.gitlab-ci.yml
最近部署新服务器的CI/CD,遇到一个权限问题
Permission denied, please try again.
Permission denied, please try again.
Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).
解决方法如下:
公钥追加到服务器ssh认证文件。
$ cat ~/id_rsa.pub >> ~/.ssh/authorized_keys
重启shh
service sshd restart
正文开始
相应的环境变量需要自行配置
如何查看服务器私钥:
ssh root@172.111.1.1
cat ~/.ssh/id_rsa
# 使用docker镜像
image: docker:latest
# 阶段
stages:
- build
before_script:
# 预先装 ssh-agent
- 'which ssh-agent || ( apk update && apk add openssh-client)'
# 启动服务
- eval $(ssh-agent -s)
# 将私钥写入deploy.key 文件
- echo "$SSH_PRIVATE_KEY_DEV" > deploy.key
# 配置较低权限
- chmod 0600 deploy.key
# 注入密钥
- ssh-add deploy.key
- mkdir -p ~/.ssh
- '[[ -f /.dockerenv ]] && echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config'
build:
stage: build
image: node
# 触发分支
only:
- B_Test_1.0
script:
- npm install -g cnpm -registry=https://registry.npm.taobao.org
- cnpm install
- yarn build
- echo '登录项目部署服务器'
- scp -r build/* root@"$SSH_SERVER":/product/frontend/fims
artifacts:
paths:
- build/
或
# 使用docker镜像
image: docker:latest
cache:
paths:
- node_modules/
# 阶段
stages:
- build
- deploy
before_script:
# 预先装 ssh-agent
- 'which ssh-agent || ( apk update && apk add openssh-client)'
# 启动服务
- eval $(ssh-agent -s)
# 将私钥写入deploy.key 文件
- echo "$SSH_PRIVATE_KEY_DEV" > deploy.key
# 配置较低权限
- chmod 0600 deploy.key
# 注入密钥
- ssh-add deploy.key
- mkdir -p ~/.ssh
- '[[ -f /.dockerenv ]] && echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config'
build:
stage: build
image: node
# 触发分支
only:
- B_Test_0.2
script:
- echo 'yarn'
- yarn
- CI=false yarn build
artifacts:
paths:
- build/
deploy:
stage: deploy
# 触发分支
only:
- B_Test_0.2
script:
- echo '远程拷贝到目标服务器目录下'
- scp -r build/* root@"$SSH_SERVER":/opt/loan-org
配置runner
1. 安装docker
在Linux的服务器下安装容器docker
curl -fsSL https://get.docker.com | bash -s docker --mirror Aliyun
2. 安装gitlab-runner
添加yum源
curl -L https://packages.gitlab.com/install/repositories/runner/gitlab-ci-multi-runner/script.rpm.sh | sudo bash
安装runner
yum install gitlab-ci-multi-runner
向GitLab-CI注册runner
gitlab-ci-multi-runner register
docker启动runner
Tip: On macOS, use /Users/Shared instead of /srv.
docker run -d --name gitlab-runner --restart always \
-v /srv/gitlab-runner/config:/etc/gitlab-runner \
-v /var/run/docker.sock:/var/run/docker.sock \
gitlab/gitlab-runner:latest
3. 注册一个runner:
sudo gitlab-runner register
4. 接下来会问你问题
// 写你的gitlab域名
Please enter the gitlab-ci coordinator URL (e.g. https://gitlab.com )
// gitlab上面有一个token 放这里
Please enter the gitlab-ci token for this runner
如图:
// 写你的项目描述
Please enter the gitlab-ci description for this runner
// 指定你的项目tag,如果你不想指定随便写一个
Please enter the gitlab-ci tags for this runner (comma separated):
: tag1
// 因为我没创建tag1, 会问你是否运行无标记的构建
Whether to run untagged builds [true/false]:
: true
// 是否将运行器锁定到当前项目
Whether to lock Runner to current project
: false
// 指定执行环境
Please enter the executor: ssh, docker+machine, docker-ssh+machine, kubernetes, docker, parallels, virtualbox, docker-ssh, shell:
: docker
// 请输入Docker图像
Please enter the Docker image (eg. ruby:2.6):
alpine:latest
-
push你的.gitlab-ci.yml 文件就会自动部署