pipeline {
agent {
kubernetes {
cloud 'kubernetes'
yaml '''
apiVersion: v1
Kind: Pod
spec:
imagePullSecrets:
- name: harbor-admin
volumes:
- name: data
nfs:
server: 192.168.1.21
path: /data/maven
- name: dockersocket
hostPath:
path: /run/docker.sock
containers:
- name: maven
image: harbor.oldxu.net/ops/maven:3.8.7
imagePullPolicy: IfNotPresent
command: ["cat"]
tty: true
volumeMounts:
- name: data
mountPath: /root/.m2
- name: docker
image: harbor.oldxu.net/ops/docker:20.10
imagePullPolicy: IfNotPresent
command: ["cat"]
tty: true
volumeMounts:
- name: dockersocket
mountPath: /run/docker.sock
- name: nodejs
image: harbor.oldxu.net/ops/nodejs:14.20
imagePullPolicy: IfNotPresent
command: ["cat"]
tty: true
- name: sonar
image: harbor.oldxu.net/ops/sonar-scanner:2.3.0
imagePullPolicy: IfNotPresent
command: ["cat"]
tty: true
- name: kubectl
image: harbor.oldxu.net/ops/kubectl:1.23.15
imagePullPolicy: IfNotPresent
command: ["cat"]
tty: true
'''
}
}
environment{
Gitlab_Id = "gitlab-root-token"
Gitlab_Pro = "http://gitlab.wjl.net/root/springboot.git"
//Harbor相关的全局变量
Url = "harbor.oldxu.net"
Pro = "base"
ImageName = "${Url}/${Pro}/springboot"
HARBOR_ID = "harbor-auth"
//对外暴露的域名
Ingress_Host_dev = "spring-dev.wjl.net"
}
//实现springboot应用的CI
stages {
stage('获取代码'){
steps{
container('maven'){
checkout scmGit(branches: [[name: '*/master']], extensions: [], userRemoteConfigs: [[credentialsId: "${Gitlab_Id}", url: "${Gitlab_Pro}"]])
sh 'ls -lrth && pwd'
}
}
}
stage('代码扫描'){
steps{
withSonarQubeEnv('sonar-k8s'){
container('sonar'){
sh 'sonar-scanner \
-Dsonar.projectKey=springboot \
-Dsonar.java.binaries=src \
-Dsonar.sources=. '
sh 'echo "漏洞扫描" && pwd'
}
}
}
}
stage('检查代码扫描结果'){
steps{
container('sonar'){
script{
timeout(5){
def qg = waitForQualityGate()
if(qg.status != 'OK'){
error "Sonarqube 代码漏洞扫描结果为失败, ERROR 目前状态是:${qg.status}"
}
}
}
}
}
}
stage('编译代码'){
steps{
container('maven'){
sh 'mvn package -Dmaven.test.skip=true'
sh 'pwd && ls -lrth ./target/ && echo "编译代码"'
}
}
}
stage(生成镜像的Tag){
steps{
container('maven'){
script{
//1.需要拿到本次提交的commit ID (git log -n1 --pretty=format:'%h')
env.COMMITID = sh(returnStdout: true, script: "git log -n1 --pretty=format:'%h'").trim()
//2.需要拿到本次构建的时间 (date +%Y%m%d_%H%M%S)
env.BuildTime = sh(returnStdout: true, script: "date +%Y%m%d_%H%M%S").trim()
//3.定义完整的镜像Tag
env.ImageTag = COMMITID + "_" + BuildTime
}
sh 'echo "镜像的Cimmit ID: ${COMMITID}"'
sh 'echo "镜像的构建时间: ${BuildTime}"'
sh 'echo "镜像的完整Tag: ${ImageTag}"'
}
}
}
stage('制作Docker镜像'){
steps{
container('docker'){
withCredentials([usernamePassword(credentialsId: "${HARBOR_ID}", passwordVariable: 'HARBOR_PASSWORD', usernameVariable: 'HARBOR_USER')]) {
//登陆Harbor
sh 'echo "${HARBOR_PASSWORD}" | docker login "${Url}" -u "${HARBOR_USER}" --password-stdin'
//构建镜像
sh 'docker build -t "${ImageName}":"${ImageTag}" .'
//推送镜像
sh 'docker push "${ImageName}":"${ImageTag}"'
//清理镜像
sh 'docker rmi "${ImageName}":"${ImageTag}"'
// some block
}
}
}
}
stage('交付应用至K8S'){
steps{
container('kubectl'){
withCredentials([file(credentialsId: 'KuberConfig', variable: 'KUBECONFIG')]) {
//必备
sh 'mkdir -p ~/.kube && cp ${KUBECONFIG} ~/.kube/config'
//替换变量
sh 'sed -i "s#{NameSpace}#dev#g" deploy.yaml'
sh 'sed -i "s#{Image}#${ImageName}:${ImageTag}#g" deploy.yaml'
sh 'sed -i "s#{host}#${Ingress_Host_dev}#g" deploy.yaml'
//验证替换
sh 'cat deploy.yaml'
//交付
sh 'kubectl apply -f deploy.yaml'
// some block
}
}
}
}
}
}
Pipeline SpringBoot-deploy-CI
发布时间 2023-07-28 19:49:30作者: Chuyio