前言之前我们每次上线都要手动执行十几步操作稍有疏漏就会导致生产故障。引入CI/CD之后从提交代码到自动部署上线全程不超过8分钟。这篇文章分享我们团队落地CI/CD的实战经验。一、CI/CD是什么CI持续集成 开发者提交代码 → 自动触发构建 → 自动运行测试 目标尽早发现问题 CD持续交付/部署 测试通过 → 自动打包 → 自动部署到环境 目标随时可以发布 完整流程 代码提交 → 代码检查 → 自动测试 → 构建镜像 → 部署测试环境 → 部署生产环境二、GitHub Actions实战2.1 基础流水线yaml# .github/workflows/ci.yml name: CI/CD Pipeline on: push: branches: [ main, develop ] pull_request: branches: [ main ] jobs: test: runs-on: ubuntu-latest steps: - name: 拉取代码 uses: actions/checkoutv3 - name: 设置Node.js环境 uses: actions/setup-nodev3 with: node-version: 18 cache: npm - name: 安装依赖 run: npm ci - name: 代码检查 run: npm run lint - name: 运行测试 run: npm run test:coverage - name: 上传覆盖率报告 uses: codecov/codecov-actionv3 with: token: ${{ secrets.CODECOV_TOKEN }}2.2 构建和部署yamlbuild-and-deploy: needs: test # 依赖test job通过 runs-on: ubuntu-latest if: github.ref refs/heads/main steps: - uses: actions/checkoutv3 - name: 登录镜像仓库 uses: docker/login-actionv2 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - name: 构建并推送镜像 uses: docker/build-push-actionv4 with: push: true tags: | myapp:latest myapp:${{ github.sha }} - name: 部署到生产服务器 uses: appleboy/ssh-actionmaster with: host: ${{ secrets.SERVER_HOST }} username: ${{ secrets.SERVER_USER }} key: ${{ secrets.SSH_PRIVATE_KEY }} script: | docker pull myapp:latest docker-compose up -d --no-deps app docker image prune -f三、多环境部署策略3.1 分支对应环境分支策略 feature/* → 本地开发 develop → 开发环境自动部署 staging → 测试环境自动部署 main → 生产环境手动审批3.2 环境隔离配置yaml# .github/workflows/deploy.yml jobs: deploy-dev: if: github.ref refs/heads/develop environment: name: development url: https://dev.myapp.com steps: - name: 部署到开发环境 run: ./deploy.sh dev deploy-staging: if: github.ref refs/heads/staging environment: name: staging url: https://staging.myapp.com steps: - name: 部署到测试环境 run: ./deploy.sh staging deploy-prod: if: github.ref refs/heads/main environment: name: production url: https://myapp.com # 配置了reviewers需要人工审批 steps: - name: 部署到生产环境 run: ./deploy.sh prod四、自动化测试集成4.1 测试分层策略测试金字塔 E2E测试少量 端到端模拟真实用户 ────────────────────── 集成测试中量 测试模块间交互 ────────────────────────── 单元测试大量 测试单个函数/组件 ──────────────────────────────4.2 并行测试加速yamltest: strategy: matrix: test-suite: [unit, integration, e2e] steps: - name: 运行 ${{ matrix.test-suite }} 测试 run: npm run test:${{ matrix.test-suite }}4.3 测试结果可视化yaml- name: 发布测试报告 uses: EnricoMi/publish-unit-test-result-actionv2 if: always() with: files: test-results/**/*.xml - name: PR评论覆盖率 uses: MishaKav/jest-coverage-commentmain with: coverage-summary-path: ./coverage/coverage-summary.json五、流水线优化技巧5.1 缓存加速构建yaml- name: 缓存npm依赖 uses: actions/cachev3 with: path: ~/.npm key: ${{ runner.os }}-node-${{ hashFiles(**/package-lock.json) }} restore-keys: | ${{ runner.os }}-node- - name: 缓存Docker构建层 uses: actions/cachev3 with: path: /tmp/.buildx-cache key: ${{ runner.os }}-buildx-${{ github.sha }} restore-keys: | ${{ runner.os }}-buildx-5.2 条件跳过非必要步骤yaml- name: 检测文件变更 uses: dorny/paths-filterv2 id: changes with: filters: | backend: - src/backend/** frontend: - src/frontend/** - name: 仅在后端变更时运行后端测试 if: steps.changes.outputs.backend true run: npm run test:backend六、部署脚本实战bash#!/bin/bash # deploy.sh ENV$1 IMAGE_TAG${2:-latest} echo 开始部署到 $ENV 环境... # 切换到目标环境 case $ENV in dev) SERVERdev.myapp.com COMPOSE_FILEdocker-compose.dev.yml ;; staging) SERVERstaging.myapp.com COMPOSE_FILEdocker-compose.staging.yml ;; prod) SERVERmyapp.com COMPOSE_FILEdocker-compose.prod.yml ;; esac # 蓝绿部署 echo 拉取最新镜像... docker pull myapp:$IMAGE_TAG echo 切换流量... docker-compose -f $COMPOSE_FILE up -d --no-deps --scale app2 app echo ✅ 健康检查... sleep 10 curl -f https://$SERVER/health || exit 1 echo 清理旧实例... docker-compose -f $COMPOSE_FILE up -d --no-deps --scale app1 app echo 部署完成七、通知和告警yaml- name: 部署成功通知 if: success() uses: 8398a7/action-slackv3 with: status: success text: ✅ ${{ github.repository }} 部署成功 webhook_url: ${{ secrets.SLACK_WEBHOOK }} - name: 部署失败通知 if: failure() uses: 8398a7/action-slackv3 with: status: failure text: ❌ ${{ github.repository }} 部署失败请立即排查 webhook_url: ${{ secrets.SLACK_WEBHOOK }}八、团队协作我们的DevOps团队和开发团队在不同城市协同工作流水线配置出问题时需要跨团队快速沟通。为了让不同背景的工程师都能准确理解故障描述和修复方案会议中我们借助擅长实时语音翻译的同言翻译Transync AI来消除沟通障碍大幅缩短了故障响应时间。九、最佳实践检查清单□ 所有代码变更必须通过CI才能合并 □ 测试覆盖率不低于80% □ 构建时间控制在10分钟以内 □ 生产部署需人工审批 □ 敏感信息全部存储在Secrets中 □ 部署失败时自动回滚 □ 关键节点有通知告警 □ 定期清理无用的镜像和缓存总结引入CI/CD的核心价值在于质量保障每次提交都经过自动测试效率提升告别手动部署减少人为失误快速反馈问题在代码阶段就被发现持续交付随时都有可发布的稳定版本从一条简单的GitHub Actions流水线开始逐步完善这套体系一定会成为你团队最可靠的基础设施之一。
CI/CD流水线实战:让代码部署从“手动苦力“变成“全自动化“
发布时间:2026/5/21 9:23:37
前言之前我们每次上线都要手动执行十几步操作稍有疏漏就会导致生产故障。引入CI/CD之后从提交代码到自动部署上线全程不超过8分钟。这篇文章分享我们团队落地CI/CD的实战经验。一、CI/CD是什么CI持续集成 开发者提交代码 → 自动触发构建 → 自动运行测试 目标尽早发现问题 CD持续交付/部署 测试通过 → 自动打包 → 自动部署到环境 目标随时可以发布 完整流程 代码提交 → 代码检查 → 自动测试 → 构建镜像 → 部署测试环境 → 部署生产环境二、GitHub Actions实战2.1 基础流水线yaml# .github/workflows/ci.yml name: CI/CD Pipeline on: push: branches: [ main, develop ] pull_request: branches: [ main ] jobs: test: runs-on: ubuntu-latest steps: - name: 拉取代码 uses: actions/checkoutv3 - name: 设置Node.js环境 uses: actions/setup-nodev3 with: node-version: 18 cache: npm - name: 安装依赖 run: npm ci - name: 代码检查 run: npm run lint - name: 运行测试 run: npm run test:coverage - name: 上传覆盖率报告 uses: codecov/codecov-actionv3 with: token: ${{ secrets.CODECOV_TOKEN }}2.2 构建和部署yamlbuild-and-deploy: needs: test # 依赖test job通过 runs-on: ubuntu-latest if: github.ref refs/heads/main steps: - uses: actions/checkoutv3 - name: 登录镜像仓库 uses: docker/login-actionv2 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - name: 构建并推送镜像 uses: docker/build-push-actionv4 with: push: true tags: | myapp:latest myapp:${{ github.sha }} - name: 部署到生产服务器 uses: appleboy/ssh-actionmaster with: host: ${{ secrets.SERVER_HOST }} username: ${{ secrets.SERVER_USER }} key: ${{ secrets.SSH_PRIVATE_KEY }} script: | docker pull myapp:latest docker-compose up -d --no-deps app docker image prune -f三、多环境部署策略3.1 分支对应环境分支策略 feature/* → 本地开发 develop → 开发环境自动部署 staging → 测试环境自动部署 main → 生产环境手动审批3.2 环境隔离配置yaml# .github/workflows/deploy.yml jobs: deploy-dev: if: github.ref refs/heads/develop environment: name: development url: https://dev.myapp.com steps: - name: 部署到开发环境 run: ./deploy.sh dev deploy-staging: if: github.ref refs/heads/staging environment: name: staging url: https://staging.myapp.com steps: - name: 部署到测试环境 run: ./deploy.sh staging deploy-prod: if: github.ref refs/heads/main environment: name: production url: https://myapp.com # 配置了reviewers需要人工审批 steps: - name: 部署到生产环境 run: ./deploy.sh prod四、自动化测试集成4.1 测试分层策略测试金字塔 E2E测试少量 端到端模拟真实用户 ────────────────────── 集成测试中量 测试模块间交互 ────────────────────────── 单元测试大量 测试单个函数/组件 ──────────────────────────────4.2 并行测试加速yamltest: strategy: matrix: test-suite: [unit, integration, e2e] steps: - name: 运行 ${{ matrix.test-suite }} 测试 run: npm run test:${{ matrix.test-suite }}4.3 测试结果可视化yaml- name: 发布测试报告 uses: EnricoMi/publish-unit-test-result-actionv2 if: always() with: files: test-results/**/*.xml - name: PR评论覆盖率 uses: MishaKav/jest-coverage-commentmain with: coverage-summary-path: ./coverage/coverage-summary.json五、流水线优化技巧5.1 缓存加速构建yaml- name: 缓存npm依赖 uses: actions/cachev3 with: path: ~/.npm key: ${{ runner.os }}-node-${{ hashFiles(**/package-lock.json) }} restore-keys: | ${{ runner.os }}-node- - name: 缓存Docker构建层 uses: actions/cachev3 with: path: /tmp/.buildx-cache key: ${{ runner.os }}-buildx-${{ github.sha }} restore-keys: | ${{ runner.os }}-buildx-5.2 条件跳过非必要步骤yaml- name: 检测文件变更 uses: dorny/paths-filterv2 id: changes with: filters: | backend: - src/backend/** frontend: - src/frontend/** - name: 仅在后端变更时运行后端测试 if: steps.changes.outputs.backend true run: npm run test:backend六、部署脚本实战bash#!/bin/bash # deploy.sh ENV$1 IMAGE_TAG${2:-latest} echo 开始部署到 $ENV 环境... # 切换到目标环境 case $ENV in dev) SERVERdev.myapp.com COMPOSE_FILEdocker-compose.dev.yml ;; staging) SERVERstaging.myapp.com COMPOSE_FILEdocker-compose.staging.yml ;; prod) SERVERmyapp.com COMPOSE_FILEdocker-compose.prod.yml ;; esac # 蓝绿部署 echo 拉取最新镜像... docker pull myapp:$IMAGE_TAG echo 切换流量... docker-compose -f $COMPOSE_FILE up -d --no-deps --scale app2 app echo ✅ 健康检查... sleep 10 curl -f https://$SERVER/health || exit 1 echo 清理旧实例... docker-compose -f $COMPOSE_FILE up -d --no-deps --scale app1 app echo 部署完成七、通知和告警yaml- name: 部署成功通知 if: success() uses: 8398a7/action-slackv3 with: status: success text: ✅ ${{ github.repository }} 部署成功 webhook_url: ${{ secrets.SLACK_WEBHOOK }} - name: 部署失败通知 if: failure() uses: 8398a7/action-slackv3 with: status: failure text: ❌ ${{ github.repository }} 部署失败请立即排查 webhook_url: ${{ secrets.SLACK_WEBHOOK }}八、团队协作我们的DevOps团队和开发团队在不同城市协同工作流水线配置出问题时需要跨团队快速沟通。为了让不同背景的工程师都能准确理解故障描述和修复方案会议中我们借助擅长实时语音翻译的同言翻译Transync AI来消除沟通障碍大幅缩短了故障响应时间。九、最佳实践检查清单□ 所有代码变更必须通过CI才能合并 □ 测试覆盖率不低于80% □ 构建时间控制在10分钟以内 □ 生产部署需人工审批 □ 敏感信息全部存储在Secrets中 □ 部署失败时自动回滚 □ 关键节点有通知告警 □ 定期清理无用的镜像和缓存总结引入CI/CD的核心价值在于质量保障每次提交都经过自动测试效率提升告别手动部署减少人为失误快速反馈问题在代码阶段就被发现持续交付随时都有可发布的稳定版本从一条简单的GitHub Actions流水线开始逐步完善这套体系一定会成为你团队最可靠的基础设施之一。
与开关(lv_switch)事件处理全解析:从点击检测到实现‘智能家居面板’)
)
)
)
