MonkeyCode DevOps 实践：CI/CD流水线与自动化部署全流程

MonkeyCode DevOps 实践CI/CD流水线与自动化部署全流程MonkeyCode 作为一个开源项目自身的CI/CD流水线也是开源的。从代码提交到生产部署全流程自动化。本文分享我们的DevOps实践这些配置你也可以直接用在项目中。整体流水线代码提交 → 自动化流程:\n\n1. Lint 格式化检查 (2分钟)\n2. 单元测试 (5分钟)\n3. 集成测试 (10分钟)\n4. 安全扫描 (3分钟)\n5. Docker镜像构建 (5分钟)\n6. 部署到Staging (3分钟)\n7. E2E测试 (10分钟)\n8. 人工确认 → 部署到Production\n\n总耗时: 约40分钟不含人工确认GitHub Actions配置PR检查流水线# .github/workflows/pr-check.yml\nname: PR Check\n\non:\n pull_request:\n branches: [main]\n\njobs:\n lint:\n runs-on: ubuntu-latest\n steps:\n - uses: actions/checkoutv4\n - uses: actions/setup-gov5\n with: { go-version: 1.22 }\n - run: go vet ./...\n - run: golint ./...\n\n test:\n needs: lint\n runs-on: ubuntu-latest\n steps:\n - uses: actions/checkoutv4\n - run: go test -race -coverprofilecoverage.out ./...\n - uses: codecov/codecov-actionv3\n with:\n file: coverage.out\n fail_ci_if_error: true\n\n security:\n needs: lint\n runs-on: ubuntu-latest\n steps:\n - uses: actions/checkoutv4\n - uses: aquasecurity/trivy-actionmaster\n with:\n scan-type: fs\n severity: CRITICAL,HIGH\n exit-code: 1\n\n frontend:\n runs-on: ubuntu-latest\n steps:\n - uses: actions/checkoutv4\n - uses: actions/setup-nodev4\n with: { node-version: 20 }\n - run: cd frontend npm ci\n - run: cd frontend npm run lint\n - run: cd frontend npm run test\n - run: cd frontend npm run build发布流水线# .github/workflows/release.yml\nname: Release\n\non:\n push:\n tags: [v*]\n\njobs:\n build:\n strategy:\n matrix:\n include:\n - os: linux, arch: amd64\n - os: linux, arch: arm64\n - os: darwin, arch: amd64\n - os: darwin, arch: arm64\n - os: windows, arch: amd64\n steps:\n - uses: actions/checkoutv4\n - run: CGO_ENABLED0 GOOS${{ matrix.os }} GOARCH${{ matrix.arch }} go build -o monkeycode\n - uses: actions/upload-artifactv4\n with:\n name: monkeycode-${{ matrix.os }}-${{ matrix.arch }}\n path: monkeycode\n\n docker:\n needs: build\n runs-on: ubuntu-latest\n steps:\n - uses: docker/setup-buildx-actionv3\n - uses: docker/login-actionv3\n with:\n registry: ghcr.io\n username: ${{ github.actor }}\n password: ${{ secrets.GITHUB_TOKEN }}\n - uses: docker/build-push-actionv5\n with:\n push: true\n tags: |\n ghcr.io/chaitin/monkeycode:latest\n ghcr.io/chaitin/monkeycode:${{ github.ref_name }}\n cache-from: typegha\n cache-to: typegha,modemax\n\n deploy-staging:\n needs: docker\n runs-on: ubuntu-latest\n steps:\n - run: kubectl set image deployment/monkeycode monkeycodeghcr.io/chaitin/monkeycode:${{ github.ref_name }} --namespace staging\n - run: kubectl rollout status deployment/monkeycode --namespace staging --timeout300s\n\n e2e-test:\n needs: deploy-staging\n runs-on: ubuntu-latest\n steps:\n - uses: actions/checkoutv4\n - run: cd e2e npm ci npm run test:stagingDocker配置多阶段构建# Dockerfile\n\n# 阶段1: 构建\nFROM golang:1.22-alpine AS builder\nWORKDIR /app\nCOPY go.mod go.sum ./\nRUN go mod download\nCOPY . .\nRUN CGO_ENABLED0 GOOSlinux go build -ldflags-s -w -o monkeycode-server ./cmd/server\n\n# 阶段2: 运行\nFROM alpine:3.19\nRUN apk --no-cache add ca-certificates git\nCOPY --frombuilder /app/monkeycode-server /usr/local/bin/\nCOPY --frombuilder /app/configs /etc/monkeycode/configs\nEXPOSE 8080\nENTRYPOINT [monkeycode-server]docker-compose一键部署# docker-compose.yml (开源版)\nversion: 3.8\nservices:\n monkeycode:\n image: ghcr.io/chaitin/monkeycode:latest\n ports: [8080:8080]\n depends_on: [postgres, redis]\n environment:\n DATABASE_URL: postgres://monkeycode:passwordpostgres:5432/monkeycode\n REDIS_URL: redis://redis:6379\n JWT_SECRET: ${JWT_SECRET}\n\n postgres:\n image: postgres:16-alpine\n volumes: [pgdata:/var/lib/postgresql/data]\n environment:\n POSTGRES_DB: monkeycode\n POSTGRES_PASSWORD: password\n\n redis:\n image: redis:7-alpine\n volumes: [redisdata:/data]\n\nvolumes:\n pgdata:\n redisdata:Kubernetes部署# 部署配置\napiVersion: apps/v1\nkind: Deployment\nmetadata:\n name: monkeycode\nspec:\n replicas: 3\n strategy:\n rollingUpdate:\n maxSurge: 1\n maxUnavailable: 0\n template:\n spec:\n containers:\n - name: monkeycode\n image: ghcr.io/chaitin/monkeycode:latest\n resources:\n requests: { cpu: 500m, memory: 512Mi }\n limits: { cpu: 2000m, memory: 2Gi }\n readinessProbe:\n httpGet: { path: /health, port: 8080 }\n initialDelaySeconds: 5\n periodSeconds: 10\n livenessProbe:\n httpGet: { path: /health, port: 8080 }\n initialDelaySeconds: 15\n periodSeconds: 20\n\n---\napiVersion: autoscaling/v2\nkind: HorizontalPodAutoscaler\nmetadata:\n name: monkeycode\nspec:\n minReplicas: 3\n maxReplicas: 20\n metrics:\n - type: Resource\n resource:\n name: cpu\n target: { type: Utilization, averageUtilization: 60 }监控与告警监控栈:\n\nPrometheus — 指标采集\n - API响应时间\n - AI模型调用延迟\n - 容器资源使用\n - 任务成功率\n\nGrafana — 可视化看板\n - 服务健康概览\n - AI使用量统计\n - 成本分析\n\nAlertManager — 告警\n - 服务宕机 → 立即通知\n - 错误率 5% → 5分钟通知\n - AI调用超时 10% → 10分钟通知\n - 磁盘使用 80% → 1小时通知总结MonkeyCode的DevOps实践全部开源——从GitHub Actions流水线到Docker配置到Kubernetes部署。你可以直接复用这些配置来搭建自己的CI/CD。开源不仅是分享代码也是分享工程实践。CI/CD配置github.com/chaitin/MonkeyCode/tree/main/.github/workflows部署文档github.com/chaitin/MonkeyCode/blob/main/docs/deployment.md