Apejọ ti o ni agbara ati imuṣiṣẹ ti awọn aworan Docker pẹlu werf ni lilo apẹẹrẹ ti aaye iwe ti ikede

A ti sọrọ tẹlẹ nipa irinṣẹ GitOps wa diẹ sii ju ẹẹkan lọ. werf, ati ni akoko yii a yoo fẹ lati pin iriri wa ni iṣakojọpọ aaye naa pẹlu iwe ti iṣẹ akanṣe funrararẹ - werf.io (Ẹya Russian rẹ jẹ en.werf.io). Eyi jẹ aaye aimi lasan, ṣugbọn apejọ rẹ jẹ iyanilenu ni pe o ti kọ ni lilo nọmba agbara ti awọn ohun-ọṣọ.

Lọ sinu awọn nuances ti eto aaye: ti ipilẹṣẹ akojọ aṣayan ti o wọpọ fun gbogbo awọn ẹya, awọn oju-iwe pẹlu alaye nipa awọn idasilẹ, ati bẹbẹ lọ. - a yoo ko. Dipo, jẹ ki a dojukọ awọn ọran ati awọn ẹya ti apejọ ti o ni agbara ati diẹ lori awọn ilana CI/CD ti o tẹle.

Ifihan: bawo ni aaye naa ṣe n ṣiṣẹ

Lati bẹrẹ pẹlu, iwe werf ti wa ni ipamọ pẹlu koodu rẹ. Eyi fa awọn ibeere idagbasoke kan ti o kọja gbogbo aaye ti nkan yii, ṣugbọn ni o kere ju o le sọ pe:

• Awọn iṣẹ werf tuntun ko yẹ ki o tu silẹ laisi mimu dojuiwọn iwe ati, ni idakeji, eyikeyi awọn ayipada ninu iwe naa tumọ si itusilẹ ti ẹya tuntun ti werf;
• Ise agbese na ni idagbasoke to lekoko: awọn ẹya tuntun le ṣe idasilẹ ni igba pupọ ni ọjọ kan;
• Eyikeyi awọn iṣẹ afọwọṣe lati ran aaye kan lọ pẹlu ẹya tuntun ti iwe jẹ o kere ju arẹwẹsi;
• Ise agbese na gba ọna itumọ kan ti ikede, pẹlu awọn ikanni iduroṣinṣin 5. Ilana itusilẹ jẹ pẹlu ọna-tẹle ti awọn ẹya nipasẹ awọn ikanni ni aṣẹ ti o pọ si iduroṣinṣin: lati alfa si apata-ra;
• Aaye naa ni ẹya ti o ni ede Russian, eyiti o "gbe ati idagbasoke" (ie, akoonu ti a ṣe imudojuiwọn) ni afiwe pẹlu akọkọ (ie, English-ede) version.

Lati tọju gbogbo “idana ti inu” lati ọdọ olumulo, fifun u ni nkan ti “o kan ṣiṣẹ”, a ṣe lọtọ werf fifi sori ẹrọ ati imudojuiwọn ọpa Ṣe multiwerf. O kan nilo lati pato nọmba itusilẹ ati ikanni iduroṣinṣin ti o ṣetan lati lo, ati multiwerf yoo ṣayẹwo boya ẹya tuntun wa lori ikanni naa ati ṣe igbasilẹ ti o ba jẹ dandan.

Ninu akojọ aṣayan ẹya lori oju opo wẹẹbu, awọn ẹya tuntun ti werf wa ni ikanni kọọkan. Nipa aiyipada, nipasẹ adirẹsi werf.io/documentation ẹya ti ikanni iduroṣinṣin julọ fun idasilẹ tuntun ṣii - o tun jẹ atọka nipasẹ awọn ẹrọ wiwa. Awọn iwe aṣẹ fun ikanni wa ni awọn adirẹsi lọtọ (fun apẹẹrẹ, werf.io/v1.0-beta/documentation fun itusilẹ beta 1.0).

Ni apapọ, aaye naa ni awọn ẹya wọnyi ti o wa:

1. root (ṣii nipasẹ aiyipada),
2. fun ikanni imudojuiwọn ti nṣiṣe lọwọ kọọkan ti itusilẹ kọọkan (fun apẹẹrẹ, werf.io/v1.0-beta).

Lati ṣe agbekalẹ ẹya kan pato ti aaye kan, ni gbogbogbo, o to lati ṣajọ rẹ ni lilo Jekyllnipa nṣiṣẹ ni liana /docs werf ibi ipamọ ti o baamu aṣẹ (jekyll build), lẹhin iyipada si Git tag ti ẹya ti a beere.

O wa nikan lati ṣafikun pe:

• IwUlO funrararẹ (werf) ni a lo fun apejọ;
• Awọn ilana CI / CD ti wa ni ipilẹ lori GitLab CI;
• ati gbogbo eyi, dajudaju, nṣiṣẹ ni Kubernetes.

Awọn iṣẹ-ṣiṣe

Bayi jẹ ki a ṣe agbekalẹ awọn iṣẹ ṣiṣe ti o ṣe akiyesi gbogbo awọn pato ti a ṣalaye:

1. Lẹhin iyipada ẹya werf lori eyikeyi ikanni imudojuiwọn iwe lori ojula yẹ ki o wa ni imudojuiwọn laifọwọyi.
2. Fun idagbasoke o nilo lati ni anfani lati igba miiran wo awọn ẹya awotẹlẹ ti awọn ojula.

Aaye naa gbọdọ tun ṣe apejọ lẹhin iyipada ẹya lori eyikeyi ikanni lati awọn ami Git ti o baamu, ṣugbọn ninu ilana ti kikọ aworan a yoo gba awọn ẹya wọnyi:

• Niwọn igba ti atokọ ti awọn ẹya lori awọn ikanni yipada, o jẹ pataki nikan lati tun awọn iwe aṣẹ fun awọn ikanni nibiti ẹya ti yipada. Lẹhinna, atunṣe ohun gbogbo lẹẹkansi ko dara pupọ.
• Eto awọn ikanni fun awọn idasilẹ le yipada. Ni aaye diẹ ninu akoko, fun apẹẹrẹ, o le ma jẹ ẹya lori awọn ikanni diẹ sii ni iduroṣinṣin ju itusilẹ iwọle 1.1 ni kutukutu, ṣugbọn ni akoko pupọ wọn yoo han - ninu ọran yii, ṣe o ko yẹ ki o yi apejọ naa pada pẹlu ọwọ?

O wa jade pe ijọ da lori iyipada data ita.

Imuse

Yiyan Ọna kan

Ni omiiran, o le ṣiṣẹ ẹya kọọkan ti o nilo bi adarọ ese lọtọ ni Kubernetes. Aṣayan yii tumọ si nọmba nla ti awọn nkan ninu iṣupọ, eyiti yoo dagba pẹlu ilosoke ninu nọmba awọn idasilẹ werf iduroṣinṣin. Ati pe eyi, ni ọna, tumọ si itọju eka sii: ẹya kọọkan ni olupin HTTP tirẹ, ati pẹlu ẹru kekere kan. Nitoribẹẹ, eyi tun kan awọn idiyele orisun nla.

A gba ọna kanna Nto gbogbo awọn ẹya pataki ni aworan kan. Awọn iṣiro ti a ṣajọpọ ti gbogbo awọn ẹya ti aaye naa wa ninu apo kan pẹlu NGINX, ati ijabọ si Imuṣiṣẹ ti o baamu wa nipasẹ NGINX Ingress. Eto ti o rọrun - ohun elo ti ko ni ipinlẹ - ngbanilaaye lati ni irọrun iwọn imuṣiṣẹ (da lori ẹru) nipa lilo Kubernetes funrararẹ.

Lati jẹ kongẹ diẹ sii, a n gba awọn aworan meji: ọkan fun Circuit iṣelọpọ, keji jẹ afikun ọkan fun Circuit dev. Aworan afikun naa ni a lo (ifilọlẹ) nikan lori Circuit dev papọ pẹlu akọkọ ati pe o ni ẹya ti aaye naa lati inu atunyẹwo atunyẹwo, ati ipa-ọna laarin wọn ni a ṣe ni lilo awọn orisun Ingress.

werf vs git oniye ati onisebaye

Gẹgẹbi a ti sọ tẹlẹ, lati ṣe agbekalẹ awọn iṣiro aaye fun ẹya kan pato ti iwe, o nilo lati kọ nipa yiyipada si aami ibi ipamọ ti o yẹ. O tun le ṣe eyi nipa didi ibi ipamọ ni gbogbo igba ti o ba kọ, yiyan awọn afi ti o yẹ lati atokọ kan. Bibẹẹkọ, eyi jẹ iṣẹ ṣiṣe ti o ni agbara-oluşewadi ati, pẹlupẹlu, nilo kikọ awọn ilana ti kii ṣe bintin… Aila-nfani pataki miiran ni pe pẹlu ọna yii ko si ọna lati kaṣe nkan lakoko apejọ.

Nibi ohun elo werf funrararẹ wa si iranlọwọ wa, imuse smart caching ati gba ọ laaye lati lo ita awọn ibi ipamọ. Lilo werf lati ṣafikun koodu lati ibi-ipamọ yoo mu iyara kọ ni pataki, nitori werf pataki ibeji ibi ipamọ lẹẹkan ati lẹhinna ṣiṣẹ Nikan fetch ti o ba wulo. Ni afikun, nigba fifi data kun lati ibi ipamọ, a le yan awọn ilana pataki nikan (ninu ọran wa eyi ni itọsọna naa docs), eyiti yoo dinku iye data ti a ṣafikun ni pataki.

Niwọn bi Jekyll jẹ ohun elo ti a ṣe apẹrẹ fun iṣakojọpọ data aimi ati pe ko nilo ni aworan ikẹhin, yoo jẹ ọgbọn lati ṣajọ ni werf artifact, ati sinu aworan ikẹhin gbe wọle nikan esi akopo.

A kọ werf.yaml

Nitorinaa, a pinnu pe a yoo ṣajọ ẹya kọọkan ni ohun-ọṣọ werf lọtọ. Sibẹsibẹ a a ko mọ iye awọn ohun-elo wọnyi yoo wa lakoko apejọ, nitorinaa a ko le kọ iṣeto ti o wa titi ti o wa titi (sọsọ ni pipe, a tun le, ṣugbọn kii yoo munadoko patapata).

werf faye gba o lati lo Lọ awọn awoṣe ninu faili iṣeto rẹ (werf.yaml), ati pe eyi jẹ ki o ṣee ṣe ina konfigi lori awọn fly da lori data ita (ohun ti o nilo!). Awọn data ita ninu ọran wa jẹ alaye nipa awọn ẹya ati awọn idasilẹ, lori ipilẹ eyiti a gba nọmba ti a beere fun awọn ohun-ọṣọ ati bi abajade a gba awọn aworan meji: werf-doc и werf-dev lati ṣiṣẹ lori yatọ si iyika.

Awọn data ita ti kọja nipasẹ awọn oniyipada ayika. Eyi ni akopọ wọn:

• RELEASES - laini kan pẹlu atokọ ti awọn idasilẹ ati ẹya ti o baamu ti werf lọwọlọwọ, ni irisi atokọ ti aaye ti awọn iye ni ọna kika <НОМЕР_РЕЛИЗА>%<НОМЕР_ВЕРСИИ>... Apẹẹrẹ: 1.0%v1.0.4-beta.20
• CHANNELS - laini kan pẹlu atokọ ti awọn ikanni ati ẹya ti o baamu ti werf lọwọlọwọ, ni irisi atokọ ti aaye ti awọn iye ni ọna kika <КАНАЛ>%<НОМЕР_ВЕРСИИ>... Apẹẹrẹ: 1.0-beta%v1.0.4-beta.20 1.0-alpha%v1.0.5-alpha.22
• ROOT_VERSION - ẹya itusilẹ werf lati ṣafihan nipasẹ aiyipada lori aaye naa (kii ṣe pataki nigbagbogbo lati ṣafihan iwe nipasẹ nọmba itusilẹ ti o ga julọ). Apeere: v1.0.4-beta.20
• REVIEW_SHA - hash ti atunyẹwo atunyẹwo lati eyiti o nilo lati kọ ẹya fun lupu idanwo naa.

Awọn oniyipada wọnyi yoo kun ninu opo gigun ti epo GitLab CI, ati bii o ṣe kọ ni pato ni isalẹ.

Ni akọkọ, fun irọrun, a ṣalaye ninu werf.yaml Lọ awọn oniyipada awoṣe, fifun wọn awọn iye lati awọn oniyipada ayika:

{{ $_ := set . "WerfVersions" (cat (env "CHANNELS") (env "RELEASES") | splitList " ") }}
{{ $Root := . }}
{{ $_ := set . "WerfRootVersion" (env "ROOT_VERSION") }}
{{ $_ := set . "WerfReviewCommit" (env "REVIEW_SHA") }}

Apejuwe ti artifact fun ikojọpọ ẹya aimi ti aaye naa jẹ kanna fun gbogbo awọn ọran ti a nilo (pẹlu ti ipilẹṣẹ ẹya root, ati ẹya fun Circuit dev). Nitorinaa, a yoo gbe lọ si bulọọki lọtọ nipa lilo iṣẹ naa define - fun ọwọ ilotunlo lilo include. A yoo kọja awọn ariyanjiyan wọnyi si awoṣe:

• Version - ẹya ti ipilẹṣẹ (orukọ tag);
• Channel - orukọ ikanni imudojuiwọn fun eyiti a ṣe ipilẹṣẹ ohun-ini;
• Commit - dá elile, ti o ba ti artifact wa ni ti ipilẹṣẹ fun a ṣe awotẹlẹ;
• ti o tọ.

Artifact Àdàkọ Apejuwe

{{- define "doc_artifact" -}}
{{- $Root := index . "Root" -}}
artifact: doc-{{ .Channel }}
from: jekyll/builder:3
mount:
- from: build_dir
  to: /usr/local/bundle
ansible:
  install:
  - shell: |
      export PATH=/usr/jekyll/bin/:$PATH
  - name: "Install Dependencies"
    shell: bundle install
    args:
      executable: /bin/bash
      chdir: /app/docs
  beforeSetup:
{{- if .Commit }}
  - shell: echo "Review SHA - {{ .Commit }}."
{{- end }}
{{- if eq .Channel "root" }}
  - name: "releases.yml HASH: {{ $Root.Files.Get "releases.yml" | sha256sum }}"
    copy:
      content: |
{{ $Root.Files.Get "releases.yml" | indent 8 }}
      dest:  /app/docs/_data/releases.yml
{{- else }}
  - file:
      path: /app/docs/_data/releases.yml
      state: touch
{{- end }}
  - file:
      path: "{{`{{ item }}`}}"
      state: directory
      mode: 0777
    with_items:
    - /app/main_site/
    - /app/ru_site/
  - file:
      dest: /app/docs/pages_ru/cli
      state: link
      src: /app/docs/pages/cli
  - shell: |
      echo -e "werfVersion: {{ .Version }}nwerfChannel: {{ .Channel }}" > /tmp/_config_additional.yml
      export PATH=/usr/jekyll/bin/:$PATH
{{- if and (ne .Version "review") (ne .Channel "root") }}
{{- $_ := set . "BaseURL" ( printf "v%s" .Channel ) }}
{{- else if ne .Channel "root" }}
{{- $_ := set . "BaseURL" .Channel }}
{{- end }}
      jekyll build -s /app/docs  -d /app/_main_site/{{ if .BaseURL }} --baseurl /{{ .BaseURL }}{{ end }} --config /app/docs/_config.yml,/tmp/_config_additional.yml
      jekyll build -s /app/docs  -d /app/_ru_site/{{ if .BaseURL }} --baseurl /{{ .BaseURL }}{{ end }} --config /app/docs/_config.yml,/app/docs/_config_ru.yml,/tmp/_config_additional.yml
    args:
      executable: /bin/bash
      chdir: /app/docs
git:
- url: https://github.com/flant/werf.git
  to: /app/
  owner: jekyll
  group: jekyll
{{- if .Commit }}
  commit: {{ .Commit }}
{{- else }}
  tag: {{ .Version }}
{{- end }}
  stageDependencies:
    install: ['docs/Gemfile','docs/Gemfile.lock']
    beforeSetup: '**/*'
  includePaths: 'docs'
  excludePaths: '**/*.sh'
{{- end }}

Orukọ artifact gbọdọ jẹ alailẹgbẹ. A le ṣe aṣeyọri eyi, fun apẹẹrẹ, nipa fifi orukọ ikanni kun (iye ti oniyipada .Channel) gẹgẹbi isunmọ si orukọ ohun-ọnà naa: artifact: doc-{{ .Channel }}. Ṣugbọn o nilo lati ni oye pe nigba gbigbe wọle lati awọn ohun-ọṣọ, iwọ yoo nilo lati tọka si awọn orukọ kanna.

Nigbati o ba n ṣe apejuwe ohun-ọṣọ, ẹya werf atẹle yii ni a lo: iṣagbesori. Iṣagbesori afihan liana iṣẹ build_dir gba ọ laaye lati ṣafipamọ kaṣe Jekyll laarin awọn ṣiṣe opo gigun ti epo, eyiti significantly iyara soke reassembly.

O tun le ti ṣe akiyesi lilo faili naa releases.yml jẹ faili YAML pẹlu data itusilẹ ti o beere lati github.com (ohun artifact ti a gba nigba ti o ba n ṣiṣẹ opo gigun ti epo). O nilo nigbati o ba n ṣajọ aaye naa, ṣugbọn ni ọrọ ti nkan naa o jẹ iyanilenu si wa nitori pe o da lori ipo rẹ reassembly ti nikan kan artifact - ohun artifact ti awọn root version of awọn ojula (ko ti wa ni ti nilo ni miiran onisebaye).

Eyi jẹ imuse nipa lilo alaye asọye if Lọ awọn awoṣe ati awọn apẹrẹ {{ $Root.Files.Get "releases.yml" | sha256sum }} ni ipele awọn ipele. O ṣiṣẹ bi atẹle: nigbati o ba kọ ohun-ọṣọ fun ẹya root (ayipada .Channel dogba si root) hash faili releases.yml ni ipa lori ibuwọlu ti gbogbo ipele, nitori pe o jẹ apakan ti orukọ iṣẹ-ṣiṣe Ansible (paramita name). Nitorinaa, nigba iyipada akoonu faili releases.yml ohun-ọṣọ ti o baamu yoo jẹ atunjọpọ.

Jọwọ tun san ifojusi si ṣiṣẹ pẹlu ibi ipamọ ita. Ni awọn aworan ti ohun artifact lati ibi ipamọ werf, nikan liana ti wa ni afikun /docs, ati da lori awọn aye ti o kọja, data ti aami ti a beere tabi ṣiṣe atunyẹwo jẹ afikun lẹsẹkẹsẹ.

Lati lo awoṣe artifact lati ṣe agbekalẹ apejuwe ti artifact ti awọn ẹya gbigbe ti awọn ikanni ati awọn idasilẹ, a ṣeto lupu kan lori oniyipada .WerfVersions в werf.yaml:

{{ range .WerfVersions -}}
{{ $VersionsDict := splitn "%" 2 . -}}
{{ dict "Version" $VersionsDict._1 "Channel" $VersionsDict._0 "Root" $Root | include "doc_artifact" }}
---
{{ end -}}

Nitori lupu yoo ṣe agbekalẹ ọpọlọpọ awọn ohun-ọṣọ (a nireti bẹ), o jẹ dandan lati ṣe akiyesi oluyapa laarin wọn - ọkọọkan --- (Fun alaye diẹ sii lori sintasi faili atunto, wo iwe). Gẹgẹbi a ti ṣalaye tẹlẹ, nigba pipe awoṣe kan ni lupu, a kọja awọn aye ẹya, URL ati ipo ipilẹ.

Bakanna, ṣugbọn laisi lupu, a pe awoṣe artifact fun “awọn ọran pataki”: fun ẹya gbongbo, bakanna bi ẹya lati ṣe atunyẹwo:

{{ dict "Version" .WerfRootVersion "Channel" "root" "Root" $Root  | include "doc_artifact" }}
---
{{- if .WerfReviewCommit }}
{{ dict "Version" "review" "Channel" "review" "Commit" .WerfReviewCommit "Root" $Root  | include "doc_artifact" }}
{{- end }}

Jọwọ ṣe akiyesi pe ohun-ọṣọ fun ṣiṣe atunyẹwo yoo jẹ itumọ nikan ti o ba ṣeto oniyipada naa .WerfReviewCommit.

Awọn ohun-ọṣọ ti ṣetan - o to akoko lati bẹrẹ gbigbe wọle!

Aworan ti o kẹhin, ti a ṣe lati ṣiṣẹ lori Kubernetes, jẹ NGINX deede pẹlu faili iṣeto olupin ti a fi kun nginx.conf ati aimi lati onisebaye. Ni afikun si awọn artifact ti awọn root version of awọn ojula, a nilo lati tun awọn lupu lori oniyipada .WerfVersions lati gbe awọn ohun-ọṣọ ti ikanni wọle ati awọn ẹya itusilẹ + tẹle ofin orukọ ohun-ini ti a gba tẹlẹ. Níwọ̀n bí ọ̀kọ̀ọ̀kan ṣe ń tọ́jú àwọn ẹ̀yà ojúlé náà fún èdè méjì, a máa ń kó wọn wọlé sí àwọn ibi tí ìṣètò náà pèsè.

Apejuwe ti ik image werf-doc

image: werf-doc
from: nginx:stable-alpine
ansible:
  setup:
  - name: "Setup /etc/nginx/nginx.conf"
    copy:
      content: |
{{ .Files.Get ".werf/nginx.conf" | indent 8 }}
      dest: /etc/nginx/nginx.conf
  - file:
      path: "{{`{{ item }}`}}"
      state: directory
      mode: 0777
    with_items:
    - /app/main_site/assets
    - /app/ru_site/assets
import:
- artifact: doc-root
  add: /app/_main_site
  to: /app/main_site
  before: setup
- artifact: doc-root
  add: /app/_ru_site
  to: /app/ru_site
  before: setup
{{ range .WerfVersions -}}
{{ $VersionsDict := splitn "%" 2 . -}}
{{ $Channel := $VersionsDict._0 -}}
{{ $Version := $VersionsDict._1 -}}
- artifact: doc-{{ $Channel }}
  add: /app/_main_site
  to: /app/main_site/v{{ $Channel }}
  before: setup
{{ end -}}
{{ range .WerfVersions -}}
{{ $VersionsDict := splitn "%" 2 . -}}
{{ $Channel := $VersionsDict._0 -}}
{{ $Version := $VersionsDict._1 -}}
- artifact: doc-{{ $Channel }}
  add: /app/_ru_site
  to: /app/ru_site/v{{ $Channel }}
  before: setup
{{ end -}}

Aworan afikun, eyiti, pẹlu ọkan akọkọ, ti ṣe ifilọlẹ lori Circuit dev, ni awọn ẹya meji nikan ti aaye naa: ẹya lati atunyẹwo atunyẹwo ati ẹya ipilẹ ti aaye naa (awọn ohun-ini gbogbogbo wa ati, ti o ba ranti , data idasilẹ). Nitorinaa, aworan afikun yoo yatọ si akọkọ nikan ni apakan agbewọle (ati, nitorinaa, ni orukọ):

image: werf-dev
...
import:
- artifact: doc-root
  add: /app/_main_site
  to: /app/main_site
  before: setup
- artifact: doc-root
  add: /app/_ru_site
  to: /app/ru_site
  before: setup
{{- if .WerfReviewCommit  }}
- artifact: doc-review
  add: /app/_main_site
  to: /app/main_site/review
  before: setup
- artifact: doc-review
  add: /app/_ru_site
  to: /app/ru_site/review
  before: setup
{{- end }}

Gẹgẹbi a ti ṣe akiyesi loke, artifact fun iṣẹ atunyẹwo yoo jẹ ipilẹṣẹ nikan nigbati iyipada ayika ti o ṣeto ba ṣiṣẹ REVIEW_SHA. Yoo ṣee ṣe lati ma ṣe ipilẹṣẹ aworan werf-dev rara ti ko ba si oniyipada ayika REVIEW_SHA, sugbon ni ibere lati ninu nipa imulo Awọn aworan Docker ni werf ṣiṣẹ fun aworan werf-dev, a yoo fi silẹ lati kọ nikan pẹlu ohun elo ti ẹya root (o ti kọ tẹlẹ lonakona), lati jẹ ki ọna opo gigun ti epo rọrun.

Apejọ ti šetan! Jẹ ki a lọ si CI / CD ati awọn nuances pataki.

Pipeline ni GitLab CI ati awọn ẹya ti iṣelọpọ agbara

Nigbati o ba n ṣiṣẹ ikole a nilo lati ṣeto awọn oniyipada ayika ti a lo ninu werf.yaml. Eyi ko kan oniyipada REVIEW_SHA, eyiti a yoo ṣeto nigbati a ba n pe opo gigun ti epo lati kio GitHub.

A yoo ṣe ipilẹṣẹ data ita pataki ni iwe afọwọkọ Bash kan generate_artifacts, eyiti yoo ṣe agbejade awọn ohun-ọṣọ opo gigun ti GitLab meji:

• faili releases.yml pẹlu data idasilẹ,
• faili common_envs.sh, ti o ni awọn oniyipada ayika lati wa ni okeere.

Awọn akoonu faili generate_artifacts iwọ yoo rii ninu wa awọn ibi ipamọ pẹlu apẹẹrẹ. Gbigba data funrararẹ kii ṣe koko-ọrọ ti nkan naa, ṣugbọn faili naa common_envs.sh jẹ pataki si wa, nitori iṣẹ ti werf da lori rẹ. Àpẹrẹ àkóónú rẹ̀:

export RELEASES='1.0%v1.0.6-4'
export CHANNELS='1.0-alpha%v1.0.7-1 1.0-beta%v1.0.7-1 1.0-ea%v1.0.6-4 1.0-stable%v1.0.6-4 1.0-rock-solid%v1.0.6-4'
export ROOT_VERSION='v1.0.6-4'

O le lo abajade ti iru iwe afọwọkọ, fun apẹẹrẹ, ni lilo iṣẹ Bash source.

Bayi ni apakan igbadun naa wa. Ni ibere fun mejeeji kikọ ati imuṣiṣẹ ohun elo lati ṣiṣẹ ni deede, o jẹ dandan lati rii daju pe werf.yaml wà ikan na o kere ju laarin ọkan opo gigun ti epo. Ti ipo yii ko ba pade, lẹhinna awọn ibuwọlu ti awọn ipele ti werf ṣe iṣiro lakoko apejọ ati, fun apẹẹrẹ, imuṣiṣẹ, yoo yatọ. Eyi yoo ja si aṣiṣe imuṣiṣẹ, nitori ... aworan ti a beere fun imuṣiṣẹ yoo sonu.

Ni awọn ọrọ miiran, ti o ba jẹ pe lakoko apejọ ti aworan aaye naa alaye nipa awọn idasilẹ ati awọn ẹya jẹ kanna, ati ni akoko imuṣiṣẹ ẹya tuntun ti tu silẹ ati awọn oniyipada ayika ni awọn iye oriṣiriṣi, lẹhinna imuṣiṣẹ yoo kuna pẹlu aṣiṣe kan: lẹhin ti gbogbo, awọn artifact ti awọn titun ti ikede ti ko sibẹsibẹ a ti kọ.

Ti iran werf.yaml da lori data ita (fun apẹẹrẹ, atokọ ti awọn ẹya lọwọlọwọ, bi ninu ọran wa), lẹhinna akopọ ati awọn iye iru data yẹ ki o gbasilẹ laarin opo gigun ti epo. Eyi ṣe pataki paapaa ti awọn aye ita ba yipada ni igbagbogbo.

A yoo gba ati gbasilẹ data ita ni ipele akọkọ ti opo gigun ti epo ni GitLab (Kọ tẹlẹ) ati firanṣẹ siwaju sii ni fọọmu naa GitLab CI artifact. Eyi yoo gba ọ laaye lati ṣiṣẹ ati tun bẹrẹ awọn iṣẹ opo gigun ti epo (kọ, ranṣiṣẹ, nu) pẹlu iṣeto kanna ni werf.yaml.

Awọn akoonu ti ipele Kọ tẹlẹ faili .gitlab-ci.yml:

Prebuild:
  stage: prebuild
  script:
    - bash ./generate_artifacts 1> common_envs.sh
    - cat ./common_envs.sh
  artifacts:
    paths:
      - releases.yml
      - common_envs.sh
    expire_in: 2 week

Lehin ti o ti gba data ita ni artifact, o le kọ ati ran lọ ni lilo boṣewa GitLab CI awọn ipele opo gigun ti epo: Kọ ati Ṣiṣe. A ṣe ifilọlẹ opo gigun ti epo funrararẹ ni lilo awọn kio lati ibi ipamọ GitHub werf (ie, nigbati awọn ayipada ba wa ni ibi ipamọ lori GitHub). Data fun wọn ni a le rii ni awọn ohun-ini iṣẹ akanṣe GitLab ni apakan CI / CD Eto -> Pipeline okunfa, ati lẹhinna ṣẹda Webhook ti o baamu ni GitHub (Eto -> Webhooks).

Ipele kikọ yoo dabi eyi:

Build:
  stage: build
  script:
    - type multiwerf && . $(multiwerf use 1.0 alpha --as-file)
    - type werf && source <(werf ci-env gitlab --tagging-strategy tag-or-branch --verbose)
    - source common_envs.sh
    - werf build-and-publish --stages-storage :local
  except:
    refs:
      - schedules
  dependencies:
    - Prebuild

GitLab yoo ṣafikun awọn ohun-ọṣọ meji lati ipele si ipele kikọ Kọ tẹlẹ, nitorinaa a ṣe okeere awọn oniyipada pẹlu data igbewọle ti a pese sile nipa lilo ikole source common_envs.sh. A bẹrẹ ipele kikọ ni gbogbo awọn ọran, ayafi fun ifilọlẹ opo gigun ti epo ni ibamu si iṣeto kan. Gẹgẹbi iṣeto naa, a yoo ṣiṣẹ opo gigun ti epo fun mimọ - ninu ọran yii ko si iwulo lati ṣe apejọ.

Ni ipele imuṣiṣẹ, a yoo ṣe apejuwe awọn iṣẹ-ṣiṣe meji - lọtọ fun imuṣiṣẹ si iṣelọpọ ati awọn iyika dev, ni lilo awoṣe YAML kan:

.base_deploy: &base_deploy
  stage: deploy
  script:
    - type multiwerf && . $(multiwerf use 1.0 alpha --as-file)
    - type werf && source <(werf ci-env gitlab --tagging-strategy tag-or-branch --verbose)
    - source common_envs.sh
    - werf deploy --stages-storage :local
  dependencies:
    - Prebuild
  except:
    refs:
      - schedules

Deploy to Production:
  <<: *base_deploy
  variables:
    WERF_KUBE_CONTEXT: prod
  environment:
    name: production
    url: werf.io
  only:
    refs:
      - master
  except:
    variables:
      - $REVIEW_SHA
    refs:
      - schedules

Deploy to Test:
  <<: *base_deploy
  variables:
    WERF_KUBE_CONTEXT: dev
  environment:
    name: test
    url: werf.test.flant.com
  except:
    refs:
      - schedules
  only:
    variables:
      - $REVIEW_SHA

Awọn iṣẹ-ṣiṣe pataki yato nikan ni afihan ipo iṣupọ sinu eyiti werf yẹ ki o ṣe imuṣiṣẹ naa (WERF_KUBE_CONTEXT), ati ṣeto awọn oniyipada agbegbe lupu (environment.name и environment.url), eyi ti o ti wa ni ki o si lo ninu Helm chart awọn awoṣe. A kii yoo pese awọn akoonu ti awọn awoṣe, nitori... ko si ohun ti o nifẹ si nibẹ fun koko-ọrọ ti o wa ninu ibeere, ṣugbọn o le rii wọn ninu awọn ibi ipamọ fun nkan naa.

Ifọwọkan ipari

Niwọn igba ti awọn ẹya werf ti tu silẹ ni igbagbogbo, awọn aworan tuntun yoo kọ nigbagbogbo, ati iforukọsilẹ Docker yoo dagba nigbagbogbo. Nitorinaa, o jẹ dandan lati tunto afọmọ aworan aifọwọyi da lori awọn eto imulo. O rọrun pupọ lati ṣe.

Lati mu ṣiṣẹ iwọ yoo nilo:

• Ṣafikun igbesẹ mimọ kan si .gitlab-ci.yml;
• Ṣafikun ipaniyan igbakọọkan ti iṣẹ mimọ;
• Ṣeto oluyipada ayika pẹlu ami kikọ wiwọle.

Fifi ipele mimọ si .gitlab-ci.yml:

Cleanup:
  stage: cleanup
  script:
    - type multiwerf && . $(multiwerf use 1.0 alpha --as-file)
    - type werf && source <(werf ci-env gitlab --tagging-strategy tag-or-branch --verbose)
    - source common_envs.sh
    - docker login -u nobody -p ${WERF_IMAGES_CLEANUP_PASSWORD} ${WERF_IMAGES_REPO}
    - werf cleanup --stages-storage :local
  only:
    refs:
      - schedules

A ti rii fere gbogbo eyi ni giga diẹ - nikan lati sọ di mimọ o nilo lati kọkọ wọle si Iforukọsilẹ Docker pẹlu ami-ami kan ti o ni awọn ẹtọ lati paarẹ awọn aworan ni iforukọsilẹ Docker (iṣẹ ami GitLab CI ti a fun ni laifọwọyi ko ṣe. ni iru awọn ẹtọ). A gbọdọ ṣẹda ami naa ni GitLab ni ilosiwaju ati pe iye rẹ gbọdọ jẹ pato ni oniyipada ayika WERF_IMAGES_CLEANUP_PASSWORD ise agbese ( Awọn eto CI/CD -> Awọn oniyipada).

Ṣafikun iṣẹ-ṣiṣe mimọ pẹlu iṣeto ti a beere ni a ṣe ni CI/CD ->
Awọn iṣeto.

Iyẹn ni: iṣẹ akanṣe kan ninu iforukọsilẹ Docker kii yoo dagba nigbagbogbo lati awọn aworan ti ko lo.

Ni ipari apakan ti o wulo, jẹ ki n leti pe awọn atokọ ni kikun lati nkan naa wa ninu Git:

• .gitlab-ci.yml;
• werf.yaml.

Esi

1. A gba a mogbonwa ijọ be: ọkan artifact fun version.
2. Apejọ naa jẹ gbogbo agbaye ati pe ko nilo awọn ayipada afọwọṣe nigbati awọn ẹya tuntun ti werf ba tu silẹ: awọn iwe lori oju opo wẹẹbu ti ni imudojuiwọn laifọwọyi.
3. Awọn aworan meji ti wa ni apejọ fun oriṣiriṣi awọn elegbegbe.
4. O ṣiṣẹ ni kiakia, nitori Caching ti wa ni lilo bi o ti ṣee ṣe - nigbati ẹya tuntun ti werf ba ti tu silẹ tabi kio GitHub kan fun ṣiṣe atunyẹwo, nikan ohun-ọṣọ ti o baamu pẹlu ẹya ti o yipada ni a tun ṣe.
5. Ko si iwulo lati ronu nipa piparẹ awọn aworan ti ko lo: mimọ ni ibamu si awọn ilana werf yoo tọju iforukọsilẹ Docker ni ibere.

awari

• Lilo werf ngbanilaaye apejọ lati ṣiṣẹ ni kiakia nitori caching ti awọn mejeeji ijọ ara ati caching nigbati ṣiṣẹ pẹlu ita awọn ibi ipamọ.
• Nṣiṣẹ pẹlu awọn ibi ipamọ Git itagbangba imukuro iwulo lati ṣe oniye gbogbo ibi ipamọ ni akoko kọọkan tabi tun kẹkẹ pada pẹlu ọgbọn iṣapeye ẹtan. werf nlo kaṣe kan ati pe o ṣe oniye ni ẹẹkan, ati lẹhinna lo fetch ati ki o nikan nigbati pataki.
• Agbara lati lo awọn awoṣe Go ni faili iṣeto ni kikọ werf.yaml gba ọ laaye lati ṣe apejuwe apejọ kan ti abajade rẹ da lori data ita.
• Lilo òke ni werf ni pataki ṣe iyara ikojọpọ awọn ohun-ọṣọ - nitori kaṣe, eyiti o wọpọ si gbogbo awọn paipu.
• werf jẹ ki o rọrun lati tunto afọmọ, eyiti o ṣe pataki paapaa nigbati o ba kọ ni agbara.

PS

Ka tun lori bulọọgi wa:

• «Ṣiṣe awọn aṣẹ lakoko jiṣẹ idasilẹ ohun elo tuntun si Kubernetes»;
• «Kọ ati ran awọn iṣẹ microservices ti iru kanna ṣiṣẹ pẹlu werf ati GitLab CI»;
• «Lilo werf lati yipo eka Helm shatti»;
• «Ifihan werf 1.0 iduroṣinṣin: kini GitOps ni lati ṣe pẹlu rẹ, ipo ati awọn ero».

orisun: www.habr.com