pipeline {
agent {
kubernetes {
cloud 'kubernetes-dev'
slaveConnectTimeout 1200
workspaceVolume hostPathWorkspaceVolume(hostPath: "/opt/jenkins/workspace", readOnly: false)
yaml '''
apiVersion: v1
kind: Pod
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: node-role.kubernetes.io/edge
operator: DoesNotExist
- key: build
operator: In
values:
- "true"
tolerations:
- key: "groups"
operator: "Equal"
effect: "NoExecute"
value: "dmp"
containers:
- name: jnlp
image: \'10.1.40.69/citools/jnlp:alpine\'
imagePullPolicy: IfNotPresent
args: [\'$(JENKINS_SECRET)\', \'$(JENKINS_NAME)\']
volumeMounts:
- mountPath: "/etc/localtime"
name: "localtime"
readOnly: false
- name: "sonar-scanner"
image: "10.1.40.69/citools/sonar-scanner-cli:4.7"
imagePullPolicy: "IfNotPresent"
command:
- "cat"
env:
- name: "LANGUAGE"
value: "en_US:en"
- name: "LC_ALL"
value: "en_US.UTF-8"
- name: "LANG"
value: "en_US.UTF-8"
- name: "SONAR_HOST_URL"
value: "http://10.1.40.51:9000"
tty: true
volumeMounts:
- mountPath: "/etc/localtime"
name: "localtime"
- name: "build"
image: "10.1.40.69/citools/maven:3.6.3-jdk-8"
imagePullPolicy: "IfNotPresent"
command:
- "cat"
tty: true
volumeMounts:
- mountPath: "/etc/localtime"
name: "localtime"
- mountPath: "/root/.m2/"
name: "cachedir"
readOnly: false
- name: "kubectl"
image: "10.1.40.69/citools/kubectl:self-1.17"
imagePullPolicy: "IfNotPresent"
command:
- "cat"
env:
- name: "LANGUAGE"
value: "en_US:en"
- name: "LC_ALL"
value: "en_US.UTF-8"
- name: "LANG"
value: "en_US.UTF-8"
tty: true
volumeMounts:
- mountPath: "/etc/localtime"
name: "localtime"
readOnly: false
- name: "docker"
image: "10.1.40.69/citools/docker:19.03.9-git"
imagePullPolicy: "IfNotPresent"
command:
- "cat"
env:
- name: "LANGUAGE"
value: "en_US:en"
- name: "LC_ALL"
value: "en_US.UTF-8"
- name: "LANG"
value: "en_US.UTF-8"
tty: true
volumeMounts:
- mountPath: "/etc/localtime"
name: "localtime"
readOnly: false
- mountPath: "/var/run/docker.sock"
name: "dockersock"
readOnly: false
- mountPath: /opt/jenkins/workspace
name: "jenkins-workspace"
readOnly: false
- name: "alpine-curl"
image: "10.1.40.69/publics/alpine-curl:latest"
imagePullPolicy: "IfNotPresent"
command:
- "/bin/sh"
- "-c"
- "sleep 1200"
env:
- name: "LANGUAGE"
value: "en_US:en"
- name: "LC_ALL"
value: "en_US.UTF-8"
- name: "LANG"
value: "en_US.UTF-8"
volumeMounts:
- mountPath: /opt/jenkins/workspace
name: "jenkins-workspace"
readOnly: false
- mountPath: "/etc/localtime"
name: "localtime"
readOnly: true
restartPolicy: "Never"
volumes:
- hostPath:
path: "/var/run/docker.sock"
name: "dockersock"
- hostPath:
path: "/usr/share/zoneinfo/Asia/Shanghai"
name: "localtime"
- name: "cachedir"
hostPath:
path: "/opt/m2"
- name: "jenkins-workspace"
hostPath:
path: "/opt/jenkins/workspace"
'''
}
}
environment {
TAG = ''
COMMIT_ID = ''
HARBOR_ADDRESS = '10.1.40.69'
HARBOR_USER = credentials('HARBOR_ACCOUNT')
REGISTRY_DIR = 'dmp'
IMAGE_NAME = 'dmp-auth'
NAMESPACE = 'dmp-dev'
MY_KUBECONFIG = credentials('kubernetes-dev')
REPO = 'ssh://git@gitlab.xxx:22022/dmpgroup/dmp-framework.git'
REPO_HTTP = 'http://gitlab.xxx:9002/dmpgroup/dmp-framework.git'
PROJECT_DIR = 'dmp-auth'
PROJECT_ROOT = 'dmp-auth'
GIT_AUTH = 'gitlab-key'
PROJECT_NAME = 'dmp-auth'
SOURCES_DIR = '.'
LANGUAGE = 'java'
}
parameters {
gitParameter(
branch: '',
branchFilter: 'origin/(.*)',
defaultValue: 'dev',
description: 'Branch for build and deploy',
name: 'BRANCH',
quickFilterEnabled: false,
selectedValue: 'NONE',
sortMode: 'NONE',
tagFilter: '*',
type: 'PT_BRANCH'
)
imageTag(
name: "IMAGE_TAG",
description: '需要提测的镜像版本,构建发版开发环境时请忽略该参数',
image: "dmp/dmp-auth",
filter: '.*',
defaultTag: '',
registry: 'http://10.1.40.69',
credentialId: 'HARBOR_ACCOUNT',
tagOrder: 'DSC_VERSION'
)
choice(
name: 'ACTION',
description: '执行动作: \nbuild: 只构建镜像,不发版\ndeploy: 构建镜像并发布更新到开发环境\nsummit_the_test: 提交测试申请',
choices: ['deploy', 'build', 'summit_the_test']
)
booleanParam(
name:'SCANNER',
defaultValue: false,
description: '是否执行代码扫描'
)
text(
defaultValue: '''此次提测需要注意以下事项:''',
description: '提测信息说明',
name: 'COMMENT'
)
}
stages {
stage('Pulling Code') {
when {
expression { params.ACTION ==~ /(build|deploy)/ }
}
parallel {
stage('Pulling Code by Jenkins') {
when {
expression {
env.gitlabBranch == null
}
}
steps {
git(
url: "${env.REPO}",
changelog: true,
poll: true,
branch: "${BRANCH}",
credentialsId: "${env.GIT_AUTH}"
)
script {
COMMIT_ID = sh(
returnStdout: true,
script: "git log -n 1 --pretty=format:'%h'"
).trim()
TAG = BUILD_TAG + '-' + COMMIT_ID
println "Current branch is ${BRANCH}, Commit ID is ${COMMIT_ID}, Image TAG is ${TAG}"
}
}
}
stage('Pulling Code by trigger') {
when {
expression {
env.gitlabBranch != null
}
}
steps {
git(
url: "${env.REPO}",
branch: env.gitlabBranch,
changelog: true,
poll: true,
credentialsId: "${env.GIT_AUTH}"
)
script {
COMMIT_ID = sh(
returnStdout: true,
script: "git log -n 1 --pretty=format:'%h'"
).trim()
TAG = BUILD_TAG + '-' + COMMIT_ID
println "Current branch is ${env.gitlabBranch}, Commit ID is ${COMMIT_ID}, Image TAG is ${TAG}"
}
}
}
}
}
stage('Building') {
when {
expression { params.ACTION ==~ /(build|deploy)/ }
}
steps {
container(name: 'build') {
sh '''
cd ${PROJECT_ROOT}
mvn clean package -U -B -DskipTests=true
'''
}
}
}
stage('SonarQube analysis') {
environment {
SONAR_TOKEN = credentials('sonar-token')
}
when {
expression { return params.SCANNER }
}
steps {
container("sonar-scanner") {
sh '''
sonar-scanner \
-Dsonar.login=${SONAR_TOKEN} \
-Dsonar.projectKey=${PROJECT_NAME} \
-Dsonar.projectName=${PROJECT_NAME} \
-Dsonar.sourceEncoding=UTF-8 \
-Dsonar.language=${LANGUAGE} \
-Dsonar.sources=${SOURCES_DIR} \
-Dsonar.java.binaries=.
'''
}
}
}
stage('Docker build for creating image') {
when {
expression { params.ACTION ==~ /(build|deploy)/ }
}
steps {
container(name: 'docker') {
sh """
cd ${PROJECT_DIR}
echo ${HARBOR_USER_USR} ${HARBOR_USER_PSW} ${TAG}
docker build -t ${HARBOR_ADDRESS}/${REGISTRY_DIR}/${IMAGE_NAME}:${TAG} .
docker login -u ${HARBOR_USER_USR} -p ${HARBOR_USER_PSW} ${HARBOR_ADDRESS}
docker push ${HARBOR_ADDRESS}/${REGISTRY_DIR}/${IMAGE_NAME}:${TAG}
"""
}
}
}
stage('Deploying to K8s') {
when {
expression { params.ACTION == 'deploy' }
}
steps {
container(name: 'kubectl') {
sh """
/usr/local/bin/kubectl --kubeconfig ${MY_KUBECONFIG} \
set image deploy -l \
app=${IMAGE_NAME} \
${IMAGE_NAME}=${HARBOR_ADDRESS}/${REGISTRY_DIR}/${IMAGE_NAME}:${TAG} \
-n $NAMESPACE --record
/usr/local/bin/kubectl --kubeconfig=${MY_KUBECONFIG} \
get pod -l app=${IMAGE_NAME} \
-n ${NAMESPACE} -w
"""
}
}
}
stage('提交到测试') {
when {
expression { params.ACTION == 'summit_the_test' }
}
steps {
container(name: 'alpine-curl') {
wrap([$class: 'BuildUser']) {
script {
BUILD_USER = "${env.BUILD_USER}"
IMAGE_TAG = "${params.IMAGE_TAG}"
BUILD_TIMESTAMP = "${env.BUILD_TIMESTAMP}"
sh """
echo "发送提测消息到企业微信."
curl 'https://xxxx71-4916-a932-db465bc80c1b' -H 'Content-Type: application/json' -d '
{
"msgtype": "markdown",
"markdown": {
"content": "`项目 <font color=\'info\'>${IMAGE_NAME}</font> 已经提测,请相关同事注意。`\n>
> 提测项目名称: <font color=\'info\'>${IMAGE_NAME}</font>
> 提测代码仓库: [${IMAGE_NAME}](${env.REPO_HTTP})
> 提测代码分支: <font color=\'warning\'>${BRANCH}</font>
> 提测镜像版本: ${IMAGE_TAG}
> 提测镜像标签: <font color=\'warning\'>${IMAGE_TAG_TAG}</font>
> 提测镜像名称: <font color=\'warning\'>${IMAGE_TAG_IMAGE}</font>
> 提测申请人: <font color=\'info\'>${BUILD_USER}</font>
> 提测申请时间: <font color=\'comment\'>${BUILD_TIMESTAMP}</font>
> 测试环境部署: 确保nacos配置已经同步,请点击:[发布测试环境](http://10.1.30.91:8080/)
> 提测注释: ${params.COMMENT}"
}
}'
"""
}
}
}
}
}
}
}
jdk的pipline流水线案例
发布时间 2023-08-24 09:16:05作者: 邹姣姣