├── README.md ├── jobs ├── .gitkeep ├── build.yml ├── codeanalysis.yml └── test.yml └── templates ├── .gitkeep ├── java-pipeline.yml ├── k8s-java-pipeline.yml └── web-pipeline.yml /README.md: -------------------------------------------------------------------------------- 1 | # GitlabCI templates 2 | 3 | 4 | - jobs : 作业模板目录 5 | - templates : 流水线模板目录 6 | 7 | 8 | 9 | ## 当前功能 10 | 11 | - maven/npm打包 12 | - 单元测试 13 | - 代码扫描(多分支、Pullrequest集成) 14 | - 制品上传(artifactory、阿里云镜像仓库) 15 | 16 | 17 | 18 | ## 使用方法 19 | 20 | - 标准模板: 系统设置 -> CICD -> General pipelines -> Custom CI configuration path 21 | 22 | - 个性化: 使用include引入模板文件,进行自定义参数控制。 -------------------------------------------------------------------------------- /jobs/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zeyangli/gitlabci-templates/07192e6d3afb62f094fb3485ba38bd57a9f2c93b/jobs/.gitkeep -------------------------------------------------------------------------------- /jobs/build.yml: -------------------------------------------------------------------------------- 1 | .build: 2 | stage: build 3 | tags: 4 | - build 5 | script: 6 | - $BUILD_SHELL 7 | - ls 8 | 9 | 10 | 11 | .deploy-artifact: 12 | stage: deploy-artifact 13 | tags: 14 | - build 15 | script: 16 | - curl -u${ARTIFACT_USER}:${ARTIFACT_PASSWD} -T ${ARTIFACT_PATH} "$ARTIFACTORY_URL/$ARTIFACTORY_NAME/$TARGET_FILE_PATH/$TARGET_ARTIFACT_NAME" 17 | 18 | 19 | 20 | .down-artifact: 21 | stage: down-artifact 22 | tags: 23 | - build 24 | script: 25 | - curl -u${ARTIFACT_USER}:${ARTIFACT_PASSWD} -O "$ARTIFACTORY_URL/$ARTIFACTORY_NAME/$TARGET_FILE_PATH/$TARGET_ARTIFACT_NAME" 26 | - ls 27 | 28 | .build-docker: 29 | stage: buildimage 30 | tags: 31 | - build 32 | script: 33 | - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWD $CI_REGISTRY 34 | - docker build -t ${IMAGE_NAME} -f ${DOCKER_FILE_PATH} . 35 | - docker push ${IMAGE_NAME} 36 | - docker rmi ${IMAGE_NAME} 37 | -------------------------------------------------------------------------------- /jobs/codeanalysis.yml: -------------------------------------------------------------------------------- 1 | .codeanalysis-java: 2 | stage: code_analysis 3 | tags: 4 | - build 5 | script: 6 | - echo $CI_MERGE_REQUEST_IID $CI_MERGE_REQUEST_SOURCE_BRANCH_NAME $CI_MERGE_REQUEST_TARGET_BRANCH_NAME 7 | - "$SCANNER_HOME/bin/sonar-scanner -Dsonar.projectKey=${CI_PROJECT_NAME} \ 8 | -Dsonar.projectName=${CI_PROJECT_NAME} \ 9 | -Dsonar.projectVersion=${CI_COMMIT_REF_NAME} \ 10 | -Dsonar.ws.timeout=30 \ 11 | -Dsonar.projectDescription=${CI_PROJECT_TITLE} \ 12 | -Dsonar.links.homepage=${CI_PROJECT_URL} \ 13 | -Dsonar.sources=${SCAN_DIR} \ 14 | -Dsonar.sourceEncoding=UTF-8 \ 15 | -Dsonar.java.binaries=target/classes \ 16 | -Dsonar.java.test.binaries=target/test-classes \ 17 | -Dsonar.java.surefire.report=target/surefire-reports \ 18 | -Dsonar.branch.name=${CI_COMMIT_REF_NAME}" 19 | artifacts: 20 | paths: 21 | - "$ARTIFACT_PATH" 22 | 23 | 24 | .codeanalysis-mr: 25 | stage: code_analysis 26 | only: 27 | - merge_requests 28 | tags: 29 | - build 30 | script: 31 | - echo $GIT_DEPTH 32 | - echo $CI_MERGE_REQUEST_IID $CI_MERGE_REQUEST_SOURCE_BRANCH_NAME $CI_MERGE_REQUEST_TARGET_BRANCH_NAME 33 | - echo "$SCANNER_HOME/bin/sonar-scanner -Dsonar.projectKey=${CI_PROJECT_NAME} \ 34 | -Dsonar.projectName=${CI_PROJECT_NAME} \ 35 | -Dsonar.projectVersion=${CI_COMMIT_REF_NAME} \ 36 | -Dsonar.ws.timeout=30 \ 37 | -Dsonar.projectDescription=${CI_PROJECT_TITLE} \ 38 | -Dsonar.links.homepage=${CI_PROJECT_URL} \ 39 | -Dsonar.sources=${SCAN_DIR} \ 40 | -Dsonar.sourceEncoding=UTF-8 \ 41 | -Dsonar.java.binaries=target/classes \ 42 | -Dsonar.java.test.binaries=target/test-classes \ 43 | -Dsonar.java.surefire.report=target/surefire-reports \ 44 | -Dsonar.pullrequest.key=${CI_MERGE_REQUEST_IID} \ 45 | -Dsonar.pullrequest.branch=${CI_MERGE_REQUEST_SOURCE_BRANCH_NAME} \ 46 | -Dsonar.pullrequest.base=${CI_MERGE_REQUEST_TARGET_BRANCH_NAME} " 47 | - "$SCANNER_HOME/bin/sonar-scanner -Dsonar.projectKey=${CI_PROJECT_NAME} \ 48 | -Dsonar.projectName=${CI_PROJECT_NAME} \ 49 | -Dsonar.projectVersion=${CI_COMMIT_REF_NAME} \ 50 | -Dsonar.ws.timeout=30 \ 51 | -Dsonar.projectDescription=${CI_PROJECT_TITLE} \ 52 | -Dsonar.links.homepage=${CI_PROJECT_URL} \ 53 | -Dsonar.sources=${SCAN_DIR} \ 54 | -Dsonar.sourceEncoding=UTF-8 \ 55 | -Dsonar.java.binaries=target/classes \ 56 | -Dsonar.java.test.binaries=target/test-classes \ 57 | -Dsonar.java.surefire.report=target/surefire-reports \ 58 | -Dsonar.pullrequest.key=${CI_MERGE_REQUEST_IID} \ 59 | -Dsonar.pullrequest.branch=${CI_MERGE_REQUEST_SOURCE_BRANCH_NAME} \ 60 | -Dsonar.pullrequest.base=${CI_MERGE_REQUEST_TARGET_BRANCH_NAME} \ 61 | -Dsonar.gitlab.ref_name=${CI_COMMIT_REF_NAME} \ 62 | -Dsonar.gitlab.commit_sha=${CI_COMMIT_SHA} \ 63 | -Dsonar.gitlab.project_id=${CI_PROJECT_PATH} \ 64 | -Dsonar.pullrequest.gitlab.repositorySlug=$CI_PROJECT_ID " 65 | 66 | #-Dsonar.branch.name=${CI_COMMIT_REF_NAME} -X " 67 | -------------------------------------------------------------------------------- /jobs/test.yml: -------------------------------------------------------------------------------- 1 | #单元测试 2 | 3 | .test: 4 | stage: test 5 | tags: 6 | - build 7 | script: 8 | - $TEST_SHELL 9 | - ls 10 | artifacts: 11 | reports: 12 | junit: ${JUNIT_REPORT_PATH} 13 | -------------------------------------------------------------------------------- /templates/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zeyangli/gitlabci-templates/07192e6d3afb62f094fb3485ba38bd57a9f2c93b/templates/.gitkeep -------------------------------------------------------------------------------- /templates/java-pipeline.yml: -------------------------------------------------------------------------------- 1 | include: 2 | - project: 'cidevops/cidevops-gitlabci-service' 3 | ref: master 4 | file: 'jobs/build.yml' 5 | - project: 'cidevops/cidevops-gitlabci-service' 6 | ref: master 7 | file: 'jobs/test.yml' 8 | - project: 'cidevops/cidevops-gitlabci-service' 9 | ref: master 10 | file: 'jobs/codeanalysis.yml' 11 | 12 | variables: 13 | BUILD_SHELL: 'mvn clean package -DskipTests' ##构建命令 14 | CACHE_DIR: 'target/' 15 | TEST_SHELL : 'mvn test' ##测试命令 16 | JUNIT_REPORT_PATH: 'target/surefire-reports/TEST-*.xml' ##单元测试报告 17 | # 代码扫描 18 | SCANNER_HOME : "/usr/local/buildtools/sonar-scanner-3.2.0.1227-linux" 19 | SCAN_DIR : "src" 20 | ARTIFACT_PATH : 'target/*.jar' ##制品目录 21 | 22 | #上传制品库 23 | ARTIFACTORY_URL: "http://192.168.1.200:30082/artifactory" 24 | ARTIFACTORY_NAME: "cidevops" 25 | TARGET_FILE_PATH: "$CI_PROJECT_NAMESPACE/$CI_PROJECT_NAME/$CI_COMMIT_REF_NAME-$CI_COMMIT_SHORT_SHA-$CI_PIPELINE_ID" 26 | TARGET_ARTIFACT_NAME: "$CI_PROJECT_NAME-$CI_COMMIT_REF_NAME-$CI_COMMIT_SHORT_SHA-$CI_PIPELINE_ID.jar" 27 | 28 | #构建镜像 29 | CI_REGISTRY: 'registry.cn-beijing.aliyuncs.com' 30 | CI_REGISTRY_USER: '610556220zy' 31 | #CI_REGISTRY_PASSWD: 'xxxxxxxx.' 32 | IMAGE_NAME: "$CI_REGISTRY/$CI_PROJECT_PATH:$CI_COMMIT_REF_NAME-$CI_COMMIT_SHORT_SHA-$CI_PIPELINE_ID" 33 | DOCKER_FILE_PATH: "./Dockerfile" 34 | 35 | 36 | 37 | cache: 38 | paths: 39 | - ${CACHE_DIR} 40 | 41 | stages: 42 | - build 43 | - test 44 | - parallel01 45 | - down_artifact 46 | 47 | 48 | build: 49 | stage: build 50 | extends: .build 51 | rules: 52 | - when: on_success 53 | 54 | 55 | test: 56 | stage: test 57 | extends: .test 58 | rules: 59 | - when: on_success 60 | 61 | 62 | code_analysis: 63 | stage: parallel01 64 | extends: .codeanalysis-java 65 | 66 | codeanalysis_mr: 67 | stage: parallel01 68 | extends: .codeanalysis-mr 69 | 70 | deploy_artifact: 71 | stage: parallel01 72 | extends: .deploy-artifact 73 | 74 | down_artifact: 75 | stage: down_artifact 76 | extends: .down-artifact 77 | 78 | 79 | build_image: 80 | stage: parallel01 81 | extends: .build-docker 82 | 83 | 84 | 85 | -------------------------------------------------------------------------------- /templates/k8s-java-pipeline.yml: -------------------------------------------------------------------------------- 1 | include: 2 | - project: 'cidevops/cidevops-gitlabci-service' 3 | ref: master 4 | file: 'jobs/build.yml' 5 | - project: 'cidevops/cidevops-gitlabci-service' 6 | ref: master 7 | file: 'jobs/test.yml' 8 | - project: 'cidevops/cidevops-gitlabci-service' 9 | ref: master 10 | file: 'jobs/codeanalysis.yml' 11 | - project: 'cidevops/cidevops-gitlabci-service' 12 | ref: master 13 | file: 'jobs/deploy.yml' 14 | 15 | variables: 16 | GIT_CLONE_PATH: $CI_BUILDS_DIR/builds/$CI_PROJECT_NAMESPACE/$CI_PROJECT_NAME/$CI_PIPELINE_ID 17 | GIT_CHECKOUT: "false" 18 | MVN_OPTS: "-Dmaven.repo.local=/home/gitlab-runner/m2" 19 | BUILD_SHELL: 'mvn clean package -DskipTests -Dmaven.repo.local=/home/gitlab-runner/ci-build-cache/maven --settings=./settings.xml' ##构建命令 20 | TEST_SHELL : 'mvn test -Dmaven.repo.local=/home/gitlab-runner/ci-build-cache/maven --settings=./settings.xml' ##测试命令 21 | JUNIT_REPORT_PATH: 'target/surefire-reports/TEST-*.xml' ##单元测试报告 22 | 23 | # 代码扫描 24 | SCANNER_HOME : "" 25 | SCAN_DIR : "src" 26 | ARTIFACT_PATH : 'target/*.jar' ##制品目录 27 | 28 | #上传制品库 29 | ARTIFACTORY_URL: "http://192.168.1.200:30082/artifactory" 30 | ARTIFACTORY_NAME: "cidevops" 31 | TARGET_FILE_PATH: "$CI_PROJECT_NAMESPACE/$CI_PROJECT_NAME/$CI_COMMIT_REF_NAME-$CI_COMMIT_SHORT_SHA-$CI_PIPELINE_ID" 32 | TARGET_ARTIFACT_NAME: "$CI_PROJECT_NAME-$CI_COMMIT_REF_NAME-$CI_COMMIT_SHORT_SHA-$CI_PIPELINE_ID.jar" 33 | 34 | #构建镜像 35 | CI_REGISTRY: 'registry.cn-beijing.aliyuncs.com' 36 | CI_REGISTRY_USER: '610556220zy' 37 | #CI_REGISTRY_PASSWD: 'xxxxxxxx.' 38 | IMAGE_NAME: "$CI_REGISTRY/$CI_PROJECT_PATH:$CI_COMMIT_REF_NAME-$CI_COMMIT_SHORT_SHA-$CI_PIPELINE_ID" 39 | DOCKER_FILE_PATH: "./Dockerfile" 40 | 41 | #部署k8s 42 | RUN_DEPLOY: "yes" 43 | APP_NAME: "$CI_PROJECT_NAME" 44 | CONTAINER_PORT: 8081 45 | NODE_PORT: 30185 46 | ENV_NAME: "staging" 47 | ENV_URL: "http://192.168.1.200:30185" 48 | NAMESPACE: "$CI_PROJECT_NAME-$CI_PROJECT_ID-$CI_ENVIRONMENT_SLUG" 49 | 50 | 51 | 52 | image: docker:latest 53 | 54 | 55 | stages: 56 | - build 57 | - test 58 | - parallel01 59 | - down_artifact 60 | - deploy 61 | - interface_test 62 | 63 | before_script: 64 | - ls /home/gitlab-runner/ci-build-cache/builds/ 65 | - echo $CI_BUILDS_DIR 66 | - echo $KUBE_URL $KUBE_TOKEN $KUBE_CA_PEM $KUBE_CA_PEM_FILE 67 | - export 68 | 69 | 70 | build: 71 | variables: 72 | GIT_CHECKOUT: "true" 73 | tags: 74 | - k8s 75 | image: maven:3.6.3-jdk-8 76 | stage: build 77 | extends: .build 78 | rules: 79 | - when: on_success 80 | after_script: 81 | - ls target/ 82 | 83 | test: 84 | before_script: 85 | - ls target/ 86 | tags: 87 | - k8s 88 | image: maven:3.6.3-jdk-8 89 | stage: test 90 | extends: .test 91 | rules: 92 | - when: on_success 93 | after_script: 94 | - ls target/ 95 | 96 | code_analysis: 97 | tags: 98 | - k8s 99 | image: sonarsource/sonar-scanner-cli:latest 100 | stage: parallel01 101 | script: 102 | - ls target/ 103 | - echo $CI_MERGE_REQUEST_IID $CI_MERGE_REQUEST_SOURCE_BRANCH_NAME $CI_MERGE_REQUEST_TARGET_BRANCH_NAME 104 | - "sonar-scanner -Dsonar.projectKey=${CI_PROJECT_NAME} \ 105 | -Dsonar.projectName=${CI_PROJECT_NAME} \ 106 | -Dsonar.projectVersion=${CI_COMMIT_REF_NAME} \ 107 | -Dsonar.ws.timeout=30 \ 108 | -Dsonar.projectDescription=${CI_PROJECT_TITLE} \ 109 | -Dsonar.links.homepage=${CI_PROJECT_URL} \ 110 | -Dsonar.sources=${SCAN_DIR} \ 111 | -Dsonar.sourceEncoding=UTF-8 \ 112 | -Dsonar.java.binaries=target/classes \ 113 | -Dsonar.java.test.binaries=target/test-classes \ 114 | -Dsonar.java.surefire.report=target/surefire-reports \ 115 | -Dsonar.host.url=http://192.168.1.200:30090 \ 116 | -Dsonar.login=ee2bcb37deeb6dfe3a07fe08fb529559b00c1b7b \ 117 | -Dsonar.branch.name=${CI_COMMIT_REF_NAME}" 118 | 119 | build_image: 120 | before_script: 121 | - ls target/ 122 | tags: 123 | - k8s 124 | image: docker:latest 125 | services: 126 | - name: docker:dind 127 | stage: parallel01 128 | extends: .build-docker 129 | 130 | 131 | deploy_k8s: 132 | image: lucj/kubectl:1.17.2 133 | tags: 134 | - k8s 135 | - kubernetes-runner 136 | stage: deploy 137 | script: 138 | - kubectl config set-cluster my-cluster --server=${KUBE_URL} --certificate-authority="${KUBE_CA_PEM_FILE}" 139 | - kubectl config set-credentials admin --token=${KUBE_TOKEN} 140 | - sed -i "s#__namespace__#${NAMESPACE}#g" deployment.yaml 141 | - sed -i "s#__appname__#${APP_NAME}#g" deployment.yaml 142 | - sed -i "s#__containerport__#${CONTAINER_PORT}#g" deployment.yaml 143 | - sed -i "s#__nodeport__#${NODE_PORT}#g" deployment.yaml 144 | - sed -i "s#__imagename__#${IMAGE_NAME}#g" deployment.yaml 145 | - sed -i "s#__CI_ENVIRONMENT_SLUG__#${CI_ENVIRONMENT_SLUG}#g" deployment.yaml 146 | - sed -i "s#__CI_PROJECT_PATH_SLUG__#${CI_PROJECT_PATH_SLUG}#g" deployment.yaml 147 | - cat deployment.yaml 148 | - kubectl apply -f deployment.yaml 149 | environment: 150 | name: $ENV_NAME 151 | url: $ENV_URL 152 | 153 | 154 | interfact_test: 155 | inherit: 156 | variables: false 157 | stage: interface_test 158 | extends: .interfacetest 159 | 160 | -------------------------------------------------------------------------------- /templates/web-pipeline.yml: -------------------------------------------------------------------------------- 1 | include: 2 | - project: 'cidevops/cidevops-gitlabci-service' 3 | ref: master 4 | file: 'jobs/build.yml' 5 | 6 | variables: 7 | BUILD_SHELL: 'npm run build' ##构建命令 8 | CACHE_DIR : "dist/" ##构建缓存 9 | 10 | 11 | cache: 12 | paths: 13 | - ${CACHE_DIR} 14 | - node_modules/ 15 | 16 | stages: 17 | - install 18 | - build 19 | 20 | install: 21 | stage: install 22 | script: 23 | - 'npm install' 24 | 25 | build: 26 | stage: build 27 | extends: .build 28 | --------------------------------------------------------------------------------