はじめに
- GitLabCI/CDに入門したときのメモです。
参考
- GitLab RunnerでCI/CDしてみる(前編)
- GitLab CI/CDパイプライン設定リファレンス(日本語訳:GitLab CI/CD Pipeline Configuration Reference)
構成例
環境構築メモ例
- (以下、runnerをEC2サーバで構築する場合)
- セキュリティグループ、サブネット、EC2インスタンス作成
- EC2インスタンスにDocker, GitLab Runnerをインストール(サービス起動まで)
- EC2インスタンスに下記設定
- gitコマンドインストール
- gitlab-runnerユーザをvisudoに追加
- gitlab-runnerユーザをdocker groupに追加
- GitLab Runnerの登録(トークン取得->EC2インスタンス側に設定)
CI/CD処理フロー例
- 開発機からGitLabサーバにコードをpush
- GitLab Runnerがリポジトリをcloneして、①./gitlab-ci.ymlの内容を実行する
- ②Dockerfileをビルド
- ③./docker/run_ci.shで、コンテナをrun
- CMDで設定されている④./scripts/ci.shを実行
gitlab-ci.yml
before_script: - echo "Before script section" after_script: - echo "After script section" build: stage: build script: - echo "Build and Test section" - echo "$SERVICE_ACCOUNT_KEY" > ./config/gcp_key.json - docker build -t test_container:latest -f ./docker/Dockerfile ./docker - docker tag test_container:latest test_container:$CI_COMMIT_SHORT_SHA - cd ./docker && sh run_ci.sh && cd - - docker rm test_container
Dockerfile
FROM 520713654638.dkr.ecr.ap-northeast-1.amazonaws.com/sagemaker-pytorch:1.1.0-cpu-py3
ARG PYTHON_PASS=/usr/bin/python3.6
# apt install
RUN apt-get update && \
apt-get install -y --no-install-recommends \
curl \
git \
vim \
groff-base # awscli
# pip install
COPY requirements.txt /tmp/
RUN $PYTHON_PASS -m pip install --upgrade pip && \
$PYTHON_PASS -m pip install -r /tmp/requirements.txt
# install gcloud
RUN echo "deb [signed-by=/usr/share/keyrings/cloud.google.gpg] https://packages.cloud.google.com/apt cloud-sdk main" | tee -a /etc/apt/sources.list.d/google-cloud-sdk.list && \
apt-get install -y apt-transport-https ca-certificates && \
curl https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key --keyring /usr/share/keyrings/cloud.google.gpg add - && \
apt-get update && apt-get install -y google-cloud-sdk
# install docker
RUN curl https://get.docker.com | sh
# make dir
RUN mkdir -p /opt/config \
/opt/data/raw \
/opt/data/interim \
/opt/data/processed \
/opt/data/external \
/opt/features \
/opt/logs \
/opt/models \
/opt/notebooks \
/opt/reports \
/opt/scripts \
/opt/utils
# cd
WORKDIR /opt
# expose port
EXPOSE 6006
EXPOSE 8888
# exec CMD
CMD sh ./scripts/ci.sh
run_ci.sh
#!/bin/bash # usage SCRIPT_FILE=`basename $0` function usage() { echo "usage: ${SCRIPT_FILE} docker/nvidia-docker" 1>&2 } # arguments if [ $# -ne 1 ]; then usage exit 1 fi DOCKER_CMD=$1 # constant SCRIPT_DIR=$(cd $(dirname $0); pwd) LOG_FILE=${SCRIPT_DIR}/../logs/docker.log CONTAINER_NAME=sagemaker_pytorch_1_1_0_local CONTAINER_IMAGE=sagemaker_pytorch_1_1_0_local HOST_PORT=28888 CONTAINER_PORT=8888 # log function log() { local fname=${BASH_SOURCE[1]##*/} echo "$(date '+%Y-%m-%dT%H:%M:%S') ${PROCNAME} (${fname}:${BASH_LINENO[0]}:${FUNCNAME[1]}) $@" | tee -a ${LOG_FILE} } # main log "info start script" log "info CONTAINER_NAME: ${CONTAINER_NAME}, CONTAINER_IMAGE: ${CONTAINER_IMAGE}, HOST_PORT: ${HOST_PORT}, CONTAINER_PORT: ${CONTAINER_PORT}" ${DOCKER_CMD} run --name ${CONTAINER_NAME} \ --privileged \ -v $(pwd)/../config:/opt/config \ -v $(pwd)/../data:/opt/data \ -v $(pwd)/../features:/opt/features \ -v $(pwd)/../logs:/opt/logs \ -v $(pwd)/../models:/opt/models \ -v $(pwd)/../notebooks:/opt/notebooks \ -v $(pwd)/../reports:/opt/reports \ -v $(pwd)/../scripts:/opt/scripts \ -v $(pwd)/../utils:/opt/utils \ -e AWS_ACCESS_KEY_ID=${AWS_ACCSESS_KEY_ID} -e AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY} -e CI_BUILD_REF_NAME=${CI_BUILD_REF_NAME} -p ${HOST_PORT}:${CONTAINER_PORT} \ ${CONTAINER_IMAGE} if [ $? -gt 0 ]; then log "error docker run" fi # log "info end script"
ci.sh
#!/bin/bash # configure gcp gcloud auth activate-service-account sa@gserviceaccount.com --key-file ./config/gcp_key.json --project project # exec notebooks papermill ./notebooks/notebook.ipynb s3://bucket/${CI_BUILD_REF_NAME}/notebook_`date "+%Y%m%d%H%M%S"`.ipynb
