็†ฑ้–€ๅˆ†้กž
 ่ผ‰ๅ…ฅไธญ…
็›ฎ้Œ„

๐Ÿ™ GitLab CI/CD ้ซ˜้šŽ่‡ชๅ‹•ๅŒ–:Pipeline Templates、Dynamic Environments ่ˆ‡ GitOps ไฝˆ็ฝฒๆต็จ‹

wwfandy ่จˆ็ฎ—ไธญ…

    ๐Ÿ™ GitLab CI/CD ้ซ˜้šŽ่‡ชๅ‹•ๅŒ–:Pipeline Templates、Dynamic Environments ่ˆ‡ GitOps ไฝˆ็ฝฒๆต็จ‹

    GitLab CI/CD ๆ˜ฏ็›ฎๅ‰ๆœ€ๅฎŒๆ•ด、ๅฏๆ“ดๅ……ๆ€งๆœ€้ซ˜็š„ DevOps ๅนณๅฐไน‹ไธ€。 ๅคงๅคšๆ•ธไบบๅชๆœƒๆ’ฐๅฏซๅŸบๆœฌ็š„ .gitlab-ci.yml,ไฝ†ๅœจไผๆฅญๆˆ–ๅคงๅž‹ๅฐˆๆกˆไธญ,ๅฟ…้ ˆๅ–„็”จ:

    • Pipeline Templates(ๅฏ้‡่ค‡ไฝฟ็”จ)
    • Dynamic Environments(ๅ‹•ๆ…‹้ƒจ็ฝฒ)
    • GitOps + Auto Deploy(่‡ชๅ‹•ไฝˆ็ฝฒ)
    • Multi-stage pipelines(ๅคš้šŽๆฎต)
    • Environment-specific configs(ไพ็’ฐๅขƒๅˆ‡ๆ›่จญๅฎš)

    ๆœฌๆ–‡ๅฐ‡็”จๅฎŒๆ•ด็คบไพ‹่ˆ‡ๆžถๆง‹ๅœ–,ๅธถไฝ ๅพžๅŸบ็คŽๅˆฐๅฏฆๆˆฐ,ๆ‰“้€ ไผๆฅญ็ดš GitLab ่‡ชๅ‹•ๅŒ–ๆจกๅผ。

    ๐Ÿ“Œ ไธ€、Pipeline Templates:ๆ‰“้€ ๅฏ้‡่ค‡ไฝฟ็”จ็š„ CI ๆจฃๆฟ

    ็•ถไฝ ๆœ‰ๅคšๅ€‹ๅฐˆๆกˆ,้œ€่ฆ็›ธๅŒ็š„ CI ๆต็จ‹(ไพ‹ๅฆ‚ build、test、scan、deploy), ๆœ€ๅฅฝ็š„ๆ–นๅผๅฐฑๆ˜ฏๅฐ‡ Pipeline ่จญ่จˆๆˆ「ๆจก็ต„ๅŒ–」ไธฆ่ขซๅฐˆๆกˆๅผ•ๅ…ฅ。

    ✔ ๅปบ็ซ‹ CI ๆจฃๆฟ(ci-templates/build.yml)

    # templates/build.yml
.build_template:
  image: docker:latest
  services:
    - docker:dind
  script:
    - docker build -t $CI_REGISTRY_IMAGE:$CI_COMMIT_SHORT_SHA .
    - docker push $CI_REGISTRY_IMAGE:$CI_COMMIT_SHORT_SHA

    ✔ ๅฐˆๆกˆไธป CI ๅผ•ๅ…ฅ Template

    include:
  - project: 'devops/ci-templates'
    file: '/build.yml'

build:
  extends: .build_template

    ้€™ๆจฃๆ‰€ๆœ‰ๅฐˆๆกˆๅฐฑ่ƒฝๅ…ฑไบซ็›ธๅŒๆต็จ‹,้”ๆˆ「ๅŸบ็คŽ CI ๅนณๅฐๅŒ–」。

    ๐Ÿ“Œ ไบŒ、Dynamic Environments:็œŸๆญฃ็š„ PR Preview / Feature Testing

    Dynamic Environment ๅฏไปฅ็‚บๆฏๅ€‹ branch ๆˆ–ๆฏๅ€‹ Merge Request ๅปบ็ซ‹่‡ชๅทฑ็š„็จ็ซ‹็’ฐๅขƒ:

    • ่‡ชๅ‹•้ƒจ็ฝฒ
    • ่‡ชๅ‹•ๅปบ็ซ‹ๅญ็ถฒๅŸŸ
    • PR ๅˆไฝตๅพŒ่‡ชๅ‹•ๅˆช้™ค

    ็ฏ„ไพ‹:ๆฏๅ€‹ branch ่‡ชๅ‹•ๅปบ็ซ‹ๅฐๆ‡‰็’ฐๅขƒ

    stages:
  - build
  - deploy

deploy_preview:
  stage: deploy
  script:
    - helm upgrade --install app-$CI_COMMIT_REF_SLUG ./chart \
        --set env=$CI_COMMIT_REF_SLUG
  environment:
    name: review/$CI_COMMIT_REF_NAME
    url: https://$CI_COMMIT_REF_SLUG.example.com
  only:
    - branches

    ไธŠไพ‹ๆœƒ่ฎ“ๆฏๅ€‹ branch ่‡ชๅ‹•ๅปบ็ซ‹: review/branch-name ็š„้ƒจ็ฝฒ็’ฐๅขƒ。

    ๐Ÿ“Œ ไธ‰、ไฝฟ็”จ includes ๅˆ‡ๅˆ†ๅคš้šŽๆฎต Pipeline(ๅคงๅž‹ๅฐˆๆกˆๆœ€ไฝณ่งฃ)

    ๅฏๅฐ‡ CI ๅˆ†ๆˆๅคšๅ€‹้ƒจๅˆ†:

    .gitlab-ci.yml
ci/
  ├── build.yml
  ├── test.yml
  ├── security.yml
  └── deploy.yml

    ไธป CI(็ฐกๆฝ”ๆธ…ๆฅš)

    include:
  - local: 'ci/build.yml'
  - local: 'ci/test.yml'
  - local: 'ci/security.yml'
  - local: 'ci/deploy.yml'

    ๅ› ๆญคๅคงๅž‹ๅœ˜้šŠๅฏไปฅๆธ…ๆฅšๅˆ†ๅทฅ,ไนŸๆๅ‡ CI ็‰ˆๆœฌๆŽงๅˆถ็š„ๅฏ่ฎ€ๆ€ง。

    ๐Ÿ“Œ ๅ››、GitOps ่‡ชๅ‹•ๅŒ–ไฝˆ็ฝฒ(ArgoCD / FluxCD)

    ๅ‚ณ็ตฑ CI/CD ๆ˜ฏ: CI build → CD deploy ็›ดๆŽฅๆŽจ้€ๅˆฐ Kubernetes

    GitOps ็š„ๅทฅไฝœๆต็จ‹ๆ˜ฏ: CI build → CI ๆ›ดๆ–ฐ manifest → Git Repo → ArgoCD/Flux ่‡ชๅ‹•ๅŒๆญฅ้ƒจ็ฝฒ

    ๆžถๆง‹ๅœ–(ASCII)

    +--------------+         +---------------------+
|   GitLab     | push    |  GitOps Repo (K8s)  |
|   (CI Build) +-------->+  deployment.yaml    |
+--------------+         +---------+-----------+
                                      |
                                      v (auto-sync)
                                 +-----------+
                                 | ArgoCD    |
                                 +-----+-----+
                                       |
                                       v
                                 +-----------+
                                 | Kubernetes|
                                 +-----------+

    ้€™็จฎๆžถๆง‹็š„ๅฅฝ่™•:

    • ้›ถไฟกไปป:CI ไธ้œ€่ฆ็›ดๆŽฅๆ“ไฝœ Kubernetes
    • ็’ฐๅขƒ็‹€ๆ…‹ๅฎŒๅ…จไปฅ Git ็‚บๆบ–(ๅณ Infrastructure as Code)
    • ๅฏ่ฟฝ่นคๆ‰€ๆœ‰้ƒจ็ฝฒ็š„ๆญทๅฒ่จ˜้Œ„

    ๐Ÿ“Œ ไบ”、็ฏ„ไพ‹:CI ่‡ชๅ‹•ๆ›ดๆ–ฐ deployment.yaml(GitOps Workflow)

    CI ๆ›ดๆ–ฐ็‰ˆๆœฌ่™Ÿ

    update_manifest:
  stage: deploy
  image: alpine
  script:
    - sed -i "s/tag:.*/tag: $CI_COMMIT_SHORT_SHA/" k8s/deployment.yaml
    - git config --global user.email "ci@example.com"
    - git config --global user.name "gitlab-ci"
    - git add k8s/deployment.yaml
    - git commit -m "Update image tag to $CI_COMMIT_SHORT_SHA"
    - git push origin HEAD:main
  only:
    - main

    ArgoCD / Flux ๅฐฑๆœƒ่‡ชๅ‹•ๆŠŠๆ–ฐ็‰ˆ deployment ้ƒจ็ฝฒๅˆฐๅข้›†。

    ๐Ÿ“Œ ๅ…ญ、Multi-Stage Pipeline(Build → Test → Scan → Deploy)

    stages:
  - build
  - test
  - security
  - deploy

build:
  stage: build
  script:
    - docker build -t app:$CI_COMMIT_SHA .

unit_test:
  stage: test
  script:
    - pytest

security_scan:
  stage: security
  script:
    - trivy fs .

deploy_prod:
  stage: deploy
  script:
    - helm upgrade --install app ./chart
  only:
    - tags

    ้€™ๆ˜ฏไผๆฅญๆœ€ๅธธ่ฆ‹็š„ CI/CD ้šŽๆฎตๅˆ†ไฝˆ่จญ่จˆ。

    ๐Ÿ“Œ ไธƒ、Environment-Specific Config(ไธๅŒ็’ฐๅขƒ่‡ชๅ‹•ๅˆ‡ๆ›่จญๅฎš)

    ๅธธ่ฆ‹้œ€ๆฑ‚:

    • dev ไฝฟ็”จ dev DB
    • stage ไฝฟ็”จ stage DB
    • prod ไฝฟ็”จๅฐˆ็”จ่จญๅฎš

    CI ไธญๅ‹•ๆ…‹ๆณจๅ…ฅ Config

    script:
  - if [ "$CI_ENVIRONMENT_NAME" == "production" ]; then export APP_ENV=prod; fi
  - if [ "$CI_ENVIRONMENT_NAME" == "staging" ]; then export APP_ENV=stage; fi
  - echo "Using environment: $APP_ENV"

    ๐Ÿ“Œ ๅ…ซ、ๆœ€ไฝณๅฏฆๅ‹™็ธฝ็ต(ๅปบ่ญฐไฝ ไฝฟ็”จ้€™ไบ›)

    • ✔ ไฝฟ็”จ Pipeline Templates ็ฎก็†ๅ…ฑ็”จๆต็จ‹
    • ✔ ไฝฟ็”จ include ๅˆ‡ๅˆ†ๅคงๅž‹ CI ๆ–‡ไปถ
    • ✔ ไฝฟ็”จ Dynamic Environments ๅš preview
    • ✔ ไฝฟ็”จ GitOps ่‡ชๅ‹•ๅŒ–ไฝˆ็ฝฒ(ArgoCD/Flux)
    • ✔ ไฝฟ็”จ Multi-stage pipelines ๆŽงๅˆถ CI ็ตๆง‹
    • ✔ ไฝฟ็”จ Environment-specific configs ๅˆ†ๆต่จญๅฎš

    ็•ถไฝ ๆŠŠ GitLab CI/CD ไปฅ「ๅนณๅฐๅŒ–」、「ๆจก็ต„ๅŒ–」็š„ๆ–นๅผๅปบ็ฝฎไน‹ๅพŒ, ๅฐฑ่ƒฝ้”ๅˆฐไผๆฅญ็ดš็š„ DevOps ่ƒฝๅŠ›,่ฎ“ไปปไฝ•ๅฐˆๆกˆ้ƒฝ่ƒฝๅฟซ้€Ÿ、ๅฎ‰ๅ…จ、่‡ชๅ‹•ๅœฐๅฎŒๆˆ้ƒจ็ฝฒ。

    ๆจ™็ฑค:
    ๐Ÿ”— ๅˆ†ไบซ้€™็ฏ‡ LINE Facebook X

    ๆฒ’ๆœ‰็•™่จ€:

    ๅผต่ฒผ็•™่จ€

    ๅญ—็ดš