GitLab Linux配置中的自动化脚本应用
GitLab Runner是执行CI/CD流程的核心组件,其安装过程可通过脚本自动化完成。以下是基于Docker的快速安装脚本示例:
docker run -d --name gitlab-runner --restart always \
--env TZ=Asia/Shanghai \
-v /home/gitlab-runner/config:/etc/gitlab-runner \
-v /var/run/docker.sock:/var/run/docker.sock \
gitlab/gitlab-runner:latest
该脚本实现了Runner的持久化配置(挂载配置目录)和Docker套接字挂载(支持Docker-in-Docker任务),安装后需通过gitlab-runner register命令注册到GitLab项目。
针对Ubuntu 20.04/22.04或Debian系统,可编写一键安装脚本,覆盖从系统准备到GitLab配置的全流程。核心步骤包括:
# 检查root权限
if [ "$EUID" -ne 0 ]; then
echo "请使用root用户运行此脚本"
exit 1
fi
# 更新系统并安装依赖
apt update && apt upgrade -y
apt install -y curl openssh-server ca-certificates tzdata postfix
# 配置Postfix
debconf-set-selections <<< "postfix postfix/mailname string gitlab.example.com"
debconf-set-selections <<< "postfix postfix/main_mailer_type string 'Internet Site'"
# 添加GitLab仓库并安装
curl -fsSL https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.deb.sh | bash
apt install -y gitlab-ce
# 重新配置GitLab
gitlab-ctl reconfigure
该脚本简化了GitLab Server的部署流程,降低了手动配置错误的风险。
.gitlab-ci.yml是GitLab CI/CD的核心配置文件,用于定义项目的构建、测试、部署流程。以下是常见场景的示例:
stages:
- build
- test
- deploy
variables:
GIT_SUBMODULE_STRATEGY: recursive # 递归拉取子模块
build_job:
stage: build
image: maven:3.6.3-jdk-8 # 使用Maven镜像
script:
- echo "开始构建打包"
- mvn install
artifacts:
paths:
- target/ # 保存构建产物供后续job使用
test_job:
stage: test
image: maven:3.6.3-jdk-8
script:
- echo "开始执行代码测试"
- mvn test
deploy_job:
stage: deploy
image: instrumentisto/rsync-ssh:latest # 使用SSH镜像
script:
- mkdir -p ~/.ssh
- echo -e "Host *\n\tStrictHostKeyChecking no\n" > ~/.ssh/config # 关闭SSH主机密钥检查
- echo "$TEST_SSH_PRIVATE_KEY" >> ~/.ssh/id_rsa # 引用GitLab变量中的私钥
- chmod 600 ~/.ssh/id_rsa
- ssh -p 22 -i ~/.ssh/id_rsa root@"$TEST_SERVER" "cd $TEST_PROJECT_PATH && git pull && source .venv/bin/activate && pip install -r requirements.txt" # 部署到测试环境
该配置实现了“构建→测试→部署”的流水线,通过artifacts实现构建产物传递,通过SSH实现远程部署。
deploy_docker_k8s:
stage: deploy
image: docker:latest
services:
- docker:dind # 启用Docker-in-Docker
script:
- echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin $DOCKER_REGISTRY # 登录Docker Hub
- docker build -t $DOCKER_REGISTRY/your_project:latest . # 构建镜像
- docker push $DOCKER_REGISTRY/your_project:latest # 推送镜像
- kubectl apply -f kubernetes/deployment.yaml # 应用Kubernetes配置
only:
- main # 仅main分支触发
该配置适用于容器化项目,实现了镜像构建、推送及Kubernetes滚动更新。
对于多台GitLab服务器的批量配置,可使用Ansible Playbook自动化完成安装与配置。以下是示例Playbook:
---
- name: Install and configure GitLab
hosts: gitlab_servers
become: yes
vars:
gitlab_version: "13.5.0-ce"
gitlab_repo: "https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el7/gitlab-ce-{{ gitlab_version }}.ce.el7.x86_64.rpm"
gitlab_key: "https://packages.gitlab.com/gpg.key"
tasks:
- name: Add GitLab repository
yum_repository:
name: gitlab-ce
description: GitLab repository
baseurl: "{{ gitlab_repo }}"
gpgcheck: yes
gpgkey: "{{ gitlab_key }}"
enabled: yes
update_cache: yes
- name: Install GitLab
yum:
name: gitlab-ce-{{ gitlab_version }}.ce.el7.x86_64
state: present
disable_gpg_check: yes
- name: Start GitLab service
service:
name: gitlab-runsvdir
state: started
enabled: yes
- name: Configure GitLab external URL
lineinfile:
path: /etc/gitlab/gitlab.rb
regexp: '^external_url'
line: 'external_url "http://your-gitlab-url"'
backup: yes
- name: Reconfigure GitLab
shell: gitlab-ctl reconfigure
args:
creates: /etc/gitlab/reconfigured
该Playbook实现了GitLab的仓库添加、安装、服务启动、外部URL配置及重配置,支持批量执行。
