From cc1fac8c405df87b6d04e231e5e1a02c61a58608 Mon Sep 17 00:00:00 2001 From: diandian Date: Thu, 8 Jun 2023 22:35:53 +0800 Subject: [PATCH] =?UTF-8?q?=E4=B8=8A=E4=BC=A0=E6=96=87=E4=BB=B6=E8=87=B3?= =?UTF-8?q?=20'md'?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- md/持续集成-交付-发布-VUE.md | 191 ++++++ md/持续集成-交付-发布-项目.md | 207 ++++++ md/持续集成-交付-发布.md | 465 +++++++++++++ md/版本仓库.md | 852 ++++++++++++++++++++++++ 4 files changed, 1715 insertions(+) create mode 100644 md/持续集成-交付-发布-VUE.md create mode 100644 md/持续集成-交付-发布-项目.md create mode 100644 md/持续集成-交付-发布.md create mode 100644 md/版本仓库.md diff --git a/md/持续集成-交付-发布-VUE.md b/md/持续集成-交付-发布-VUE.md new file mode 100644 index 0000000..1a9dd93 --- /dev/null +++ b/md/持续集成-交付-发布-VUE.md @@ -0,0 +1,191 @@ +

持续集成-交付-发布-VUE

+ +------ + +作者:行癫(盗版必究) + +## 一:Jenkins服务器部署Node.js + +#### 1.下载Node.js安装包 + +```shell +https://nodejs.org/dist/v18.15.0/node-v18.15.0-linux-x64.tar.gz +``` + +#### 2.安装 + +```shell +[root@jenkins ~]# tar xf node-v14.19.3-linux-x64.tar.gz -C /usr/local/ +[root@jenkins ~]# mv node-v14.19.3-linux-x64/ node +[root@jenkins ~]# yum -y install gcc-c++ make cmake +``` + +#### 3.设置环境变量 + +```shell +[root@jenkins ~]# cat /etc/profile +JAVA_HOME=/usr/local/java +MAVEN_HOME=/usr/local/maven +NODE_HOME=/usr/local/node +PATH=$JAVA_HOME/bin:$PATH +PATH=$MAVEN_HOME/bin:$PATH +PATH=$NODE_HOME/bin:$PATH +export JAVA_HOME MAVEN_HOME NODE_HOME PATH +``` + +#### 4.验证 + +```shell +[root@jenkins local]# npm version +{ + npm: '6.14.17', + ares: '1.18.1', + brotli: '1.0.9', + cldr: '40.0', + icu: '70.1', + llhttp: '2.1.4', + modules: '83', + napi: '8', + nghttp2: '1.42.0', + node: '14.19.3', + openssl: '1.1.1o', + tz: '2021a3', + unicode: '14.0', + uv: '1.42.0', + v8: '8.4.371.23-node.87', + zlib: '1.2.11' +} +``` + +## 二:Jenkins配置Node.js + +#### 1.安装node插件 + +![image-20230321200315169](https://xingdian-image.oss-cn-beijing.aliyuncs.com/xingdian-image/image-20230321200315169.png) + +注意:安装完成后重启Jenkins使其生效 + +#### 2.系统管理配置Node + +![image-20230321200438675](https://xingdian-image.oss-cn-beijing.aliyuncs.com/xingdian-image/image-20230321200438675.png) + +#### 3.新建自由风格项目 + +![image-20230321200557255](https://xingdian-image.oss-cn-beijing.aliyuncs.com/xingdian-image/image-20230321200557255.png) + +#### 4.配置项目 + +General + +![image-20230321200725408](https://xingdian-image.oss-cn-beijing.aliyuncs.com/xingdian-image/image-20230321200725408.png) + +![image-20230321200758057](https://xingdian-image.oss-cn-beijing.aliyuncs.com/xingdian-image/image-20230321200758057.png) + +源码管理 + +​ 注意:需要提前将项目上传到gitlab/github仓库 + +![image-20230321200912765](https://xingdian-image.oss-cn-beijing.aliyuncs.com/xingdian-image/image-20230321200912765.png) + +构建环境 + +![image-20230321201218621](https://xingdian-image.oss-cn-beijing.aliyuncs.com/xingdian-image/image-20230321201218621.png) + +构建 + +![image-20230322102736415](https://xingdian-image.oss-cn-beijing.aliyuncs.com/xingdian-image/image-20230322102736415.png) + +shell内容 + +``` +cd /root/.jenkins/workspace/vue #进入项目目录;这里是war包安装 +npm config set registry https://registry.npm.taobao.org #npm源设置为淘宝源 +npm config get registry #检测npm是否切换成功 +#npm i --unsafe-perm +#npm install -g npm +#npm i node-sass -D +npm update +#npm install yarn +npm run-script build #打包 +rm -rf dist.tar.gz #删除上次打包生成的压缩文件 +tar -zcvf dist.tar.gz dist/ #打包 +``` + +注意:因为node环境构建出现问题的可能性较大,#号部分根据构建报错逐渐打开 + +构建后:Send build artifacts over SSH + +![image-20230322102935384](https://xingdian-image.oss-cn-beijing.aliyuncs.com/xingdian-image/image-20230322102935384.png) + +脚本 + +```shell +[root@localhost opt]# cat jenkins-nginx.sh +#!/usr/bin/bash +#该项目是构建nginx的vue项目,并实现持续构建 + +#使用过程中注意全局变量的修改 +web_path="/dist" #定义网站发布目录变量(可以修改) +job_path="/root/upload" +files_dir=dist #构建后的目录名字 +files=dist.tar.gz #构建后压缩包的名字 +UPDATE="/update/`date +%F-%T`/" +BACKUP="/backup/`date +%F-%T`/" + +mkdir -p $UPDATE +mkdir -p $BACKUP + +#将项目移动到更新目录下 + +mv ${job_path}/${files} $UPDATE + + +if [ -d /dist ];then + + tar cvf $BACKUP/`date +%F-%T`-$files $web_path + if [ $? -ne 0 ];then + echo "打包失败" + exit 1 + else + rm -rf $web_path + + tar xf $UPDATE/$files -C / + chmod 777 /dist/ -R + fi +else + tar xf $UPDATE/$files -C / + chmod 777 /dist/ -R +fi +``` + +## 三:WebHook持续构建发布 + +#### 1.Gitlab配置 + +开启出站请求 + +![image-20230322182537947](https://xingdian-image.oss-cn-beijing.aliyuncs.com/xingdian-image/image-20230322182537947.png) + +![image-20230322182556301](https://xingdian-image.oss-cn-beijing.aliyuncs.com/xingdian-image/image-20230322182556301.png) + +#### 2.jenkin配置 + +安装webhook插件(略) + +项目开启webhook + +![image-20230322182720390](https://xingdian-image.oss-cn-beijing.aliyuncs.com/xingdian-image/image-20230322182720390.png) + +#### 3.Gitlab关联jenkins的url + +![image-20230322182808998](https://xingdian-image.oss-cn-beijing.aliyuncs.com/xingdian-image/image-20230322182808998.png) + +![image-20230322182903014](https://xingdian-image.oss-cn-beijing.aliyuncs.com/xingdian-image/image-20230322182903014.png) + +![image-20230322182920485](https://xingdian-image.oss-cn-beijing.aliyuncs.com/xingdian-image/image-20230322182920485.png) + +![image-20230322182938211](https://xingdian-image.oss-cn-beijing.aliyuncs.com/xingdian-image/image-20230322182938211.png) + +5.总结 + +​ 修改项目源码,提交后,会自动进行项目构建和发布 diff --git a/md/持续集成-交付-发布-项目.md b/md/持续集成-交付-发布-项目.md new file mode 100644 index 0000000..16dd736 --- /dev/null +++ b/md/持续集成-交付-发布-项目.md @@ -0,0 +1,207 @@ +

持续集成-交付-发布-项目

+ +**作者:行癫(盗版必究)** + +------ + +## 一:Jenkins部署 + +#### 1.安装插件 + +```shell +• Maven插件 Maven Integration plugin +• 发布插件 Deploy to container Plugin +需要安装插件如下: +安装插件Deploy to container ---支持自动化代码部署到tomcat容器 +Git 插件 可能已经安装 +Maven Integration :jenkins利用Maven编译,打包所需插件 +Publish Over SSH :通过ssh连接 +``` + +#### 2.安装过程 + +系统管理--->插件管理---->可选插件--->过滤Deploy to container---->勾选--->直接安装 + +image-20220627235514357 + +image-20220627235607259 + +#### 3.配置SSH + +image-20220627235758575 + +![image-20220627235903284](%E6%8C%81%E7%BB%AD%E9%9B%86%E6%88%90-%E4%BA%A4%E4%BB%98-%E5%8F%91%E5%B8%83-%E9%A1%B9%E7%9B%AE.assets/image-20220627235903284.png) + +image-20220628000008461 + +注意: + +​ key:指的是jenkins服务器用哪个用户去远程连接程序服务器就是那个用户的私钥。(记得做免密 jenkins---> web-server) + +![img](%E6%8C%81%E7%BB%AD%E9%9B%86%E6%88%90-%E4%BA%A4%E4%BB%98-%E5%8F%91%E5%B8%83-%E9%A1%B9%E7%9B%AE.assets/K2KQE6euhjvTIomINthtvg.png) + +#### 4.配置jdk,maven,git + +image-20220628000213404 + +image-20220628000256756 + +image-20220628000323472 + +image-20220628000358938 + +## 二:构建发布任务 + +#### 1.创建maven项目 + +image-20220628000510980 + +image-20220628000547600 + +#### 2.配置项目 + +image-20220628000721842 + +image-20220628000814797 + +https://github.com/bingyue/easy-springmvc-maven + +​ ![img](%E6%8C%81%E7%BB%AD%E9%9B%86%E6%88%90-%E4%BA%A4%E4%BB%98-%E5%8F%91%E5%B8%83-%E9%A1%B9%E7%9B%AE.assets/vxtF-uRF9X71FkT1Ac_JIA.png) + +注意: + +​ 新版本需要将默认分支改为main + +image-20220628003247070 + +image-20220628003459003 + +image-20220628003538519 + +调用mave命令 + +(clean package -Dmaven.test.skip = true) + +image-20220628003556160 + +保存: + +image-20220628003642699 + +#### 3.发布服务器部署 + +```shell +[root@java-server ~]# mkdir -p /data/application +上传jdk +[root@java-server ~]# tar xzf jdk-8u191-linux-x64.tar.gz -C /usr/local/ +[root@java-server ~]# cd /usr/local/ +[root@java-server local]# mv jdk1.8.0_191/ java +下载tomcat +[root@java-server ~]# wget http://mirrors.tuna.tsinghua.edu.cn/apache/tomcat/tomcat-8/v8.5.42/bin/apache-tomcat-8.5.42.tar.gz +[root@java-server ~]# tar xzf apache-tomcat-8.5.42.tar.gz -C /data/application/ +[root@java-server ~]# cd /data/application/ +[root@java-server application]# mv apache-tomcat-8.5.42/ tomcat +设置环境变量 +[root@java-server ~]# vim /etc/profile +export JAVA_HOME=/usr/local/java +export PATH=$JAVA_HOME/bin:$JAVA_HOME/jre/bin:$PATH +export CLASSPATH=.:$JAVA_HOME/lib:$JAVA_HOME/jre/lib:$JAVA_HOME/lib/tools.jar +export TOMCAT_HOME=/data/application/tomcat +[root@java-server ~]# source /etc/profile +测试: +[root@java-server ~]# java -version +java version "1.8.0_191" +Java(TM) SE Runtime Environment (build 1.8.0_191-b12) +Java HotSpot(TM) 64-Bit Server VM (build 25.191-b12, mixed mode) +删除tomcat默认发布目录下面的内容: +[root@java-server ~]# rm -rf /data/application/tomcat/webapps/* +[root@java-server ~]# cd /data/application/tomcat/webapps/ +[root@java-server webapps]# ls +创建目录和脚本: +[root@java-server ~]# mkdir /opt/script #创建脚本目录 +[root@java-server ~]# vim app-jenkins.sh #创建脚本 +#!/usr/bin/bash +#本脚本适用于jenkins持续集成,实现备份war包到代码更新上线!使用时请注意全局变量。 +#================ +#Defining variables +export JAVA_HOME=/usr/local/java +webapp_path="/data/application/tomcat/webapps" +tomcat_run="/data/application/tomcat/bin" +updata_path="/data/update/`date +%F-%T`" +backup_path="/data/backup/`date +%F-%T`" +tomcat_pid=`ps -ef | grep tomcat | grep -v grep | awk '{print $2}'` +files_dir="easy-springmvc-maven" +files="easy-springmvc-maven.war" +job_path="/root/upload" + +#Preparation environment +echo "Creating related directory" +mkdir -p $updata_path +mkdir -p $backup_path + +echo "Move the uploaded war package to the update 2directory" +mv $job_path/$files $updata_path + +echo "=========================================================" +cd /opt +echo "Backing up java project" +if [ -f $webapp_path/$files ];then + tar czf $backup_path/`date +%F-%H`.tar.gz $webapp_path + if [ $? -ne 0 ];then + echo "打包失败,自动退出" + exit 1 + else + echo "Checking if tomcat is started" + if [ -n "$tomcat_pid" ];then + kill -9 $tomcat_pid + if [ $? -ne 0 ];then + echo "tomcat关闭失败,将会自动退出" + exit 2 + fi + fi + cd $webapp_path + rm -rf $files && rm -rf $files_dir + cp $updata_path/$files $webapp_path + cd /opt + $tomcat_run/startup.sh + sleep 5 + echo "显示tomcat的pid" + echo "`ps -ef | grep tomcat | grep -v grep | awk '{print $2}'`" + echo "tomcat startup" + echo "请手动查看tomcat日志。脚本将会自动退出" + fi +else + echo "Checking if tomcat is started" + if [ -n "$tomcat_pid" ];then + kill -9 $tomcat_pid + if [ $? -ne 0 ];then + echo "tomcat关闭失败,将会自动退出" + exit 2 + fi + fi + cp $updata_path/$files $webapp_path + $tomcat_run/startup.sh + sleep 5 + echo "显示tomcat的pid" + echo "`ps -ef | grep tomcat | grep -v grep | awk '{print $2}'`" + echo "tomcat startup" + echo "请手动查看tomcat日志。脚本将会自动退出" +fi +[root@java-server ~]# vim app-jenkins.sh +脚本内容在后面 +[root@java-server ~]# chmod +x app-jenkins.sh #添加执行权限 +[root@java-server ~]# mv app-jenkins.sh /opt/script/ +``` + +#### 4.开始构建任务 + +![img](%E6%8C%81%E7%BB%AD%E9%9B%86%E6%88%90-%E4%BA%A4%E4%BB%98-%E5%8F%91%E5%B8%83-%E9%A1%B9%E7%9B%AE.assets/3CiCTOTQ2tZ0n6pHy_9N8Q.png) + +![img](%E6%8C%81%E7%BB%AD%E9%9B%86%E6%88%90-%E4%BA%A4%E4%BB%98-%E5%8F%91%E5%B8%83-%E9%A1%B9%E7%9B%AE.assets/8Zvu0JAjLexNZw4McJs9mw.png) + +![img](%E6%8C%81%E7%BB%AD%E9%9B%86%E6%88%90-%E4%BA%A4%E4%BB%98-%E5%8F%91%E5%B8%83-%E9%A1%B9%E7%9B%AE.assets/xCOkP5CTpof6CmgXsPzrDQ.png) + +![img](%E6%8C%81%E7%BB%AD%E9%9B%86%E6%88%90-%E4%BA%A4%E4%BB%98-%E5%8F%91%E5%B8%83-%E9%A1%B9%E7%9B%AE.assets/vGcPCV6C-Ro_9NcJONgW7g.png) + + + diff --git a/md/持续集成-交付-发布.md b/md/持续集成-交付-发布.md new file mode 100644 index 0000000..4ccb1ca --- /dev/null +++ b/md/持续集成-交付-发布.md @@ -0,0 +1,465 @@ +

持续集成-交付-发布

+ +**作者:行癫(盗版必究)** + +------ + +## 一:CI/CD + +#### 1.为什么要 CI / CD 方法简介 + +​ 软件开发的连续方法基于自动执行脚本,以最大限度地减少在开发应用程序时引入错误的可能性。从新代码的开发到部署,它们需要较少的人为干预甚至根本不需要干预。它涉及在每次小迭代中不断构建,测试和部署代码更改,从而减少基于有缺陷或失败的先前版本开发新代码的机会。这种方法有三种主要方法,每种方法都根据最适合您的策略进行应用 + +​ 持续集成(Continuous Integration, CI): 代码合并,构建,部署,测试都在一起,不断地执行这个过程,并对结果反馈 + +​ 持续交付(Continuous Deployment, CD): 部署到测试环境、预生产环境 + +​ 持续部署(Continuous Delivery, CD): 将最终产品发布到生成环境、给用户使用 + +![img](%E6%8C%81%E7%BB%AD%E9%9B%86%E6%88%90-%E4%BA%A4%E4%BB%98-%E5%8F%91%E5%B8%83.assets/0WaK2RCAIQn6ytKwCxHoeQ.png) + +#### 2.理解持续集成、持续交付、持续部署 + +###### 持续集成: + +​ 持续集成(英语:Continuous integration,缩写为 CI),一种软件工程流程,将所有工程师对于软件的工作复本,每天集成数次到共用主线(mainline)上 + +​ 持续集成主要是强调开发人员提交了新代码之后,立刻进行构建、(单元)测试。根据测试结果,我们可以确定新代码和原有代码能否正确地集成在一起。简单来讲就是:频繁地(一天多次)将代码集成到主干 + +![img](%E6%8C%81%E7%BB%AD%E9%9B%86%E6%88%90-%E4%BA%A4%E4%BB%98-%E5%8F%91%E5%B8%83.assets/YBxLswP38Pz6opB-CfVT-A.png) + +持续集成目的在产生以下效益: + +​ 及早发现集成错误且由于修订的内容较小所以易于追踪,这可以节省项目的时间与成本 + +​ 避免发布日期的前一分钟发生混乱,当每个人都会尝试为他们所造成的那一点点不兼容的版本做检查 + +​ 当单元测试失或发生错误,若开发人员需要在不除错的情况下还原代码库到一个没有问题的状态,只需要放弃一小部分的更改 + +​ 让 "最新" 的程序可保持可用的状态供测试、展示或发布用 + +​ 频繁的提交代码会促使开发人员创建模块化,低复杂性的代码 + +###### 持续交付: + +​ 持续交付(英语:Continuous delivery,缩写为 CD),是一种软件工程手法,让软件产品的产出过程在一个短周期内完成,以保证软件可以稳定、持续的保持在随时可以释出的状况 + +​ 它的目标在于让软件的建置、测试与释出变得更快以及更频繁。这种方式可以减少软件开发的成本与时间,减少风险 + +​ 持续交付在持续集成的基础上,将集成后的代码部署到更贴近真实运行环境的「类生产环境」(production-like environments)中。比如,我们完成单元测试后,可以把代码部署到连接数据库的Staging 环境中更多的测试。如果代码没有问题,可以继续手动部署到生产环境中 + +![img](%E6%8C%81%E7%BB%AD%E9%9B%86%E6%88%90-%E4%BA%A4%E4%BB%98-%E5%8F%91%E5%B8%83.assets/llhsWI4PyQP79NHPB6qpgA.png) + +###### 持续部署: + +​ 持续部署(英语:Continuous Deployment,缩写为 CD),是持续交付的下一步,指的是代码通过评审以后,自动部署到生产环境 + +​ 有时候,持续部署也与持续交付混淆。持续部署意味着所有的变更都会被自动部署到生产环境中。持续交付意味着所有的变更都可以被部署到测试环境中,但是出于业务考虑,可以选择不部署。如果要实施持续部署,必须先实施持续交付 + +​ 持续部署即在持续交付的基础上,把部署到生产环境的过程自动化 + +img + +## 二:Jenkins CI/CD + +#### 1.Jenkins CI/CD 流程图 + +![img](%E6%8C%81%E7%BB%AD%E9%9B%86%E6%88%90-%E4%BA%A4%E4%BB%98-%E5%8F%91%E5%B8%83.assets/eBMhIj4AgzudBm3Fs4383Q.png) + +注意: + +​ 上线之前先把代码git到版本仓库,然后通过Jenkins 如Java项目通过maven去构建,这是在非容器之前,典型的自动化的一个版本上线流程 + +​ 它的测试环境,预生产环境,测试环境。会存在一定的兼容性问题 + +![img](%E6%8C%81%E7%BB%AD%E9%9B%86%E6%88%90-%E4%BA%A4%E4%BB%98-%E5%8F%91%E5%B8%83.assets/1vyHfJuYufXHSqOJjxghtw.png) + +注意: + +​ 这里有一个docker harbor 的镜像仓库,通常会把你的环境打包为一个镜像,通过镜像的方式来部署 + +#### 2.Jenkins 介绍 + +![img](%E6%8C%81%E7%BB%AD%E9%9B%86%E6%88%90-%E4%BA%A4%E4%BB%98-%E5%8F%91%E5%B8%83.assets/7qiG4RjufBF6q708fXRwWg.png) + +​ Jenkins 是一个用Java编写的开源的持续集成工具。在与Oracle发生争执后,项目从Hudson项目独立 + +​ Jenkins 提供了软件开发的持续集成服务。Jenkins是在MIT许可证下发布的自由软件 + +###### Jenkins 功能: + +​ 持续的软件版本发布/测试项目 + +​ 监控外部调用执行的工作 + +###### Jenkins 概念: + +​ Jenkins是一个功能强大的应用程序,允许持续集成和持续交付项目,无论用的是什么平台。这是一个免费的开源项目,可以处理任何类型的构建或持续集成。集成Jenkins可以用于一些测试和部署技术。Jenkins是一种软件允许持续集成 + +###### Jenkins 目的: + +​ 持续、自动地构建/测试软件项目 + +​ 监控软件开放流程,快速问题定位及处理,提提高开发效率 + +###### Jenkins 特性: + +​ 开源的java语言开发持续集成工具,支持CI,CD + +​ 易于安装部署配置:可通过yum安装,或下载war包以及通过docker容器等快速实现安装部署,可方便web界面配置管理 + +​ 消息通知及测试报告:集成RSS/E-mail通过RSS发布构建结果或当构建完成时通过e-mail通知,生成JUnit/TestNG测试报告 + +​ 分布式构建:支持Jenkins能够让多台计算机一起构建/测试 + +​ 文件识别:Jenkins能够跟踪哪次构建生成哪些jar,哪次构建使用哪个版本的jar等 + +​ 丰富的插件支持:支持扩展插件,你可以开发适合自己团队使用的工具,如git,svn,maven,docker等 + +#### 3.产品发布流程 + +​ 产品设计成型 -> 开发人员开发代码 -> 测试人员测试功能 -> 运维人员发布上线 + +#### 4.Jenkins实验环境 + +| 主机名 | ip地址 | 服务 | +| :----------: | :-------: | :-----: | +| cicd-jenkins | 10.0.1.87 | jenkins | +| cicd-gitlab | 10.0.1.86 | gitlab | +| cicd-web | 10.0.1.88 | web | + +#### 5.Jenkins安装使用 + +注意:新版的jenkins需要的jdk版本为11.如果出现以下报错解决方案 + +```shell +报错: +AWT is not properly configured on this server. Perhaps you need to run your container with “-Djava.awt.headless=true”? See also: https://jenkins.io/redirect/troubleshooting/java.awt.headless + +解决方案: +yum install dejavu-sans-fonts +yum install fontconfig +yum install xorg-x11-server-Xvfb +``` + +​ 下载 java(直接从内部服务器下载): + +```shell +[root@jenkins ~]# wget https://download.oracle.com/otn/java/jdk/8u251-b08/3d5a2bb8f8d4428bbe94aed7ec7ae784/jdk-8u251-linux-x64.tar.gz +``` + +​ 安装java: + +```shell +[root@jenkins ~]# tar xf jdk-8u251-linux-x64.tar.gz -C /usr/local/ +[root@jenkins ~]# cd /usr/local/ +[root@jenkins ~]# ln -s jdk1.8.0_251/ java +``` + +​ 下载 maven(从内部服务器下载): + +```shell +[root@jenkins ~]# wget http://mirrors.tuna.tsinghua.edu.cn/apache/maven/maven-3/3.6.3/binaries/apache-maven-3.6.3-bin.tar.gz +``` + +​ 解压安装: + +```shell +[root@jenkins ~]# tar xf apache-maven-3.6.3-bin.tar.gz -C /usr/local/ +[root@jenkins ~]# cd /usr/local/ +[root@jenkins ~]# ln -s apache-maven-3.6.3/ maven +``` + +​ 添加环境变量: + +```shell +[root@jenkins ~]# vim /etc/profile +JAVA_HOME=/usr/local/java +MAVEN_HOME=/usr/local/java/maven +PATH=$PATH:$JAVA_HOME/bin:$MAVEN_HOME/bin +export PATH USER LOGNAME MAIL HOSTNAME HISTSIZE HISTCONTROL JAVA_HOME MAVEN_HOME +[root@jenkins-server ~]# source /etc/profile +``` + +​ 验证 java 和 maven 安装: + +```shell +[root@jenkins ~]# java -version +java version "13.0.2" 2020-01-14 +Java(TM) SE Runtime Environment (build 13.0.2+8) +Java HotSpot(TM) 64-Bit Server VM (build 13.0.2+8, mixed mode, sharing) + +[root@jenkins ~]# mvn -v +Apache Maven 3.6.3 (cecedd343002696d0abb50b32b541b8a6ba2883f) +Maven home: /usr/local/maven +Java version: 13.0.2, vendor: Oracle Corporation, runtime: /usr/local/jdk-13.0.2 +Default locale: en_US, platform encoding: UTF-8 +OS name: "linux", version: "3.10.0-957.el7.x86_64", arch: "amd64", family: "unix" +``` + +​ 安装tomcat: + +```shell +[root@jenkins ~]# wget http://mirrors.tuna.tsinghua.edu.cn/apache/tomcat/tomcat-8/v8.5.42/bin/apache-tomcat-8.5.42.tar.gz +[root@jenkins ~]# tar xzf apache-tomcat-8.5.42.tar.gz -C /usr/local/ +[root@jenkins ~]# cd /usr/local/ +[root@jenkins local]# mv apache-tomcat-8.5.42/ tomcat +``` + +​ 下载jenkins的安装包: + +```shell +[root@jenkins-server ~]# wget http://updates.jenkins-ci.org/download/war/2.187/jenkins.war +``` + +​ 部署jenkins: + +```shell +[root@jenkins-server ~]# cd /usr/local/tomcat/webapps/ +[root@jenkins-server webapps]# rm -rf * +[root@jenkins-server webapps]# cp /root/jenkins.war . +[root@jenkins-server webapps]# ./bin/startup.sh +Using CATALINA_BASE: /usr/local/tomcat +Using CATALINA_HOME: /usr/local/tomcat +Using CATALINA_TMPDIR: /usr/local/tomcat/temp +Using JRE_HOME: /usr/local/java +Using CLASSPATH: /usr/local/tomcat/bin/bootstrap.jar:/usr/local/tomcat/bin/tomcat-juli.jar +Tomcat started. +``` + +​ 登录jenkins web管理界面: + +```shell +[root@jenkins ~]# cat /var/lib/jenkins/secrets/initialAdminPassword +5d3f57bea6e546139fc48ea28f9d5ae5 +``` + +![img](%E6%8C%81%E7%BB%AD%E9%9B%86%E6%88%90-%E4%BA%A4%E4%BB%98-%E5%8F%91%E5%B8%83.assets/LqMyfFJ8yikl8MXGGT34GA.png) + +以下是可选操作: + +​ 修改 /var/lib/jenkins/updates/default.json: + +​ jenkins 在下载插件之前会先检查网络连接,其会读取这个文件中的网址。默认是:www.google.com + +​ 访问谷歌,这就很坑了,服务器网络又不能 FQ,所以将图下的google改为[www.baidu.com](http://www.baidu.com/)即可,更改完重启服务 + +```shell +{"connectionCheckUrl":"http://www.baidu.com/","core":{"buildDate":"Dec 02, 2020","name":"core","sha1":"fMwDSSmyX9SkyDzqpqhd2EjOUy4=","sha256":"Du3rKxGjJyastX2ybiYrGSPPQI6EcIuvRx47U0Yu1vE=","url":"https://updates +....... +``` + +​ 修改/var/lib/jenkins/hudson.model.UpdateCenter.xml: + +​ 该文件为jenkins下载插件的源地址,改地址默认jenkins默认为:https://updates.jenkins.io/update-center.json,就是因为https的问题,此处我们将其改为http即可,之后重启jenkins服务即可 + +​ 其他国内备用地址(也可以选择使用): + +```shell +https://mirrors.tuna.tsinghua.edu.cn/jenkins/updates/update-center.json +http://mirror.esuni.jp/jenkins/updates/update-center.json +``` + +![img](%E6%8C%81%E7%BB%AD%E9%9B%86%E6%88%90-%E4%BA%A4%E4%BB%98-%E5%8F%91%E5%B8%83.assets/VJnJuX0UtAAq4MI5ErJxVA.png) + +![img](%E6%8C%81%E7%BB%AD%E9%9B%86%E6%88%90-%E4%BA%A4%E4%BB%98-%E5%8F%91%E5%B8%83.assets/UE7pdxoWLdHQT7kSZVJnrg.png) + +![img](%E6%8C%81%E7%BB%AD%E9%9B%86%E6%88%90-%E4%BA%A4%E4%BB%98-%E5%8F%91%E5%B8%83.assets/T5oHqFkQJyXk1uCy4Wqlsg.png) + +![img](%E6%8C%81%E7%BB%AD%E9%9B%86%E6%88%90-%E4%BA%A4%E4%BB%98-%E5%8F%91%E5%B8%83.assets/ExigZjVs8eZyJhPLjrNAWw.png) + +## 三:Jenkins使用 + +#### 1.Jenkins 用户权限管理 + +用户管理背景: + +​ 针对开发、运维、测试针对不同角色进行不同权限划分 + +基于插件: + +​ Role-based Authorization Strategy + +​ Authorize Project + +#### 2.安装用户管理插件 + +​ 系统管理->管理插件-可选插件->搜索该插件选中直接安装即可 + +image-20220625122837436 + +image-20220625122922074 + +#### 3.开启该插件功能 + +​ 系统管理->全局安全设置-授权策略->选中该插件功能即可->保存 + +image-20220625123057912 + +image-20220625123142667 + +#### 4. 验证用户管理 + +image-20220625123328336 + +注册一个新用户: + +image-20220625123633639 + +image-20220625123719754 + +新用户登录验证: + +image-20220625123832362 + +注意: + +​ 如果开启匿名用户所有权限可以看到具体的内容 + +​ 如果看到访问被拒绝,是因为使用的是Role-Based-Strategy的授权策略 + +#### 5.用户权限划分 + +​ 安装 Role-Based Strategy 插件后,系统管理 中多了如图下所示的一个功能,用户权限的划分就是靠他来做的 + +image-20220625124115019 + +image-20220625124135649 + +Manage Roles(管理角色): + +​ Manage Roles:管理角色,相当于针对角色赋予不同权限,然后在将该角色分配给用户 + +​ 角色就相当于一个组。其里面又有Global roles(全局)、item roles(项目)、node roles(节点),来进行不同划分 + +​ Global roles (全局角色):管理员等高级用户可以创建基于全局的角色 + +​ Item roles(项目角色):针对某个或者某些项目的角色 + +​ node roles(节点角色):节点相关的权限 + +Global roles: + +​ 默认是有一个admin用户的,是所有权限都有的,所有权限都是勾选了的 + +​ 接下来我们来添加一个角色:baseRole + +​ baseRole :该角色为全局角色。这个角色需要绑定Overall下面的Read权限,是为了给所有用户绑定最基本的Jenkins访问权限 + +​ 注意:如果不给后续用户绑定这个角色,会报错误:用户名 is missing the Overall/Read permission + +Project roles: + +​ roles to add:表示项目角色 + +​ Pattern:是用来做正则匹配的(匹配的内容是Job(项目名)),比如说根据正则匹配到的项目项目角色就都有权限 + +​ 接下来新建项目角色,改项目角色一般给其构建、取消、读取、读取空间权限,一般配置这4个即可 + +​ demo :该角色为项目角色。使用正则表达式绑定 “demo.",意思是只能操作 demo 开头的项目 + +​ web :该角色也为项目角色。绑定 "web.”,意思是只能操作 web 开头的项目 + +node roles: + +​ node roles(节点角色):节点相关的权限 + +​ roles to add:表示项目角色 + +​ Pattern:是用来做正则匹配的(匹配的内容是节点(slave节点)),比如说根据正则匹配到的项目项目角色就都有权限 + +image-20220626141733141 + +​ 将diandian用户绑定全局和项目权限: + +image-20220626142022912 + +​ diandian用户查看: + +image-20220626141942574 + +#### 6.Jenkins 参数化构建 + +​ 参数化构建背景: + +​ 如果只是简单的构建,jenkins自己默认的插件可以做,但是如果我们想要在构建过程中有更多功能,比如说:选择性构建、传参、项目指定变量等等其他功能,基础的参数化构建可以实现一些简单功能,但是要想使用更多功能这时候我们就需要借助参数化构建来实现交互的功能 + +​ 借助以下插件来进行实现: + +​ Extended Choice Parameter(更丰富的参数化构建插件) + +​ Git Parameter + +​ 安装插件: + +​ Extended Choice Parameter + +​ Git Paramete + +![image-20220626142500087](%E6%8C%81%E7%BB%AD%E9%9B%86%E6%88%90-%E4%BA%A4%E4%BB%98-%E5%8F%91%E5%B8%83.assets/image-20220626142500087.png) + +image-20220626142616802 + +​ 项目配置: + +image-20220626142826896 + +image-20220626142926277 + +​ 参数配置: + +image-20220626143141874 + +​ 这里这个branch 就相当于给其当做一个变量,然后来为其进行传参: + +![](%E6%8C%81%E7%BB%AD%E9%9B%86%E6%88%90-%E4%BA%A4%E4%BB%98-%E5%8F%91%E5%B8%83.assets/image-20220626144229208.png) + +​ 构建选择执行shell进行测试: + +image-20220626143702106 + +image-20220626143848722 + +​ 参数化配置已经生效: + +image-20220626144303324 + +​ 构建 test2: + +​ 可以发现控制台的输出也是成功了的 + +image-20220626144556341 + +#### 7.数据来源选择文件 + +​ 在jenkins所在服务器进行如下操作: + +```shell +[root@qfedu.com ~]# vim /opt/jenkins.property # 建立一个文件 +abc=t1,t2,t3,t4 +``` + +​ web 端配置: + +![img](%E6%8C%81%E7%BB%AD%E9%9B%86%E6%88%90-%E4%BA%A4%E4%BB%98-%E5%8F%91%E5%B8%83.assets/0USIqGXVd0iujSq_YmjGHg.png) + +​ 进行测试: + +image-20220626145317041 + +​ 构建后查看结果:(也是成功的) + +![image-20220626145443936](%E6%8C%81%E7%BB%AD%E9%9B%86%E6%88%90-%E4%BA%A4%E4%BB%98-%E5%8F%91%E5%B8%83.assets/image-20220626145443936.png) + + + + + + + + + + + + + diff --git a/md/版本仓库.md b/md/版本仓库.md new file mode 100644 index 0000000..b7625f6 --- /dev/null +++ b/md/版本仓库.md @@ -0,0 +1,852 @@ +

版本仓库

+ +**作者:行癫(盗版必究)** + +------ + +## 一:Git、Github、Gitlab 的区别 + +​ Git是版本控制系统 + +​ Github是在线的基于Git的代码托管服务,GitHub提供付费账户和免费账户,都可以创建公开的代码仓库,可以创建私有的代码仓库 + +​ Gitlab 创建免费的私人仓库 + +## 二:Git简介 + +#### 1.GIt介绍 + +​ Git是一个开源的分布式版本控制系统,用于敏捷高效地处理任何或小或大的项目 + +​ Git 是 Linus Torvalds 为了帮助管理 Linux 内核开发而开发的一个开放源码的版本控制软件 + +​ Git 与常用的版本控制工具 CVS, Subversion 等不同,它采用了分布式版本库的方式,不必服务器端软件支持 + +#### 2.Git工作流程 + +​ 克隆 Git 资源作为工作目录 + +​ 在克隆的资源上添加或修改文件 + +​ 如果其他人修改了,你可以更新资源 + +​ 在提交前查看修改 + +​ 提交修改 + +​ 在修改完成后,如果发现错误,可以撤回提交并再次修改并提交 + +image-20220622135814482 + +#### 3.git的工作区、暂存区和版本库 + +​ 工作区:就是你在电脑里能看到的目录 + +​ 暂存区:英文叫stage, 或index。一般存放在"git目录"下的index文件(.git/index)中,所以我们把暂存区有时也叫作索引(index) + +​ 版本库:工作区有一个隐藏目录.git,这个不算工作区,而是Git的版本库 + +​ ![img](%E7%89%88%E6%9C%AC%E4%BB%93%E5%BA%93.assets/dnRUEOrwFBKKhx2PCx9LdA.png) + +#### 4.Git安装 + +```shell +[root@xingdian-git ~]# yum -y install git curl-devel expat-devel gettext-devel openssl-devel zlib-devel git-core +``` + +## 三:Git使用 + +​ Git 提供了一个叫做 git config 的工具,专门用来配置或读取相应的工作环境变量 + +​ 这些环境变量,决定了 Git 在各个环节的具体工作方式和行为。这些变量可以存放在以下三个不同的地方: + +​ /etc/gitconfig 文件:系统中对所有用户都普遍适用的配置。若使用 git config 时用 --system 选项,读写的就是这个文件 + +​ ~/.gitconfig 文件:用户目录下的配置文件只适用于该用户。若使用 git config 时用 --global 选项,读写的就是这个文件 + +​ 当前项目的 Git 目录中的配置文件(也就是工作目录中的 .git/config 文件):这里的配置仅仅针对当前项目有效 + +#### 1.Git用户信息 + +​ 配置个人的用户名称和电子邮件地址: + +```shell +[root@xingdian-git ~]# git config --global user.name "xingdian" +[root@xingdian-git ~]# git config --global user.email "xingdian@1000phone.com" +``` + +#### 2.查看配置信息 + +```shell +[root@xingdian-git ~]# git config --list +user.name=xingdian +user.email=xingdian@1000phone.com +``` + +​ 这些配置我们也可以在 ~/.gitconfig 或 /etc/gitconfig 看到,如下所示: + +```shell +[root@xingdian-git ~]# cat ~/.gitconfig +[user] + name = xingdian + email = xingdian@1000phone.com +``` + +注意: + +```shell +git config --global 参数 +取消代理: + git config --global --unset http.proxy + git config --global --unset https.proxy +设置代理: + git config --global http.proxy http://domain.local\vsilva:Passw0rd@proxyServer:8080 +出现各种 SSL certificate problem 的解决办法: + git config --global http.sslVerify false +``` + +#### 3.常用的git 命令 + +```shell +[root@xingdian-git ~]# git init +# 初始化 +[root@xingdian-git ~]# git add main.cpp +# 将某一个文件添加到暂存区 +[root@xingdian-git ~]# git add . +# 将文件夹下的所有的文件添加到暂存区 +[root@xingdian-git ~]# git commit -m 'note' +# 将暂存区中的文件保存成为某一个版本 +[root@xingdian-git ~]# git log +# 查看所有的版本日志 +[root@xingdian-git ~]# git status +# 查看现在暂存区的状况 +[root@xingdian-git ~]# git diff +# 查看现在文件与上一个提交-commit版本的区别 +[root@xingdian-git ~]# git reset --hard HEAD^ +# 回到上一个版本 +[root@xingdian-git ~]# git reset --hard XXXXX +# XXX为版本编号,回到某一个版本 +[root@xingdian-git ~]# git pull origin master +# 从主分支pull到本地 +[root@xingdian-git ~]# git push -u origin master +# 从本地push到主分支 +[root@xingdian-git ~]# git pull +# pull默认主分支 +[root@xingdian-git ~]# git push +# push默认主分支 ... +``` + +#### 4.Git使用 + +​ ssh 链接: + +​ 客户机上产生公钥上传到gitlab的SSH-Keys里,git clone下载和git push上传都没问题,这种方式很安全 + +​ ssh连接github: + +​ 登录github,这是github的主页(如果没有账户需要注册) + +Git服务器生成秘钥: + +```shell +[root@xingdian ~]# ssh-keygen +Generating public/private rsa key pair. +Enter file in which to save the key (/root/.ssh/id_rsa): +Enter passphrase (empty for no passphrase): +Enter same passphrase again: +Your identification has been saved in /root/.ssh/id_rsa. +Your public key has been saved in /root/.ssh/id_rsa.pub. +The key fingerprint is: +SHA256:S/zPOA+wrn/FOnpnFzQponuXzDYDoIFpYTxWeiGKC7g root@xingdian +The key's randomart image is: ++---[RSA 2048]----+ +| ...o | +|.. .*o . | +|+ .o.=. . | +|.o +.... . . + | +|E . oSo o o . | +| ...=. o . | +| o.o* . . | +| .. B=@ . | +| .o+=.O++ | ++----[SHA256]-----+ +[root@xingdian ~]# cat .ssh/id_rsa.pub +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDjwGC9van2xd2e2u1769g/SZfJadkC2qXwSMy1yQ9xK8FTMfEXV0X6NTGTu4ZIaj9Jjcq2RjUn9QsS2EEePiAZykki7jOcZAxckY/s9iOS2F10wnTGrSpvUjBh3fpziS5c0HB7ejUsonm/jm/BQqwQ9abdWsFJvombdiDifVSYU9s4SbmAjU4gdtgYYxM5vCnGdfCy06grj25lkmYSnQDqDWW2W8a2nPe1UYliBugh2EcTUi2vCnrM6/Jj3P1f3VyB0Y8MXvybksi9oHTqaOA6t8cdArw19nZ0IEy7vffVTUcTNw1gg4UHgb4s5zWHeOnNCFFKDJfLH80CCORoQuut root@xingdian +``` + +Github添加Git服务器秘钥: + +image-20220622145317159 + +image-20220622145431860 + +image-20220622145511169 + +Github创建仓库: + +image-20220622145700668 + +![image-20220622145819078](%E7%89%88%E6%9C%AC%E4%BB%93%E5%BA%93.assets/image-20220622145819078.png) + +image-20220622145843179 + +git服务器上创建项目并上传到github: + +``` +[root@xingdian-cloud opt]# mkdir a +[root@xingdian-cloud opt]# cd a +[root@xingdian-cloud a]# git remote add origin git@github.com:blackmed/xingdiancloud-test.git +[root@xingdian-cloud a]# echo "hello xingdian" > xingdian +[root@xingdian-cloud a]# git add . +[root@xingdian-cloud a]# git commit -m "hello" +[master (root-commit) ec3f424] hello + 1 file changed, 1 insertion(+) + create mode 100644 xingdian +[root@xingdian-cloud a]# git push -u origin master +Warning: Permanently added 'github.com,20.205.243.166' (ECDSA) to the list of known hosts. +Counting objects: 3, done. +Writing objects: 100% (3/3), 221 bytes | 0 bytes/s, done. +Total 3 (delta 0), reused 0 (delta 0) +remote: +remote: Create a pull request for 'master' on GitHub by visiting: +remote: https://github.com/blackmed/xingdiancloud-test/pull/new/master +remote: +To git@github.com:blackmed/xingdiancloud-test.git + * [new branch] master -> master +Branch master set up to track remote branch master from origin. +``` + +github查看: + +![image-20220622161013603](%E7%89%88%E6%9C%AC%E4%BB%93%E5%BA%93.assets/image-20220622161013603.png) + +![image-20220622161234927](%E7%89%88%E6%9C%AC%E4%BB%93%E5%BA%93.assets/image-20220622161234927.png) + +注意:这样上传到github的分支不能跟main分支合并 + +#### 5.版本穿梭 + +版本回退: + +```shell +# 用 git log 命令查看: +# 每一个提交的版本都唯一对应一个 commit 版本号, +# 使用 git reset 命令退到上一个版本: +[root@xingdian-git ~]# git reset --hard HEAD^ +``` + +```shell +[root@xingdian-git ~]# git reflog +# 查看命令历史,以便确定要回到哪个版本 +[root@xingdian-git ~]# git reset --hard commit_id +# 比如git reset --hard 3628164 + +消失的ID号: +回到早期的版本后再查看git log会发现最近的版本消失,可以使用reflog查看消失的版本ID,用于回退到消失的版本 +[root@xingdian-git ~]# git reflog +``` + +#### 6.分支管理 + +创建分支: + +``` +[root@xingdian-git ~]# git checkout -b dev #创建dev分支,然后切换到dev分支 +[root@xingdian-git ~]# git checkout #命令加上-b参数表示创建并切换,相当于以下两条命令: +[root@xingdian-git ~]# git branch dev +[root@xingdian-git ~]# git branch #命令查看当前分支, +[root@xingdian-git ~]# git branch #命令会列出所有分支,当前分支前面会标一个*号 +[root@xingdian-git ~]# git branch +* dev master +[root@xingdian-git ~]# git add readme.txt +git commit -m "branch test" # 在dev分支上正常提交. +``` + +分支切换: + +```shell +[root@xingdian-git ~]# git checkout master # 切换回master分支 +# 查看一个readme.txt文件,刚才添加的内容不见了,因为那个提交是在dev分支上,而master分支此刻的提交点并没有变 +``` + +合并分支: + +```shell +[root@xingdian-git ~]# git merge dev # 把dev分支的工作成果合并到master分支上 +[root@xingdian-git ~]# git merge # 命令用于合并指定分支到当前分支。 +# 合并后,再查看readme.txt的内容,就可以看到,和dev分支的最新提交是完全一样的。 +``` + +删除分支: + +```shell +[root@xingdian-git ~]# git branch -d dev #删除dev分支了: +删除后,查看branch,就只剩下master分支了. +``` + +#### 7.github分支管理 + +注意:github默认的分支是main而不是master + +创建项目: + +image-20220622165005947 + +创建分支: + +image-20220622165323873 + +![image-20220622165356611](%E7%89%88%E6%9C%AC%E4%BB%93%E5%BA%93.assets/image-20220622165356611.png) + +image-20220622165442604 + + +新分支创建文件: + +image-20220622165459895 + +![image-20220622165545788](%E7%89%88%E6%9C%AC%E4%BB%93%E5%BA%93.assets/image-20220622165545788.png) + +image-20220622165616021 + +分支合并: + +image-20220622165629824 + +image-20220622165708029 + +image-20220622165729534 + +image-20220622165753134 + +main分支验证是否合并成功: + +image-20220622165838735 + +#### 8.使用github上的项目 + +注意: + +​ 前期的配置略 + +下载仓库到本地: + +```shell +[root@xingdian-cloud opt]# git clone git@github.com:blackmed/xingdiancloud-dian.git +Cloning into 'xingdiancloud-dian'... +Warning: Permanently added 'github.com,20.205.243.166' (ECDSA) to the list of known hosts. +remote: Enumerating objects: 7, done. +remote: Counting objects: 100% (7/7), done. +remote: Compressing objects: 100% (4/4), done. +remote: Total 7 (delta 0), reused 0 (delta 0), pack-reused 0 +Receiving objects: 100% (7/7), done. +[root@xingdian-cloud opt]# ls +xingdiancloud-dian +``` + +进入工作目录,模拟代码更新: + +```shell +[root@xingdian-cloud opt]# cd xingdiancloud-dian/ +[root@xingdian-cloud xingdiancloud-dian]# ls +diandian README.md +[root@xingdian-cloud xingdiancloud-dian]# echo "diange is very good" > xingdian +[root@xingdian-cloud xingdiancloud-dian]# git add . +[root@xingdian-cloud xingdiancloud-dian]# git commit -m "this is diange" +[main 73139aa] this is diange + 1 file changed, 1 insertion(+) + create mode 100644 xingdian +[root@xingdian-cloud xingdiancloud-dian]# git push -u origin main +Warning: Permanently added 'github.com,20.205.243.166' (ECDSA) to the list of known hosts. +Counting objects: 4, done. +Delta compression using up to 2 threads. +Compressing objects: 100% (2/2), done. +Writing objects: 100% (3/3), 322 bytes | 0 bytes/s, done. +Total 3 (delta 0), reused 0 (delta 0) +To git@github.com:blackmed/xingdiancloud-dian.git + ec322d0..73139aa main -> main +Branch main set up to track remote branch main from origin. +``` + +github验证: + +image-20220622170829984 + +## 四:Gitlab部署与使用 + +#### 1.资源环境 + +| 主机名 | IP地址 | 服务 | +| :----: | :--------: | :------: | +| gitlab | 10.0.0.110 | gitab-ce | + +#### 2.环境部署 + +​ 修改主机名: + +```shell +[root@localhost ~]# hostnamectl --static set-hostname cicd-gitlab +``` + +​ 关闭防火墙和selinux: + +```shell +[root@cicd-gitlab ~]# systemctl stop iptables firewalld +[root@cicd-gitlab ~]# systemctl disable iptables firewalld +[root@cicd-gitlab ~]# setenforce 0 +``` + +​ 开启邮件服务: + +```shell +[root@cicd-gitlab ~]# systemctl start postfix +[root@cicd-gitlab ~]# systemctl enable postfix +``` + +​ 添加本地解析: + +```shell +[root@cicd-gitlab ~]# vim /etc/hosts +10.0.1.86 gitlab.qfedu.com +``` + +#### 3.安装gitlab依赖包 + +```shell +[root@cicd-gitlab ~]# yum install -y curl openssh-server openssh-clients postfix cronie policycoreutils-python +``` + +#### 4.添加gitlab安装源 + +```shell +阿里源 +[root@cicd-gitlab ~]# vim /etc/yum.repos.d/gitlab-ce.repo +[gitlab-ce] +name=gitlab-ce +baseurl=http://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el7 +Repo_gpgcheck=0 +Enabled=1 +gpgcheck=0 +清华源: +[root@cicd-gitlab ~]# vim gitlab-ce.repo +[gitlab-ce] +name=Gitlab CE Repository +baseurl=https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el$releasever/ +gpgcheck=0 +enabled=1 + +[root@cicd-gitlab ~]# vim gitlab-ee.repo +[gitlab-ee] +name=Gitlab EE Repository +baseurl=https://mirrors.tuna.tsinghua.edu.cn/gitlab-ee/yum/el$releasever/ +gpgcheck=0 +enabled=1 +官方源: +[root@cicd-gitlab ~]# vim runner_gitlab-ci-multi-runner.repo +[runner_gitlab-ci-multi-runner] +name=runner_gitlab-ci-multi-runner +baseurl=https://packages.gitlab.com/runner/gitlab-ci-multi-runner/el/7/$basearch +repo_gpgcheck=1 +gpgcheck=0 +enabled=1 +gpgkey=https://packages.gitlab.com/runner/gitlab-ci-multi-runner/gpgkey +sslverify=1 +sslcacert=/etc/pki/tls/certs/ca-bundle.crt +metadata_expire=300 + +[runner_gitlab-ci-multi-runner-source] +name=runner_gitlab-ci-multi-runner-source +baseurl=https://packages.gitlab.com/runner/gitlab-ci-multi-runner/el/7/SRPMS +repo_gpgcheck=1 +gpgcheck=0 +enabled=1 +gpgkey=https://packages.gitlab.com/runner/gitlab-ci-multi-runner/gpgkey +sslverify=1 +sslcacert=/etc/pki/tls/certs/ca-bundle.crt +metadata_expire=300 +``` + +5.安装gitlab + +```shell +[root@cicd-gitlab ~]# yum -y install gitlab-ce +# 自动安装最新版 +``` + +#### 6.查看gitlab版本 + +```shell +[root@xingdian-git ~]# head -1 /opt/gitlab/version-manifest.txt +gitlab-ce 13.6.1 +``` + +#### 7.Gitlab 配置登录链接 + +```shell +#设置登录链接 +[root@cicd-gitlab ~]# vim /etc/gitlab/gitlab.rb +*** +## GitLab URL +##! URL on which GitLab will be reachable. +##! For more details on configuring external_url see: +##! https://docs.gitlab.com/omnibus/settings/configuration.html#configuring-the-external-url-for-gitlab +# 没有域名,可以设置为本机IP地址 +external_url 'http://10.0.1.86' +*** +[root@cicd-gitlab ~]# grep "^external_url" /etc/gitlab/gitlab.rb +external_url 'http://10.0.1.86' #绑定监听的域名或IP +``` + +#### 8.初始化 Gitlab + +```shell + [root@cicd-gitlab ~]# gitlab-ctl reconfigure   +..... +``` + +#### 9.启动 Gitlab 服务 + +```shell +[root@cicd-gitlab ~]# gitlab-ctl start + +[root@cicd-gitlab ~]# lsof -i:80 +COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME +nginx 22500 root 7u IPv4 50923 0t0 TCP *:http (LISTEN) +nginx 22501 gitlab-www 7u IPv4 50923 0t0 TCP *:http (LISTEN) +``` + +#### 10.Gitlab服务管理 + +```shell +[root@cicd-gitlab ~]# gitlab-ctl start # 启动所有 gitlab 组件; +[root@cicd-gitlab ~]# gitlab-ctl stop # 停止所有 gitlab 组件; +[root@cicd-gitlab ~]# gitlab-ctl restart # 重启所有 gitlab 组件; +[root@cicd-gitlab ~]# gitlab-ctl status # 查看服务状态; +[root@cicd-gitlab ~]# gitlab-ctl reconfigure # 初始化服务; +[root@cicd-gitlab ~]# vim /etc/gitlab/gitlab.rb # 修改默认的配置文件; +[root@cicd-gitlab ~]# gitlab-ctl tail # 查看日志; +``` + +11.登录Gitlab + +​ 在浏览器中输入 http://10.0.0.110,然后 change password: ,并使用root用户登录 即可 (后续动作根据提示操作) + +```shell +1. 执行命令, 进入交互界面 +gitlab-rails console -e production +2. 执行如下命令, 修改root密码为你想要的密码, 无需重启即可完成设置 +u=User.where(id:1).first # u定义为root用户 +u.password='你的密码' # 设置root密码, 注意需要符合密码强度 +u.password_confirmation='你的密码' # 确认当前密码 +u.save! # 保存操作 +quit # 退出交互界面 +``` + +设置中文: + +![img](%E7%89%88%E6%9C%AC%E4%BB%93%E5%BA%93.assets/E0dN8g2Is23hq_Rbnq0FsA.png) + +#### 11.Gitlab部署https方式 + +​ 创建私有密钥: + +```shell +[root@cicd-gitlab ~]# mkdir -p /etc/gitlab/ssl +[root@cicd-gitlab ~]# openssl genrsa -out "/etc/gitlab/ssl/gitlab.example.com.key" 2048 +Generating RSA private key, 2048 bit long modulus +...............+++ +...............................................................................+++ +e is 65537 (0x10001) +``` + +​ 创建私有证书: + +```shell +[root@cicd-gitlab ~]# openssl req -new -key "/etc/gitlab/ssl/gitlab.example.com.key" -out "/etc/gitlab/ssl/gitlab.example.com.csr" +You are about to be asked to enter information that will be incorporated +into your certificate request. +What you are about to enter is what is called a Distinguished Name or a DN. +There are quite a few fields but you can leave some blank +For some fields there will be a default value, +If you enter '.', the field will be left blank. +----- +Country Name (2 letter code) [XX]:cn +State or Province Name (full name) []:sh +Locality Name (eg, city) [Default City]:sh +Organization Name (eg, company) [Default Company Ltd]: #输入空格,然后回车 +Organizational Unit Name (eg, section) []: #输入空格,然后回车 +Common Name (eg, your name or your server's hostname) []:gitlab.example.com +Email Address []:admin@example.com + +Please enter the following 'extra' attributes +to be sent with your certificate request +A challenge password []:123456 +An optional company name []: #直接回车 +查看 +[root@cicd-gitlab ~]# ll /etc/gitlab/ssl/ +total 8 +-rw-r--r-- 1 root root 1066 Jan 2 15:32 gitlab.example.com.csr +-rw-r--r-- 1 root root 1679 Jan 2 15:30 gitlab.example.com.key +``` + +​ 创建CRT签署证书: + +```shell +[root@cicd-gitlab ~]# openssl x509 -req -days 365 -in "/etc/gitlab/ssl/gitlab.example.com.csr" -signkey "/etc/gitlab/ssl/gitlab.example.com.key" -out "/etc/gitlab/ssl/gitlab.example.com.crt" +Signature ok +subject=/C=cn/ST=sh/L=sh/O= /OU= /CN=gitlab.example.com/emailAddress=admin@example.com +Getting Private key +查看 +[root@cicd-gitlab ~]# ll /etc/gitlab/ssl/ +total 12 +-rw-r--r-- 1 root root 1265 Jan 2 15:39 gitlab.example.com.crt +-rw-r--r-- 1 root root 1066 Jan 2 15:32 gitlab.example.com.csr +-rw-r--r-- 1 root root 1679 Jan 2 15:30 gitlab.example.com.key +``` + +​ 创建pem证书: 利用openssl命令输出pem证书 + +```shell +[root@gitlab ~]# openssl dhparam -out /etc/gitlab/ssl/dhparam.pem 2048 +Generating DH parameters, 2048 bit long safe prime, generator 2 +This is going to take a long time +........................................................+................................................................................+.....................................+..................................................................................+..............................................+..................................................................................................................................+..+........................................................................................................................................+..............................................................................................................................................................................+......+..............+.....................................................+.................+.......................................................................................+..+.................................................................................................................................................+..........................................................+.............+.........+...........................................................+........................................................................................................................................................................................................................................+...................................................................................................................................................................................................................................................................................................................++*++* +``` + +​ 查看生成的证书: + +```shell +[root@cicd-gitlab ~]# ll /etc/gitlab/ssl/ +total 16 +-rw-r--r-- 1 root root 424 Jan 2 15:46 dhparam.pem +-rw-r--r-- 1 root root 1265 Jan 2 15:39 gitlab.example.com.crt +-rw-r--r-- 1 root root 1066 Jan 2 15:32 gitlab.example.com.csr +-rw-r--r-- 1 root root 1679 Jan 2 15:30 gitlab.example.com.key +``` + +​ 更改文件权限: + +```shell +[root@cicd-gitlab ~]# chmod 600 /etc/gitlab/ssl/* +[root@cicd-gitlab ~]# ll /etc/gitlab/ssl/ +total 16 +-rw------- 1 root root 424 Jan 2 15:46 dhparam.pem +-rw------- 1 root root 1265 Jan 2 15:39 gitlab.example.com.crt +-rw------- 1 root root 1066 Jan 2 15:32 gitlab.example.com.csr +-rw------- 1 root root 1679 Jan 2 15:30 gitlab.example.com.key +``` + +​ 配置 gitlab: + +```shell +[root@cicd-gitlab ~]# cp /etc/gitlab/gitlab.rb{,.bak} +[root@cicd-gitlab ~]# vim /etc/gitlab/gitlab.rb +## 更改如下 + 13 external_url 'https://gitlab.example.com' 13行左右 +952 nginx['redirect_http_to_https'] = true +964 nginx['ssl_certificate'] = "/etc/gitlab/ssl/gitlab.example.com.crt" +965 nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/gitlab.example.com.key" +979 # nginx['ssl_dhparam'] = "/etc/gitlab/ssl/dhparam.pem" # Path to dhparams.pem, eg. /etc/gitlab/ssl/dhparams.pem +``` + +​ 初始化gitlab相关服务配置: + +```shell +[root@cicd-gitlab ~]# gitlab-ctl reconfigure +Starting Chef Client, version 13.6.4 +resolving cookbooks for run list: ["gitlab"] +Synchronizing Cookbooks: + - gitlab (0.0.1) + - package (0.1.0) + - postgresql (0.1.0) + - redis (0.1.0) + - mattermost (0.1.0) + - registry (0.1.0) + - gitaly (0.1.0) + - consul (0.0.0) + - nginx (0.1.0) + - runit (0.14.2) + - letsencrypt (0.1.0) + - acme (3.1.0) + - crond (0.1.0) + - compat_resource (12.19.0) +Installing Cookbook Gems: +Compiling Cookbooks... +Recipe: gitlab::default + * directory[/etc/gitlab] action create + - change mode from '0755' to '0775' + Converging 493 resources + * directory[/etc/gitlab] action create (up to date) + * directory[Create /var/opt/gitlab] action create + - create new directory /var/opt/gitlab + - change mode from '' to '0755' + - change owner from '' to 'root' + - change group from '' to 'root' + * directory[/opt/gitlab/embedded/etc] action create + - create new directory /opt/gitlab/embedded/etc + - change mode from '' to '0755' + - change owner from '' to 'root' + - change group from '' to 'root' + * template[/opt/gitlab/embedded/etc/gitconfig] action create + - create new file /opt/gitlab/embedded/etc/gitconfig + - update content in file /opt/gitlab/embedded/etc/gitconfig from none to 987af3 + +。。。。过程有点长,需要等一会(看个人服务器配置了) +Running handlers: +Running handlers complete +Chef Client finished, 454/655 resources updated in 02 minutes 16 seconds +gitlab Reconfigured! +# 出现这个表示配置没有问题! +``` + +​ 重启 gitlab: + +```shell +[root@cicd-gitlab ~]# gitlab-ctl restart +ok: run: alertmanager: (pid 6526) 1s +ok: run: gitaly: (pid 6543) 0s +ok: run: gitlab-monitor: (pid 6556) 0s +ok: run: gitlab-workhorse: (pid 6579) 1s +ok: run: logrotate: (pid 6589) 0s +ok: run: nginx: (pid 6597) 1s +ok: run: node-exporter: (pid 6681) 0s +ok: run: postgres-exporter: (pid 6687) 1s +ok: run: postgresql: (pid 6698) 0s +ok: run: prometheus: (pid 6706) 0s +ok: run: redis: (pid 6722) 0s +ok: run: redis-exporter: (pid 6856) 0s +ok: run: sidekiq: (pid 6866) 0s +ok: run: unicorn: (pid 6880) 0s +# 可以看出gitlab的所有服务重启完成 +``` + +#### 12.浏览器登录 gitlab + +​ https://gitlab.example.com + +![img](%E7%89%88%E6%9C%AC%E4%BB%93%E5%BA%93.assets/ihL-gBXxpxFoNE25P-tY9g.png) + +#### 13.Gitlab 添加 SMTP 邮件功能 + +​ 配置邮件功能: + +```shell +[root@cicd-gitlab ~]# grep -P "^[^#].*smtp_|user_email|gitlab_email" /etc/gitlab/gitlab.rb +gitlab_rails['smtp_enable'] = true +gitlab_rails['smtp_address'] = "smtp.163.com" +gitlab_rails['smtp_port'] = 465 +gitlab_rails['smtp_user_name'] = "zhuangyaovip@163.com" +gitlab_rails['smtp_password'] = "FULLECVMSVNBSDJH" +gitlab_rails['smtp_domain'] = "163.com" +gitlab_rails['smtp_authentication'] = "login" +gitlab_rails['smtp_enable_starttls_auto'] = true +gitlab_rails['smtp_tls'] = true +gitlab_rails['gitlab_email_enabled'] = true +gitlab_rails['gitlab_email_from'] = 'zhuangyaovip@163.com' +gitlab_rails['gitlab_email_display_name'] = 'Example' +gitlab_rails['gitlab_email_reply_to'] = '1311529042@qq.com' +gitlab_rails['gitlab_email_subject_suffix'] = 'gitlab' +# gitlab_rails['gitlab_email_smime_enabled'] = false +# gitlab_rails['gitlab_email_smime_key_file'] = '/etc/gitlab/ssl/gitlab_smime.key' +# gitlab_rails['gitlab_email_smime_cert_file'] = '/etc/gitlab/ssl/gitlab_smime.crt' +# gitlab_rails['gitlab_email_smime_ca_certs_file'] = '/etc/gitlab/ssl/gitlab_smime_cas.crt' +# user['git_user_email'] = "gitlab@#{node['fqdn']}" +``` + +​ 停止gitlab服务: + +```shell +[root@cicd-gitlab ~]# gitlab-ctl stop +ok: down: gitaly: 0s, normally up +ok: down: gitlab-monitor: 1s, normally up +ok: down: gitlab-workhorse: 0s, normally up +ok: down: logrotate: 1s, normally up +ok: down: nginx: 0s, normally up +ok: down: node-exporter: 1s, normally up +ok: down: postgres-exporter: 0s, normally up +ok: down: postgresql: 0s, normally up +ok: down: prometheus: 0s, normally up +ok: down: redis: 0s, normally up +ok: down: redis-exporter: 1s, normally up +ok: down: sidekiq: 0s, normally up +ok: down: unicorn: 1s, normally up +``` + +​ 修改配置后需要初始化配置: + +```shell +[root@cicd-gitlab ~]# gitlab-ctl reconfigure +...... +``` + +​ 启动服务: + +```shell +[root@cicd-gitlab ~]# gitlab-ctl start +ok: run: gitaly: (pid 37603) 0s +ok: run: gitlab-monitor: (pid 37613) 0s +ok: run: gitlab-workhorse: (pid 37625) 0s +ok: run: logrotate: (pid 37631) 0s +ok: run: nginx: (pid 37639) 1s +ok: run: node-exporter: (pid 37644) 0s +ok: run: postgres-exporter: (pid 37648) 1s +ok: run: postgresql: (pid 37652) 0s +ok: run: prometheus: (pid 37660) 1s +ok: run: redis: (pid 37668) 0s +ok: run: redis-exporter: (pid 37746) 0s +ok: run: sidekiq: (pid 37750) 1s +ok: run: unicorn: (pid 37757) 0s +``` + +​ Gitlab 发送邮件测试: + +```shell +[root@cicd-gitlab ~]# gitlab-rails console +Loading production environment (Rails 4.2.10) +irb(main):001:0> Notify.test_email('1311529042@qq.com', 'Message Subject', 'Message Body').deliver_now + +Notify#test_email: processed outbound mail in 2219.5ms + +Sent mail to user@destination.com (2469.5ms) +Date: Fri, 04 May 2018 15:50:10 +0800 +From: Admin +Reply-To: Admin +To: user@destination.com +Message-ID: <5aec10b24cfaa_93933fee282db10c162d@vm1.mail> +Subject: Message Subject +Mime-Version: 1.0 +Content-Type: text/html; + charset=UTF-8tt +Content-Transfer-Encoding: 7bit +Auto-Submitted: auto-generated +X-Auto-Response-Suppress: All + + +

Message Body

+ +=> #, >, >, , >, , , , , , > +irb(main):002:0>quit +``` + +​ 邮箱客户端查看邮件: + +![img](%E7%89%88%E6%9C%AC%E4%BB%93%E5%BA%93.assets/CxvKSD_S_9OPuLnUX2N4Mg.png) + +## 五:Gitlab 开发代码提交处理流程 + +#### 1.公司代码提交合并流程 + +​ PM(项目主管/项目经理)在gitlab创建任务,分配给开发人员 + +​ 开发人员领取任务后,在本地使用git clone拉取代码库 + +​ 开发人员创建开发分支(git checkout -b dev),并进行开发 + +​ 开发人员完成之后,提交到本地仓库(git commit ) + +​ 开发人员在gitlab界面上申请分支合并请求(Merge request) + +​ PM在gitlab上查看提交和代码修改情况,确认无误后,确认将开发人员的分支合并到主分支(master) + +​ 开发人员在gitlab上Mark done确认开发完成,并关闭 +