云原生之旅 – 13）基于 Github Action 的自动化流水线

前言

GItHub Actions是一个持续集成和持续交付的平台，能够让你自动化你的编译、测试和部署流程。GitHub 提供 Linux、Windows 和 macOS 虚拟机来运行您的工作流程，或者您可以在自己的数据中心或云基础架构中托管自己的自托管运行器。它是 GitHub 于2018年10月推出的持续集成服务。

 

基本概念 

• workflow （工作流程）：持续集成一次运行的过程，就是一个 workflow。
• job （任务）：一个 workflow 由一个或多个 jobs 构成，含义是一次持续集成的运行，可以完成多个任务。
• step（步骤）：每个 job 由多个 step 构成，一步步完成。
• action （动作）：每个 step 可以依次执行一个或多个命令（action）

 ### 本文同步发表于知乎 https://zhuanlan.zhihu.com/p/584810055

 

使用

下面用例子来介绍一个workflow

首先定义一个workflow 的 name 

# This is a CICD workflow for demo name: cicd-demo

然后定义一下事件触发机制

# Controls when the action will run. Triggers the workflow on push or pull request # events but only for the below branch and specific path on:   push:     branches:     - main     - develop     paths:       - 'demo-app/**'   pull_request:     branches:     - main     paths:       - 'demo-app/**'

然后定义一个 Build Job 以及 Outputs 供后续步骤使用

jobs: # The "build" job   build:     # The type of runner that the job will run on     runs-on: ubuntu-latest     outputs:       image_tag: ${{ steps.build_app.outputs.image_tag }}       actor: ${{ steps.build_app.outputs.actor }}     # Steps represent a sequence of tasks that will be executed as part of the job     steps:

来看Steps

Checkout 代码

    steps:     # Checks-out your repository under $GITHUB_WORKSPACE     - name: checkout repo       uses: actions/checkout@v3

Setup go env

    - name: Setup go       uses: actions/setup-go@v3       with:         go-version-file: 'demo-app/go.mod'         check-latest: true         cache: true         cache-dependency-path: demo-app/go.sum

Login google container registry

    - name: Login to GCR       uses: docker/login-action@v2       with:         registry: asia.gcr.io         username: _json_key         password: ${{ secrets.GCR_JSON_KEY }}

Build Image and Push to registry

make 命令很简单，执行的就是docker build 和 push

    - name: build application       id: build_app       run: |-         VER=`cat demo-app/Makefile| grep TAG= | awk -F "=" 'NR==1{print $2}'`         GIT_COMMIT=$(git log | grep commit | awk 'NR==1{print $2}' | cut -c1-7)          cd helm-go-client         make push TAG2=-$GIT_COMMIT         # set output         echo "::set-output name=image_tag::$(echo "$VER-$GIT_COMMIT")"         echo "::set-output name=actor::$(echo "$GITHUB_ACTOR")"

Makefile 供参考

export TAG=1.0.0 export DOCKERHUB=wadexu007/demo-app  hello: 	echo "This is Go client call helm sdk"  local: hello 	echo "run locally" 	go run main.go  build: hello 	echo "building docker container" 	docker build -t ${DOCKERHUB}:${TAG} .  push: build 	echo "pushing to my docker hub" 	docker push ${DOCKERHUB}:${TAG}

### 本文同步发表于知乎 https://zhuanlan.zhihu.com/p/584810055

 

Post setup

    # Workaround to avoid Post Use step failures related to cache     # Error: There are no cache folders on the disk     - name: Post setup       run: mkdir -p /home/runner/.cache/go-build       continue-on-error: true

接下来我们定义Deploy job

Checkout K8S YAML manifests repository

  deploy:     # The type of runner that the job will run on     runs-on: ubuntu-latest     needs: build     steps:         # Checks-out k8s YAML manifests repository      - name: checkout k8s manifests repo       uses: actions/checkout@v3       with:         # clone https://github.com/xxx/sre_manifests which contains deploy manifests         repository: xxx/sre_manifests         # auth by ssh key or personal toke          ssh-key: ${{ secrets.SSH_PRIVATE_KEY }}         ref: refs/heads/master

然后用Kustomize 来 Edit image tag， 它是由上面步骤 output出来的

    # Update image version     - name: Update Kubernetes resources       run: |        cd demo-manifests/services/demo-app/dev         kustomize edit set image asia.gcr.io/sre-dev/demo-app:${{ needs.build.outputs.image_tag }}        cat kustomization.yaml

接下来我们可以直接连到cluster kubectl apply部署， 也可以commit 代码然后触发 ArgoCD， ArgoCD可以自动Sync repo来部署以及更新同步资源，后续文章会讲到。

下面例子是 gcloud login 然后 获取cluster 最后用kubectl apply 部署资源。

      # authentication via credentials json       - id: 'auth'         uses: 'google-github-actions/auth@v0'         with:           credentials_json: '${{ secrets.GCR_JSON_KEY }}' # test key's json       # Setup gcloud CLI       - name: Set up Cloud SDK         uses: google-github-actions/setup-gcloud@v0       # Get the GKE credentials so we can deploy to the cluster       - name: Set up GKE credentials         run: |-           gcloud container clusters get-credentials xxx_gke_cluster --region xxx_gke_region --project xxx_gcp_project       # Deploy to the GKE cluster       - name: Deploy         run: |-           gcloud container clusters list --project xxx_gcp_project           cd demo-manifests/services/demo-app/dev           cat kustomization.yaml           kustomize build . | kubectl apply -f -
          kubectl rollout status deploy/demo-app -n demo

 完整例子可以参考 My Github repo

### 本文同步发表于知乎 https://zhuanlan.zhihu.com/p/584810055

 

参考

https://docs.github.com/en/actions/quickstart

 

 

感谢阅读，如果您觉得本文的内容对您的学习有所帮助，您可以打赏和推荐，您的鼓励是我创作的动力