背景
由于网络限制,流水线的部署只能控制在外网部分,截止到了生成 docker 镜像阶段,内网部分需要额外的触发部署。
思路如下:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
|
+--------------------------------------------+
| 推送镜像到 Harbor |
+--------------------------------------------+
|
v
+--------------------------------------------+
| 触发 Harbor 的 WebHook |
+--------------------------------------------+
|
v
+--------------------------------------------+
| 请求到自建 WebHook 服务 |
+--------------------------------------------+
|
v
+--------------------------------------------+
| 自建 WebHook 服务调用本地 sh 脚本 |
+--------------------------------------------+
|
v
+--------------------------------------------+
| 更新并重启目标服务 |
+--------------------------------------------+
|
部署
Harbor 上创建 Webhook
endpoint 地址为:http://192.168.x.x:10000/hooks/test_deploy
harbor 的 webhook 请求内容如下:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
{
"type": "PUSH_ARTIFACT",
"occur_at": 1586922308,
"operator": "admin",
"event_data": {
"resources": [{
"digest": "sha256:8a9e9863dbb6e10edb5adfe917c00da84e1700fa76e7ed02476aa6e6fb8ee0d8",
"tag": "latest",
"resource_url": "hub.harbor.com/test-webhook/debian:latest"
}],
"repository": {
"date_created": 1586922308,
"name": "debian",
"namespace": "test-webhook",
"repo_full_name": "test-webhook/debian",
"repo_type": "private"
}
}
}
|
自建 Webhook 服务
adnanh/webhook: webhook is a lightweight incoming webhook server to run shell commands (github.com)
下载并创建对应文件。
文件夹结构如下:
1
2
3
4
5
|
./
webhook
webhook.exe
hook.json
test_deploy.sh
|
webhook 请求由 webhook 接收,并根据 hook.json 配置内容调用脚本(此处是test_deploy.sh)。
编辑 hook.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
|
[
{
"id": "test_deploy",
"execute-command": "/opt/webhook/test_deploy.sh",
"command-working-directory": "/opt/webhook/",
"pass-arguments-to-command": [
{
"source": "payload",
"name": "event_data.repository.name"
},
{
"source": "payload",
"name": "event_data.resources.0.tag"
}
]
}
]
|
编辑 test_deploy.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
|
#!/bin/bash
# 获取 webhook 携带的镜像 tag
NAME=$1
echo "---------start---------"
echo $1, $2
# echo "$NAME"
if [ "$NAME" = "service1" ]
then
# 获取 webhook 携带的镜像 tag
# 配置到环境变量中,给 dockercompose.yml 文件调用
export DATA_PLATFORM_TAG=$1
echo "restart service1..."
# 重启目标服务
cd /opt/docker/app
docker-compose pull
# docker-compose stop service1
docker-compose up service1 -d
echo "restart service1 finished!"
fi
if [ "$NAME" = "service2" ]
then
export MARK_TAG=$1
echo "restart service2..."
# 重启目标服务
cd /opt/docker/app
docker-compose pull
# docker-compose stop service2
docker-compose up service2 -d
echo "restart service2 finished!"
fi
echo "---------end---------"
|
启动 webhook 服务
1
2
3
4
5
6
|
# windows
webhook -hooks hooks.json -verbose -hotreload -port 10000
# linux
chmod 755 webhook
./webhook -hooks hooks.json -verbose -hotreload -port 10000
|
注意给予执行权限 chmod
更优雅地启动/关闭服务
.start.sh
1
2
3
|
#!/bin/bash
nohup ./webhook -hooks hooks.json -verbose -hotreload -port 10000 > log.log 2>&1 &
echo $! > service_name.pid
|
.stop.sh
1
2
|
#!/bin/bash
kill $(cat service_name.pid)
|
Preview: