如何使用GitlabCI导出远程主机上的环境变量

本文介绍了如何使用GitlabCI导出远程主机上的环境变量的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！ 问题描述

我正在使用GitlabCI部署我的Laravel应用程序. 我想知道如何管理.env文件.据我了解，我只需要将.env.example置于版本控制下，而不是具有实际值的.

I'm using GitlabCI to deploy my Laravel applications. I'm wondering how should I manage the .env file. As far as I've understood I just need to put the .env.example under version control and not the one with the real values.

我已经在Gitlab Settings -> CI/CD -> Environment Variables中设置了我的应用程序所需的所有密钥，并且可以在运行程序中使用它们，例如，检索SSH私钥以连接到远程主机，但是我应该如何将这些变量部署到远程主机也是如此?我应该在运行时生成的.env文件中用bash编写它们，然后将其复制吗?我应该通过远程主机上的ssh导出它们吗?哪个是正确的管理方式?

I've set all the keys my app needs inside Gitlab Settings -> CI/CD -> Environment Variables and I can use them on the runner, for example to retrieve the SSH private key to connect to the remote host, but how should I deploy these variables to the remote host as well? Should I write them with bash in a "runtime generated" .env file and then copy it? Should I export them via ssh on the remote host? Which is the correct way to manage this?

推荐答案

如果您打开另一个解决方案，我建议使用fabric(fabfile)，我举一个例子: 使用如下变量创建.env.default:

If you open to another solution i propose using fabric(fabfile) i give you an example: create .env.default with variable like :

DB_CONNECTION=mysql DB_HOST=%(HOST)s DB_PORT=3306 DB_DATABASE=laravel DB_USERNAME=%(USER)s DB_PASSWORD=%(PASSWORD)s

安装结构后，在您的项目目录中添加fabfile:

After installing fabric add fabfile on you project directory:

from fabric.api import env , run , put prod_env = { 'name' : 'prod' , 'user' : 'user_ssh', 'deploy_to' : '/path_to_project', 'hosts' : ['ip_server'], } def set_config(env_config): for key in env_config: env[key] = env_config[key] def prod(): set_config(prod_env) def deploy(password,host,user): run("cd %s && git pull -r",env.deploy_to) process_template(".env.default",".env" , { 'PASSWORD' : password , 'HOST' : host,'USER': user } ) put( ".env" , "/path_to_projet/.env" ) def process_template(template , output , context ): import os basename = os.path.basename(template) output = open(output, "w+b") text = None with open(template) as inputfile: text = inputfile.read() if context: text = text % context #print " processed \n : %s" % text output.write(text) output.close()

现在，您可以从本地运行测试脚本:

Now you can run from you local to test script :

fab产品部署:password ="pass"，user ="user"，host ="host"

fab prod deploy:password="pass",user="user",host="host"

它将在您的服务器上部署项目，并检查它是否处理.env

It will deploy project on your server and check if it process .env

如果可行，现在是时候使用gitlab ci了，这是一个示例文件:

If it works now it's time for gitlab ci this is an example file :

image: python:2.7 before_script: - pip install 'fabric<2.0' # Setup SSH deploy keys - 'which ssh-agent || ( apt-get install -qq openssh-client )' - eval $(ssh-agent -s) - ssh-add <(echo "$SSH_PRIVATE_KEY") - mkdir -p ~/.ssh - '[[ -f /.dockerenv ]] && echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config' deploy_staging: type: deploy script: - fab prod deploy:password="$PASSWORD",user="$USER",host="$HOST" only: - master

$ SSH_PRIVATE_KEY，$ PASSWORD，$ USER，$ HOST是环境变量gitlab，您应该添加一个可以访问服务器的$ SSH_PRIVATE_KEY私钥.

$SSH_PRIVATE_KEY,$PASSWORD,$USER,$HOST is environnement variable gitlab,you should add a $SSH_PRIVATE_KEY private key which have access to the server.

希望我不会错过任何一步.

Hope i don't miss a step.