza tikufuna kuchita izi kokha chifukwa cha code kuchokera kunthambi master, timapereka malangizo oyenerera pamachitidwe otumizira. Musanayese kugwiritsa ntchito kachidindo kamene tidzayang'ana motsatira polojekiti yanu, ndikufuna ndikuchenjezeni kuti muyenera kukhala ndi zolemba zenizeni zomwe zimayitanidwa kuti zitumizidwe.

deploy:
  # Собрать Docker-контейнер и отправить его на Docker Hub
  provider: script
  script: bash deploy.sh
  on:
    branch: master

Deployment script imathetsa mavuto awiri:

• Mangani, lembani ndikutumiza chithunzicho ku Docker Hub pogwiritsa ntchito chida cha CI (kwa ife, Travis CI).
• Kuyika chithunzicho pa seva, kuyimitsa chidebe chakale ndikuyamba chatsopano (kwa ife, seva imayenda pa nsanja ya DigitalOcean).

Choyamba, muyenera kukhazikitsa njira yodzipangira yokha yomanga, kuyika chizindikiro, ndikukankhira chithunzicho ku Docker Hub. Zonsezi ndi zofanana kwambiri ndi zomwe tidachita kale pamanja, kupatula kuti tikufuna njira yoperekera ma tag apadera pazithunzi ndikulowetsa ma login. Ndinali ndi vuto ndi tsatanetsatane wa script yotumizira, monga njira yolembera, kulowa, ma encoding a SSH, kukhazikitsidwa kwa SSH. Koma mwamwayi bwenzi langa ndi wabwino kwambiri ndi bash, monga ndi zina zambiri. Anandithandiza kulemba script.

Chifukwa chake, gawo loyamba la zolemba ndikukweza chithunzicho ku Docker Hub. Izi ndizosavuta kuchita. Dongosolo lolemba ma tag lomwe ndidagwiritsa ntchito limaphatikizapo kuphatikiza git hash ndi git tag, ngati ilipo. Izi zimatsimikizira kuti chizindikirocho ndi chapadera ndipo zimapangitsa kuti zikhale zosavuta kuzindikira msonkhano umene wakhazikitsidwa. DOCKER_USERNAME и DOCKER_PASSWORD ndi zosintha zachilengedwe za ogwiritsa ntchito zomwe zitha kukhazikitsidwa pogwiritsa ntchito mawonekedwe a Travis CI. Travis CI imangokonza deta yodziwika bwino kuti isagwere m'manja olakwika.

Nayi gawo loyamba la script deploy.sh.

#!/bin/sh
set -e # Остановить скрипт при наличии ошибок

IMAGE="<username>/<repository>"                             # Образ Docker
GIT_VERSION=$(git describe --always --abbrev --tags --long) # Git-хэш и теги

# Сборка и тегирование образа
docker build -t ${IMAGE}:${GIT_VERSION} .
docker tag ${IMAGE}:${GIT_VERSION} ${IMAGE}:latest

# Вход в Docker Hub и выгрузка образа
echo "${DOCKER_PASSWORD}" | docker login -u "${DOCKER_USERNAME}" --password-stdin
docker push ${IMAGE}:${GIT_VERSION}

Zomwe gawo lachiwiri la script lidzakhala zimadalira momwe mukugwiritsira ntchito ndi momwe kugwirizana kwake kumapangidwira. Kwa ine, popeza ndimagwiritsa ntchito Digital Ocean, ndimagwiritsa ntchito malamulo kuti ndigwirizane ndi seva dokotala. Mukamagwira ntchito ndi AWS, ntchitoyo idzagwiritsidwa ntchito aws, ndi zina zotero.

Kukhazikitsa seva sikunali kovuta kwenikweni. Chifukwa chake, ndimayika dontho kutengera chithunzi chapansi. Zindikirani kuti dongosolo lomwe ndidasankha limafuna kuyika kwa Docker kamodzi kokha ndikuyambitsa Docker kamodzi pamanja. Ndinagwiritsa ntchito Ubuntu 18.04 kukhazikitsa Docker, kotero ngati mukugwiritsanso ntchito Ubuntu kuchita zomwezo, mutha kungotsatira. izi kalozera wosavuta.

Sindikulankhula pano za malamulo apadera a ntchitoyo, chifukwa mbali iyi imatha kusiyanasiyana mosiyanasiyana. Ndingopereka dongosolo loyenera kuchitidwa mutalumikiza kudzera pa SSH ku seva yomwe pulojekitiyo idzatumizidwa:

• Tiyenera kupeza chidebe chomwe chikuyenda pano ndikuchiyimitsa.
• Ndiye muyenera kukhazikitsa chidebe chatsopano kumbuyo.
• Muyenera kukhazikitsa doko lapafupi la seva 80 - izi zikuthandizani kuti mulowetse tsambalo pa adilesi ngati example.com, osatchula doko, m'malo mogwiritsa ntchito adilesi ngati example.com:5000.
• Pomaliza, muyenera kuchotsa zonse zakale ndi zithunzi.

Pano pali kupitiriza kwa script.

# Найти ID работающего контейнера
CONTAINER_ID=$(docker ps | grep takenote | cut -d" " -f1)

# Остановить старый контейнер, запустить новый, очистить систему
docker stop ${CONTAINER_ID}
docker run --restart unless-stopped -d -p 80:5000 ${IMAGE}:${GIT_VERSION}
docker system prune -a -f

Zinthu zina zofunika kuziganizira

N'zotheka kuti mukamagwirizanitsa ndi seva kudzera pa SSH kuchokera ku Travis CI, mudzawona chenjezo lomwe lidzakulepheretsani kupitiriza ndi kukhazikitsa pamene dongosolo lidzadikirira kuyankha kwa wogwiritsa ntchito.

The authenticity of host '<hostname> (<IP address>)' can't be established.
RSA key fingerprint is <key fingerprint>.
Are you sure you want to continue connecting (yes/no)?

Ndidaphunzira kuti kiyi ya zingwe imatha kukhazikitsidwa mu base64 kuti isunge momwe ingagwiritsire ntchito mosavuta komanso modalirika. Pagawo lokhazikitsa, mutha kusankha kiyi yapagulu ndikuyilemba ku fayilo known_hosts kuti muchotse cholakwika chomwe chili pamwambapa.

echo <public key> | base64 # выводит <публичный ключ, закодированный в base64>

M'malo mwake, lamulo ili litha kuwoneka motere:

echo "123.45.67.89 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAklOUpkDHrfHY17SbrmTIpNLTGK9Tjom/BWDSU
GPl+nafzlHDTYW7hdI4yZ5ew18JH4JW9jbhUFrviQzM7xlELEVf4h9lFX5QVkbPppSwg0cda3
Pbv7kOdJ/MTyBlWXFCR+HAo3FXRitBqxiX1nKhXpHAZsMciLq8V6RjsNAQwdsdMFvSlVK/7XA
t3FaoJoAsncM1Q9x5+3V0Ww68/eIFmb1zuUFljQJKprrX88XypNDvjYNby6vw/Pb0rwert/En
mZ+AW4OZPnTPI89ZPmVMLuayrD2cE86Z/il8b+gw3r3+1nKatmIkjn2so1d01QraTlMqVSsbx
NrRFi9wrf+M7Q== [email protected]" | base64

Ndipo izi ndi zomwe zimapanga - chingwe chokhazikika64:

MTIzLjQ1LjY3Ljg5IHNzaC1yc2EgQUFBQUIzTnphQzF5YzJFQUFBQUJJd0FBQVFFQWtsT1Vwa0RIcmZIWTE3U2JybVRJcE5MVEdLOVRqb20vQldEU1UKR1BsK25hZnpsSERUWVc3aGRJNHlaNWV3MThKSDRKVzlqYmhVRnJ2aVF6TTd4bEVMRVZmNGg5bEZYNVFWa2JQcHBTd2cwY2RhMwpQYnY3a09kSi9NVHlCbFdYRkNSK0hBbzNGWFJpdEJxeGlYMW5LaFhwSEFac01jaUxxOFY2UmpzTkFRd2RzZE1GdlNsVksvN1hBCnQzRmFvSm9Bc25jTTFROXg1KzNWMFd3NjgvZUlGbWIxenVVRmxqUUpLcHJyWDg4WHlwTkR2allOYnk2dncvUGIwcndlcnQvRW4KbVorQVc0T1pQblRQSTg5WlBtVk1MdWF5ckQyY0U4NlovaWw4YitndzNyMysxbkthdG1Ja2puMnNvMWQwMVFyYVRsTXFWU3NieApOclJGaTl3cmYrTTdRPT0geW91QGV4YW1wbGUuY29tCg==

Nali lamulo lotchulidwa pamwambapa

install:
  - echo < публичный ключ, закодированный в base64> | base64 -d >> $HOME/.ssh/known_hosts

Njira yomweyi ingagwiritsidwe ntchito ndi kiyi yachinsinsi mukakhazikitsa kulumikizana, chifukwa mungafunike kiyi yachinsinsi kuti mupeze seva. Mukamagwira ntchito ndi kiyi, mumangofunika kuwonetsetsa kuti imasungidwa bwino mumtundu wa Travis CI komanso kuti sichiwonetsedwa kulikonse.

Chinanso chomwe muyenera kudziwa ndikuti mungafunike kuyendetsa zolemba zonse ngati mzere umodzi, mwachitsanzo - ndi doctl. Zimenezi zingafunike kuyesetsa.

doctl compute ssh <droplet> --ssh-command "все команды будут здесь && здесь"

TLS/SSL ndi Load Balancing

Nditachita zonse zomwe tafotokozazi, vuto lomaliza lomwe ndidakumana nalo linali loti seva inalibe SSL. Popeza ndimagwiritsa ntchito seva ya Node.js, kuti ndikakamize kugwira ntchito reverse proxy Nginx ndi Let's Encrypt, muyenera kuganizira kwambiri.

Sindinafune kupanga masinthidwe onse a SSL pamanja, kotero ndidangopanga chojambulira katundu ndikulemba zambiri mu DNS. Pankhani ya DigitalOcean, mwachitsanzo, kupanga satifiketi yodziyimitsa yokha pa chowongolera ndi njira yosavuta, yaulere komanso yachangu. Njirayi ili ndi phindu lowonjezera lomwe limapangitsa kukhala kosavuta kukhazikitsa SSL pa maseva angapo omwe akuyendetsa kumbuyo kwa cholemetsa ngati pakufunika. Izi zimalola ma seva okha kuti "asamaganize" za SSL konse, koma nthawi yomweyo gwiritsani ntchito doko monga mwachizolowezi. 80. Chifukwa chake kukhazikitsa SSL pa cholemetsa cholemetsa ndikosavuta komanso kosavuta kuposa njira zina zokhazikitsira SSL.

Tsopano mutha kutseka madoko onse pa seva omwe amavomereza kulumikizana komwe kukubwera - kupatula doko 80, amagwiritsidwa ntchito polankhulana ndi chojambulira katundu, ndi doko 22 za SSH. Zotsatira zake, kuyesa kulowa mwachindunji seva pamadoko aliwonse kupatula awiriwa kudzalephera.

Zotsatira

Nditachita zonse zomwe ndidazifotokoza m'nkhaniyi, nsanja ya Docker kapena malingaliro a unyolo wa CI / CD wokhawokha sanandiwopenso. Ndinatha kukhazikitsa chingwe chophatikizira chosalekeza, pomwe code imayesedwa isanayambe kupanga ndipo kachidindoyo imangotumizidwa pa seva. Zonsezi zikadali zatsopano kwa ine, ndipo ndikutsimikiza kuti pali njira zosinthira kachitidwe kanga kantchito ndikupangitsa kuti ikhale yogwira mtima. Ndiye ngati muli ndi malingaliro aliwonse pankhaniyi, chonde ndidziwitseni. kwa ine kudziwa. Ndikukhulupirira kuti nkhaniyi yakuthandizani muzochita zanu. Ndikufuna kukhulupirira kuti mutaiwerenga, mwaphunzira zambiri monga momwe ndinaphunzirira ndikuganizira zonse zomwe ndinanenamo.

PS mu wathu msika pali chithunzi Docker, yomwe imatha kukhazikitsidwa ndikudina kamodzi. Mukhoza kuyang'ana ntchito ya muli pa VPS. Makasitomala onse atsopano amapatsidwa masiku atatu akuyezetsa kwaulere.

Wokondedwa owerenga! Kodi mumagwiritsa ntchito ukadaulo wa CI/CD pamapulojekiti anu?

Source: www.habr.com