Gitlab CI:Docker 在运行测试之前通过 SSH 端口转发连接到远程 MySQL
[英]Gitlab CI: Docker connect to remote MySQL via SSH Portforwarding before running tests
问题描述
I am trying to integrate my unit tests into Gitlab CI, which is mostly working.
我正在尝试将我的单元测试集成到 Gitlab CI 中,这主要是有效的。
The NodeJS application uses MySQL databases hosted on a different server (using: ssh -L 3306:127.0.0.1:3306 username@remoteserver ) which we locally port forward to, and as such, all the tests pass locally as we are connected to it. NodeJS 应用程序使用托管在不同服务器上的 MySQL 数据库(使用: ssh -L 3306:127.0.0.1:3306 username@remoteserver ),我们在本地端口转发到该服务器,因此,当我们连接到它时,所有测试都在本地通过.
The CI script (included below) seems to work and the tests pass on any function that doesn't require the mysql connection. CI 脚本(包含在下面)似乎可以工作,并且测试通过了不需要 mysql 连接的任何函数。 I need my CI runner to SSH into the remote server and let those remaining functions be tested.我需要我的 CI 运行程序通过 SSH 连接到远程服务器,并测试剩余的功能。
However, I am struggling to find a way to have my gitlab-ci.yml script execute the SSH (using a public key) into this remote server and locally port forward it to 127.0.0.1, before the tests are run.但是,我正在努力寻找一种方法,让我的gitlab-ci.yml脚本在运行测试之前将 SSH(使用公钥)执行到该远程服务器并在本地将其转发到 127.0.0.1。
I also am unsure as to whether the public/private key pair is to be generated inside Docker, or generally on the machine that the Runner is set up on.我也不确定公钥/私钥对是在 Docker 内部生成,还是通常在设置 Runner 的机器上生成。
Can anyone point me in the right direction?任何人都可以指出我正确的方向吗?
image: node:7.4
before_script:
- apt-get update -qy
- npm install -g mocha chai assert mysql require moment
stages:
- test
test_job:
stage: test
tags: ["mySpecificRunner"]
script:
- npm run test
environment:
only:
- development
1 个解决方案
解决方案1
1 已采纳 2017-02-02 11:41:33
It is not straight forward, but there is a way.这不是直截了当的,但有一种方法。 GitLab provides documentation and even an example . GitLab 提供了文档,甚至是一个示例。
What you want to do is:你想要做的是:
- Generate a public/private key pair生成公钥/私钥对
- On the server you want to connect to, add the public part of the key to the file listing the authorized ones (usually
~/.ssh/authorized_keys)在您要连接的服务器上,将密钥的公共部分添加到列出授权密钥的文件中(通常是~/.ssh/authorized_keys) - In Gitlab, create a new variable called
SSH_PRIVATE_KEYwith the private part of the key as value在 Gitlab 中,创建一个名为SSH_PRIVATE_KEY的新变量,将密钥的私有部分作为值 In your project, modify the file
.gitlab-ci.ymlso that the Docker container uses the private part of the key:在您的项目中,修改文件.gitlab-ci.yml以便 Docker 容器使用密钥的私有部分:image: debian:latest before_script: # install & run ssh-agent - apt-get -qq update -y - apt-get -qq install openssh-client -y # setup the private key - eval $(ssh-agent -s) - ssh-add <(echo "$SSH_PRIVATE_KEY") - mkdir -p ~/.ssh - echo -e "Host *\\n\\tStrictHostKeyChecking no\\n\\n" > ~/.ssh/configYou script should then be able to connect seamlessly to the server and run commands or scripts there, eg(
$HOSTand$USERare also secret variables):然后您的脚本应该能够无缝连接到服务器并在那里运行命令或脚本,例如( $HOST和$USER也是秘密变量):deploy-dev: stage: deploy script: - | ssh -t $USER@$HOST << EOF git fetch --all -v git checkout -f dev git reset --hard origin/dev EOF
Note that at the time of writing this answer I have been unable to keep the SSH connection active and run commands one by one there.请注意,在撰写此答案时,我一直无法保持 SSH 连接处于活动状态并在那里一个接一个地运行命令。 That is the reason behind the use << EOF .这就是使用<< EOF背后的原因。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.