如何在 cypress 项目的 gitlab 管道中连接到 openVpn
How to connect to openVpn in gitlab pipeline for a cypress project
我正在从事一个赛普拉斯项目。我在 GitLab 中设置了一个管道。
我的应用程序只能在通过 Open VPN 连接的专用网络上运行。
有人可以指导我如何在 .gitlab-ci.yml 文件中添加它吗???
我的 .gitlab-ci.yml 是:
image: cypress/base:10
stages:
- test
test:
stage: test
script:
- npm install
- npm run test
我的package.json如下:
{
"name": "cypresspackage",
"version": "1.0.0",
"description": "",
"main": "index.js",
"scripts": {
"clean:reports": "rm -R -f cypress/reports && mkdir cypress/reports && mkdir cypress/reports/mochareports",
"pretest": "npm run clean:reports",
"scripts": "cypress run --spec cypress/integration/dummy.feature",
"combine-reports": "mochawesome-merge ./cypress/reports/mocha/*.json > cypress/reports/mochareports/report.json",
"generate-report": "marge cypress/reports/mochareports/report.json -f report -o cypress/reports/mochareports",
"report:copyScreenshots": "cp -r cypress/screenshots cypress/reports/mochareports/assets",
"posttest": "npm run report:copyScreenshots && npm run combine-reports && npm run generate-report",
"test": "npm run scripts || npm run posttest"
},
"author": "",
"license": "ISC",
"devDependencies": {
"cypress": "^6.3.0",
"cypress-audit": "^0.3.0",
"cypress-cucumber-preprocessor": "^4.0.1",
"cypress-multi-reporters": "^1.4.0",
"cypress-xpath": "^1.6.2",
"mocha": "^8.2.1",
"mochawesome": "^6.2.1",
"mochawesome-merge": "^4.2.0",
"mochawesome-report-generator": "^5.1.0"
},
"dependencies": {
"lambdatest-cypress-cli": "^1.0.1"
},
"cypress-cucumber-preprocessor": {
"nonGlobalStepDefinitions": true
}
}
I guess gitlab provides the runner at run time
我猜你正在使用 GitLab 的 SaaS。这意味着您的 VPN 将在非私人环境中打开。例如,一些 GitLab 管理员应该可以访问您的 VPN 连接,并且根据 GitLab 在他们后院的配置方式,其他一些 GitLab 用户可能可以访问您的专用网络。我会避免这种情况。如果您坚持这样做,最好使用项目的 Secrets 功能来保存您的 OpenVPN 客户端身份验证,这样它就可以保持私密性。
Is there a option where I can choose the runner?
当然可以。您可以在自己的服务器上(甚至在家中按需)注册跑步者 运行。这取决于此运行器的使用位置和方式(Docker?Kubernetes?Debian?等)。看看 Registering a GitLab Runner。您需要从项目的配置中生成一个令牌,然后使用该令牌安装运行器。
GitLab CI
一旦您安装并配置了自己的运行器(确保它在需要时运行),您将需要在管道中配置您的 VPN start/stop。在这里,我复制了一段在 GitLab's forum:
上找到的代码
before_script:
##
## VPN
## Inspiration from: https://torguard.net/knowledgebase.php?action=displayarticle&id=138
## And http://forum.gitlab.com/t/connect-vpn-during-ci-cd/7585
## Content from Variables to files:
## Waiting for opnevpn connect would be better than sleeping, the closest would be https://askubuntu.com/questions/28733/how-do-i-run-a-script-after-openvpn-has-connected-successfully
## Maybe this would work https://unix.stackexchange.com/questions/403202/create-bash-script-to-wait-and-then-run
##
- which openvpn || (apt-get update -y -qq && apt-get install -y -qq openvpn) # Install openvpn if not available.
- cat <<< $CLIENT_OVPN > /etc/openvpn/client.conf # Move vpn config from gitlab variable to config file.
- cat <<< $VPN_U > /etc/openvpn/pass.txt # Move vpn user from gitlab variable to pass file.
- cat <<< $VPN_P >> /etc/openvpn/pass.txt # Move vpn password from gitlab variable to pass file.
- cat <<< "auth-user-pass /etc/openvpn/pass.txt" >> /etc/openvpn/client.conf # Tell vpn config to use password file.
- cat <<< "log /etc/openvpn/client.log" >> /etc/openvpn/client.conf # Tell vpn config to use log file.
- openvpn --config /etc/openvpn/client.conf --daemon # Start openvpn with config as a deamon.
- sleep 30s # Wait for some time so the vpn can connect before doing anything else.
- cat /etc/openvpn/client.log # Print the vpn log.
- ping -c 1 <IP> # Ping the server I want to deploy to. If not available this stops the deployment process.
在此之后,您可以添加一个 after_script 部分来停止 OpenVPN 守护进程,或者使用一个包含 when: always 的特殊关闭作业来确保即使构建时 VPN 连接也会关闭失败。
您还可以尝试其他解决方案,具体取决于您的环境。
我正在从事一个赛普拉斯项目。我在 GitLab 中设置了一个管道。 我的应用程序只能在通过 Open VPN 连接的专用网络上运行。
有人可以指导我如何在 .gitlab-ci.yml 文件中添加它吗???
我的 .gitlab-ci.yml 是:
image: cypress/base:10
stages:
- test
test:
stage: test
script:
- npm install
- npm run test
我的package.json如下:
{
"name": "cypresspackage",
"version": "1.0.0",
"description": "",
"main": "index.js",
"scripts": {
"clean:reports": "rm -R -f cypress/reports && mkdir cypress/reports && mkdir cypress/reports/mochareports",
"pretest": "npm run clean:reports",
"scripts": "cypress run --spec cypress/integration/dummy.feature",
"combine-reports": "mochawesome-merge ./cypress/reports/mocha/*.json > cypress/reports/mochareports/report.json",
"generate-report": "marge cypress/reports/mochareports/report.json -f report -o cypress/reports/mochareports",
"report:copyScreenshots": "cp -r cypress/screenshots cypress/reports/mochareports/assets",
"posttest": "npm run report:copyScreenshots && npm run combine-reports && npm run generate-report",
"test": "npm run scripts || npm run posttest"
},
"author": "",
"license": "ISC",
"devDependencies": {
"cypress": "^6.3.0",
"cypress-audit": "^0.3.0",
"cypress-cucumber-preprocessor": "^4.0.1",
"cypress-multi-reporters": "^1.4.0",
"cypress-xpath": "^1.6.2",
"mocha": "^8.2.1",
"mochawesome": "^6.2.1",
"mochawesome-merge": "^4.2.0",
"mochawesome-report-generator": "^5.1.0"
},
"dependencies": {
"lambdatest-cypress-cli": "^1.0.1"
},
"cypress-cucumber-preprocessor": {
"nonGlobalStepDefinitions": true
}
}
I guess gitlab provides the runner at run time
我猜你正在使用 GitLab 的 SaaS。这意味着您的 VPN 将在非私人环境中打开。例如,一些 GitLab 管理员应该可以访问您的 VPN 连接,并且根据 GitLab 在他们后院的配置方式,其他一些 GitLab 用户可能可以访问您的专用网络。我会避免这种情况。如果您坚持这样做,最好使用项目的 Secrets 功能来保存您的 OpenVPN 客户端身份验证,这样它就可以保持私密性。
Is there a option where I can choose the runner?
当然可以。您可以在自己的服务器上(甚至在家中按需)注册跑步者 运行。这取决于此运行器的使用位置和方式(Docker?Kubernetes?Debian?等)。看看 Registering a GitLab Runner。您需要从项目的配置中生成一个令牌,然后使用该令牌安装运行器。
GitLab CI
一旦您安装并配置了自己的运行器(确保它在需要时运行),您将需要在管道中配置您的 VPN start/stop。在这里,我复制了一段在 GitLab's forum:
上找到的代码before_script:
##
## VPN
## Inspiration from: https://torguard.net/knowledgebase.php?action=displayarticle&id=138
## And http://forum.gitlab.com/t/connect-vpn-during-ci-cd/7585
## Content from Variables to files:
## Waiting for opnevpn connect would be better than sleeping, the closest would be https://askubuntu.com/questions/28733/how-do-i-run-a-script-after-openvpn-has-connected-successfully
## Maybe this would work https://unix.stackexchange.com/questions/403202/create-bash-script-to-wait-and-then-run
##
- which openvpn || (apt-get update -y -qq && apt-get install -y -qq openvpn) # Install openvpn if not available.
- cat <<< $CLIENT_OVPN > /etc/openvpn/client.conf # Move vpn config from gitlab variable to config file.
- cat <<< $VPN_U > /etc/openvpn/pass.txt # Move vpn user from gitlab variable to pass file.
- cat <<< $VPN_P >> /etc/openvpn/pass.txt # Move vpn password from gitlab variable to pass file.
- cat <<< "auth-user-pass /etc/openvpn/pass.txt" >> /etc/openvpn/client.conf # Tell vpn config to use password file.
- cat <<< "log /etc/openvpn/client.log" >> /etc/openvpn/client.conf # Tell vpn config to use log file.
- openvpn --config /etc/openvpn/client.conf --daemon # Start openvpn with config as a deamon.
- sleep 30s # Wait for some time so the vpn can connect before doing anything else.
- cat /etc/openvpn/client.log # Print the vpn log.
- ping -c 1 <IP> # Ping the server I want to deploy to. If not available this stops the deployment process.
在此之后,您可以添加一个 after_script 部分来停止 OpenVPN 守护进程,或者使用一个包含 when: always 的特殊关闭作业来确保即使构建时 VPN 连接也会关闭失败。
您还可以尝试其他解决方案,具体取决于您的环境。