Jenkins-Argocd CICD
# 六、Gitlab操作
# 部署Gitlab
部署参考项目路径: kubernetes-software-yaml/gitlab
- 访问域名: gitlabdemo.chsaos.com
# java测试代码库
- http://gitlab.chsaos.com/Java_home/springboot-helloworld.git
# Gitlab创建一个共享库
gitlab上创建一个共享库shareLibrary
# Gitlab创建一个YAML管理仓库
- 项目名称
devops-cd
# 七、Jenkins配置共享库
# Jenkins添加凭证
系统管理 ---> Manage credentials ---> 全局
# Jenkins系统配置里面配置共享库
系统管理-->系统配置-->Global Pipeline Libraries
- Name: jenkins_shareLibrary
- Default version: main
- 项目仓库: http://gitlabdemo.chsaos.com/infra/sharelibrary.git
# 八、Jenkins Pipeline Job
# 测试Job
- 一个简单的Jenkinsfile测试一下共享库
# Jenkinsfile文件内容
docker官方镜像仓库地址: https://hub.docker.com/_/docker/tags?page=2
def labels = "slave-${UUID.randomUUID().toString()}"
// 引用共享库
@Library("jenkins_shareLibrary")
// 应用共享库中的方法
def tools = new org.devops.tools()
pipeline {
agent {
kubernetes {
label labels
yaml """
apiVersion: v1
kind: Pod
metadata:
labels:
some-label: some-label-value
spec:
volumes:
- name: docker-sock
hostPath:
path: /var/run/docker.sock
type: ''
containers:
- name: jnlp
image: jenkins/inbound-agent:alpine-jdk8
- name: maven
image: maven:3.6.1-jdk-8-alpine
command:
- cat
tty: true
- name: docker
image: docker:20.10.21-alpine3.16
command:
- cat
tty: true
volumeMounts:
- name: docker-sock
mountPath: /var/run/docker.sock
"""
}
}
stages {
stage('Checkout') {
steps {
script{
tools.PrintMes("拉代码","green")
}
}
}
stage('Build') {
steps {
container('maven') {
script{
tools.PrintMes("编译打包","green")
}
}
}
}
stage('Make Image') {
steps {
container('docker') {
script{
tools.PrintMes("构建镜像","green")
}
}
}
}
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
# Jenkins上配置认证账户
系统管理 ---> Manage credentials ---> 全局
dockerhub是登录镜像仓库的用户名和密码ci-devops是管理YAML仓库的用户名和密码sonar-admin-user是管理sonarqube的用户名和密码
# Jenkins项目配置
vim java.Jenkinsfile
def labels = "slave-${UUID.randomUUID().toString()}"
// 引用共享库
@Library("jenkins_shareLibrary")
// 应用共享库中的方法
def tools = new org.devops.tools()
def sonarapi = new org.devops.sonarAPI()
def sendEmail = new org.devops.sendEmail()
def build = new org.devops.build()
def sonar = new org.devops.sonarqube()
// 前端传来的变量
def gitBranch = env.branch
def gitUrl = env.git_url
def buildShell = env.build_shell
def image = env.image
def dockerRegistryUrl = env.dockerRegistryUrl
def devops_cd_git = env.devops_cd_git
pipeline {
agent {
kubernetes {
label labels
yaml """
apiVersion: v1
kind: Pod
metadata:
labels:
some-label: some-label-value
spec:
volumes:
- name: docker-sock
hostPath:
path: /var/run/docker.sock
type: ''
- name: maven-cache
persistentVolumeClaim:
claimName: maven-cache-pvc
containers:
- name: jnlp
image: jenkins/inbound-agent:alpine-jdk8
- name: maven
image: maven:3.6.1-jdk-8-alpine
command:
- cat
tty: true
volumeMounts:
- name: maven-cache
mountPath: /root/.m2
- name: docker
image: docker:20.10.21-alpine3.16
command:
- cat
tty: true
volumeMounts:
- name: docker-sock
mountPath: /var/run/docker.sock
- name: sonar-scanner
image: sonarsource/sonar-scanner-cli:4.7
command:
- cat
tty: true
- name: kustomize
image: banna1990/kubecl-kustomize:v1.23.10-v4.5.6
command:
- cat
tty: true
"""
}
}
environment{
auth = 'joker'
sonarUser = 'admin'
sonarPwd = 'admin321'
}
options {
timestamps() // 日志会有时间
skipDefaultCheckout() // 删除隐式checkout scm语句
disableConcurrentBuilds() //禁止并行
timeout(time:1,unit:'HOURS') //设置流水线超时时间
}
parameters {
string(name: 'git_url', defaultValue: 'http://gitlabdemo.chsaos.com/java/springboot-helloworld.git', description: '代码仓库地址')
string(name: 'branch', defaultValue: 'main', description: 'git分支')
string(name: 'build_shell', defaultValue: 'mvn clean package -Dmaven.test.skip=true && mv target/helloworld-0.0.1-SNAPSHOT.jar ./myapp.jar', description: 'build执行命令')
string(name: 'image', defaultValue: 'harbordemo.chsaos.com/java-project/myapp', description: '镜像名称')
string(name: 'dockerRegistryUrl', defaultValue: 'harbordemo.chsaos.com', description: '镜像仓库地址')
string(name: 'toEmailUser', defaultValue: 'jiajia664878380@163.com', description: '邮件发送使用的用户')
string(name: 'devops_cd_git', defaultValue: 'gitlabdemo.chsaos.com/infra/devops-cd.git', description: 'kustomization编排文件仓库')
}
stages {
// 拉取代码
stage('GetCode') {
steps {
checkout([$class: 'GitSCM', branches: [[name: "${gitBranch}"]],
doGenerateSubmoduleConfigurations: false,
extensions: [],
submoduleCfg: [],
userRemoteConfigs: [[credentialsId: 'ci-devops', url: "${gitUrl}"]]])
}
}
// 单元测试和编译打包
stage('Build&Test') {
steps {
container('maven') {
script{
tools.PrintMes("编译打包","blue")
build.DockerBuild("${buildShell}")
}
}
}
}
// 代码扫描
stage('CodeScanner') {
steps {
container('sonar-scanner') {
script {
tools.PrintMes("代码扫描","green")
tools.PrintMes("搜索项目","green")
result = sonarapi.SearchProject("${JOB_NAME}")
println(result)
if (result == "false"){
println("${JOB_NAME}---项目不存在,准备创建项目---> ${JOB_NAME}!")
sonarapi.CreateProject("${JOB_NAME}")
} else {
println("${JOB_NAME}---项目已存在!")
}
tools.PrintMes("代码扫描","green")
sonar.SonarScan("${JOB_NAME}","${JOB_NAME}","src")
sleep 10
tools.PrintMes("获取扫描结果","green")
result = sonarapi.GetProjectStatus("${JOB_NAME}")
println(result)
if (result.toString() == "ERROR"){
toemail.Email("代码质量阈错误!请及时修复!",userEmail)
error " 代码质量阈错误!请及时修复!"
} else {
println(result)
}
}
}
}
}
// 构建镜像
stage('BuildImage') {
steps {
withCredentials([usernamePassword(credentialsId: 'dockerhub',
passwordVariable: 'password',
usernameVariable: 'username')]) {
container('docker') {
script{
tools.PrintMes("构建镜像","green")
imageTag = tools.createVersion()
sh """
docker login ${dockerRegistryUrl} -u ${username} -p ${password}
docker build -t ${image}:${imageTag} .
docker push ${image}:${imageTag}
docker rmi ${image}:${imageTag}
find ./ -name "*.jar" |xargs -i rm {} -rf
"""
}
}
}
}
}
// 部署
stage('Deploy') {
steps {
withCredentials([usernamePassword(credentialsId: 'ci-devops',
passwordVariable: 'password',
usernameVariable: 'username')]){
container('kustomize') {
script{
APP_DIR="${JOB_NAME}".split("_")[0]
UP_TIME=tools.createVersion()
sh """
rm /opt/devops-cd -rf
git clone https://${username}:${password}@${devops_cd_git} /opt/devops-cd
cd /opt/devops-cd
git config --global user.name "Administrator"
git config --global user.email "jiajia664878380@163.com"
kustomize edit set image ${image}:${imageTag}
git commit -am "image update ${UP_TIME}"
git push origin main
"""
}
}
}
}
}
// 接口测试
stage('InterfaceTest') {
steps{
sh 'echo "接口测试"'
}
}
}
// 构建后的操作
post {
success {
script{
println("success:只有构建成功才会执行")
currentBuild.description += "\n构建成功!"
// deploy.AnsibleDeploy("${deployHosts}","-m ping")
sendEmail.SendEmail("构建成功",toEmailUser)
// dingmes.SendDingTalk("构建成功 ✅")
}
}
failure {
script{
println("failure:只有构建失败才会执行")
currentBuild.description += "\n构建失败!"
sendEmail.SendEmail("构建失败",toEmailUser)
// dingmes.SendDingTalk("构建失败 ❌")
}
}
aborted {
script{
println("aborted:只有取消构建才会执行")
currentBuild.description += "\n构建取消!"
sendEmail.SendEmail("取消构建",toEmailUser)
// dingmes.SendDingTalk("构建失败 ❌","暂停或中断")
}
}
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
- 将这个
Jenkinsfile保存到shareLibrary的根目录下,命名为java.Jenkinsfile
- 项目名称
devops-simple-java_TEST
- 添加参数化构建
git_url : http://gitlabdemo.chsaos.com/java/springboot-helloworld.git
branch : main
build_shell : mvn clean package -Dmaven.test.skip=true && mv target/*-SNAPSHOT.jar ./myapp.jar
image : harbordemo.chsaos.com/java-project/myapp
dockerRegistryUrl : harbordemo.chsaos.com
toEmailUser : jiajia664878380@163.com
devops_cd_git : gitlabdemo.chsaos.com/infra/devops-cd.git
# 调整devops-cd编排库文件
项目路径: cicd-project/devops-cd
$ tree ./
./
├── deployment.yaml
├── Dockerfile
├── ingress.yaml
├── kustomization.yaml
├── README.md
└── service.yaml
0 directories, 6 files
1
2
3
4
5
6
7
8
9
10
2
3
4
5
6
7
8
9
10
# 初步项目构建
- 这里只是对
代码、docker镜像、kustomization文件进行处理
上次更新: 2024/04/09, 16:48:42
- 01
- AWS NAT-NetWork-Firwalld配置(一)04-09
- 02
- AWS NAT-NetWork-Firwalld配置(二)04-09
- 03
- kubernetes部署minio对象存储01-18