From 5a4198e29a4e62fdb525c17e636382cc142ba229 Mon Sep 17 00:00:00 2001
From: clay <20932067@zju.edu.cn>
Date: Sat, 2 Dec 2023 16:24:07 +0800
Subject: [PATCH] =?UTF-8?q?ci/cd=20:=20=E7=AC=AC=E4=B8=80=E6=AC=A1?=
 =?UTF-8?q?=E6=B5=8B=E8=AF=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .dockerignore  |  41 +++++++++++++++++++
 .drone.yml     | 105 +++++++++++++++++++++++++++++++++++++++++++++++++
 Dockerfile     |  17 ++++++++
 deployment.yml |  49 +++++++++++++++++++++++
 docker.sh      |  15 +++++++
 nginx.conf     |  50 +++++++++++++++++++++++
 6 files changed, 277 insertions(+)
 create mode 100644 .dockerignore
 create mode 100644 .drone.yml
 create mode 100644 Dockerfile
 create mode 100644 deployment.yml
 create mode 100644 docker.sh
 create mode 100644 nginx.conf

diff --git a/.dockerignore b/.dockerignore
new file mode 100644
index 0000000..042a941
--- /dev/null
+++ b/.dockerignore
@@ -0,0 +1,41 @@
+### Java template
+# Compiled class file
+*.class
+# Log file
+*.log
+# BlueJ files
+*.ctxt
+# Mobile Tools for Java (J2ME)
+.mtj.tmp/
+# Package Files #
+*.jar
+*.war
+*.nar
+*.ear
+*.zip
+*.tar.gz
+*.rar
+# virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml
+hs_err_pid*
+### Maven template
+target/
+pom.xml.tag
+pom.xml.releaseBackup
+pom.xml.versionsBackup
+pom.xml.next
+release.properties
+dependency-reduced-pom.xml
+buildNumber.properties
+.mvn/timing.properties
+# https://github.com/takari/maven-wrapper#usage-without-binary-jar
+.mvn/wrapper/maven-wrapper.jar
+### Example user template template
+### Example user template
+# IntelliJ project files
+.idea
+*.iml
+out
+gen
+!build
+!default.conf
+!nginx.conf
diff --git a/.drone.yml b/.drone.yml
new file mode 100644
index 0000000..4b12727
--- /dev/null
+++ b/.drone.yml
@@ -0,0 +1,105 @@
+kind: pipeline
+type: docker
+name: tunnel-cloud-web
+steps:
+  - name: build-package
+    image: registry.cn-chengdu.aliyuncs.com/claywang/node:16.20.0
+    volumes:
+      - name: cache
+        path: /drone/src/node_modules
+      - name: build
+        path: /app/build
+    commands:
+      - export CI=false
+#      - mkdir -p /app/build/$DRONE_REPO_NAME
+#      - rm -rf /app/build/$DRONE_REPO_NAME/*
+#      - cp deployment.yml /app/build/$DRONE_REPO_NAME/
+#      - cp Dockerfile /app/build/$DRONE_REPO_NAME/
+#      - cp .dockerignore /app/build/$DRONE_REPO_NAME/
+#      - cp default.conf /app/build/$DRONE_REPO_NAME/
+#      - cp docker.sh /app/build/$DRONE_REPO_NAME/
+#      - cp nginx.conf /app/build/$DRONE_REPO_NAME/
+      - npm -v
+      - mkdir -p ./node_modules
+      - export NODE_MODULES_PATH=`pwd`/node_modules
+      - npm config set registry https://registry.npm.taobao.org
+      - set NODE_OPTIONS=--openssl-legacy-provider
+      - npm install
+      - npm run build
+      - ls /app/build/$DRONE_REPO_NAME/
+      - echo $NODE_MODULES_PATH
+      - cp -r dist /app/build/$DRONE_REPO_NAME
+
+
+
+  - name: build-docker # 制作docker镜像
+    image: docker # 使用官方docker镜像
+    volumes: # 将容器内目录挂载到宿主机
+      - name: build
+        path: /app/build
+      - name: docker
+        path: /var/run/docker.sock # 挂载宿主机的docker
+      - name: config
+        path: /config
+    environment: # 获取到密文的docker用户名和密码
+      DOCKER_USERNAME:
+        from_secret: docker_username
+      DOCKER_PASSWORD:
+        from_secret: docker_password
+      REGISTRY:
+        from_secret: registry
+      REGISTRY_NAMESPACE:
+        from_secret: registry_namespace
+    commands: # 定义在Docker容器中执行的shell命令
+#      - cd /app/build/$DRONE_REPO_NAME/
+      - cat Dockerfile
+      - sed -i 's/$REGISTRY/'"$REGISTRY"'/' deployment.yml
+      - sed -i 's/$REGISTRY_NAMESPACE/'"$REGISTRY_NAMESPACE"'/' deployment.yml
+      - sed -i 's/$DRONE_REPO_NAME/'"$DRONE_REPO_NAME"'/' deployment.yml
+      - sed -i 's/$DRONE_COMMIT/'"$DRONE_COMMIT"'/' deployment.yml
+      #      - sed -i 's/$DRONE_COMMIT/'"$DRONE_COMMIT"'/' docker.sh
+      #      - sed -i 's/$DRONE_REPO_NAME/'"$DRONE_REPO_NAME"'/' docker.sh
+      # docker登录,不能在脚本中登录,并且不能使用docker login -u -p
+      - echo $DOCKER_PASSWORD | docker login $REGISTRY --username $DOCKER_USERNAME --password-stdin
+      - chmod +x docker.sh
+      - cat docker.sh
+      - sh docker.sh
+      # 执行完脚本删除本次制作的docker镜像,避免多次后当前runner空间不足
+      - docker rmi -f $(docker images | grep $DRONE_REPO_NAME | awk '{print $3}')
+
+  - name: drone-rancher # rancher运行
+    image: registry.cn-chengdu.aliyuncs.com/claywang/kubectl #阿里云的kubectl镜像,里面包含kubectl命令行工具
+    volumes: # 将容器内目录挂载到宿主机
+      - name: build
+        path: /app/build # 将应用打包好的Jar和执行脚本挂载出来
+      - name: config
+        path: /app/config # 将kubectl 配置文件挂载出来
+    commands: # 定义在Docker容器中执行的shell命令
+#      - cd /app/build/$DRONE_REPO_NAME/
+      # 将deployment中定义的变量替换为drone中的内置变量
+      - cat deployment.yml
+      # 通过kubectl指令运行deployment.yml,并指定授权文件kubectl_conf.yml
+      - kubectl apply -f deployment.yml -n pro --kubeconfig=/app/config/tunnel-cloud-config.yml
+
+volumes:
+  - name: build
+    host:
+      path: /home/build/tunnel-cloud-web
+  - name: cache
+    host:
+      path: /home/npm/cache
+  - name: config # k8s对接的配置文件
+    host:
+      path: /home/kubect
+  - name: maven-cache # maven的缓存文件
+    host:
+      path: /home/data/maven/cache
+  - name: docker # 宿主机中的docker
+    host:
+      path: /var/run/docker.sock
+
+trigger:
+  branch:
+    - prod
+  event:
+    - push
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..944ee69
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,17 @@
+FROM nginx
+
+RUN rm -rf /etc/nginx/conf.d/default.conf
+RUN rm -rf /etc/nginx/nginx.conf
+COPY default.conf /etc/nginx/conf.d
+COPY nginx.conf /etc/nginx/
+
+#RUN useradd -b /home/clay -m -s /bin/bash clay
+#RUN chmod a+xr -R /home/clay && chown clay:clay -R /home/clay
+#USER clay
+
+COPY ./dist /home/clay
+
+WORKDIR /home/clay
+
+
+EXPOSE 80
diff --git a/deployment.yml b/deployment.yml
new file mode 100644
index 0000000..9c94e14
--- /dev/null
+++ b/deployment.yml
@@ -0,0 +1,49 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: $DRONE_REPO_NAME
+spec:
+  type: ClusterIP
+  ports:
+    - protocol: TCP
+      port: 80
+      targetPort: 80
+  selector:
+    app: $DRONE_REPO_NAME
+
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: $DRONE_REPO_NAME
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: $DRONE_REPO_NAME
+  template:
+    metadata:
+      labels:
+        app: $DRONE_REPO_NAME
+    spec:
+      imagePullSecrets:
+        - name: harbor
+      containers:
+        - image: $REGISTRY/$REGISTRY_NAMESPACE/$DRONE_REPO_NAME:$DRONE_COMMIT
+          name: $DRONE_REPO_NAME
+          imagePullPolicy: Always
+          env:
+            - name: TIME_ZONE
+              value: Asia/Shanghai
+            - name: REF_NAME
+              value: dev
+          resources:
+            requests:
+              memory: 0.1Gi
+              cpu: 0.1
+            limits:
+              memory: 2Gi
+              cpu: 2
+          ports:
+            - containerPort: 8080
+              name: app-port
diff --git a/docker.sh b/docker.sh
new file mode 100644
index 0000000..dbe7f9d
--- /dev/null
+++ b/docker.sh
@@ -0,0 +1,15 @@
+#!/bin/sh
+# 定义应用组名
+group_name='clay'
+# 定义应用名称
+app_name=$DRONE_REPO_NAME
+# 定义应用版本
+app_version=$DRONE_COMMIT
+echo ${app_version}
+# 打包编译docker镜像
+echo '----build image start----'
+docker build -t ${group_name}/${app_name} .
+echo '----build image success----'
+docker tag ${group_name}/${app_name} $REGISTRY/$REGISTRY_NAMESPACE/${app_name}:${app_version}
+docker push $REGISTRY/$REGISTRY_NAMESPACE/${app_name}:${app_version}
+echo 'push success'
diff --git a/nginx.conf b/nginx.conf
new file mode 100644
index 0000000..2ea5122
--- /dev/null
+++ b/nginx.conf
@@ -0,0 +1,50 @@
+user  nginx;
+worker_processes  auto;
+
+error_log  /var/log/nginx/error.log notice;
+pid        /var/run/nginx.pid;
+
+
+events {
+    worker_connections  1024;
+}
+http {
+    include       /etc/nginx/mime.types;
+    default_type  application/octet-stream;
+    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
+                      '$status $body_bytes_sent "$http_referer" '
+                      '"$http_user_agent" "$http_x_forwarded_for"';
+
+     add_header 'Access-Control-Allow-Origin' '*';
+     add_header 'Access-Control-Allow-Headers' '*';
+     add_header 'Access-Control-Allow-Methods' '*';
+
+    access_log  /var/log/nginx/access.log  main;
+
+    sendfile        on;
+
+    keepalive_timeout  65;
+
+    server {
+        listen       80;
+        listen  [::]:80;
+
+        location /api {
+          proxy_pass http://gateway.pro.svc.cluster.local:8080;
+          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+          proxy_set_header X-Forwarded-Proto $scheme;
+          proxy_set_header X-Forwarded-Port $server_port;
+          proxy_set_header Host $host;
+          rewrite "^/api/(.*)$" /$1 break;
+          proxy_http_version 1.1;
+          proxy_set_header Upgrade $http_upgrade;
+          proxy_set_header Connection 'upgrade';
+        }
+
+        location / {
+            root   /home/clay;
+            index  index.html index.htm;
+            try_files $uri $uri/ /index.html;
+        }
+}
+}