持续集成交付CICD：GitLabCI操作Harbor仓库

目录

一、实验

1.GitLabCI操作Harbor仓库

二、问题

1.gitlab-runner连接docker daemon报错

---

一、实验

1.GitLabCI操作Harbor仓库

（1）修改GitLabCI共享库代码并提交到mater

CI.yaml

.pipelineInit:
  tags:
    - build
  stage: .pre
  variables:
    GIT_CHECKOUT: "true"
  script:
    - ls -l

.cibuild:
    tags:
      - build
    stage: build
    script:
      - echo "${BUILD_SHELL}"
      - ${BUILD_SHELL}
    artifacts:
      paths:
        - ${ARTIFACT_PATH}

.citest:
  tags:
    - build
  stage: test
  script:
    - echo "${TEST_SHELL}"
    - ${TEST_SHELL}
    # artifacts:
    # reports:
    #   - junit: ${TEST_REPORTS}

.sonarscan:
  tags: 
    - build
  stage: sonarscan
  script: 
    |-
      sonar-scanner -Dsonar.host.url=http://192.168.204.8:9000 \
        -Dsonar.projectKey=${CI_PROJECT_NAME}\
        -Dsonar.projectName=${CI_PROJECT_NAME} \
        -Dsonar.projectVersion=${CI_COMMIT_SHA} \
        -Dsonar.login=${SONAR_AUTH_TOKEN} \
        -Dsonar.ws.timeout=30 \
        -Dsonar.projectDescription=${CI_PROJECT_TITLE} \
        -Dsonar.links.homepage=${CI_PROJECT_URL} \
        -Dsonar.links.ci=${CI_PIPELINE_URL} \
        -Dsonar.sources=src \
        -Dsonar.sourceEncoding=UTF-8 \
        -Dsonar.java.binaries=target/classes \
        -Dsonar.java.test.binaries=target/test-classes \
        -Dsonar.java.surefire.report=target/surefire-reports \
        -Dsonar.core.codeCoveragePlugin=jacoco \
        -Dsonar.jacoco.reportPaths=target/jacoco.exec

.pushartifact:
  tags:
    - build
  stage: pushartifact
  script:
    |-
      if [[ ${PROJECT_TYPE} == "java" ]];then
          pkgName=`ls target/ | grep -e "^maven.*jar$"`
          cd target/
          mv ${pkgName} ${CI_PROJECT_NAME}-${CI_COMMIT_SHA}.jar
          curl -X POST "http://192.168.204.13:8081/service/rest/v1/components?repository=mylocalrepo" \
          -H "accept: application/json" \
          -H "Content-Type: multipart/form-data" \
          -F "raw.directory=/${CI_PROJECT_NAMESPACE}/${CI_PROJECT_NAME}/${CI_COMMIT_SHA}/" \
          -F "raw.asset1=@${CI_PROJECT_NAME}-${CI_COMMIT_SHA}.jar;type=application/java-archive" \
          -F "raw.asset1.filename=${CI_PROJECT_NAME}-${CI_COMMIT_SHA}.jar" -u admin:Admin123
      else
          echo "PROJECT_TYPE ERROR [java]"
      fi

.dockerbuild:
  tags:
    - build
  stage: dockerbuild
  script:
    |-
      imageName=${CI_PROJECT_NAMESPACE}/${CI_PROJECT_NAME}:${CI_COMMIT_SHA}
      docker login -u admin -p Harbor12345 192.168.204.15
      docker build -t 192.168.204.15/${imageName} .
      docker push  192.168.204.15/${imageName}
      sleep 2
      docker rmi 192.168.204.15/${imageName}

gitlab-ci.yaml

include:
 - project: 'devops03/devops03-gitlabci-lib'
   ref: master
   file: "/jobs/CI.yaml"




workflow:
  rules:
    #新建分支永远不执行
    - if: $CI_PIPELINE_SOURCE == "web"      #允许手动触发
      when: always
    - if: $CI_COMMIT_BEFORE_SHA == "0000000000000000000000000000000000000000"
      when: never
    # 其他情况永远执行
    - when: always

#取消每个阶段自动下载代码，即全局关闭作业代码下载
variables:
  GIT_CHECKOUT: "false"  ## 全局关闭作业代码下载
  PROJECT_TYPE: "java"   ## 定义项目类型
  BUILD_SHELL: "mvn clean package -DskipTests -s settings.xml"   ## 构建命令
  TEST_SHELL: "mvn test -s settings.xml"                         ## 测试命令
  ARTIFACT_PATH: "target/*.jar"                                  ## 制品路径
  TEST_REPORTS: "target/surefire-reports/TEST-*.xml"             ## 测试报告

stages:
  - build
  - test
  - sonarscan
  - pushartifact
  - dockerbuild


pipelineInit:
  extends: 
    - .pipelineInit


cibuild:
 extends:
 - .cibuild


citest:
 extends:
 - .citest

sonarscan:
 extends:
 - .sonarscan

pushartifact:
 extends:
 - .pushartifact

dockerbuild:
 extends:
 - .dockerbuild

（2）手动运行maven项目

（3）成功

（4）查看日志

（5）查看Harbor

二、问题

1.gitlab-runner连接docker daemon报错

（1）报错

（2）原因分析

gitlab-runner 用户没有权限。

gitlab-runner： 主机方式部署

executor： shell 模式

（3）解决方法

方法1：

#gitlab-runner： docker方式部署
sudo groupadd docker （默认安装docker 后自动创建可省略）
sudo gpasswd -a gitlab-runner docker （如果在宿主机直接执行会提示找不到gitlab-runner，进入容器执行）
sudo service docker restart

方法2：

chmod a+rw /var/run/docker.sock

这里用方法2.

成功：