-
Notifications
You must be signed in to change notification settings - Fork 17
/
ACS::CICD::DockerDeployOnSingleEcs.json
355 lines (355 loc) · 11.9 KB
/
ACS::CICD::DockerDeployOnSingleEcs.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
{
"FormatVersion": "OOS-2019-06-01",
"Description": {
"name-en": "ACS::CICD::DockerDeployOnSingleEcs",
"name-zh-cn": "部署Docker镜像在单台ECS",
"en": "Deploy Docker Image (only support linux machine)",
"zh-cn": "部署Docker镜像 (仅支持在linux机器部署)"
},
"Parameters": {
"regionId": {
"Label": {
"en": "region",
"zh-cn": "地域"
},
"Type": "String",
"Default": "{{ ACS::RegionId }}",
"AssociationProperty": "RegionId"
},
"instanceId": {
"Label": {
"en": "ECSInstanceId",
"zh-cn": "ECS实例ID"
},
"Type": "String",
"AssociationProperty": "ALIYUN::ECS::Instance::InstanceId",
"AssociationPropertyMetadata": {
"RegionId": "regionId"
}
},
"acrType": {
"Label": {
"en": "ACR Type",
"zh-cn": "容器镜像类型"
},
"Type": "String",
"AllowedValues": [
"Enterprise",
"Personal"
],
"AssociationPropertyMetadata": {
"ValueLabelMapping": {
"Enterprise": "企业版",
"Personal": "个人版"
}
}
},
"username": {
"Label": {
"en": "Username",
"zh-cn": "用户名"
},
"Description": {
"en": "Username, represents the username of the container image",
"zh-cn": "容器镜像仓库用户名"
},
"Type": "String",
"Default": "",
"AssociationPropertyMetadata": {
"Visible": {
"Condition": {
"Fn::Equals": [
"${acrType}",
"Personal"
]
}
},
"Required": {
"Condition": {
"Fn::Equals": [
"${acrType}",
"Personal"
]
}
}
}
},
"password": {
"Label": {
"en": "Password",
"zh-cn": "密码"
},
"Description": {
"en": "Password, represents the password of the container image",
"zh-cn": "容器镜像仓库密码"
},
"Default": "",
"Type": "String",
"AssociationPropertyMetadata": {
"Visible": {
"Condition": {
"Fn::Equals": [
"${acrType}",
"Personal"
]
}
},
"Required": {
"Condition": {
"Fn::Equals": [
"${acrType}",
"Personal"
]
}
}
}
},
"acrId": {
"Label": {
"en": "ACR Instance ID",
"zh-cn": "容器镜像服务实例ID"
},
"Description": {
"en": "ACR ID, represents the ID of the cloud container registry",
"zh-cn": "容器镜像服务实例ID"
},
"Type": "String",
"Default": "",
"AssociationProperty": "ALIYUN::CR::Instance::InstanceId",
"AssociationPropertyMetadata": {
"Visible": {
"Condition": {
"Fn::Equals": [
"${acrType}",
"Enterprise"
]
}
},
"Required": {
"Condition": {
"Fn::Equals": [
"${acrType}",
"Enterprise"
]
}
}
}
},
"namespace": {
"Label": {
"en": "NameSpace",
"zh-cn": "命名空间"
},
"Description": {
"en": "namespace, represents the namespace of the container image",
"zh-cn": "容器镜像仓库命名空间"
},
"Type": "String",
"Default": "",
"AssociationProperty": "ALIYUN::CR::NameSpace::Name",
"AssociationPropertyMetadata": {
"InstanceId": "${acrId}",
"Attribute": "NamespaceName",
"Visible": {
"Condition": {
"Fn::Equals": [
"${acrType}",
"Enterprise"
]
}
},
"Required": {
"Condition": {
"Fn::Equals": [
"${acrType}",
"Enterprise"
]
}
}
}
},
"repoName": {
"Label": {
"en": "Repo Name",
"zh-cn": "仓库名称"
},
"Description": {
"en": "Repo Name, represents the repository name of the container image",
"zh-cn": "容器镜像仓库名称"
},
"Type": "String",
"AssociationProperty": "ALIYUN::CR::Repository::RepoName",
"AssociationPropertyMetadata": {
"AcrType": "${acrType}",
"RegionId": "${regionId}",
"InstanceId": "${acrId}",
"RepoNamespaceName": "${namespace}",
"RepoStatus": "ALL"
}
},
"imageVersion": {
"Label": {
"en": "Image Version",
"zh-cn": "镜像版本"
},
"Description": {
"en": "Image Version, represents the version of the container image to pull",
"zh-cn": "要拉取的镜像版本"
},
"Type": "String"
},
"dockerRunOptions": {
"Label": {
"en": "DockerRunOptions",
"zh-cn": "Docker运行选项"
},
"Description": {
"en": "DockerRunOptions, represents the options of the command \"docker run\", such as \"-p 80:80\". These will be added to the docker run command. Note that --name is not open for specification, OOS will automatically generate the default container name.",
"zh-cn": "docker run命令的选项, 例如\"-p 80:80\",这些选项会被添加到docker run命令中。注意,--name不开放指定,由OOS自动生成默认容器名。"
},
"Type": "String",
"AllowedPattern": "^(?!.*--name).*$",
"Default": ""
},
"isInternal": {
"Label": {
"en": "whether to use internal link to pull image",
"zh-cn": "是否通过内网链接拉取镜像"
},
"Description": {
"en": "False generates an public url, True generates an internal url. If you want to use internal link to pull image, please ensure that your image repository and ECS instance are in the same VPC (personal acr, accessible to all VPC machines, no separate configuration required), please refer to <a href=\"https://help.aliyun.com/zh/acr/user-guide/configure-access-over-vpcs/?spm=a2c4g.11186623.0.0.3af016be83KUhr\" target=\"_blank\">acr configuration access VPC</a>.",
"zh-cn": "False生成公网URL,True生成内网URL。如果您想要使用内网链接拉取镜像,请确保您的镜像仓库和ECS实例在同一个VPC内(个人版acr,VPC机器均可访问,无需单独配置),具体请参考<a href=\"https://help.aliyun.com/zh/acr/user-guide/configure-access-over-vpcs/?spm=a2c4g.11186623.0.0.3af016be83KUhr\" target=\"_blank\">acr配置访问VPC</a>。"
},
"Type": "Boolean",
"Default": true
}
},
"Tasks": [
{
"Name": "checkInstance",
"Action": "ACS::CheckFor",
"Description": "Checks if the ECS OSType is linux",
"Properties": {
"Service": "ECS",
"API": "DescribeInstances",
"Parameters": {
"InstanceIds": [
"{{ instanceId }}"
]
},
"DesiredValues": [
"linux"
],
"PropertySelector": "Instances.Instance[].OSType"
}
},
{
"Name": "installDocker",
"Description": {
"en": "Install environment",
"zh-cn": "安装环境"
},
"Action": "ACS::ECS::ConfigureOOSPackageWithTemporaryURL",
"Properties": {
"regionId": "{{ regionId }}",
"instanceId": "{{ instanceId }}",
"action": "install",
"packageName": "ACS-Extension-DockerCE-1853370294850618"
}
},
{
"Name": "generateAuthorizationToken",
"Action": "ACS::CR::GetAuthorizationToken",
"When": {
"Fn::Equals": [
"{{ acrType }}",
"Enterprise"
]
},
"Description": {
"en": "Generate authorization token",
"zh-cn": "生成授权令牌"
},
"Properties": {
"instanceId": "{{ acrId }}"
},
"Outputs": {
"tempUsername": {
"Type": "String",
"ValueSelector": "tempUsername"
},
"authorizationToken": {
"Type": "String",
"ValueSelector": "authorizationToken"
}
}
},
{
"Name": "getAcrName",
"Action": "ACS::ExecuteAPI",
"When": {
"Fn::Equals": [
"{{ acrType }}",
"Enterprise"
]
},
"Description": {
"en": "Get ACR name",
"zh-cn": "获取acr名称"
},
"Properties": {
"Service": "CR",
"API": "GetInstance",
"Parameters": {
"InstanceId": "{{acrId}}"
}
},
"Outputs": {
"acrName": {
"Type": "String",
"ValueSelector": ".InstanceName"
}
}
},
{
"Name": "dockerDeployEnterprise",
"When": {
"Fn::Equals": [
"{{ acrType }}",
"Enterprise"
]
},
"Description": {
"en": "Deploy Docker Image (from enterprise ACR)",
"zh-cn": "部署Docker镜像(从企业版仓库拉取)"
},
"Action": "ACS::ECS::RunCommand",
"Properties": {
"regionId": "{{ regionId }}",
"instanceId": "{{ instanceId }}",
"commandType": "RunShellScript",
"commandContent": "#!/bin/bash\nif [ {{ isInternal }} == true ]; then\n repo={{getAcrName.acrName}}-registry-vpc.{{regionId}}.cr.aliyuncs.com\n current_image={{getAcrName.acrName}}-registry-vpc.{{regionId}}.cr.aliyuncs.com/{{namespace}}/{{repoName}}:{{imageVersion}}\nelse\n repo={{getAcrName.acrName}}-registry.{{regionId}}.cr.aliyuncs.com\n current_image={{getAcrName.acrName}}-registry.{{regionId}}.cr.aliyuncs.com/{{namespace}}/{{repoName}}:{{imageVersion}}\nfi\ndocker login --username={{ generateAuthorizationToken.tempUsername }} --password={{ generateAuthorizationToken.authorizationToken }} $repo\ndocker pull $current_image\n\ncontainer_name=\"oos-{{getAcrName.acrName}}-{{regionId}}-{{namespace}}-{{repoName}}\"\ncontainer_id=$(docker ps -aq -f name=${container_name}) \n\nif [ -n \"$container_id\" ]; then\n docker stop $container_id\n docker rm $container_id\nfi\n\nif [ -n '{{ dockerRunOptions }}' ]; then\n docker run -d --name ${container_name} {{ dockerRunOptions }} $current_image\nelse\n docker run -d --name ${container_name} $current_image\nfi"
}
},
{
"Name": "dockerDeployPersonal",
"When": {
"Fn::Equals": [
"{{ acrType }}",
"Personal"
]
},
"Description": {
"en": "Deploy Docker Image (from personal ACR)",
"zh-cn": "部署Docker镜像(从个人版仓库拉取)"
},
"Action": "ACS::ECS::RunCommand",
"Properties": {
"regionId": "{{ regionId }}",
"instanceId": "{{ instanceId }}",
"commandType": "RunShellScript",
"commandContent": "#!/bin/bash\nif [ {{ isInternal }} == true ]; then\n repo=registry-vpc.{{regionId}}.aliyuncs.com\n original_repo_name=\"{{repoName}}\"\n modified_repo_name=$(echo \"$original_repo_name\" | sed 's/registry\\(.*\\)\\./registry-vpc\\1./')\n current_image=$modified_repo_name:{{imageVersion}}\nelse\n repo=registry.{{regionId}}.aliyuncs.com\n current_image={{repoName}}:{{imageVersion}}\nfi\ndocker login --username={{ username }} --password={{ password }} $repo\ndocker pull $current_image\n\ninput_full_repo_name=\"{{repoName}}\"\ncur_repo_name=${input_full_repo_name##*/}\ninput_full_repo_name_without_tail=${input_full_repo_name%/*}\ncur_namespace=${input_full_repo_name_without_tail##*/}\n\ncontainer_name=\"oos-{{regionId}}-$cur_namespace-$cur_repo_name\"\ncontainer_id=$(docker ps -aq -f name=${container_name}) \n\nif [ -n \"$container_id\" ]; then\n docker stop $container_id\n docker rm $container_id\nfi\n\nif [ -n '{{ dockerRunOptions }}' ]; then\n docker run -d --name ${container_name} {{ dockerRunOptions }} $current_image\nelse\n docker run -d --name ${container_name} $current_image\nfi"
}
}
]
}