2.5. 部署gitlab-runner
我们原来缺少一个 action runners,也就是gitlab-runner
我们可以用一个小的镜像gitlab/gitlab-runner:alpine-v14.4.2
docker run -d --name gitlab-runner --restart always --net=host \ -v /srv/gitlab-runner/config:/etc/gitlab-runner \ -v /var/run/docker.sock:/var/run/docker.sock \ gitlab/gitlab-runner:alpine-v14.4.2
$ docker run --rm -it -v /srv/gitlab-runner/config:/etc/gitlab-runner gitlab/gitlab-runner:alpine-v14.4.2 register Runtime platform arch=amd64 os=linux pid=7 revision=50fc80a6 version=14.4.2 Running in system-mode. Enter the GitLab instance URL (for example, https://gitlab.com/): http://192.168.211.70:8081 Enter the registration token: 6D5mo8iWCLBaVdqcaqjN Enter a description for the runner: [329b671ffa00]: gitlab-example Enter tags for the runner (comma-separated): Registering runner... succeeded runner=6D5mo8iW Enter an executor: ssh, virtualbox, docker+machine, shell, docker-ssh+machine, kubernetes, custom, docker, docker-ssh, parallels: docker Enter the default Docker image (for example, ruby:2.6): ubuntu:20.04 Runner registered successfully. Feel free to start it, but if it's running already the config should be automatically reloaded!
注册完成后,gitlab界面检查gitlab-runner是否注册成功
绿色代表成功,回到项目界面,已经开始在跑了。
2.6 测试跑起来
2.7 CI变得更安全
创建普通用户
apt-get update && apt-get upgrade useradd -m -s /bin/bash youtube passwd youtube usermod -aG sudo youtube
禁用关于root用户ssh的根访问
$ su - youtube $ vim /etc/ssh/sshd_config PermitRootLogin no $ systemctl restart ssh $ ssh root@192.168.211.70(拒绝)
安装Docker
ssh-copy-id youtube@server-IP apt-get install -y docker.io #当前用户授权 usermod -aG docker $USER docker ps docker run hello-world
在youtube用户下重新运行部署新的gitlab-runner并注册,继续测试。
视频:https://mp.weixin.qq.com/s/NKgpZ1CCybkrNakZIlN-Ng
原创:https://www.youtube.com/watch?v=6QtJDaycUwA
github:https://github.com/Ghostwritten/gitlab-example-demo.git
更多阅读:
部署gitlab
gitlab-runner部署
Gitlab 基础配置
Create a Continuous Integration (CI) Pipeline in Gitlab
git与gitlab快速学习手册
