使用Gitlab Runner 部署Laravel 項目

新建部署用戶

建立一個deployer用戶

$ sudo useradd deployer

修改用戶權限，容許其新建目錄等命令操做

$ ls -l /etc/sudoers
-r--r----- 1 root root 3985 10月 30 19:33 /etc/sudoers

etc/sudoers只有只讀的權限，若是想要修改的話，須要先添加w權限

$ chmod -v u+w /etc/sudoers

在最下面增長一個用戶

$vim /etc/sudoers

...
deployer        ALL=(ALL)       NOPASSWD: ALL

這時候要記得將寫權限收回

chmod -v u-w /etc/sudoers

設置用戶密碼

$ passwd deployer

登陸驗證

$ ssh deployer@your_ip_address

生成RSA祕鑰對

$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/deployer/.ssh/id_rsa):
Created directory '/home/deployer/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/deployer/.ssh/id_rsa.
Your public key has been saved in /home/deployer/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:BGGNOhmUvmvaQT0nn3D3iMeISOT036Jj/+/77vqMdYY deployer@iz8vbh3xuahhi5gqllg1u1z
The key's randomart image is:
+---[RSA 2048]----+
|   ...++         |
|    o....        |
|   .o+  .        |
|   +=o .         |
|    +o* S .      |
|   o.. X B o   . |
|    o.. B = . E o|
|   .o.o. o   + o |
|  .o...o...o*B*  |
+----[SHA256]-----+

查看私鑰

$ cat /home/deployer/.ssh/id_rsa

安裝 Gitlab Runner

root帳戶登陸

$ ssh root@your_ip_address

添加Gitlab 官方倉庫

# For RHEL/CentOS/Fedora
$ curl -L https://packages.gitlab.com/install/repositories/runner/gitlab-runner/script.rpm.sh | sudo bash

安裝Gitlab Runner

# For RHEL/CentOS/Fedora
$ sudo yum install gitlab-runner

查看安裝版本

$ gitlab-runner -v
Version:      12.4.1
Git revision: 05161b14
Git branch:   12-4-stable
GO version:   go1.10.8
Built:        2019-10-28T12:49:57+0000
OS/Arch:      linux/amd64

更多安裝參考官方： https://docs.gitlab.com/runne...

新註冊Gitlab Runner

登陸項目倉庫，查看Token並按照下面的配置方式設置參數

註冊成功後，在服務端和Gitlab中查看結果

$ gitlab-runner list

新建.gitlab.ci.yml配置文件

切換項目倉庫分支爲：develop，在其中添加.gitlab-ci.yml文件，驗證內容以下：

before_script:
  - echo "Before script"
  - cd /var/www/
building:
  stage: build
  script:
    - echo "building..."
testing:
  stage: test
  script:
    - echo "testing..."
deploying:
  stage: deploy
  script:
    - echo "deploying..."

提交代碼，若是能看到下面內容，簡單的CI/CD流程就成功完成了。

推薦CI/CD 配置

項目、系統、環境等不盡相同，推薦部署Laravel項目按照的dev，test，production三個環境構建項目，倉庫分支保持develop，testing，master三個分支對應前面三個環境構建代碼，每一個環境的應用參數也不一樣，能夠採用.env.dev，.env.test，.env.production保存參數。

variables:
  RELEASES_STORAGE_DIR: '/var/www/$CI_COMMIT_REF_NAME/$CI_PROJECT_PATH/storage'
  CREATE_RELEASES_STORAGE_DIR: '[ -d $RELEASES_STORAGE_DIR ] || sudo mkdir -p $RELEASES_STORAGE_DIR'
  RELEASES_DIR: '/var/www/$CI_COMMIT_REF_NAME/$CI_PROJECT_PATH/releases'
  CREATE_RELEASE_DIR: '[ -d $RELEASES_DIR ] || sudo mkdir -p $RELEASES_DIR'
  NEW_RELEASES_DIR: '$RELEASES_DIR/$CI_COMMIT_SHORT_SHA'
  CREATE_NEW_RELEASES_DIR: '[ -d $NEW_RELEASES_DIR ] || sudo mkdir -p $NEW_RELEASES_DIR'
  BEFORE_CHMOD: 'sudo chown -R deployer:deployer $NEW_RELEASES_DIR'
  BEFORE_CHMOD_VENDOR: 'sudo chown -R deployer:deployer $NEW_RELEASES_DIR/vendor'
  AFTER_CHMOD: 'sudo chown -R apache:apache /var/www/$CI_COMMIT_REF_NAME && sudo chown -R apache:apache $RELEASES_STORAGE_DIR && sudo chmod -R 777 $RELEASES_STORAGE_DIR'
  CD_NEW_RELEASES_DIR: 'cd $NEW_RELEASES_DIR'
  CD_RELEASES_DIR: 'cd $RELEASES_DIR'
  #Linux刪除除了某個文件以外的全部文件/目錄
  CLEAN_RELEASES_DIR: 'ls |grep -v $CI_COMMIT_SHORT_SHA |xargs sudo rm -rf'
  RM_RELEASE_STORAGE_DIR: 'sudo rm -rf $NEW_RELEASES_DIR/storage'
  LN_RELEASE_STORAGE_DIR: 'sudo ln -nfs $RELEASES_STORAGE_DIR $NEW_RELEASES_DIR/storage'
  LN_RELEASE_DIR: 'sudo ln -nfs $NEW_RELEASES_DIR /var/www/$CI_COMMIT_REF_NAME/$CI_PROJECT_PATH/current'
  MV_REPO: 'sudo mv -fv /home/deployer/$CI_PROJECT_DIR/* $NEW_RELEASES_DIR'
  CP_DEV_ENV: 'cp /home/deployer/$CI_PROJECT_DIR/.env.dev $NEW_RELEASES_DIR/.env'
  CREATE_FRAMEWORK_CACHE: '[ -d $RELEASES_STORAGE_DIR/framework/cache ] || sudo mkdir -p $RELEASES_STORAGE_DIR/framework/cache'
  CREATE_FRAMEWORK_SESSIONS: '[ -d $RELEASES_STORAGE_DIR/framework/sessions ] || sudo mkdir -p $RELEASES_STORAGE_DIR/framework/sessions'
  CREATE_FRAMEWORK_TESTING: '[ -d $RELEASES_STORAGE_DIR/framework/testing ] || sudo mkdir -p $RELEASES_STORAGE_DIR/framework/testing'
  CREATE_FRAMEWORK_VIEWS: '[ -d $RELEASES_STORAGE_DIR/framework/views ] || sudo mkdir -p $RELEASES_STORAGE_DIR/framework/views'


before_script:
  - echo "Before script"
  - echo $CI_COMMIT_REF_NAME
  - echo $CI_PROJECT_PATH
  - echo $CI_COMMIT_SHORT_SHA
  - echo $CI_REPOSITORY_URL
  - echo $CI_PROJECT_DIR
  - 'eval $CREATE_RELEASES_STORAGE_DIR'  # will execute
  - 'eval $CREATE_RELEASE_DIR'  # will execute
  - 'eval $CREATE_NEW_RELEASES_DIR'  # will execute
  - 'eval $CD_NEW_RELEASES_DIR'


stages:
  - build
  - test
  - deploy-dev

building:
  stage: build
  script:
    - echo "Move repo..."
    - echo $NEW_RELEASES_DIR
    - 'eval $BEFORE_CHMOD'
    - 'eval $MV_REPO'
    - composer install
    - 'eval $BEFORE_CHMOD_VENDOR'

testing:
  stage: test
  script:
    - echo "testing..."
    # - php ./vendor/bin/phpunit

deploying_dev:
  stage: deploy-dev
  script:
    - echo "deploying dev..."
    - 'eval $CP_DEV_ENV'
    - php artisan key:generate
    - 'eval $CREATE_FRAMEWORK_CACHE'
    - 'eval $CREATE_FRAMEWORK_SESSIONS'
    - 'eval $CREATE_FRAMEWORK_TESTING'
    - 'eval $CREATE_FRAMEWORK_VIEWS'
    - php artisan cache:clear
    - php artisan config:clear
    - php artisan storage:link
    - php artisan migrate --force
    - php artisan passport:keys
    - echo "Restarting supervisor"
    - sudo supervisorctl restart all
    - echo "Linking storage directory"
    - 'eval $RM_RELEASE_STORAGE_DIR'
    - 'eval $LN_RELEASE_STORAGE_DIR'
    - echo 'Linking current directory'
    - 'eval $AFTER_CHMOD'
    - 'eval $LN_RELEASE_DIR'
    - echo 'Removing earlier app'
    - 'eval $CD_RELEASES_DIR'
    - 'eval $CLEAN_RELEASES_DIR'
  only:
    - develop

部署效果以下：

參考

1. Test and deploy Laravel applications with GitLab CI/CD and Envoy
2. GitLab CI/CD environment variables
3. https://github.com/bravist/gi...
4. https://github.com/tuandm/lar...

可能的問題

1. is this a git repository?

Gitlab Runner Nginx 自定義端口後出現沒法克隆倉庫，Gitlab issue: unable to access with 8080 web port

Running with gitlab-runner 12.4.1 (05161b14)
  on Gitlab Runner For Deploy 4LgtuQbB
Using SSH executor...
Running on iz8vbh3xuahhi5gqllg1u1z via iz8vbh3xuahhi5gqllg1u1z...
Fetching changes with git depth set to 50...
warning: templates not found builds/4LgtuQbB/0/zhangqiuzhe/api.tmp/git-template
Reinitialized existing Git repository in /home/deployer/builds/4LgtuQbB/0/zhangqiuzhe/api/.git/
fatal: http://gitlab-ci-token:[MASKED]@gitlab.higgses.com/zhangqiuzhe/api.git/info/refs not valid: is this a git repository?
ERROR: Job failed: Process exited with: 1. Reason was:  ()

修改Gitlab 內置Nginx監聽端口號，好比設置：8888

vi  /var/opt/gitlab/nginx/conf/gitlab-http.conf

##
###################################
##         configuration         ##
###################################


server {
  listen *:8888;


  server_name your_domain;
...

修改external_url端口號，好比設置：8888

vim /etc/gitlab/gitlab.rb

## GitLab configuration settings
##! This file is generated during initial installation and **is not** modified
##! during upgrades.
##! Check out the latest version of this file to know about the different
##! settings that can be configured by this file, which may be found at:
##! https://gitlab.com/gitlab-org/omnibus-gitlab/raw/master/files/gitlab-config-template/gitlab.rb.template


## GitLab URL
##! URL on which GitLab will be reachable.
##! For more details on configuring external_url see:
##! https://docs.gitlab.com/omnibus/settings/configuration.html#configuring-the-external-url-for-gitlab
external_url 'http://your_domain:8888'
...

修改了配置須要更新並重啓

$ gitlab-ctl reconfigure

$ gitlab-ctl restart

2. Pipeline 不執行

Push 代碼後Pipelines 卡住不執行，提示沒有可使用的 runner 。若是出現這種狀況，須要在註冊成功的 runner 中編輯一下設置，運行未標記的做業須要勾選