@aeppic/install-build-server 中文文档教程
Install
npx @aeppic/install-build-server 将构建服务器安装或更新为版本、构建和包构建。
如果需要秘密并且这是第一次运行安装脚本,您可以使用参数
--gitlab-secrets-initial=XYZ来设置将要配置的初始秘密。 如果提供,该参数还将覆盖任何现有配置。
它自动将服务注册(安装)为 /etc/systemd/system 下的 SystemD 服务,但尚未启用或启动它。
可以通过 webhook 或简单的 post 调用
Purpose
触发构建 允许 gitlab 管道在构建服务器上触发执行脚本,该服务器可以克隆类似于 Gitlab CI 的项目,但也可以轻松提交和推回更复杂的配置,例如 @ microsoft/rush
Security
可以使用 X-Gitlab-Token 来保护触发,它可以在 Gitlab 的触发管道中设置。
笔记; 构建网站可公开访问且不安全。 确保构建日志中没有秘密!
Server prepare
服务器需要配置适当的 npm 和 git 设置来读取、提交和发布脚本。
注意:当以 root 身份运行时。 不要忘记 npm config set unsafe-perm true 文章
注意:确保在非交互式 shell 中执行服务的用户可以访问这些设置。 例如 .bashrc 将 当服务执行时不加载
API
Launch example server
- PORT=8080
- GITLAB_SECRETS=/opt/tokens.json
/opt/tokens.json 包含 ["MYSECRETTOKEN"]
node server.js
Trigger a build
使用应在 GitLab 中配置的 gitlab 令牌webhooks
curl -XPOST -H "Content-Type: application/json" -H "X-Gitlab-Token: MY_SECRET_TOKEN" --data @examples/pipeline-event.json http://localhost:8080/gitlab< /code>
See builds
curl http://localhost:8080/log 获取最近工作的 json 数组 curl http://localhost:8080/retry/:id 重新运行基于 id
http://localhost:8080 的构建以查看 UI curl http://localhost:8080/log/:id 以 html 格式获取构建日志 curl http://localhost:8080/log/:id?wrapped 使用一些 html 包装器获取构建日志
Notes
在 Windows 上运行时路径可能太长。 运行 git config --system core.longpaths true 以确保它们正常工作。
Install
npx @aeppic/install-build-server installs or updates the a build server to version, build, and package builds.
If a secret is wanted and this is the first time running the install script you can use the parameter
--gitlab-secrets-initial=XYZto set the initial secrets that will be configured. The parameter will also overwrite any existing configuration if provided.
It automatically registers (installs) the service as a SystemD service under /etc/systemd/system but does not enable or start it yet.
The builds can be triggered via a webhook or a simple post call
Purpose
Allow gitlab pipelines to trigger executing scripts on a build server which can clone a project similar to Gitlab CI but also easily commit and push back more complicated configurations such as with @microsoft/rush
Security
Triggering can be secured with a X-Gitlab-Token which can be set in the trigger pipeline of Gitlab.
Note; The build website is publicly accessible and unsecured. Make sure there are no secrets in the build log !
Server prepare
The server needs to be configured with appropriate npm and git settings to read, commit and publish if the scripts to that.
Note: When run as root. Do not forget to npm config set unsafe-perm true Article
Note: Ensure these settings are reachable from the user executing the service in a NON-interactive shell. E.g. .bashrc will not be loaded when a service executes
API
Launch example server
- PORT=8080
- GITLAB_SECRETS=/opt/tokens.json
/opt/tokens.json contains ["MYSECRETTOKEN"]
node server.js
Trigger a build
Using a gitlab token as should be configured in the GitLab webhooks
curl -XPOST -H "Content-Type: application/json" -H "X-Gitlab-Token: MY_SECRET_TOKEN" --data @examples/pipeline-event.json http://localhost:8080/gitlab
See builds
curl http://localhost:8080/log to get a json array of recent jobs curl http://localhost:8080/retry/:id to re-run a build based on the id
http://localhost:8080 to see the UI curl http://localhost:8080/log/:id to get the build log as html curl http://localhost:8080/log/:id?wrapped to get the build log with some html wrapper
Notes
When running on Windows paths can be too long. Run git config --system core.longpaths true to ensure they work.
