gitlab cicd 之 多项目多分支 案例

项目概况

# A、项目基本情况
    A1、该项目共计四个代码仓库,分别是 a:主控、a1:主控前端web、b:被控、c:节点
    A2、每个项目各自长期包含三个分支,分别是 development开发分支(默认分支)、testing测试版分支、main稳定版分支(后期可能会有临时的hostfix分支、feature[number]分支)
    A3、项目对外发布两个版本,分别是基于testing分支的测试版、基于main分支的稳定版。版本基于以上两个分支的tag触发流水线,tag前缀分别是beta.和stable.
    A4、对于每个项目的development默认开发分支的每一次代码提交,均立即同步部署到开发环境。
    A5、权限管控和分支保护。
        A5.1、对testing分支进行保护,只授予测试人员合并权限,除管理员外没有push权限,不能强制push。
        A5.2、对main分支进行保护,只授予项目管理员合并权限,不能强制push。
        A5.3、对tag进行保护,采用正则方式保护以beta.和stable.开头的tag。
    A6、项目代码存在依赖关系,
        A6.1、主控 依赖 主控前端web。
        A6.2、被控 依赖 主控。
        A6.3、节点 依赖 主控。
    A7、每次发布的包均是全量包(若是有热更新的增量包会更难),且只有一个打包入口(即主控提交tag动作触发),每次对四个项目对应tag进行打包,保证各个组件发布版本一致性。

# 补充需求
    B1、涉及四个项目,4*3=12个分支,两大类动作(基于development的同步部署、基于tag的打包),所以引入一个单独的cicd项目库,统一管理。
    B2、对A7的分析得之,打包流水线涉及多项目触发场景。且主控打包必须先触发主控前端web打包,一直等待主控前端web完成后,再进行主控打包。
    B3、需要同步对其他项目打tag,需要创建群组访问令牌token,并使用curl调用api的方式实现。

a(主控项目)的cicd配置文件(所有项目CICD的入口)

variables:
  #A: "$CI_PROJECT_DIR"
  #Dash_Production_Dir: "$A"
  # 注意这里的$CI_PROJECT_DIR变量无法传递到下游,通过上面中转的形式,也只能获取到下游的项目路径,不是我们要的a项目的路径,所以这里只能是写死。
  Dash_Production_Dir: "/xxxxxxx"
  Dash_Vue_Dir: "a1的目录"
  Version: "$CI_COMMIT_TAG"

stages:
  - "rsync_a_to_dev"
  - "sync_add_tag"
  - "build_a1"
  - "build_a"
  - "build_b"
  - "build_c"

rsync_a_to_dev_job:
  stage: rsync_a_to_dev
  rules:
    # 检测development分支的push动作
    - if: '$CI_COMMIT_BRANCH == "development" && $CI_PIPELINE_SOURCE == "push"'
    # 当合并的目标分支是development,且判断执行合并的结果,进行触发
    - if: '$CI_MERGE_REQUEST_TARGET_BRANCH_NAME == "development" && $CI_MERGE_REQUEST_EVENT_TYPE == "merged_result"'
  tags:
    - shell-runner
  script:
    - echo $CI_COMMIT_TAG

# 在下游联动项目a1、b、c的对应分支上打相同tag
sync_a1_b_c_add_tag:
  stage: sync_add_tag
  rules:
    - if: '$CI_COMMIT_TAG =~ /^beta.*$/ || $CI_COMMIT_TAG =~ /^stable.*$/'
  tags:
    - shell-runner
  script:
    - echo $CI_COMMIT_TAG
    - if [[ "$CI_COMMIT_TAG" == beta.* ]]; then Branch="testing"; fi
    - if [[ "$CI_COMMIT_TAG" == stable.* ]]; then Branch="main"; fi
    - if [[ "$CI_COMMIT_TAG" == beta.* || $CI_COMMIT_TAG == stable.* ]]; then echo "继续下一步"; else exit 1; fi
    # 用curl调用gitlab的api,同步打tag,注意各个项目的project_id
    - curl --request POST --header "PRIVATE-TOKEN:glpat-D7AJsZ12C1WJ-yhkVEVL" "https://gitlab.atstm.cc/api/v4/projects/15/repository/tags?tag_name=${CI_COMMIT_TAG}&ref=${Branch}&message=CICD-Auto-Trigger-Add-Tag-FromBranch-${Branch}-${CI_COMMIT_TAG}"
    - curl --request POST --header "PRIVATE-TOKEN:glpat-D7AJsZ12C1WJ-yhkVEVL" "https://gitlab.atstm.cc/api/v4/projects/16/repository/tags?tag_name=${CI_COMMIT_TAG}&ref=${Branch}&message=CICD-Auto-Trigger-Add-Tag-FromBranch-${Branch}-${CI_COMMIT_TAG}"
    - curl --request POST --header "PRIVATE-TOKEN:glpat-D7AJsZ12C1WJ-yhkVEVL" "https://gitlab.atstm.cc/api/v4/projects/17/repository/tags?tag_name=${CI_COMMIT_TAG}&ref=${Branch}&message=CICD-Auto-Trigger-Add-Tag-FromBranch-${Branch}-${CI_COMMIT_TAG}"

build_a1_job:
  stage: build_a1
  rules:
    - if: '$CI_COMMIT_TAG =~ /^beta.*$/ || $CI_COMMIT_TAG =~ /^stable.*$/'
  trigger:
    project: tools/a1
    strategy: depend
    # 注意这有两个作用:1、这里用branch 可以指定分支名字,也可以指定tag名;2、指定为tag的同时,也将变量$CI_COMMIT_TAG 传递到了下游流水线
    branch: $CI_COMMIT_TAG

build_a_job:
  stage: build_a
  rules:
    - if: '$CI_COMMIT_TAG =~ /^beta.*$/ || $CI_COMMIT_TAG =~ /^stable.*$/'
  tags:
    - shell-runner
  script:
    - pwd
    - echo "构建a"
    - echo "$CI_COMMIT_TAG"
    - echo "$Version"
    - echo "$Dash_Production_Dir"
    - echo "$Dash_Vue_Dir"

build_b_job:
  stage: build_b
  rules:
    - if: '$CI_COMMIT_TAG =~ /^beta.*$/ || $CI_COMMIT_TAG =~ /^stable.*$/'
  trigger:
    project: tools/b
    branch: $CI_COMMIT_TAG

build_c_job:
  stage: build_c
  rules:
    - if: '$CI_COMMIT_TAG =~ /^beta.*$/ || $CI_COMMIT_TAG =~ /^stable.*$/'
  trigger:
    project: tools/c
    branch: $CI_COMMIT_TAG

a1(主控前端项目)的CICD文件

a1/.gitlab-ci.yml

include:
  - project: 'tools/cicd'
    file: 'a1-cicd.yml'

#include:
#  # 将向development分支的push,直接同步部署到开发环境中
#  - project: 'tools/cicd'
#    file: 'a1-development-cicd.yml'
#    rules:
#      # 当提交分支是默认分支时触发流水线
#      - if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH && $CI_PIPELINE_SOURCE == "push"'
#
#  # 针对打对应tag,引用这个流水线(打这个两类tag必须 用行政手段控制,beta分别基于testing分支,stable基于main分支)
#  - project: 'tools/cicd'
#    file: 'a1-packaging-cicd.yml'
#    rules:
#      #- if: '$CI_COMMIT_TAG =~ /^beta.*$/ || $CI_COMMIT_TAG =~ /^stable.*$/'
#      # 注意,在多项目触发中,当要用上游项目触发下游时,下游的值要写成pipeline;分子项目的值要写成parent_pipeline
#      - if: '$CI_PIPELINE_SOURCE == "pipeline"'

tools/cicd/a1-cicd.yml

stages:
  - build_a1
  - rsync_a1_to_dev

build_a1_job:
  stage: build_a1
  rules:
    # 注意,在多项目触发中,当要用上游项目触发下游时,下游的值要写成pipeline;分子项目的值要写成parent_pipeline
    - if: '$CI_COMMIT_BRANCH == "development" && $CI_PIPELINE_SOURCE == "push"'
    - if: '$CI_MERGE_REQUEST_TARGET_BRANCH_NAME == "development" && $CI_MERGE_REQUEST_EVENT_TYPE == "merged_result"'
    - if: '$CI_PIPELINE_SOURCE == "pipeline"'
  tags:
    - shell-runner
  script:
    - echo "insatll_a1"
    - echo "$CI_COMMIT_TAG"
    - echo ${CI_COMMIT_TAG}
    - echo "$CI_COMMIT_TAG"
    - echo "$Version"
    - echo "$Dash_Production_Dir"
    - echo "$Dash_Vue_Dir"

rsync_a1_to_dev_job:
  stage: rsync_a1_to_dev
  rules:
    # 注意,在多项目触发中,当要用上游项目触发下游时,下游的值要写成pipeline;分子项目的值要写成parent_pipeline
    - if: '$CI_COMMIT_BRANCH == "development" && $CI_PIPELINE_SOURCE == "push"'
    - if: '$CI_MERGE_REQUEST_TARGET_BRANCH_NAME == "development" && $CI_MERGE_REQUEST_EVENT_TYPE == "merged_result"'
  tags:
    - shell-runner
  script:
    - echo "insatll_a1"
    - echo "$CI_COMMIT_TAG"
    - echo ${CI_COMMIT_TAG}
    - echo "$CI_COMMIT_TAG"
    - echo "$Version"
    - echo "$Dash_Production_Dir"
    - echo "$Dash_Vue_Dir"

b(被控项目)的CICD文件

include:
  - project: 'tools/cicd'
    file: 'b-cicd.yml'

tools/cicd/b-cicd.yml

stages:
  - rsync_to_dev
  - build_b
  - run_b

rsync_to_dev_job:
  stage: rsync_to_dev
  rules:
    - if: '$CI_COMMIT_BRANCH == "development" && $CI_PIPELINE_SOURCE == "push"'
    - if: '$CI_MERGE_REQUEST_TARGET_BRANCH_NAME == "development" && $CI_MERGE_REQUEST_EVENT_TYPE == "merged_result"'
  tags:
    - shell-runner
  script:
    - echo "rsync_to_dev"
    - echo "$CI_COMMIT_TAG"
    - echo "$Version"
    - echo "$Dash_Production_Dir"
    - echo "$Dash_Vue_Dir"

build_b_job:
  stage: build_b
  rules:
    # 注意,在多项目触发中,当要用上游项目触发下游时,下游的值要写成pipeline;分子项目的值要写成parent_pipeline
    - if: '$CI_PIPELINE_SOURCE == "pipeline" && $CI_COMMIT_TAG =~ /^beta.*$/'
    - if: '$CI_PIPELINE_SOURCE == "pipeline" && $CI_COMMIT_TAG =~ /^stable.*$/'
  tags:
    - shell-runner
  script:
    - echo "build_b"
    - echo "$CI_COMMIT_TAG"
    - echo "$Version"
    - echo "$Dash_Production_Dir"
    - echo "$Dash_Vue_Dir"

run_b_job:
  stage: run_b
  rules:
    # 注意,在多项目触发中,当要用上游项目触发下游时,下游的值要写成pipeline;分子项目的值要写成parent_pipeline
    - if: '$CI_PIPELINE_SOURCE == "pipeline" && $CI_COMMIT_TAG =~ /^beta.*$/'
    - if: '$CI_PIPELINE_SOURCE == "pipeline" && $CI_COMMIT_TAG =~ /^stable.*$/'
  tags:
    - shell-runner
  script:
    - echo "run_b"
    - echo "$CI_COMMIT_TAG"
    - echo "$Version"
    - echo "$Dash_Production_Dir"
    - echo "$Dash_Vue_Dir"

c(计算节点项目)的CICD文件

include:
  - project: 'tools/cicd'
    file: 'c-cicd.yml'

tools/cicd/c-cicd.yml

stages:
  - rsync_to_dev
  - install_c

rsync_to_dev_job:
  stage: rsync_to_dev
  rules:
    - if: '$CI_COMMIT_BRANCH == "development" && $CI_PIPELINE_SOURCE == "push"'
    # 当合并的目标分支是development,且判断执行合并的结果,进行触发
    - if: '$CI_MERGE_REQUEST_TARGET_BRANCH_NAME == "development" && $CI_MERGE_REQUEST_EVENT_TYPE == "merged_result"'
  tags:
    - shell-runner
  script:
    - echo "rsync_to_dev"
    - echo "$CI_COMMIT_TAG"
    - echo "$Version"
    - echo "$Dash_Production_Dir"
    - echo "$Dash_Vue_Dir"

install_c_job:
  stage: install_c
  rules:
    # 注意,在多项目触发中,当要用上游项目触发下游时,下游的值要写成pipeline;分子项目的值要写成parent_pipeline
    - if: '$CI_PIPELINE_SOURCE == "pipeline" && $CI_COMMIT_TAG =~ /^beta.*$/'
    - if: '$CI_PIPELINE_SOURCE == "pipeline" && $CI_COMMIT_TAG =~ /^stable.*$/'
  tags:
    - shell-runner
  script:
    - echo "install_c"
    - echo "$CI_COMMIT_TAG"
    - echo "$Version"
    - echo "$Dash_Production_Dir"
    - echo "$Dash_Vue_Dir"
声明:本文为原创,作者为 辣条①号,转载时请保留本声明及附带文章链接:https://boke.wsfnk.com/archives/1300.html
谢谢你请我吃辣条谢谢你请我吃辣条

如果文章对你有帮助,欢迎点击上方按钮打赏作者

最后编辑于:2024/3/6作者: 辣条①号

目标:网络规划设计师、系统工程师、ceph存储工程师、云计算工程师。 不负遇见,不谈亏欠!

暂无评论

发表回复

您的电子邮箱地址不会被公开。 必填项已用*标注

arrow grin ! ? cool roll eek evil razz mrgreen smile oops lol mad twisted wink idea cry shock neutral sad ???

文章目录