• Travis CI Build Continuous Integration


    什么是持续集成

    持续集成(Continuous Integration)是经常合并小的代码更改的实践,而不是在开发周期结束时合并大的更改。目的是通过以较小的增量开发和测试来构建更健康的软件。这就是Travis CI出现的地方。
    作为一个持续集成平台,Travis CI通过自动构建和测试代码更改来支持您的开发过程,并提供有关更改成功的即时反馈。Travis CI还可以通过管理部署和通知来自动化开发过程的其他部分。 

    Travis CI 介绍

    官网:https://www.travis-ci.org

    Travis CI 提供的是持续集成服务(Continuous Integration,简称 CI)。它绑定 Github 上面的项目,只要有新的代码,就会自动抓取。然后,提供一个运行环境,执行测试,完成构建,还能部署到服务器。
    
    持续集成指的是只要代码有变更,就自动运行构建和测试,反馈运行结果。确保符合预期以后,再将新代码"集成"到主干。
    
    持续集成的好处在于,每次代码的小幅变更,就能看到运行结果,从而不断累积小的变更,而不是在开发周期结束时,一下子合并一大块代码。

    CI构建和自动化:构建,测试,部署

    运行构建时,Travis CI将GitHub存储库克隆到全新的虚拟环境中,并执行一系列任务来构建和测试代码。如果这些任务中的一项或多项失败,则将构建视为已 损坏。
    如果所有任务均未失败,则认为构建已通过,并且Travis CI可以将您的代码部署到Web服务器或应用程序主机。 CI版本也可以自动化交付工作流程的其他部分。这意味着您可以通过Build Stages,设置通知,在构建后准备 部署以及许多其他任务来使工作相互依赖。

    Travis CI 使用 

    使用前准备 

    操作系统:ubuntu 18.04
    node: v10.16.0
    travis version: 1.8.9
    转到Travis-ci.com/Travis-ci.org并使用GitHub注册
    
    接受Travis CI的授权。您将被重定向到GitHub。
    
    单击Travis仪表板右上角的个人资料图片,单击绿色的Activate按钮,然后选择要用于Travis CI的存储库。

    为命令行创建个人访问令牌

    You can create a personal access token and use it in place of a password when performing Git operations over HTTPS with Git on the command line or the API.

    In this article

    A personal access token is required to authenticate to GitHub in the following situations:

    As a security precaution, GitHub automatically removes personal access tokens that haven't been used in a year.

    Creating a token

    1. Verify your email address, if it hasn't been verified yet.

    2. In the upper-right corner of any page, click your profile photo, then click Settings.

      Settings icon in the user bar
    3. In the left sidebar, click Developer settings.

      Developer settings
    4. In the left sidebar, click Personal access tokens.

      Personal access tokens
    5. Click Generate new token.

      Generate new token button
    6. Give your token a descriptive name.

      Token description field
    7. Select the scopes, or permissions, you'd like to grant this token. To use your token to access repositories from the command line, select repo.

      Selecting token scopes
    8. Click Generate token.

      Generate token button
    9. Click  to copy the token to your clipboard. For security reasons, after you navigate off the page, you will not be able to see the token again.

      Newly created token

      Warning: Treat your tokens like passwords and keep them secret. When working with the API, use tokens as environment variables instead of hardcoding them into your programs.

    10. To use your token to authenticate to an organization that uses SAML SSO, authorize the token for use with a SAML single-sign-on organization.

    Using a token on the command line

    Once you have a token, you can enter it instead of your password when performing Git operations over HTTPS.

    For example, on the command line you would enter the following:

    $ git clone https://github.com/username/repo.git
    Username: your_username
    Password: your_token

    Personal access tokens can only be used for HTTPS Git operations. If your repository uses an SSH remote URL, you will need to switch the remote from SSH to HTTPS.

    If you are not prompted for your username and password, your credentials may be cached on your computer. You can update your credentials in the Keychain to replace your old password with the token.

    安装 travis

    安装rvm: curl -L get.rvm.io | bash -s stable

    安装ruby: rvm install ruby-2.4.1

    安装travis: gem install travis

    查看版本: travis --version

    开始使用 Travis CI

    1.travis.yml文件

     创建文件

    travis init

    编写travis文件

    language: node_js
    node_js:
      - 10.16.0
    branches:
      only:
        - master
    install:
      - npm install
    script:
      - npm run build
    addons:
      ssh_known_hosts:
        - $IP
    after_success:
      - chmod 600 ~/.ssh/id_rsa
      - ssh root@$IP -o StrictHostKeyChecking=no 'cd /root/blogs/ && git pull
        && npm install && npm run build'

    2.ssh免密登入

    1.生成密钥
    ssh-keygen
    2.上传到自己的服务器
    ssh-copy-id -i ~/.ssh/id_rsa.pub root@47.106.210.183
    3.测试免密登入
    ssh root@47.106.210.183

    3.对私钥加密

    1.登入
    travis login --org
    2.对私钥加密(记得将id_rsa.enc加入git)
    travis encrypt-file ~/.ssh/id_rsa --add --org
    mikey@localhost:~/DATA/MIKEY/WebStromWorkSpace/innovate-admin-vue$ travis login --help
    Authenticates against the API and stores the token.
    Usage: travis login [OPTIONS]
        -h, --help                       Display help
        -i, --[no-]interactive           be interactive and colorful
        -E, --[no-]explode               don't rescue exceptions
            --skip-version-check         don't check if travis client is up to date
            --skip-completion-check      don't check if auto-completion is set up
        -e, --api-endpoint URL           Travis API server to talk to
        -I, --[no-]insecure              do not verify SSL certificate of API endpoint
            --pro                        short-cut for --api-endpoint 'https://api.travis-ci.com/'
            --com                        short-cut for --api-endpoint 'https://api.travis-ci.com/'
            --org                        short-cut for --api-endpoint 'https://api.travis-ci.org/'
            --staging                    talks to staging system
        -t, --token [ACCESS_TOKEN]       access token to use
            --debug                      show API requests
            --debug-http                 show HTTP(S) exchange
        -X, --enterprise [NAME]          use enterprise setup (optionally takes name for multiple setups)
            --adapter ADAPTER            Faraday adapter to use for HTTP requests
        -g, --github-token TOKEN         identify by GitHub token
        -T, --auto-token                 try to figure out who you are automatically (might send another apps token to Travis, token will not be stored)
        -p, --auto-password              try to load password from OSX keychain (will not be stored)
        -a, --auto                       shorthand for --auto-token --auto-password
        -u, --user LOGIN                 user to log in as
        -M, --no-manual                  do not use interactive login
            --list-github-token          instead of actually logging in, list found GitHub tokens
            --skip-token-check           don't verify the token with github

    其在travis生成如下内容(如果出现~/.ssh/id_rs就将反斜杠去掉)

    before_install:
    - openssl aes-256-cbc -K $encrypted_bd16792238cd_key -iv $encrypted_bd16792238cd_iv
      -in id_rsa.enc -out ~/.ssh/id_rsa -d

     4.配置变量

     

    5.完整的travis文件 

    language: node_js
    node_js:
    - 10.16.0
    branches:
      only:
      - master
    install:
    - npm install
    script:
    - npm run build
    addons:
      ssh_known_hosts:
      - $IP
    before_install:
    - openssl aes-256-cbc -K $encrypted_bd16792238cd_key -iv $encrypted_bd16792238cd_iv
      -in id_rsa.enc -out ~/.ssh/id_rsa -d
    - chmod 600 ~/.ssh/id_rsa
    - echo -e "Host $IP
    	StrictHostKeyChecking no
    " >> ~/.ssh/config
    after_success:
      - chmod 600 ~/.ssh/id_rsa
      - rsync -az --delete ./dist/* root@$IP:/usr/share/nginx/html/blogs

     6.推代码到仓库

     CI成功:

     

    搭建Docker项目

    1.dockerfile + docker-compose 来构建docker容器
    2.travis-ci + github 来hook repo 的变动
    3.travis-ci 调用 dockerfile 打包 docker image 并push到 dockerhub
    4.travis-ci ssh 登录到目标机器,copy docker-compose 并执行来完成部署

    服务器提前装好docker-compose

    1.Dockerfile (结合自己项目修改)

    #基础镜像
    FROM tomcat
    #Message
    MAINTAINER mikey<biaogejiushibiao@outlook.com>
    #构建日期
    ENV REFRESHED_AT 2019-11-11
    #切换镜像目录,进入/usr目录
    WORKDIR /usr/local/tomcat/webapps
    #复制编译后的文件
    COPY target/Attendance.war   /usr/local/tomcat/webapps/Attendance_war.war
    #公开端口
    EXPOSE 8080
    #设置启动命令
    ENTRYPOINT ["/usr/local/tomcat/bin/catalina.sh","run"]

    2.docker-compose.yml

    version: '2'
    services:
      attendance:
        build: .
        image: mikeyboom/attendance
        ports:
          - "8004:8080"
        container_name: attendance

    3.travis.yml

    #环境语言
    language: java
    #所选服务
    services:
    - docker
    #权限
    sudo: required
    #分支
    branches:
      only:
      - master
    #执行脚本
    script:
    - mvn install -DskipTests=true -Dmaven.javadoc.skip=true -B -V
    - docker build . -t "mikeyboom/attendance:latest"
    #安装之前执行脚本
    before_install:
    - openssl aes-256-cbc -K $encrypted_71a1e6d76d99_key -iv $encrypted_71a1e6d76d99_iv
    -in id_rsa.enc -out ~/.ssh/id_rsa -d
    - chmod 600 ~/.ssh/id_rsa
    - echo -e "Host $ip
    	StrictHostKeyChecking no
    " >> ~/.ssh/config
    #成功之后执行的脚本
    after_success:
    - docker login -u=$dockername -p="$dockerpassword"
    - docker push mikeyboom/attendance:latest
    - chmod 600 id_rsa
    - rsync -az --delete ./docker-compose.yml root@$ip:/home/mikey/Attendance/
    - ssh -o "StrictHostKeyChecking no" -i id_rsa root@$ip "cd /home/mikey/Attendance/;sudo
      docker-compose -f docker-compose.yml pull;sudo docker-compose -f docker-compose.yml
      up -d;exit"

    4.记得对私钥进行加密

    travis encrypt-file ~/.ssh/id_rsa --add

    5.配置好变量

     成功

    参考资料

    官方文档:

    https://github.com/travis-ci/docs-travis-ci-com

    https://docs.travis-ci.com/

    相关博文:

    https://www.cnblogs.com/homehtml/p/11796836.html

    https://www.jianshu.com/p/631fc28202dc

    https://docs.travis-ci.com/user/tutorial/

    http://www.ruanyifeng.com/blog/2017/12/travis_ci_tutorial.html

  • 相关阅读:
    Client-Side Attacks
    Web Penetration Testing w3af fierce
    解决kali linux 升级后安装w3af 问题
    Metasploit (二)
    Metasploit
    Dig skipfish proxystrike
    Web Penetration Testing
    Wireless Penetration Testing(命令总结)
    LabView(控件部分)
    Wireless Penetration Testing(7-11 chapter)
  • 原文地址:https://www.cnblogs.com/biaogejiushibiao/p/11736699.html
Copyright © 2020-2023  润新知