使用gitlab提供的CICD功能进行项目部署（SpringCloud微服务）

一、GitLab Runner 介绍

GitLab Runner是一个开源项目，用于运行您的作业并将结果发送回GitLab。它与GitLab CI一起使用，GitLab CI是GitLab随附的开源持续集成服务，用于协调作业。

GitLab Runner是用Go编写，可以作为单个二进制文件运行，不需要语言特定的要求。

二、GitLab Runner的三种类型

shared：运行整个平台项目的作业(gitlab)

group：运行特定group下的所有项目的作业(group)

specific：运行指定的项目作业(project)

三、GitLab Runner两种状态

locked：无法运行项目作业

paused：不会运行作业

四、GitLab Runner安装

由于目前服务都上容器了，因此这里只演示采用docker安装GitLab Runner的方法，其他的方法可参考官网。

官网地址：https://docs.gitlab.com/runner/

docker run -d --name gitlab-runner --restart always \
  -v /mydata/gitlab-runner/config:/etc/gitlab-runner \
  -v /var/run/docker.sock:/var/run/docker.sock \
  gitlab/gitlab-runner:latest

五、GitLab Runner注册

注意：注册gitlab-runner的前提是必须有一个可以使用的gitlab仓库

点击用户管理–左边点击runner，可以看到界面右边有gitlab的地址和token。这个需要用于后面runner的注册使用。这里我们注册一个share类型的runner。

由于runner是采用docker安装，因此注册的时候需要进入到runner的容器中进行

[root@localhost config]# docker exec -it gitlab-runner bash

root@24dc60abee0b:/# gitlab-runner register
Runtime platform                                    arch=amd64 os=linux pid=86 revision=775dd39d version=13.8.0
Running in system-mode.                            
                                                   
Enter the GitLab instance URL (for example, https://gitlab.com/):
http://192.168.50.128/
Enter the registration token:
iqxKz5XTz4w_2RxiSQ5S
Enter a description for the runner:
[24dc60abee0b]: node1.ayunw.cn
Enter tags for the runner (comma-separated):
default
Registering runner... succeeded                     runner=iqxKz5XT
Enter an executor: docker-ssh+machine, kubernetes, custom, shell, ssh, virtualbox, docker, docker-ssh, parallels, docker+machine:
docker
Enter the default Docker image (for example, ruby:2.6):
docker:19.03.15
Runner registered successfully. Feel free to start it, but if it's running already the config should be automatically reloaded! 

root@24dc60abee0b:/# gitlab-runner restart
Runtime platform                                    arch=amd64 os=linux pid=98 revision=775dd39d version=13.8.0
Terminated

root@24dc60abee0b:/# gitlab-runner list 
Runtime platform                                    arch=amd64 os=linux pid=130 revision=775dd39d version=13.8.0
Listing configured runners                          ConfigFile=/etc/gitlab-runner/config.toml
node1.ayunw.cn                                      Executor=docker Token=VSVWeipeMirJsJo9znT5 URL=http://192.168.50.128/

runner注册完成后会在 /etc/gitlab-runner目录下生成一个config.toml的文件。这个就是runner的配置文件。因为在安装runner的时候我们已经将配置文件的目录通过挂载的形式映射到了宿主机目录：/mydata/gitlab-runner/config 下，所以后续如果需要更新runner配置文件可以直接在宿主机上进行修改。并且在宿主机上进行修改runner配置文件不需要重启runner。它会每5分钟检查一次文件自动获取所有更改。包括该[[runners]]部分中定义的任何参数以及全局部分中的大多数参数（除外）listen_address。

配置如下：

[root@iZ8vb3whi21216kyd2fm2ywxgcZ ~]# cat /mydata/gitlab-runner/config/config.toml
concurrent = 1
check_interval = 0

[session_server]
  session_timeout = 1800

[[runners]]
  name = "springcloud cicd test"
  url = "http://192.121.121.2:8088"
  token = "H16qeFminuGeLZAed6ZE"
  executor = "docker"
  [runners.custom_build_dir]
  [runners.cache]
    [runners.cache.s3]
    [runners.cache.gcs]
    [runners.cache.azure]
  [runners.docker]
    tls_verify = false
    image = "docker:20.10.15"
    privileged = false
    disable_entrypoint_overwrite = false
    oom_kill_disable = false
    disable_cache = false
    volumes = ["/var/run/docker.sock:/var/run/docker.sock", "/cache","/mydata/sc     s/.m2:/mydata/scs/.m2","/mydata/scs/project/:/mydata/scs/project/"]
    pull_policy = "if-not-present"
    shm_size = 0

我这里的volumes填的第一个是因为我要在容器里使用docker命令，这涉及到docker in docker问题；root/.m2很好理解，因为我在runner里使用maven镜像进行打包操作（见一会的.gitlab-ci.yml文件），将各个jar包存在宿主机的/mydata/scs/.m2目录下，避免一直下jar包减少job所耗时间，/mydata/scs/project/将maven打包的jar存储在宿主机的/mydata/scs/project/目录下。

pull_policy = “if-not-present”#这是避免runner重新拉取镜像，直接从本地拉

注册完成后，返回gitlab的ui查看注册的runner。

六、配置.gitlab-ci.yml和Dockerfile

项目结构如下：

1.gitlab-ci.yml

variables: #变量
  AUTH_CONTAINER:  "scs-auth"
  AUTH_IMAGE:  "scs-auth"
  AUTH_PORT:  9200
  GATEWAY_CONTAINER: "scs-gateway"
  GATEWAY_IMAGE: "scs-gateway"
  GATEWAY_PORT: 8080
  SYSTEM_CONTAINER:  "scs-system"
  SYSTEM_IMAGE:  "scs-system"
  SYSTEM_PORT: 9201
  CMS_CONTAINER:  "scs-cms"
  CMS_IMAGE:  "scs-cms"
  CMS_PORT: 9301
  FILE_CONTAINER:  "scs-file"
  FILE_IMAGE:  "scs-file"
  FILE_PORT: 9300
  MAVEN_OPTS: "-Djava.awt.headless=true -Dmaven.repo.local=/mydata/scs/.m2"  #指定maven的存储目录

cache:
  paths:
    - /mydata/scs/.m2

stages:
  - build
  - deploy

build:jdk8:
  stage: build
  script:
    - echo "=============== 开始编译打包任务 ==============="
    - mvn clean package -Dmaven.test.skip=true
    - mkdir -p /mydata/scs/project/auth
    - mkdir -p /mydata/scs/project/gateway
    - mkdir -p /mydata/scs/project/system
    - mkdir -p /mydata/scs/project/cms
    - mkdir -p /mydata/scs/project/file
    - cp -r scs-auth/target/scs-auth.jar  Dockerfile /mydata/scs/project/auth/
    - cp -r scs-gateway/target/scs-gateway.jar  Dockerfile /mydata/scs/project/gateway/
    - cp -r scs-modules/scs-cms/target/scs-modules-cms.jar  Dockerfile /mydata/scs/project/cms/
    - cp -r scs-modules/scs-file/target/scs-modules-file.jar  Dockerfile /mydata/scs/project/file/
    - cp -r scs-modules/scs-system/target/scs-modules-system.jar  Dockerfile /mydata/scs/project/system/
  artifacts:
    paths:
      - build/
  only:
    - master #当有代码合到主干时触发这个job
  tags:
    - default
  image: maven:3.3.9-jdk-8


deploy:jdk8:
  stage: deploy
  image: docker:20.10.15  #目的是为了在docker环境下的runner能执行docker命令
  script:
    - docker ps -a|grep $AUTH_CONTAINER &&  docker stop $AUTH_CONTAINER && docker rm $AUTH_CONTAINER || echo "not exist"
    - docker ps -a|grep $GATEWAY_CONTAINER &&  docker stop $GATEWAY_CONTAINER && docker rm $GATEWAY_CONTAINER || echo "not exist"
    - docker ps -a|grep $SYSTEM_CONTAINER &&  docker stop $SYSTEM_CONTAINER && docker rm $SYSTEM_CONTAINER || echo "not exist"
    - docker ps -a|grep $CMS_CONTAINER &&  docker stop $CMS_CONTAINER && docker rm $CMS_CONTAINER || echo "not exist"
    - docker ps -a|grep $FILE_CONTAINER &&  docker stop $FILE_CONTAINER && docker rm $FILE_CONTAINER || echo "not exist"
    - docker images |grep  $AUTH_CONTAINER && docker rmi -f $AUTH_CONTAINER || echo  "not exist"
    - docker images |grep  $GATEWAY_CONTAINER && docker rmi -f $GATEWAY_CONTAINER || echo  "not exist"
    - docker images |grep  $SYSTEM_CONTAINER && docker rmi -f $SYSTEM_CONTAINER || echo  "not exist"
    - docker images |grep  $CMS_CONTAINER && docker rmi -f $CMS_CONTAINER || echo  "not exist"
    - docker images |grep  $FILE_CONTAINER && docker rmi -f $FILE_CONTAINER || echo  "not exist"
    - docker build --build-arg JAR_FILE=scs-auth.jar -t $AUTH_CONTAINER  /mydata/scs/project/auth
    - docker build --build-arg JAR_FILE=scs-gateway.jar -t $GATEWAY_CONTAINER  /mydata/scs/project/gateway
    - docker build --build-arg JAR_FILE=scs-modules-system.jar -t $SYSTEM_CONTAINER  /mydata/scs/project/system
    - docker build --build-arg JAR_FILE=scs-modules-cms.jar -t $CMS_CONTAINER  /mydata/scs/project/cms
    - docker build --build-arg JAR_FILE=scs-modules-file.jar -t $FILE_CONTAINER  /mydata/scs/project/file
    - docker run -it -d --name $AUTH_CONTAINER -p $AUTH_PORT:$AUTH_PORT $AUTH_IMAGE
    - docker run -it -d --name $GATEWAY_CONTAINER -p $GATEWAY_PORT:$GATEWAY_PORT $GATEWAY_IMAGE
    - docker run -it -d --name $SYSTEM_CONTAINER -p $SYSTEM_PORT:$SYSTEM_PORT $SYSTEM_IMAGE
    - docker run -it -d --name $CMS_CONTAINER -p $CMS_PORT:$CMS_PORT $CMS_IMAGE
    - docker run -it -d --name $FILE_CONTAINER -p $FILE_PORT:$FILE_PORT $FILE_IMAGE
  only:
    - master
  tags:
    - default

2.Dockerfile

FROM primetoninc/jdk:1.8
ARG JAR_FILE
MAINTAINER   example@qq.com
COPY ${JAR_FILE} app.jar
ENTRYPOINT ["java","-Djava.security.egd=file:/dev/./urandom","-jar","/app.jar"]

注意：在gitlab中需要分配项目到指定的runner下才能执行cicd功能，并勾选图中的两项，如下图所示：

在新建项目时，时常会忘记去给新建的项目分配指定的runner，所以导致新建项目无法执行cicd功能，会出现这样的提示：

此作业已阻塞,因为您未分配任何具备这些标签的可用Runner: default
如下图所示：

3.结果：
最后的结果是我在docker上运行了七个容器，gitlab和gitlab-runner是常驻的，每当项目更新到主干的时候，会将docker里的 web容器stop跟rm，然后重新制作镜像并运行