From 385c6a3d07b6d143f9532dba8c2784cbf60cba54 Mon Sep 17 00:00:00 2001 From: eust-w Date: Mon, 14 Apr 2025 14:23:02 +0800 Subject: [PATCH] :rocket: add cicd --- .drone.yml | 68 ++++++++++++++++++++++++++ .env | 2 +- .gitignore | 31 ++++++++++++ Dockerfile | 27 +++++++++++ k8s-deployment.yaml | 113 ++++++++++++++++++++++++++++++++++++++++++++ poetry.toml | 2 + 6 files changed, 242 insertions(+), 1 deletion(-) create mode 100644 .drone.yml create mode 100644 .gitignore create mode 100644 Dockerfile create mode 100644 k8s-deployment.yaml create mode 100644 poetry.toml diff --git a/.drone.yml b/.drone.yml new file mode 100644 index 0000000..d8cad1d --- /dev/null +++ b/.drone.yml @@ -0,0 +1,68 @@ +# Drone CI/CD 配置文件 +kind: pipeline +type: docker # 使用 Docker 作为执行环境 +name: imgsearcher-pipeline + +steps: + # 步骤1: 构建 Python 应用 + - name: build_imgsearcher + image: ccr-29eug8s3-vpc.cnc.bj.baidubce.com/service/python:3.9-slim + commands: + - pip install poetry + - poetry config virtualenvs.create false + - poetry install --no-dev + - mkdir -p build/imgsearcher + - cp -r app.py app pyproject.toml poetry.lock Dockerfile build/imgsearcher/ + when: + branch: + - dev + + # 步骤2: 构建 imgsearcher 服务的 Docker 镜像 + - name: image_imgsearcher + image: ccr-29eug8s3-vpc.cnc.bj.baidubce.com/service/kaniko:latest + settings: + registry: ccr-29eug8s3-vpc.cnc.bj.baidubce.com + repo: ccr-29eug8s3-vpc.cnc.bj.baidubce.com/service/imgsearcher + username: + from_secret: registry_username + password: + from_secret: registry_password + tags: + - latest + - ${DRONE_COMMIT_SHA} + dockerfile: Dockerfile + build_args: + - HTTP_PROXY=${HTTP_PROXY} + - HTTPS_PROXY=${HTTPS_PROXY} + - NO_PROXY=${NO_PROXY} + when: + branch: + - dev + + # 步骤3: 部署 imgsearcher 到开发环境 + - name: deploy-imgsearcher-dev + image: ccr-29eug8s3-vpc.cnc.bj.baidubce.com/service/drone-kubernetes + settings: + kubernetes_server: + from_secret: kubernetes_server_dev + kubernetes_token: + from_secret: kubernetes_token_dev + kubernetes_cert: + from_secret: kubernetes_cert_dev + namespace: + from_secret: kubernetes_namespace_dev + deployment: imgsearcher + container: imgsearcher + repo: ccr-29eug8s3-vpc.cnc.bj.baidubce.com/service/imgsearcher + tag: ${DRONE_COMMIT_SHA} + when: + branch: + - dev + + +trigger: + branch: + - dev + event: + - push + - tag diff --git a/.env b/.env index f4205bc..cc47590 100644 --- a/.env +++ b/.env @@ -10,4 +10,4 @@ AZURE_OPENAI_DEPLOYMENT_NAME=gpt-4o-drobotics # MongoDB配置 MONGO_URI=mongodb://localhost:27017/ -MONGO_DB_NAME=imgsearcherxx \ No newline at end of file +MONGO_DB_NAME=imgsearcher \ No newline at end of file diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..e8b75da --- /dev/null +++ b/.gitignore @@ -0,0 +1,31 @@ +# Python缓存文件 +__pycache__/ +*.py[cod] +*$py.class + +# 虚拟环境 +venv/ +env/ +ENV/ + +# 上传的文件 +uploads/ + +# 日志文件 +*.log + +# 本地配置 +.env.local +.env.development.local +.env.test.local +.env.production.local + +# IDE文件 +.idea/ +.vscode/ +*.swp +*.swo + +# 系统文件 +.DS_Store +Thumbs.db diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..987c96d --- /dev/null +++ b/Dockerfile @@ -0,0 +1,27 @@ +FROM python:3.9-slim + +WORKDIR /app + +# 安装Poetry +RUN pip install --no-cache-dir poetry + +# 配置Poetry不创建虚拟环境 +RUN poetry config virtualenvs.create false + +# 复制Poetry配置文件 +COPY pyproject.toml poetry.lock* ./ + +# 安装依赖 +RUN poetry install --no-dev --no-interaction --no-ansi + +# 复制应用程序代码 +COPY . . + +# 创建上传目录 +RUN mkdir -p uploads + +# 暴露应用端口 +EXPOSE 5001 + +# 运行应用 +CMD ["python", "app.py"] diff --git a/k8s-deployment.yaml b/k8s-deployment.yaml new file mode 100644 index 0000000..f9d5b5e --- /dev/null +++ b/k8s-deployment.yaml @@ -0,0 +1,113 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: imgsearcher + namespace: imgsearcher + labels: + app: imgsearcher +spec: + replicas: 2 + selector: + matchLabels: + app: imgsearcher + template: + metadata: + labels: + app: imgsearcher + spec: + containers: + - name: imgsearcher + image: ${DRONE_REPO_OWNER}/imgsearcher:${DRONE_COMMIT_SHA:0:8} + ports: + - containerPort: 5001 + env: + - name: MONGO_URI + valueFrom: + secretKeyRef: + name: imgsearcher-secrets + key: mongo-uri + - name: BAIDU_API_KEY + valueFrom: + secretKeyRef: + name: imgsearcher-secrets + key: baidu-api-key + - name: BAIDU_SECRET_KEY + valueFrom: + secretKeyRef: + name: imgsearcher-secrets + key: baidu-secret-key + - name: AZURE_API_KEY + valueFrom: + secretKeyRef: + name: imgsearcher-secrets + key: azure-api-key + - name: AZURE_API_ENDPOINT + valueFrom: + secretKeyRef: + name: imgsearcher-secrets + key: azure-api-endpoint + resources: + limits: + cpu: "500m" + memory: "512Mi" + requests: + cpu: "200m" + memory: "256Mi" + volumeMounts: + - name: uploads + mountPath: /app/uploads + volumes: + - name: uploads + persistentVolumeClaim: + claimName: imgsearcher-uploads-pvc +--- +apiVersion: v1 +kind: Service +metadata: + name: imgsearcher + namespace: imgsearcher +spec: + selector: + app: imgsearcher + ports: + - port: 80 + targetPort: 5001 + type: ClusterIP +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: imgsearcher + namespace: imgsearcher + annotations: + kubernetes.io/ingress.class: nginx + cert-manager.io/cluster-issuer: letsencrypt-prod +spec: + rules: + - host: imgsearcher.example.com + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: imgsearcher + port: + number: 80 + tls: + - hosts: + - imgsearcher.example.com + secretName: imgsearcher-tls +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: imgsearcher-uploads-pvc + namespace: imgsearcher +spec: + accessModes: + - ReadWriteMany + resources: + requests: + storage: 10Gi + storageClassName: standard diff --git a/poetry.toml b/poetry.toml new file mode 100644 index 0000000..084377a --- /dev/null +++ b/poetry.toml @@ -0,0 +1,2 @@ +[virtualenvs] +create = false