使用 Gitlab CI 和 Google 运行 Cloud 尝试失败

Trying and Failing with Gitlab CI with Google Run Cloud




这是我第一次尝试从 Gitlab CI 到 Google Cloud,到目前为止这段旅程非常痛苦,但我认为我更接近了。

我遵循以下的一些说明:

https://medium.com/google-cloud/deploy-to-cloud-run-using-gitlab-ci-e056685b8eeb

然后我根据需要更改 .gitlab-cicloudbuild.yaml

经过多次尝试,我终于成功设置了所有角色、权限和服务帐户。但是将我的 docker 文件构建到 Container Registry 或 Artifact 中并不成功。

这是我在 gitlab 日志中的失败日志:

Running with gitlab-runner 14.6.0~beta.71.gf035ecbf (f035ecbf)
  on green-3.shared.runners-manager.gitlab.com/default Jhc_Jxvh
Preparing the "docker+machine" executor
Using Docker executor with image google/cloud-sdk:latest ...
Pulling docker image google/cloud-sdk:latest ...
Using docker image sha256:2ec5b4332b2fb4c55f8b70510b82f18f50cbf922f07be59de3e7f93937f3d37f for google/cloud-sdk:latest with digest google/cloud-sdk@sha256:e268d9116c9674023f4f6aff680987f8ee48d70016f7e2f407fe41e4d57b85b1 ...
Preparing environment
Running on runner-jhcjxvh-project-32231297-concurrent-0 via runner-jhcjxvh-shared-1641939667-f7d79e2f...
Getting source from Git repository
$ eval "$CI_PRE_CLONE_SCRIPT"
Fetching changes with git depth set to 50...
Initialized empty Git repository in /builds/ProjectsD/node-projects/.git/
Created fresh repository.
Checking out 1f1e41f0 as dev...
Skipping Git submodules setup
Executing "step_script" stage of the job script
Using docker image sha256:2ec5b4332b2fb4c55f8b70510b82f18f50cbf922f07be59de3e7f93937f3d37f for google/cloud-sdk:latest with digest google/cloud-sdk@sha256:e268d9116c9674023f4f6aff680987f8ee48d70016f7e2f407fe41e4d57b85b1 ...
$ echo $GCP_SERVICE_KEY > gcloud-service-key.json
$ gcloud auth activate-service-account --key-file=gcloud-service-key.json
Activated service account credentials for: [gitlab-ci-cd@pdnodejs.iam.gserviceaccount.com]
$ gcloud config set project $GCP_PROJECT_ID
Updated property [core/project].
$ gcloud builds submit . --config=cloudbuild.yaml
Creating temporary tarball archive of 47 file(s) totalling 100.8 MiB before compression.
Some files were not included in the source upload.
Check the gcloud log [/root/.config/gcloud/logs/2022.01.11/22.23.29.855708.log] to see which files and the contents of the
default gcloudignore file used (see `$ gcloud topic gcloudignore` to learn
more).
Uploading tarball of [.] to [gs://pdnodejs_cloudbuild/source/1641939809.925215-a19e660f1d5040f3ac949d2eb5766abb.tgz]
Created [https://cloudbuild.googleapis.com/v1/projects/pdnodejs/locations/global/builds/577417e7-67b9-419e-b61b-f1be8105dd5a].
Logs are available at [https://console.cloud.google.com/cloud-build/builds/577417e7-67b9-419e-b61b-f1be8105dd5a?project=484193191648].
gcloud builds submit only displays logs from Cloud Storage. To view logs from Cloud Logging, run:
gcloud beta builds submit
BUILD FAILURE: Build step failure: build step 1 "gcr.io/cloud-builders/docker" failed: step exited with non-zero status: 1
ERROR: (gcloud.builds.submit) build 577417e7-67b9-419e-b61b-f1be8105dd5a completed with status "FAILURE"
Cleaning up project directory and file based variables
00:01
ERROR: Job failed: exit code 1

.gitlab-ci

# file: .gitlab-ci.yml
stages:
  # - docker-build
  - deploy_dev

# docker-build:
#   stage: docker-build
#   image: docker:latest
#   services: 
#     - docker:dind
#   before_script:
#     - echo $CI_BUILD_TOKEN | docker login -u "$CI_REGISTRY_USER" --password-stdin $CI_REGISTRY
#   script:
#     - docker build --pull -t "$CI_REGISTRY_IMAGE" . 
#     - docker push "$CI_REGISTRY_IMAGE"

deploy_dev:
  stage: deploy_dev
  image: google/cloud-sdk:latest
  script:
    - echo $GCP_SERVICE_KEY > gcloud-service-key.json # google cloud service accounts
    - gcloud auth activate-service-account --key-file=gcloud-service-key.json
    - gcloud config set project $GCP_PROJECT_ID
    - gcloud builds submit . --config=cloudbuild.yaml

cloudbuild.yaml

# File: cloudbuild.yaml
steps:
    # build the container image
  - name: 'gcr.io/cloud-builders/docker'
    args: [ 'build', '-t', 'gcr.io/$PROJECT_ID/node-projects', '.' ]
    # push the container image
  - name: 'gcr.io/cloud-builders/docker'
    args: [ 'push', 'gcr.io/$PROJECT_ID/node-projects']
    # deploy to Cloud Run
  - name: "gcr.io/cloud-builders/gcloud"
    args: ['run', 'deploy', 'erp-ui', '--image', 'gcr.io/$PROJECT_ID/node-projects', '--region', 'us-central4', '--platform', 'managed', '--allow-unauthenticated']
options:
  logging: CLOUD_LOGGING_ONLY

我在 GCP 中是否缺少任何其他配置?还是我的文件有问题?

更新:我尝试并终于成功了

我从 scrath 开始四处移动,现在我实现了正确的部署

.gitlab-ci

stages:
  - build
  - push

default:
  image: docker:latest
  services:
    - docker:dind
  before_script:
    - echo $CI_BUILD_TOKEN | docker login -u "$CI_REGISTRY_USER" --password-stdin $CI_REGISTRY

docker-build:
  stage: build
  only:
    refs:
      - main
      - dev
  script:
    - |
      if [[ "$CI_COMMIT_BRANCH" == "$CI_DEFAULT_BRANCH" ]]; then
        tag=""
        echo "Running on default branch '$CI_DEFAULT_BRANCH': tag = 'latest'"
      else
        tag=":$CI_COMMIT_REF_SLUG"
        echo "Running on branch '$CI_COMMIT_BRANCH': tag = $tag"
      fi
    - docker build --pull -t "$CI_REGISTRY_IMAGE${tag}" .
    - docker push "$CI_REGISTRY_IMAGE${tag}"
  # Run this job in a branch where a Dockerfile exists
  interruptible: true
  environment:
    name: build/$CI_COMMIT_REF_NAME

push:
  stage: push
  only:
    refs:
      - main
      - dev

  script:
    - apk upgrade --update-cache --available
    - apk add openssl
    - apk add curl python3 py-crcmod bash libc6-compat
    - rm -rf /var/cache/apk/*
    - curl https://sdk.cloud.google.com | bash > /dev/null
    - export PATH=$PATH:/root/google-cloud-sdk/bin
    - echo $GCP_SERVICE_KEY > gcloud-service-key-push.json # Google Cloud service accounts
    - gcloud auth activate-service-account --key-file gcloud-service-key-push.json
    - gcloud config set project $GCP_PROJECT_ID
    - gcloud auth configure-docker us-central1-docker.pkg.dev
    - tag=":$CI_COMMIT_REF_SLUG"
    - docker pull "$CI_REGISTRY_IMAGE${tag}"
    - docker tag "$CI_REGISTRY_IMAGE${tag}" us-central1-docker.pkg.dev/$GCP_PROJECT_ID/node-projects/node-js-app${tag}
    - docker push us-central1-docker.pkg.dev/$GCP_PROJECT_ID/node-projects/node-js-app${tag}

  environment:
    name: push/$CI_COMMIT_REF_NAME
  when: on_success

.cloudbuild.yaml

# File: cloudbuild.yaml
steps:
  # build the container image
  - name: 'gcr.io/cloud-builders/docker'
    args:
      [
        'build',
        '-t',
        'us-central1-docker.pkg.dev/$PROJECT_ID/node-projects/nodejsapp',
        '.',
      ]
    # push the container image
  - name: 'gcr.io/cloud-builders/docker'
    args: ['push', 'us-central1-docker.pkg.dev/$PROJECT_ID/node-projects/nodejsapp']
    # deploy to Cloud Run
  - name: 'gcr.io/cloud-builders/gcloud'
    args:
      [
        'beta',
        'run',
        'deploy',
        'dreamslear',
        '--image',
        'us-central1-docker.pkg.dev/$PROJECT_ID/node-projects/nodejsapp',
        '--region',
        'us-central1',
        '--platform',
        'managed',
        '--port',
        '3000',
        '--allow-unauthenticated',
      ]

成功了!

如果有人想提供优化的工作流程或任何建议,那就太好了!