{"id":20144196,"url":"https://github.com/quansitech/deploy","last_synced_at":"2026-06-13T09:04:16.000Z","repository":{"id":97655927,"uuid":"195190743","full_name":"quansitech/deploy","owner":"quansitech","description":"将项目源码放入docker中的持续集成发布方式","archived":false,"fork":false,"pushed_at":"2020-12-31T03:18:01.000Z","size":25,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-03-02T23:44:02.904Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/quansitech.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-07-04T07:26:40.000Z","updated_at":"2023-09-10T13:30:45.000Z","dependencies_parsed_at":null,"dependency_job_id":"9c9e41ab-ab53-4fa9-b214-aa56623d2b61","html_url":"https://github.com/quansitech/deploy","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/quansitech/deploy","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/quansitech%2Fdeploy","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/quansitech%2Fdeploy/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/quansitech%2Fdeploy/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/quansitech%2Fdeploy/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/quansitech","download_url":"https://codeload.github.com/quansitech/deploy/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/quansitech%2Fdeploy/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34278160,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-13T02:00:06.617Z","response_time":62,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-13T22:09:13.649Z","updated_at":"2026-06-13T09:04:15.965Z","avatar_url":"https://github.com/quansitech.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# 基于阿里云容器服务的源码持续集成发布方案(php)\n\n### 相关背景\n过去我们一直采用阿里云git webhook的方式更新源码，当项目完成上线会将用户的服务器的ssh key加入到读取专用git账号。这时就存在一个风险，客户的服务器只要知道项目地址，就可以随意拉取其他项目代码，存在极大的安全隐患。当然，也可以给用户注册一个专用的git账号，再将该账号赋予相应的项目代码权限。但由于每次注册阿里云账号都必须填写一堆资料，比较麻烦（或者干脆自己搭建gitlab服务）。后来接触到阿里的容器服务，发现可以对子账号设置相应的容器拉取权限，就有了该发布方案。\n\n### 基本原理\n+ 将源码作为一个独立的镜像构建，构建的过程中完成代码更新，依赖包的安装，启动时执行数据库的迁移。具体做法可查看Dockerfile。\n+ 分别构建其他服务容器，如php-fpm，nginx，mysql等\n+ 构建一个webhook服务，当源码容器构建完成后，自动触发镜像更新，镜像启动，镜像源码copy\n+ php-fpm，nginx等容器以copy到宿主机的源码作为路径运行服务，需要持久化的文件另外挂载进相关容器\n\n可参考docker-compose.yml和app.js(基于node的webhook服务)理解相关部署思路。\n\n### 操作步骤\n以下设计仓库源码的使用，都需要按自己的需要，根据源码的注释提示做相应修改，否则无法运行成功。\n\n+ 安装docker(ubuntu)\n\n    卸载旧docker\n    ```\n    $ sudo apt-get remove docker \\\n                docker-engine \\\n                docker.io\n    ```\n\n    apt安装,具体命令不作细介绍\n    ```\n    $ sudo apt-get update\n\n    $ sudo apt-get install \\\n        apt-transport-https \\\n        ca-certificates \\\n        curl \\\n        software-properties-common\n\n    $ curl -fsSL http://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | sudo apt-key add -\n\n    $ sudo add-apt-repository \"deb [arch=amd64] http://mirrors.aliyun.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable\"\n    ```\n\n    安装docker-ce\n    ```\n    $ sudo apt-get update\n\n    $ sudo apt-get install docker-ce\n    ```\n  \n+ 安装docker(centos)\n    \n    卸载旧docker\n    ```\n    $ sudo yum remove docker \\\n                      docker-client \\\n                      docker-client-latest \\\n                      docker-common \\\n                      docker-latest \\\n                      docker-latest-logrotate \\\n                      docker-logrotate \\\n                      docker-selinux \\\n                      docker-engine-selinux \\\n                      docker-engine\n    ```\n  \n    yum安装\n    ```\n    $ sudo yum install -y yum-utils \\\n               device-mapper-persistent-data \\\n               lvm2\n    ```\n  \n    执行下面的命令添加 yum 软件源\n    ```\n    $ sudo yum-config-manager \\\n        --add-repo \\\n        https://mirrors.ustc.edu.cn/docker-ce/linux/centos/docker-ce.repo\n    \n    $ sudo sed -i 's/download.docker.com/mirrors.ustc.edu.cn\\/docker-ce/g' /etc/yum.repos.d/docker-ce.repo\n    ```\n  \n    安装 Docker CE\n    ```\n    $ sudo yum makecache fast\n    $ sudo yum install docker-ce\n    ```\n  \n    启动 docker CE\n    ```\n    $ sudo systemctl enable docker\n    $ sudo systemctl start docker\n    ```\n  \n+ 添加docker用户组\n\n    建立 docker 用户组，将uid为1000的用户加入docker用户组，可查看etc/passwd uid 1000对应的账户,如果没有自行新增\n    ```\n    $ sudo groupadd docker\n\n    $ sudo usermod -aG docker $username\n    ```\n\n+ 安装docker-compose\n    ```\n    $ sudo sh -c \"curl -L https://github.com/docker/compose/releases/download/1.23.2/docker-compose-`uname -s`-`uname -m` \u003e /usr/local/bin/docker-compose\"\n    $ sudo chmod +x /usr/local/bin/docker-compose\n    ```\n\n+ 安装node和npm\n\n    ubuntu\n    ```\n    $ curl -sL https://deb.nodesource.com/setup_10.x | sudo -E bash -\n\n    $ sudo apt-get install nodejs\n    ```\n  \n    centos\n    ```\n    $ sudo yum install epel-release\n    $ curl --silent --location https://rpm.nodesource.com/setup_10.x | bash -\n    $ sudo yum install -y nodejs\n    ```\n\n    配置npm仓库\n    ```\n    $ sudo npm install -g nrm\n\n    $ nrm ls\n    * npm ---- https://registry.npmjs.org/\n      cnpm --- http://r.cnpmjs.org/\n      taobao - https://registry.npm.taobao.org/\n      nj ----- https://registry.nodejitsu.com/\n      rednpm - http://registry.mirror.cqupt.edu.cn/\n      npmMirror  https://skimdb.npmjs.com/registry/\n      edunpm - http://registry.enpmjs.org/\n\n    #使用淘宝镜像\n    $ nrm use taobao\n    ```\n\n    安装express包，使用源码里的package.json，执行npm install进行包安装。源码里的app.js是webhook启动文件。\n\n+ 安装supervisor\n\n  ubuntu\n  ```\n  $ sudo apt-get install supervisor\n  ```\n  \n  centos\n  ```\n  $ sudo yum install supervisor\n  ```\n\n  配置supervisor webhook守护进程\n  ```\n  $ cd /etc/supervisor/conf.d\n\n  #将源码里的webhook.conf复制到该位置\n\n  $ sudo supervisorctl \n  #进入命令行后执行update 加载webhook.conf配置文件，加载后webhook即会自动启动\n  ```\n\n+ 构建源码镜像\n\n    将Dockerfile复制到项目跟目录下，然后去阿里云的容器服务创建一个基于项目git仓库的镜像，具体操作可查阅阿里云容器服务手册。\n\n+ 设置用户子账号，并设置操作权限\n\n    子账号的创建及其设置策略，同样查阅相关手册 (注意：开通完子账号后还需要用子账号登录一次容器服务页面，设置登录密码)\n\n+ 拉取并配置服务镜像\n   \n   将docker-compose.yml复制到服务器，并拉取相关的镜像，第一次拉取需要登录docker仓库。拉取源码镜像后使用docker cp命令将容器里的源码拉出。宿主机的源码路径最好和nginx php-fpm的路径一致，都放在/var/www下。以上操作最好全部在uid为1000的用户下执行。\n\n+ 设置触发器\n\n   设置源码镜像构建完成的触发器，触发器地址为webhook设置的路由地址，采用全部触发的方式（如有特殊需求自行设计）。\n   \n+ 定期清理垃圾镜像\n   \n   由于经常要重新拉镜像，这样就会导致大量的垃圾镜像产生\n   \n   ```\n   //在crontab设置\n   0 0 * * * docker system prune -f\n   ```\n\n+ 大功告成\n   \n   配置完以上步骤，并且都能正常工作，一个docker的持续集成的发布流程就建立了。搭配阿里云的云效可设计系列的自动化测试，持续部署的开发发布流程。可查看楼主的另外一篇文章[基于云效和swoole构建的轻量级持续集成方案](https://github.com/tiderjian/qsci)\n  \n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fquansitech%2Fdeploy","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fquansitech%2Fdeploy","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fquansitech%2Fdeploy/lists"}