Ngabhala amawebhusayithi ami okuqala ngasekupheleni kweminyaka yama-90s. Ngaleso sikhathi kwakulula kakhulu ukuzifaka ohlelweni lokusebenza. Kube neseva ye-Apache kokunye ukusingathwa okwabiwe, ungangena kule seva nge-FTP ngokubhala into efana nale ftp://ftp.example.com. Khona-ke bekufanele ufake igama lakho nephasiwedi bese ulayisha amafayela kuseva. Kwakukhona izikhathi ezihlukene, yonke into yayilula ngaleso sikhathi kunamanje.
Emashumini amabili eminyaka kusukela lapho, yonke into isishintshe kakhulu. Amawebhusayithi abe yinkimbinkimbi kakhulu; kufanele ahlanganiswe ngaphambi kokuthi akhiqizwe. Iseva eyodwa yaba amaseva amaningi agijima ngemuva kwezilinganisi zomthwalo, futhi ukusetshenziswa kwezinhlelo zokulawula inguqulo kwaba yinsakavukela.
Ngephrojekthi yami yomuntu siqu ngibe nokucushwa okukhethekile. Futhi ngangazi ukuthi ngidinga ikhono lokusebenzisa isiza ekukhiqizeni ngokwenza isenzo esisodwa nje: ukubhala ikhodi egatsheni. master ku-GitHub. Ngaphezu kwalokho, ngangazi ukuthi ukuze ngiqinisekise ukusebenza kwesicelo sami esincane sewebhu, ngangingafuni ukuphatha iqoqo elikhulu le-Kubernetes, noma ngisebenzise ubuchwepheshe be-Docker Swarm, noma ngigcine uxhaxha lwamaseva ngama-pods, ama-ejenti nazo zonke izinhlobo zezinye. ubunkimbinkimbi. Ukuze ngifinyelele umgomo wokwenza umsebenzi ube lula ngangokunokwenzeka, kwakudingeka ngijwayelane ne-CI/CD.
Uma unephrojekthi encane (kulokhu, iphrojekthi ye-Node.js) futhi ungathanda ukwazi ukuthi ungayenza kanjani ngokuzenzakalelayo ukuthunyelwa kwale phrojekthi, kuyilapho uqinisekisa ukuthi lokho okugcinwe endaweni yokugcina kufana ncamashi nalokho okusebenzayo ekukhiqizeni, khona-ke mina. cabanga ukuthi ungaba nentshisekelo kulesi sihloko.
Okudingeka kuqala
Umfundi wale ndatshana kulindeleke ukuthi abe nokuqonda okuyisisekelo komugqa womyalo nokubhala imibhalo ye-Bash. Ngaphezu kwalokho, uzodinga ama-akhawunti и .
Izinhloso
Ngeke ngisho ukuthi lesi sihloko singabizwa ngokungenamibandela ngokuthi "isifundo". Lokhu kungaphezulu kwedokhumenti lapho ngikhuluma khona ngalokho engikufundile futhi ngichaza inqubo engifanele yokuhlola nokuthumela ikhodi ekukhiqizweni, eyenziwa ngephasi eyodwa ezenzakalelayo.
Yilokhu ukuhamba kwami komsebenzi okugcine yikho.
Ngekhodi ethunyelwe kunoma yiliphi igatsha lenqolobane ngaphandle master, kwenziwa lezi zenzo ezilandelayo:
- Iphrojekthi eyakhiwe ku-Travis CI iyaqala.
- Wonke amayunithi, ukuhlanganisa kanye nokuhlolwa kokuphela kuyenziwa.
Ngekhodi kuphela engena kuyo master, okulandelayo kuyenziwa:
- Konke okukhulunywe ngenhla, kanye...
- Ukwakha isithombe se-Docker ngokusekelwe kukhodi yamanje, izilungiselelo nendawo.
- Ithumela isithombe ku-Docker Hub.
- Ukuxhuma kwiseva yokukhiqiza.
- Ilayisha isithombe kusuka ku-Docker Hub kuya kuseva.
- Ukumisa isiqukathi samanje bese uqala esisha ngokusekelwe esithombeni esisha.
Uma ungazi lutho nge-Docker, izithombe neziqukathi, ungakhathazeki. Ngizokutshela konke ngakho.
Iyini i-CI/CD?
Isifinyezo esithi CI/CD simele “ukuhlanganiswa okuqhubekayo/ukuthunyelwa okuqhubekayo.”
▍Ukuhlanganisa okuqhubekayo
Ukuhlanganiswa okuqhubekayo kuyinqubo lapho onjiniyela benza khona ukuzibophezela endaweni yekhodi yomthombo oyinhloko wephrojekthi (imvamisa igatsha master). Ngesikhathi esifanayo, ikhwalithi yekhodi iqinisekiswa ngokuhlolwa okuzenzakalelayo.
▍Ukuthunyelwa okuqhubekayo
Ukuthunyelwa okuqhubekayo ukuthunyelwa okuvamile, okuzenzakalelayo kwekhodi emkhiqizweni. Ingxenye yesibili yesifinyezo se-CI/CD kwesinye isikhathi ichazwa ngokuthi “ukulethwa okuqhubekayo.” Lokhu ngokuyisisekelo kufana “nokuthunyelwa okuqhubekayo”, kodwa “ukulethwa okuqhubekayo” kusho isidingo sokuqinisekisa izinguquko mathupha ngaphambi kokuqala inqubo yokusatshalaliswa kwephrojekthi.
Ukuqalisa
Uhlelo lokusebenza engangilufunda konke lokhu lubizwa ngokuthi . Lena iphrojekthi yewebhu engisebenza kuyo, eklanyelwe ukubhala amanothi. Ekuqaleni ngazama ukukwenza -iphrojekthi, noma uhlelo lokusebenza olungaphambili ngaphandle kweseva, ukuze kuzuzwe ithuba lokubamba okujwayelekile kanye namakhono okusabalalisa amaphrojekthi eliwanikezayo. . Njengoba inkimbinkimbi yohlelo lokusebenza ikhula, ngidinga ukudala ingxenye yeseva yayo, okusho ukuthi ngizodinga ukwakha isu lami lokuhlanganiswa okuzenzakalelayo kanye nokuthunyelwa okuzenzakalelayo kwephrojekthi.
Endabeni yami, uhlelo lokusebenza luyiseva ye-Express esebenza endaweni ye-Node.js, enikezela nge-React application yekhasi elilodwa futhi isekela i-API yohlangothi lweseva evikelekile. Lesi sakhiwo silandela isu elingatholakala ku Umhlahlandlela ogcwele wokuqinisekisa isitaki.
Ngabonisana naye , onguchwepheshe wokuzenzakalela, futhi ngambuza ukuthi yini okwakudingeka ngiyenze ukuze konke kusebenze ngendlela engangifuna ngayo. Unginikeze umbono wokuthi ukugeleza komsebenzi okuzenzakalelayo kufanele kubukeke kanjani, okushiwo esigabeni esithi Imigomo yalesi sihloko. Ukuba nalezi zinhloso kwakusho ukuthi ngidinga ukuthola ukuthi ngiyisebenzisa kanjani i-Docker.
Docker
I-Docker iyithuluzi, ngenxa yobuchwepheshe bokufaka iziqukathi, evumela izinhlelo zokusebenza ukuthi zisatshalaliswe kalula, zisetshenziswe futhi zisebenze endaweni efanayo, noma ngabe inkundla ye-Docker ngokwayo isebenza ezindaweni ezihlukene. Okokuqala, bengidinga ukubeka izandla zami kumathuluzi womugqa womyalo we-Docker (CLI). Umhlahlandlela wokufaka we-Docker awukwazi ukubizwa ngokuthi ucacile futhi uyaqondakala, kodwa kuwo ungafunda ukuthi ukuze uthathe isinyathelo sokuqala sokufaka, udinga ukulanda i-Docker Desktop (ye-Mac noma i-Windows).
I-Docker Hub icishe ibe yinto efanayo kumakhosombe we-git, noma ukubhalisa yamaphakheji e-JavaScript. Lena inqolobane eku-inthanethi yezithombe ze-Docker. Yilokhu i-Docker Desktop exhuma kukho.
Ngakho-ke, ukuze uqalise nge-Docker, udinga ukwenza izinto ezimbili:
- Faka .
- Bhalisa i .
Ngemuva kwalokhu, ungabheka ukuthi i-Docker CLI iyasebenza yini ngokusebenzisa umyalo olandelayo ukuhlola inguqulo ye-Docker:
docker -vOkulandelayo, ngena ku-Docker Hub ngokufaka igama lakho lomsebenzisi nephasiwedi lapho ubuzwa:
docker loginUkuze usebenzise i-Docker, kufanele uqonde imiqondo yezithombe neziqukathi.
▍Izithombe
Isithombe siyinto efana nepulani equkethe imiyalelo yokuhlanganisa isiqukathi. Lesi isifinyezo esingaguquleki sesistimu yefayela yohlelo lokusebenza nezilungiselelo. Onjiniyela bangabelana kalula ngezithombe.
# Вывод сведений обо всех образах
docker imagesLo myalo uzokhipha itafula elinesihloko esilandelayo:
REPOSITORY TAG IMAGE ID CREATED SIZE
---Okulandelayo sizobheka izibonelo zemiyalo ngendlela efanayo - okokuqala kunomyalo onamazwana, bese kuba isibonelo salokho ongakukhipha.
▍ Iziqukathi
Isiqukathi siyiphakheji esebenzisekayo equkethe konke okudingekayo ukuze kuqalise uhlelo lokusebenza. Isicelo esinale ndlela sizohlala sisebenza ngendlela efanayo, kungakhathaliseki ingqalasizinda: endaweni engayodwa kanye nendawo efanayo. Iphuzu liwukuthi izimo zesithombe esifanayo zethulwa ezindaweni ezahlukene.
# Перечисление всех контейнеров
docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
---▍Amathegi
Umaka uyinkomba yenguqulo ethile yesithombe.
▍Ireferensi esheshayo yemiyalo ye-Docker
Nasi isifinyezo seminye imiyalo evame ukusetshenziswa ye-Docker.
Ithimba
Umongo
Isenzo
Isithombe
Ukwakha isithombe kusuka ku-Dockerfile
Isithombe
Ukumaka isithombe
Isithombe
Uhlu lwezithombe
Isiqukathi
Ukuqalisa isiqukathi esisekelwe esithombeni
Isithombe
Ilayisha isithombe kurejista
Isithombe
Ilayisha isithombe esiphuma kurejista
Isiqukathi
Iziqukathi zohlu
Isithombe/Isitsha
Ukukhipha iziqukathi ezingasetshenzisiwe nezithombe
▍Dockerfile
Ngiyazi ukuthi isetshenziswa kanjani isicelo sokukhiqiza endaweni. Nginokucushwa kwe-Webpack eklanyelwe ukwakha uhlelo lokusebenza lwe-React oselulungile. Okulandelayo, nginomyalo oqala iseva esekelwe ku-Node.js echwebeni 5000. Kubukeka kanjena:
npm i # установка зависимостей
npm run build # сборка React-приложения
npm run start # запуск Node-сервераKufanele kuqashelwe ukuthi anginaso isicelo esiyisibonelo salokhu kwaziswa. Kepha lapha, ngokuhlolwa, noma yiluphi uhlelo olulula lweNode luzokwenza.
Ukuze usebenzise isitsha, uzodinga ukunikeza imiyalelo ku-Docker. Lokhu kwenziwa ngefayela elibizwa ngokuthi Dockerfile, etholakala kumkhombandlela womsuka wephrojekthi. Leli fayela, ekuqaleni, libonakala lingaqondakali.
Kodwa lokho elikuqukethe kuchaza kuphela, ngemiyalo ekhethekile, into efana nokumisa indawo yokusebenza. Nansi eminye yale miyalo:
- — Lo myalo uqala ifayela. Icacisa isithombe esiyisisekelo okwakhiwe kuso isiqukathi.
- - Ukukopisha amafayela emthonjeni wendawo uwayise esitsheni.
- - Ukusetha uhla lwemibhalo lokusebenza lemiyalo elandelayo.
- - Imiyalo egijima.
- — Izilungiselelo zembobo.
- - Inkomba yomyalelo okufanele wenziwe.
Dockerfile ingase ibukeke kanje:
# Загрузить базовый образ
FROM node:12-alpine
# Скопировать файлы из текущей директории в директорию app/
COPY . app/
# Использовать app/ в роли рабочей директории
WORKDIR app/
# Установить зависимости (команда npm ci похожа npm i, но используется для автоматизированных сборок)
RUN npm ci --only-production
# Собрать клиентское React-приложение для продакшна
RUN npm run build
# Прослушивать указанный порт
EXPOSE 5000
# Запустить Node-сервер
ENTRYPOINT npm run startKuye ngesithombe esiyisisekelo osikhethayo, kungase kudingeke ukuthi ufake okuncikile okwengeziwe. Iqiniso liwukuthi ezinye izithombe eziyisisekelo (njenge-Node Alpine Linux) zidalwe ngenhloso yokuzenza zibe compact ngangokunokwenzeka. Ngenxa yalokho, bangase bangabi nazo ezinye zezinhlelo ozilindele.
▍Ukwakha, ukumaka nokusebenzisa isiqukathi
Ukuhlanganiswa kwendawo kanye nokwethulwa kwesiqukathi kungemuva kokuba sinakho Dockerfile, imisebenzi ilula kakhulu. Ngaphambi kokuthi uphushele isithombe ku-Docker Hub, udinga ukusihlola endaweni.
▍ Umhlangano
Okokuqala udinga ukuqoqa , ecacisa igama futhi, ngokuzikhethela, ithegi (uma ithegi ingacacisiwe, isistimu izokwabela ithegi esithombeni latest).
# Сборка образа
docker build -t <image>:<tag> .Ngemuva kokusebenzisa lo myalo, ungabuka i-Docker yakha isithombe.
Sending build context to Docker daemon 2.88MB
Step 1/9 : FROM node:12-alpine
---> ...выполнение этапов сборки...
Successfully built 123456789123
Successfully tagged <image>:<tag>
Ukwakhiwa kungase kuthathe amaminithi ambalwa - konke kuncike ekutheni uncike kangakanani. Lapho ukwakhiwa sekuqediwe, ungaqalisa umyalo docker images futhi ubheke incazelo yesithombe sakho esisha.
REPOSITORY TAG IMAGE ID CREATED SIZE
<image> latest 123456789123 About a minute ago x.xxGB▍Yethula
Isithombe senziwe. Lokhu kusho ukuthi ungakwazi ukusebenzisa isitsha ngokusekelwe kuso. Ngoba ngifuna ukukwazi ukufinyelela uhlelo lokusebenza olusebenza esitsheni ku localhost:5000, mina, ohlangothini lwesobunxele lwepheya 5000:5000 kumyalo olandelayo ofakiwe 5000. Ngakwesokudla kunembobo yesitsha.
# Запуск с использованием локального порта 5000 и порта контейнера 5000
docker run -p 5000:5000 <image>:<tag>
Manje njengoba isitsha senziwe futhi sisebenza, ungasebenzisa umyalo docker ps ukubheka imininingwane ngalesi sitsha (noma ungasebenzisa umyalo docker ps -a, ebonisa ulwazi mayelana nazo zonke iziqukathi, hhayi nje ezisebenzayo).
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
987654321234 <image> "/bin/sh -c 'npm run…" 6 seconds ago Up 6 seconds 0.0.0.0:5000->5000/tcp stoic_darwin
Uma manje uya ekhelini localhost:5000 — ungabona ikhasi lohlelo lokusebenza olusebenzayo elibukeka lifana ncamashi nekhasi lohlelo lokusebenza olusebenza endaweni yokukhiqiza.
▍Ukumaka nokushicilela
Ukuze sisebenzise esinye sezithombe ezidaliwe kuseva yokukhiqiza, sidinga ukwazi ukulanda lesi sithombe ku-Docker Hub. Lokhu kusho ukuthi udinga kuqala ukwakha inqolobane yephrojekthi ku-Docker Hub. Ngemuva kwalokhu, sizoba nendawo esinakho lapho singathumela khona isithombe. Isithombe sidinga ukuqanjwa kabusha ukuze igama laso liqale ngegama lethu lomsebenzisi le-Docker Hub. Lokhu kufanele kulandelwe igama lenqolobane. Noma iyiphi ithegi ingafakwa ekugcineni kwegama. Ngezansi kunesibonelo sokuqamba izithombe kusetshenziswa lolu hlelo.
Manje usungakwazi ukwakha isithombe ngegama elisha bese usebenzisa umyalo docker push ukuyiphushela endaweni yokugcina ye-Docker Hub.
docker build -t <username>/<repository>:<tag> .
docker tag <username>/<repository>:<tag> <username>/<repository>:latest
docker push <username>/<repository>:<tag>
# На практике это может выглядеть, например, так:
docker build -t user/app:v1.0.0 .
docker tag user/app:v1.0.0 user/app:latest
docker push user/app:v1.0.0Uma konke kuhamba kahle, isithombe sizotholakala ku-Docker Hub futhi singalayishwa kalula kuseva noma sidluliselwe kwabanye onjiniyela.
Izinyathelo ezilandelayo
Njengamanje sesiqinisekisile ukuthi isicelo, ngendlela yesiqukathi se-Docker, sisebenza endaweni. Silayishe isiqukathi ku-Docker Hub. Konke lokhu kusho ukuthi sesivele senze inqubekelaphambili enhle kakhulu ekufezeni umgomo wethu. Manje sidinga ukuxazulula eminye imibuzo emibili:
- Ukusetha ithuluzi le-CI lokuhlola nokuphakela ikhodi.
- Ukusetha iseva yokukhiqiza ukuze ikwazi ukulanda futhi isebenzise ikhodi yethu.
Esimweni sethu, sisebenzisa . Njengeseva - .
Kumele kuqashelwe ukuthi lapha ungasebenzisa enye inhlanganisela yezinsizakalo. Isibonelo, esikhundleni se-Travis CI, ungasebenzisa i-CircleCI noma i-Github Actions. Futhi esikhundleni se-DigitalOcean - AWS noma i-Linode.
Sinqume ukusebenza noTravis CI, futhi senginokuthile okulungiselelwe kule sevisi. Ngakho-ke, manje ngizokhuluma kafushane mayelana nendlela yokuyilungiselela umsebenzi.
I-Travis CI
I-Travis CI iyithuluzi lokuhlola nokuphakela amakhodi. Ngeke ngithande ukungena enkingeni yokusetha i-Travis CI, ngoba iphrojekthi ngayinye ihlukile, futhi lokhu ngeke kulethe inzuzo enkulu. Kodwa ngizofaka izisekelo ukuze uqalise uma unquma ukusebenzisa i-Travis CI. Kungakhathaliseki ukuthi ukhetha i-Travis CI, i-CircleCI, i-Jenkins, noma enye into, izindlela ezifanayo zokumisa zizosetshenziswa yonke indawo.
Ukuze uqalise nge-Travis CI, yiya ku bese udala i-akhawunti. Bese uhlanganisa i-Travis CI ne-akhawunti yakho ye-GitHub. Lapho usetha uhlelo, uzodinga ukucacisa indawo yokugcina ofuna ukwenza ngayo umsebenzi ngokuzenzakalelayo futhi unike amandla ukufinyelela kuyo. (Ngisebenzisa i-GitHub, kodwa ngiqinisekile ukuthi i-Travis CI ingahlanganisa ne-BitBucket, ne-GitLab, nezinye izinsizakalo ezifanayo).
Ngaso sonke isikhathi lapho i-Travis CI iqalwa, iseva yethulwa, ikhipha imiyalo echazwe efayeleni lokumisa, okuhlanganisa nokuthumela amagatsha enqolobane ahambisanayo.
▍Umjikelezo wempilo yomsebenzi
Ifayela lokucushwa le-Travis CI elibizwa .travis.yml futhi igcinwe kumkhombandlela wempande yephrojekthi, isekela umqondo wemicimbi imisebenzi. Le micimbi ibalwe ngokulandelana okwenzeka ngayo:
apt addonscache componentsbefore_installinstallbefore_scriptscriptbefore_cacheafter_success или after_failurebefore_deploydeployafter_deployafter_script
▍Ukuhlola
Efayeleni lokumisa ngizomisa iseva yendawo ye-Travis CI. Ngikhethe i-Node 12 njengolimi futhi ngatshela uhlelo ukuthi lufake ukuncika okudingekayo ukuze kusetshenziswe i-Docker.
Konke okufakwe ohlwini .travis.yml, izokwenziwa lapho zonke izicelo zokudonsa zenziwa kuwo wonke amagatsha enqolobane, ngaphandle uma kuchazwe ngenye indlela. Lesi isici esiwusizo ngoba sisho ukuthi singahlola yonke ikhodi engena endaweni yokugcina. Lokhu kukwazisa uma ikhodi isilungele ukubhalelwa igatsha. master, nokuthi izophula yini inqubo yokwakha iphrojekthi. Kulokhu kucushwa komhlaba wonke, ngifaka yonke into endaweni, sebenzisa iseva ye-Webpack dev ngemuva (lesi isici sokuhamba komsebenzi wami), bese ngiqhuba izivivinyo.
Uma ufuna inqolobane yakho iveze amabheji akhombisa ukuhlolwa, Ungathola imiyalelo emifushane ngokusebenzisa i-Jest, Travis CI kanye ne-Coveralls ukuze uqoqe futhi ubonise lolu lwazi.
Ngakho-ke nakhu okuqukethwe kwefayela .travis.yml:
# Установить язык
language: node_js
# Установить версию Node.js
node_js:
- '12'
services:
# Использовать командную строку Docker
- docker
install:
# Установить зависимости для тестов
- npm ci
before_script:
# Запустить сервер и клиент для тестов
- npm run dev &
script:
# Запустить тесты
- npm run testYilapho izenzo ezenziwa kuwo wonke amagatsha enqolobane kanye nezicelo zokudonsa ziphela khona.
▍Ukuthunyelwa
Ngokusekelwe emcabangweni wokuthi zonke izivivinyo ezizenzakalelayo ziqedwe ngempumelelo, singakwazi, okungakhethwa, sikhiphe ikhodi kuseva yokukhiqiza. Njengoba sifuna ukwenza lokhu kuphela ngekhodi evela egatsheni master, sinikeza isistimu imiyalelo efanele kuzilungiselelo zokuphakelwa. Ngaphambi kokuthi uzame ukusebenzisa ikhodi esizoyibheka ngokulandelayo kuphrojekthi yakho, ngithanda ukukuxwayisa ukuthi kufanele ube nesikripthi sangempela esibizelwe ukuthunyelwa.
deploy:
# Собрать Docker-контейнер и отправить его на Docker Hub
provider: script
script: bash deploy.sh
on:
branch: masterIskripthi sokuthunyelwa sixazulula izinkinga ezimbili:
- Yakha, umaka futhi uthumele isithombe ku-Docker Hub usebenzisa ithuluzi le-CI (kithi, i-Travis CI).
- Ilayisha isithombe kuseva, imise isitsha esidala futhi iqale entsha (kithi, iseva isebenza endaweni yesikhulumi se-DigitalOcean).
Okokuqala, udinga ukusetha inqubo ezenzakalelayo yokwakha, ukumaka, nokuphusha isithombe ku-Docker Hub. Konke lokhu kufana kakhulu nalokho esesivele sikwenze mathupha, ngaphandle kokuthi sidinga isu lokunikeza omaka abahlukile ezithombeni kanye nokungena ngokuzenzakalelayo. Ngibe nobunzima ngemininingwane ethile yesikripthi sokuthunyelwa, njengesu lokumaka, ukungena ngemvume, ukubhala ngekhodi kokhiye we-SSH, ukusungulwa koxhumano lwe-SSH. Kodwa ngenhlanhla isoka lami lihle kakhulu nge-bash, njengezinye izinto eziningi. Wangisiza ukubhala lesi sikripthi.
Ngakho-ke, ingxenye yokuqala yeskripthi ilayisha isithombe ku-Docker Hub. Lokhu kulula kakhulu ukukwenza. Uhlelo lokumaka engilusebenzisile luhlanganisa ukuhlanganisa i-git hash kanye ne-git tag, uma ikhona. Lokhu kuqinisekisa ukuthi ithegi ihlukile futhi kwenza kube lula ukuhlonza inhlangano esekelwe kuyo. DOCKER_USERNAME и DOCKER_PASSWORD kukhona okuguquguqukayo kwendawo yomsebenzisi okungasethwa kusetshenziswa isixhumi esibonakalayo se-Travis CI. I-Travis CI izocubungula ngokuzenzakalelayo idatha ebucayi ukuze ingaweli ezandleni ezingalungile.
Nansi ingxenye yokuqala yombhalo deploy.sh.
#!/bin/sh
set -e # Остановить скрипт при наличии ошибок
IMAGE="<username>/<repository>" # Образ Docker
GIT_VERSION=$(git describe --always --abbrev --tags --long) # Git-хэш и теги
# Сборка и тегирование образа
docker build -t ${IMAGE}:${GIT_VERSION} .
docker tag ${IMAGE}:${GIT_VERSION} ${IMAGE}:latest
# Вход в Docker Hub и выгрузка образа
echo "${DOCKER_PASSWORD}" | docker login -u "${DOCKER_USERNAME}" --password-stdin
docker push ${IMAGE}:${GIT_VERSION}
Ukuthi ingxenye yesibili yeskripthi izoba yini kuncike ngokuphelele ekutheni usebenzisa muphi umsingathi kanye nokuthi ukuxhumana kwayo kuhlelwe kanjani. Endabeni yami, njengoba ngisebenzisa i-Digital Ocean, ngisebenzisa imiyalo ukuxhuma kuseva . Lapho usebenza ne-AWS, insiza izosetshenziswa aws, njalo njalo.
Ukusetha iseva bekungenzima kakhulu. Ngakho-ke, ngimisa i-droplet esekelwe esithombeni esiyisisekelo. Kufanele kuqashelwe ukuthi uhlelo engilukhethile ludinga ukufakwa ngesandla kwe-Docker kanye nokwethulwa ngesandla kwe-Docker kanye. Ngisebenzise Ubuntu 18.04 ukufaka i-Docker, ngakho-ke uma usebenzisa Ubuntu ukwenza okufanayo, ungavele ulandele. isiqondiso esilula.
Angikhulumi lapha mayelana nemiyalo ethile yesevisi, ngoba lesi sici singahluka kakhulu ezimweni ezihlukene. Ngizovele nginikeze uhlelo olujwayelekile lomsebenzi okufanele lwenziwe ngemuva kokuxhuma nge-SSH kuseva lapho iphrojekthi izosetshenziswa khona:
- Kudingeka sithole isiqukathi esisebenzayo manje futhi sisimise.
- Bese udinga ukwethula isiqukathi esisha ngemuva.
- Uzodinga ukusetha imbobo yendawo yeseva ukuthi ibe kuyo
80- lokhu kuzokuvumela ukuthi ufake isayithi ekhelini elifana nalokhuexample.com, ngaphandle kokucacisa imbobo, kunokusebenzisa ikheli elifana nalokhuexample.com:5000. - Ekugcineni, udinga ukususa zonke iziqukathi ezindala nezithombe.
Nakhu ukuqhubeka kombhalo.
# Найти ID работающего контейнера
CONTAINER_ID=$(docker ps | grep takenote | cut -d" " -f1)
# Остановить старый контейнер, запустить новый, очистить систему
docker stop ${CONTAINER_ID}
docker run --restart unless-stopped -d -p 80:5000 ${IMAGE}:${GIT_VERSION}
docker system prune -a -fEzinye izinto okufanele uzinake
Kungenzeka ukuthi uma uxhuma kuseva nge-SSH kusuka ku-Travis CI, uzobona isexwayiso esizokuvimbela ukuthi uqhubeke nokufaka njengoba isistimu izolinda impendulo yomsebenzisi.
The authenticity of host '<hostname> (<IP address>)' can't be established.
RSA key fingerprint is <key fingerprint>.
Are you sure you want to continue connecting (yes/no)?
Ngifunde ukuthi ukhiye weyunithi yezinhlamvu ungabhalwa ngekhodi ku-base64 ukuze uyilondoloze ngendlela engasetshenziswa ngayo kalula nangokuthembekile. Esigabeni sokufaka, ungakwazi ukunquma ukhiye womphakathi bese uwubhala efayeleni known_hosts ukuze ususe iphutha elingenhla.
echo <public key> | base64 # выводит <публичный ключ, закодированный в base64>Empeleni, lo myalo ungase ubukeke kanje:
echo "123.45.67.89 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAklOUpkDHrfHY17SbrmTIpNLTGK9Tjom/BWDSU
GPl+nafzlHDTYW7hdI4yZ5ew18JH4JW9jbhUFrviQzM7xlELEVf4h9lFX5QVkbPppSwg0cda3
Pbv7kOdJ/MTyBlWXFCR+HAo3FXRitBqxiX1nKhXpHAZsMciLq8V6RjsNAQwdsdMFvSlVK/7XA
t3FaoJoAsncM1Q9x5+3V0Ww68/eIFmb1zuUFljQJKprrX88XypNDvjYNby6vw/Pb0rwert/En
mZ+AW4OZPnTPI89ZPmVMLuayrD2cE86Z/il8b+gw3r3+1nKatmIkjn2so1d01QraTlMqVSsbx
NrRFi9wrf+M7Q== [email protected]" | base64Futhi nakhu elikukhiqizayo - iyunithi yezinhlamvu ye-base64 enekhodi:
MTIzLjQ1LjY3Ljg5IHNzaC1yc2EgQUFBQUIzTnphQzF5YzJFQUFBQUJJd0FBQVFFQWtsT1Vwa0RIcmZIWTE3U2JybVRJcE5MVEdLOVRqb20vQldEU1UKR1BsK25hZnpsSERUWVc3aGRJNHlaNWV3MThKSDRKVzlqYmhVRnJ2aVF6TTd4bEVMRVZmNGg5bEZYNVFWa2JQcHBTd2cwY2RhMwpQYnY3a09kSi9NVHlCbFdYRkNSK0hBbzNGWFJpdEJxeGlYMW5LaFhwSEFac01jaUxxOFY2UmpzTkFRd2RzZE1GdlNsVksvN1hBCnQzRmFvSm9Bc25jTTFROXg1KzNWMFd3NjgvZUlGbWIxenVVRmxqUUpLcHJyWDg4WHlwTkR2allOYnk2dncvUGIwcndlcnQvRW4KbVorQVc0T1pQblRQSTg5WlBtVk1MdWF5ckQyY0U4NlovaWw4YitndzNyMysxbkthdG1Ja2puMnNvMWQwMVFyYVRsTXFWU3NieApOclJGaTl3cmYrTTdRPT0geW91QGV4YW1wbGUuY29tCg==Nawu umyalo oshiwo ngenhla
install:
- echo < публичный ключ, закодированный в base64> | base64 -d >> $HOME/.ssh/known_hostsIndlela efanayo ingasetshenziswa ngokhiye oyimfihlo lapho usungula uxhumano, njengoba ungase udinge ukhiye oyimfihlo ukuze ufinyelele iseva. Lapho usebenza ngokhiye, udinga nje ukuqinisekisa ukuthi ugcinwe ngokuvikelekile endaweni eguquguqukayo ye-Travis CI nokuthi awuboniswa noma kuphi.
Enye into okufanele uyiqaphele ukuthi ungadinga ukusebenzisa sonke iskripthi sokuthunyelwa njengomugqa owodwa, isibonelo - nge doctl. Lokhu kungase kudinge umzamo owengeziwe.
doctl compute ssh <droplet> --ssh-command "все команды будут здесь && здесь"I-TLS/SSL kanye Nokulinganisa Komthwalo
Ngemuva kokwenza konke okukhulunywe ngenhla, inkinga yokugcina engihlangabezane nayo ukuthi iseva yayingenayo i-SSL. Njengoba ngisebenzisa iseva ye-Node.js, ukuze ngiphoqe i-reverse proxy Nginx kanye ne-Let's Encrypt, udinga ukucabanga kakhulu.
Bengingafuni ngempela ukwenza konke lokhu kucushwa kwe-SSL mathupha, ngakho ngivele ngakha isilinganisi somthwalo futhi ngaqopha imininingwane yayo ku-DNS. Esimeni se-DigitalOcean, isibonelo, ukudala isitifiketi esizisayina ngokuzenzakalela esizisayinayo kusilinganisi somthwalo kuyinqubo elula, yamahhala futhi esheshayo. Le ndlela inenzuzo eyengeziwe eyenza kube lula kakhulu ukusetha i-SSL kumaseva amaningi agijima ngemuva kwesilinganisi somthwalo uma kudingeka. Lokhu kuvumela amaseva ngokwawo ukuthi "angacabangi" nge-SSL nhlobo, kodwa ngesikhathi esifanayo asebenzise ichweba njengenjwayelo. 80. Ngakho-ke ukusetha i-SSL kusilinganisi somthwalo kulula kakhulu futhi kulula kakhulu kunezindlela ezihlukile zokusetha i-SSL.
Manje usungakwazi ukuvala zonke izimbobo kuseva ezamukela ukuxhumana okungenayo - ngaphandle kwembobo 80, esetshenziselwa ukuxhumana nesilinganisi somthwalo, kanye nechweba 22 okwe-SSH. Njengomphumela, umzamo wokufinyelela ngokuqondile iseva kunoma yiziphi izimbobo ngaphandle kwalezi ezimbili uzohluleka.
Imiphumela
Ngemuva kokwenza konke ebengikhuluma ngakho kulesi sihloko, inkundla ye-Docker noma imiqondo yamaketanga e-CI/CD ezenzakalelayo ayiphindanga yangethusa. Ngikwazile ukusetha uchungechunge lokuhlanganisa oluqhubekayo, lapho ikhodi ihlolwa ngaphambi kokuthi iye ekukhiqizeni futhi ikhodi isetshenziswa ngokuzenzakalelayo kuseva. Konke lokhu kusekusha kimi, futhi ngiyaqiniseka ukuthi zikhona izindlela zokuthuthukisa ukugeleza komsebenzi wami okuzenzakalelayo futhi kwenze kusebenze kahle. Ngakho-ke uma uneminye imibono ngalolu daba, ngicela ungazise. yazi. Ngethemba ukuthi lesi sihloko sinisizile emizamweni yenu. Ngifuna ukukholelwa ukuthi ngemva kokuyifunda, ufunde okuningi njengoba ngakufunda ngenkathi uhlola konke engikhulume ngakho kuyo.
PS Kuwethu kukhona isithombe , engafakwa ngokuchofoza okukodwa. Ungahlola ukusebenza kweziqukathi ku . Wonke amaklayenti amasha anikezwa izinsuku ezi-3 zokuhlolwa mahhala.
Bafundi abathandekayo! Ingabe usebenzisa ubuchwepheshe be-CI/CD kumaphrojekthi akho?
Source: www.habr.com