当前位置: 首页 > news >正文

CI/CD:持续集成/持续部署

news 来源:原创 2024/7/7 16:56:21

1. 安装docker、docker-compose

# 安装Docker
yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
sed -i 's+download.docker.com+mirrors.aliyun.com/docker-ce+' /etc/yum.repos.d/docker-ce.repo
yum makecache fast
yum -y install docker-ce
systemctl enable docker --now

安装Docker Compose

下载地址:GitHub - docker/compose: Define and run multi-container applications with Docker

# 安装Docker Compose
wget https://github.com/docker/compose/releases/download/v2.26.0/docker-compose-linux-x86_64
mv docker-compose-linux-x86_64 
chmod +x /usr/local/bin/docker-compose

2. GitLab部署

2.1. gitlab部署

GitLab的部署方式有很多,这里使用docker来部署GitLab,docker-compose.yml文件位置如下:

version: '3.6'
services:gitlab:image: gitlab/gitlab-ce:latestcontainer_name: gitlabrestart: alwaysenvironment:GITLAB_OMNIBUS_CONFIG: |external_url 'http://10.10.10.11:80'gitlab_rails['gitlab_shell_ssh_prot'] = 22ports:- '80:80'- '443:443'- '2224:22'volumes:- './config:/etc/gitlab'- './logs:/var/log/gitlab'- './data:/var/opt/gitlab'

启动gitlab

docker-compose -f /home/gitlab/docker-compose.yml up -d# 查看日志输出完毕即可通过浏览器访问
docker logs -f gitlab# 查看密码
docker exec -it gitlab bash
cat /etc/gitlab/initial_root_password

2.2. 修改密码

修改密码:点击头像选择Preferences->Password->Save changes

2.3. 修改语言

修改语言:点击头像选择Preferences->Localization->Language选项中选择Chinese->Save changes

2.4. 关闭注册功能

关闭注册功能:点击Menu->Admin->Settings->找到Sign-up restrictions点击Expand->取消勾选Sign-up enabled->Save changes

3. Harbor部署

3.1. harbor部署

官网:Harbor

下载地址:GitHub - goharbor/harbor: An open source trusted cloud native registry project that stores, signs, and scans content.

# 下载Harbor安装程序
wget https://github.com/goharbor/harbor/releases/download/v2.10.2/harbor-offline-installer-v2.10.2.tgz
tar -zxvf harbor-offline-installer-v2.10.2.tgz
mv harbor /usr/local# 修改配置文件
cd /usr/local/harbor/
cp harbor.yml.tmpl harbor.yml
vim harbor.yml

# 开始安装
./prepare
./install.sh
# Harbor安装完成之后通过docker-compose来管理
docker-compose ps

4. Jenkins部署

4.1. jenkins部署

Jenkins的dokcer-compose文件如下:

version: "3.6"
services:jenkins:image: jenkins/jenkins:2.414.3-ltscontainer_name: jenkinsrestart: alwaysprivileged: trueuser: rootenvironment:TZ: 'Asia/Shanghai'ports:- 8080:8080- 50000:50000volumes:- ./data:/var/jenkins_home- /var/run/docker.sock:/var/run/docker.sock- /usr/bin/docker:/usr/bin/docker- /etc/docker/daemon.json:/etc/docker/daemon.json

启动jenkins

docker-compose -f /home/jenkins/docker-compose.yml up -d# 查看密码
docker logs -f jenkins

4.2. 修改国内插件下载地址:

# 修改插件下载地址
cd /home/jenkins/data/updates
sed -i 's/https:\/\/updates.jenkins.io\/download/https:\/\/mirrors.tuna.tsinghua.edu.cn\/jenkins/g' default.json #适用于新版本。
sudo sed -i 's/https:\/\/www.google.com/https:\/\/www.baidu.com/g' default.json
docker-compose -f /home/jenkins/docker-compose.yml  restart

4.3. 插件安装

插件安装:点击Manage Jenkins->Plugins->Available plugins

# 安装如下插件:
Git Parameter
Publish Over SSH
SonarQube Scanner
Pipeline
Pipeline Stage View
Chinese

4.4. 配置全局环境JDK和Maven

JDK下载地址:Java Archive Downloads - Java SE 8u211 and later

Maven下载地址:Maven – Welcome to Apache Maven

将下载的安装包上传到服务器。

tar -zxvf jdk-8u381-linux-x64.tar.gz -C 
tar -zxvf apache-maven-3.9.6-bin.tar.gz 
mv jdk1.8.0_381/ /home/jenkins/data/jdk
mv apache-maven-3.9.6 /home/jenkins/data/maven# 配置maven私服地址
cd /usr/local/maven
vim conf/settings.xml
# 在mirrors节点下面添加子节点
--------------------------------------
<mirror><id>nexus-aliyun</id><mirrorOf>*</mirrorOf><name>Nexus aliyun</name><url>http://maven.aliyun.com/nexus/content/groups/public</url>
</mirror>

# 配置jdk8编译插件
<profile>    <id>jdk8</id>    <activation>    <activeByDefault>true</activeByDefault>    <jdk>1.8</jdk>    </activation>    <properties>    <maven.compiler.source>1.8</maven.compiler.source>    <maven.compiler.target>1.8</maven.compiler.target>    <maven.compiler.compilerVersion>1.8</maven.compiler.compilerVersion>    </properties>    </profile>
   <activeProfiles><activeProfile>jdk8</activeProfile><activeProfile>anotherAlwaysActiveProfile</activeProfile></activeProfiles>

配置完成之后进入jenkinsWEB界面点击Manage Jenkins->Tools->JDK installations和Maven installations,分别加入JDK路径和Maven路径

4.5. Jenkins容器内部使用docker

将宿主机/var/run/docker.sock文件映射给jenkins容器并赋予权限,重启jinkins容器

chown root:root /var/run/docker.sock
chmod o+rw /var/run/docker.sock
docker-compose -f /home/jenkins/docker-compose.yml  up -d

5. SonarQube部署

官网:Download | SonarQube | Sonar

version: "3.6"
services:sonarqube:image: sonarqube:lts-communitydepends_on:- dbports:- "9000:9000"environment:SONAR_JDBC_URL: jdbc:postgresql://db:5432/sonarSONAR_JDBC_USERNAME: sonarSONAR_JDBC_PASSWORD: sonarvolumes:- sonarqube_data:/opt/sonarqube/data- sonarqube_extensions:/opt/sonarqube/extensions- sonarqube_logs:/opt/sonarqube/logsnetworks:- sonarqube_netdb:image: postgres:12ports:- "5432:5432"environment:POSTGRES_USER: sonarPOSTGRES_PASSWORD: sonarvolumes:- postgresql:/var/lib/postgresql- postgresql_data:/var/lib/postgresql/datanetworks:- sonarqube_net
networks:sonarqube_net:driver: bridge
volumes:sonarqube_data:sonarqube_extensions:sonarqube_logs:postgresql:postgresql_data:

5.1. 插件安装:

Administration->Marketplace搜索框输入Chinese->点击install

5.2. sonar-scaner安装

下载地址:https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-4.6.1.2450-linux.zip

unzip sonar-scanner-cli-4.6.1.2450-linux.zip
mv sonar-scanner-4.6.1.2450-linux/ /home/jenkins/data/sonar-scanner
vim /home/jenkins/data/sonar-scanner/conf/sonar-scanner.properties

报错:
ERROR: [1] bootstrap checks failed. You must address the points described in the following [1] lines before starting Elasticsearch.
bootstrap check failure [1] of [1]: max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]# 修改虚拟内存大小
vim /etc/sysctl.conf
# 在文件末尾添加 
vm.max_map_count=262144
# 保存并退出后,执行 
sysctl -p

默认的账号和密码都是admin

5.3. SonarQube与Jenkins整合

点击Manage Jenkins->System->SonarQube servers->Add SonarQube server加入SonarQube信息

点击Manage Jenkins->Tools->SonarQube Scanner installations->Add SonarQube Scanner

6. 创建自由风格的任务

流程:拉取代码-->maven打包-->SonarQube代码检测-->制作镜像推送到Harbor-->部署

点击New Item->选择Freestyle project

6.1. 拉取代码

添加tag标签:勾选This project is parameterized->点击Add Parameter->勾选->Git Parameter

配置Git:在Source Code Management位置->点击Git->输入Git的URL和账号密码

根据tag拉取代码:在Build Steps下->点击Add build step->勾选Execute shell并拉到顶部位置->输入git checkout $tag

测试:

在jenkins目录下可以看到拉取的代码:

6.2. Maven打包

配置构建参数:在Build Steps下->点击Add build step->勾选Invoke top-level Maven targets->输入打包命令clean package -DskipTests

再次测试:

可以看到已经打包成功

6.3. SonarQube代码检测

打包后使用SonarQube扫码代码:找到Build Steps点击Add Build Steps->Execute SonarQube Scanner

sonar.projectname=${JOB_NAME}
sonar.projectKey=${JOB_NAME}
sonar.source=./
sonar.java.binaries=./target/

再次Build,能够看到输出日志结果是SUCCESS,登录SonarQube能看到检测结果

6.4. 制作镜像推送到Harbor

制作镜像并推送到Harbor:找到Build Steps点击Add Build Steps->勾选Execute shell输入shell命令

cp target/*.jar docker/
docker build -t ${JOB_NAME}:$tag docker/
docker login -uadmin -p 123456Aa 192.168.32.146:1080
docker tag ${JOB_NAME}:$tag 192.168.32.146:1080/library/${JOB_NAME}:$tag
docker push 192.168.32.146:1080/library/${JOB_NAME}:$tag

若docker login -uadmin -p 123456Aa 192.168.32.146:1080报如下错误

# WARNING! Using --password via the CLI is insecure. Use --password-stdin.
# Error response from daemon: Get "https://192.168.32.146:1080/v2/": http: server gave HTTP response to HTTPS client在/etc/docker/daemon.json文件中加入一行
"insecure-registries": ["192.168.32.146:1080"], # Harbor地址

再次Build,等待日志输出SUCCESS后查看部署机器和Harbor仓库:

6.5. 部署

在部署的机器上编写发布脚本:

Harbor_add=$1
Harbor_repo=$2
project=$3
version=$4ImageName=$Harbor_add/$Harbor_repo/$project:$versionContainerId=`docker ps -a | grep ${project} | awk '{print $1}'`if [ "$ContainerId" != "" ]; thendocker stop $ContainerId && docker rm $ContainerId
fitag=`docker images | grep ${project} | awk '{print $2}'` if [[ "$tag" =~ "$version" ]]; then
docker rmi -f $ImageName
fi
docker login -uadmin -p Harbor12345 $Harbor_add
docker pull $ImageNamedocker run -d -p 8084:8080 --name $project $ImageName

在Jenkins上添加部署机:

部署:在Post-build Actions下->点击Add post-build action->选择Send build artifacts over SSH

deploy.sh 192.168.32.146:1080 library ${JOB_NAME} $tag
docker image prune -f

最后测试:

7. Pipeline任务

准备Jenkinsfile文件,在代码中新增一个Jenkinsfile文件,根据之前的步骤逐步生成流水线脚本。

7.1. 生成拉取代码脚本

点击任务pipeline_test-->Configure-->Pipeline Syntax-->在Sample Step中选择checkou:Check out from version control填入Git信息后点击Generate Pipeline Script

7.2. 生成Maven构建项目脚本

在Sample Step中选择sh:Shell Script填入Maven命令后点击Generate Pipeline Script

/var/jenkins_home/maven/bin/mvn clean package -DskipTests

7.3. 生成SonarQube检测代码质量脚本

同上:

/var/jenkins_home/sonar-scanner/bin/sonar-scanner -Dsonar.projectname=${JOB_NAME}  -Dsonar.projectKey=${JOB_NAME} -Dsonar.source=./ -Dsonar.java.binaries=./target/  -Dsonar.login=da3b131bd550db98f33e5d8359d2e03be1ea1a8f

7.4. 生成制作镜像脚本

cp target/*.jar docker/
docker build -t ${JOB_NAME}:$tag docker/

7.5. 推送镜像到Harbor

docker login -uadmin -p 123456Aa 192.168.32.146:1080
docker tag ${JOB_NAME}:$tag 192.168.32.146:1080/library/${JOB_NAME}:$tag
docker push 192.168.32.146:1080/library/${JOB_NAME}:$tag

7.6. 生成部署脚本

在Sample Step中选择sshPublisher:Send build artifacts over SSH填入部署命令后点击Generate Pipeline Script

deploy.sh $HarborAddress $Repo $JOB_NAME $tag

7.7. Jenkinsfile文件

pipeline {agent anyenvironment{Harbor_user = 'admin'Harbor_passwd = '123456Aa'HarborAddress = '192.168.32.146:1080'Repo = 'library' }   stages {stage('拉取git仓库代码') {steps {checkout scmGit(branches: [[name: '${tag}']], extensions: [], userRemoteConfigs: [[credentialsId: 'cb59a2fa-6308-4d49-9a16-3b049aecd2c1', url: 'http://192.168.32.146:1180/root/freestyle_test.git']])}}stage('Maven构建项目') {steps {sh '/var/jenkins_home/maven/bin/mvn clean package -DskipTests'}}stage('SonarQube检测代码质量') {steps {sh '/var/jenkins_home/sonar-scanner/bin/sonar-scanner -Dsonar.projectname=${JOB_NAME}  -Dsonar.projectKey=${JOB_NAME} -Dsonar.source=./ -Dsonar.java.binaries=./target/  -Dsonar.login=da3b131bd550db98f33e5d8359d2e03be1ea1a8f'}}stage('制作镜像') {steps {sh '''cp target/*.jar docker/docker build -t ${JOB_NAME}:$tag docker/'''}}stage('推送镜像到Harbor') {steps {sh '''docker login -u${Harbor_user} -p ${Harbor_passwd} ${HarborAddress}docker tag ${JOB_NAME}:$tag ${HarborAddress}/${Repo}/${JOB_NAME}:$tagdocker push ${HarborAddress}/${Repo}/${JOB_NAME}:$tag'''}}stage('部署') {steps {sshPublisher(publishers: [sshPublisherDesc(configName: 'test_host', transfers: [sshTransfer(cleanRemote: false, excludes: '', execCommand: "deploy.sh $HarborAddress $Repo $JOB_NAME $tag ", execTimeout: 120000, flatten: false, makeEmptyDirs: false, noDefaultExcludes: false, patternSeparator: '[, ]+', remoteDirectory: '', remoteDirectorySDF: false, removePrefix: '', sourceFiles: '')], usePromotionTimestamp: false, useWorkspaceInPromotion: false, verbose: false)])}}}
}

部署脚本由于引用了Jenkinsfile变量和全局变量,需把变量处单引号改为双引号。

7.8. 准备执行任务

在Pipeline下选择Pipeline script from SCM填入Git信息保存并启动任务

7.9. 部署成功后通知到企业微信机器人

安装Qy Wechat Notification插件,这个插件可以通过企业微信群机器人发送构建信息,然后来到Manage Jenkins-->System下找到企业微信通知配置,填入信息

并在Jenkinsfile中加入如下内容

    post{success{qyWechatNotification failNotify: true, mentionedId: '', mentionedMobile: '', webhookUrl: 'https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=自己的机器人KEY', moreInfo:'部署成功!'}failure{qyWechatNotification failNotify: true, mentionedId: '', mentionedMobile: '', webhookUrl: 'https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=自己的机器人KEY', moreInfo:'部署失败!'}}# mentionedId: '需要通知UserID', mentionedMobile: '需要通知的通知手机号码', 可以为空

效果

最终完整Jenkinsfile

pipeline {agent anyenvironment{Harbor_user = 'admin'Harbor_passwd = '123456Aa'HarborAddress = '192.168.32.146:1080'Repo = 'library' }   stages {stage('拉取git仓库代码') {steps {checkout scmGit(branches: [[name: '${tag}']], extensions: [], userRemoteConfigs: [[credentialsId: 'cb59a2fa-6308-4d49-9a16-3b049aecd2c1', url: 'http://192.168.32.146:1180/root/freestyle_test.git']])}}stage('Maven构建项目') {steps {sh '/var/jenkins_home/maven/bin/mvn clean package -DskipTests'}}stage('SonarQube检测代码质量') {steps {sh '/var/jenkins_home/sonar-scanner/bin/sonar-scanner -Dsonar.projectname=${JOB_NAME}  -Dsonar.projectKey=${JOB_NAME} -Dsonar.source=./ -Dsonar.java.binaries=./target/  -Dsonar.login=da3b131bd550db98f33e5d8359d2e03be1ea1a8f'}}stage('制作镜像') {steps {sh '''cp target/*.jar docker/docker build -t ${JOB_NAME}:$tag docker/'''}}stage('推送镜像到Harbor') {steps {sh '''docker login -u${Harbor_user} -p ${Harbor_passwd} ${HarborAddress}docker tag ${JOB_NAME}:$tag ${HarborAddress}/${Repo}/${JOB_NAME}:$tagdocker push ${HarborAddress}/${Repo}/${JOB_NAME}:$tag'''}}stage('部署') {steps {sshPublisher(publishers: [sshPublisherDesc(configName: 'test_host', transfers: [sshTransfer(cleanRemote: false, excludes: '', execCommand: "deploy.sh $HarborAddress $Repo $JOB_NAME $tag ", execTimeout: 120000, flatten: false, makeEmptyDirs: false, noDefaultExcludes: false, patternSeparator: '[, ]+', remoteDirectory: '', remoteDirectorySDF: false, removePrefix: '', sourceFiles: '')], usePromotionTimestamp: false, useWorkspaceInPromotion: false, verbose: false)])}}}post{success{qyWechatNotification failNotify: true, mentionedId: '', mentionedMobile: '', webhookUrl: 'https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=自己的机器人KEY', moreInfo:'部署成功!'}failure{qyWechatNotification failNotify: true, mentionedId: '', mentionedMobile: '', webhookUrl: 'https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=自己的机器人KEY', moreInfo:'部署失败!'}}
}

8. 部署到K8S

在Jenkins下添加K8S机器,Post-build Actions下->点击Add post-build action->选择Send build artifacts over SSH,工作目录为/usr/local/pipeline

在Gitlab仓库中新增pipeline_test.yaml文件

apiVersion: apps/v1    
kind: Deployment     
metadata:  namespace: test      labels:app: pipelinetestname: pipelinetest
spec:        replicas: 2      selector:matchLabels:app: pipelinetesttemplate:        metadata:        labels:app: pipelinetestspec:           containers:- name: pipelinetestimage: 192.168.32.146:1080/library/pipeline_test:v2.0.0imagePullPolicy: Alwaysports:- containerPort: 8080
---
apiVersion: v1
kind: Service
metadata:namespace: test   labels:app: pipelinetestname: pipelinetest      
spec:selector:     app: pipelinetest  ports:- port: 8084    protocol: TCP   targetPort: 8080  type: ClusterIP
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:namespace: test   name: pipelinetest annotations:nginx.ingress.kubernetes.io/rewrite-target: /  
spec:rules:- host: pipeline.test.comhttp:paths:- path: /pathType: Prefixbackend:service:name: pipelinetestport:number: 8084

修改Jenkinsfile脚本,将pipeline_test.yaml传到K8Smaster节点,会传到/usr/local/pipeline下

pipeline {agent anyenvironment{Harbor_user = 'admin'Harbor_passwd = '123456Aa'HarborAddress = '192.168.32.146:1080'Repo = 'library' }   stages {stage('拉取git仓库代码') {steps {checkout scmGit(branches: [[name: '${tag}']], extensions: [], userRemoteConfigs: [[credentialsId: 'cb59a2fa-6308-4d49-9a16-3b049aecd2c1', url: 'http://192.168.32.146:1180/root/freestyle_test.git']])}}stage('Maven构建项目') {steps {sh '/var/jenkins_home/maven/bin/mvn clean package -DskipTests'}}stage('SonarQube检测代码质量') {steps {sh '/var/jenkins_home/sonar-scanner/bin/sonar-scanner -Dsonar.projectname=${JOB_NAME}  -Dsonar.projectKey=${JOB_NAME} -Dsonar.source=./ -Dsonar.java.binaries=./target/  -Dsonar.login=da3b131bd550db98f33e5d8359d2e03be1ea1a8f'}}stage('制作镜像') {steps {sh '''cp target/*.jar docker/docker build -t ${JOB_NAME}:$tag docker/'''}}stage('推送镜像到Harbor') {steps {sh '''docker login -u${Harbor_user} -p ${Harbor_passwd} ${HarborAddress}docker tag ${JOB_NAME}:$tag ${HarborAddress}/${Repo}/${JOB_NAME}:$tagdocker push ${HarborAddress}/${Repo}/${JOB_NAME}:$tag'''}}stage('将yaml文件传到K8Smaster') {steps {sshPublisher(publishers: [sshPublisherDesc(configName: 'k8s', transfers: [sshTransfer(cleanRemote: false, excludes: '', execCommand: '', execTimeout: 120000, flatten: false, makeEmptyDirs: false, noDefaultExcludes: false, patternSeparator: '[, ]+', remoteDirectory: '', remoteDirectorySDF: false, removePrefix: '', sourceFiles: 'pipeline_test.yaml')], usePromotionTimestamp: false, useWorkspaceInPromotion: false, verbose: false)])}}}post{success{qyWechatNotification failNotify: true, mentionedId: '', mentionedMobile: '', webhookUrl: 'https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=自己的机器人key', moreInfo:'部署成功!'}failure{qyWechatNotification failNotify: true, mentionedId: '', mentionedMobile: '', webhookUrl: 'https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=自己的机器人key', moreInfo:'部署失败!'}}
}

在Gitlab新打一个标签,重新构建检查pipeline_test.yaml文件是否成功

Jenkins免密登录K8Smaster

# 进入Jenkins容器内
docker exec -it jenkins bash
# SSH免密登录
ssh-keygen
ssh-copy-id root@192.168.33.209

新增部署命令ssh root@192.168.33.209 kubectl apply -f /usr/local/pipeline/pipeline_test.yaml,加入到Jenkinsfile脚本中

完整Jenkinsfile

pipeline {agent anyenvironment{Harbor_user = 'admin'Harbor_passwd = '123456Aa'HarborAddress = '192.168.32.146:1080'Repo = 'library' }   stages {stage('拉取git仓库代码') {steps {checkout scmGit(branches: [[name: '${tag}']], extensions: [], userRemoteConfigs: [[credentialsId: 'cb59a2fa-6308-4d49-9a16-3b049aecd2c1', url: 'http://192.168.32.146:1180/root/freestyle_test.git']])}}stage('Maven构建项目') {steps {sh '/var/jenkins_home/maven/bin/mvn clean package -DskipTests'}}stage('SonarQube检测代码质量') {steps {sh '/var/jenkins_home/sonar-scanner/bin/sonar-scanner -Dsonar.projectname=${JOB_NAME}  -Dsonar.projectKey=${JOB_NAME} -Dsonar.source=./ -Dsonar.java.binaries=./target/  -Dsonar.login=da3b131bd550db98f33e5d8359d2e03be1ea1a8f'}}stage('制作镜像') {steps {sh '''cp target/*.jar docker/docker build -t ${JOB_NAME}:$tag docker/'''}}stage('推送镜像到Harbor') {steps {sh '''docker login -u${Harbor_user} -p ${Harbor_passwd} ${HarborAddress}docker tag ${JOB_NAME}:$tag ${HarborAddress}/${Repo}/${JOB_NAME}:$tagdocker push ${HarborAddress}/${Repo}/${JOB_NAME}:$tag'''}}stage('将yaml文件传到K8Smaster') {steps {sshPublisher(publishers: [sshPublisherDesc(configName: 'k8s', transfers: [sshTransfer(cleanRemote: false, excludes: '', execCommand: '', execTimeout: 120000, flatten: false, makeEmptyDirs: false, noDefaultExcludes: false, patternSeparator: '[, ]+', remoteDirectory: '', remoteDirectorySDF: false, removePrefix: '', sourceFiles: 'pipeline_test.yaml')], usePromotionTimestamp: false, useWorkspaceInPromotion: false, verbose: false)])}}stage('部署') {steps {sh 'ssh root@192.168.33.209 kubectl apply -f /usr/local/pipeline/pipeline_test.yaml'}}}post{success{qyWechatNotification failNotify: true, mentionedId: '', mentionedMobile: '', webhookUrl: 'https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=自己的机器人key', moreInfo:'部署成功!'}failure{qyWechatNotification failNotify: true, mentionedId: '', mentionedMobile: '', webhookUrl: 'https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=自己的机器人key', moreInfo:'部署失败!'}}
}

完成!

9. 自动化CI

GitLab发现源代码有变化时,就会触发Jenkins执行构建,需要安装GitLab插件,点击Jenkins --> My Views --> [项目名称] --> Configure

在Jenkins全局配置中去掉gitlab认证

回到gitlab在项目中点击Settings --> Webhooks在URL处粘贴上Build when a change is pushed to GitLab. GitLab webhook URL

# 若gitlab和jenkins在同一主机上会报错:Url is blocked: Requests to the local network are not allowed
# 进入gitlab点击Menu --> Admin --> Settings --> Network -->Outbound requests勾选上Allow requests to the local network from web hooks and services

最后去掉根据tag标签拉取代码,并且更改Jenkinsfile文件中的代码拉取tag为*/master,docker镜像版本修改为latest,pipeline_test.yaml文件中的镜像版本改为latest

由于这个流程如果yaml文件没有变动就不会部署成功,需要在部署命令后增加ssh root@192.168.33.209 kubectl rollout restart deployment pipelinetest -n test

pipeline {agent anyenvironment{Harbor_user = 'admin'Harbor_passwd = '123456Aa'HarborAddress = '192.168.32.146:1080'Repo = 'library' }   stages {stage('拉取git仓库代码') {steps {checkout scmGit(branches: [[name: '*/master']], extensions: [], userRemoteConfigs: [[credentialsId: 'cb59a2fa-6308-4d49-9a16-3b049aecd2c1', url: 'http://192.168.32.146:1180/root/freestyle_test.git']])}}stage('Maven构建项目') {steps {sh '/var/jenkins_home/maven/bin/mvn clean package -DskipTests'}}stage('SonarQube检测代码质量') {steps {sh '/var/jenkins_home/sonar-scanner/bin/sonar-scanner -Dsonar.projectname=${JOB_NAME}  -Dsonar.projectKey=${JOB_NAME} -Dsonar.source=./ -Dsonar.java.binaries=./target/  -Dsonar.login=da3b131bd550db98f33e5d8359d2e03be1ea1a8f'}}stage('制作镜像') {steps {sh '''cp target/*.jar docker/docker build -t ${JOB_NAME}:latest docker/'''}}stage('推送镜像到Harbor') {steps {sh '''docker login -u${Harbor_user} -p ${Harbor_passwd} ${HarborAddress}docker tag ${JOB_NAME}:latest ${HarborAddress}/${Repo}/${JOB_NAME}:latestdocker push ${HarborAddress}/${Repo}/${JOB_NAME}:latest'''}}stage('将yaml文件传到K8Smaster') {steps {sshPublisher(publishers: [sshPublisherDesc(configName: 'k8s', transfers: [sshTransfer(cleanRemote: false, excludes: '', execCommand: '', execTimeout: 120000, flatten: false, makeEmptyDirs: false, noDefaultExcludes: false, patternSeparator: '[, ]+', remoteDirectory: '', remoteDirectorySDF: false, removePrefix: '', sourceFiles: 'pipeline_test.yaml')], usePromotionTimestamp: false, useWorkspaceInPromotion: false, verbose: false)])}}stage('部署') {steps {sh 'ssh root@192.168.33.209 kubectl apply -f /usr/local/pipeline/pipeline_test.yaml'sh 'ssh root@192.168.33.209 kubectl rollout restart deployment pipelinetest -n test'}}}post{success{qyWechatNotification failNotify: true, mentionedId: '', mentionedMobile: '', webhookUrl: 'https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=自己的机器人key', moreInfo:'部署成功!'}failure{qyWechatNotification failNotify: true, mentionedId: '', mentionedMobile: '', webhookUrl: 'https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=自己的机器人key', moreInfo:'部署失败!'}}
}

相关文章:

  • java web爬虫
  • 【OpenHarmony】TypeScript 语法 ③ ( 条件语句 | if else 语句 | switch case 语句 )
  • [数据集][目标检测]老鼠检测数据集VOC+YOLO格式4107张1类别
  • 反激电源压敏电阻设计
  • Python Config 用法:探索配置文件的艺术
  • 基于 IP 的 DDOS 攻击实验
  • 3.基础光照
  • 进程间通信(27000字超详解)
  • 领域建模(系统操作复习)
  • Prime1 - 提权的另一种解法,彻底搞懂OpenSSL解密渗透提权,超强思路版。
  • leetcode155. 最小栈
  • Photoshop 首选项设置建议
  • React框架的快速入门
  • Java 获取和修改期日与时间的各种操作方法
  • Flutter 中的 CustomMultiChildLayout 小部件:全面指南
  • [NodeJS] 关于Buffer
  • android 一些 utils
  • Babel配置的不完全指南
  • es6(二):字符串的扩展
  • HashMap剖析之内部结构
  • js作用域和this的理解
  • v-if和v-for连用出现的问题
  • vue中实现单选
  • 从伪并行的 Python 多线程说起
  • 规范化安全开发 KOA 手脚架
  • 欢迎参加第二届中国游戏开发者大会
  • 目录与文件属性:编写ls
  • 盘点那些不知名却常用的 Git 操作
  • 前端技术周刊 2018-12-10:前端自动化测试
  • 通过npm或yarn自动生成vue组件
  • 微服务框架lagom
  • MyCAT水平分库
  • 继 XDL 之后,阿里妈妈开源大规模分布式图表征学习框架 Euler ...
  • 交换综合实验一
  • ​2021半年盘点,不想你错过的重磅新书
  • (2024,RWKV-5/6,RNN,矩阵值注意力状态,数据依赖线性插值,LoRA,多语言分词器)Eagle 和 Finch
  • (AngularJS)Angular 控制器之间通信初探
  • (pojstep1.1.1)poj 1298(直叙式模拟)
  • (Redis使用系列) SpirngBoot中关于Redis的值的各种方式的存储与取出 三
  • (板子)A* astar算法,AcWing第k短路+八数码 带注释
  • (笔记)M1使用hombrew安装qemu
  • (转)chrome浏览器收藏夹(书签)的导出与导入
  • (转)拼包函数及网络封包的异常处理(含代码)
  • *ST京蓝入股力合节能 着力绿色智慧城市服务
  • .NET 材料检测系统崩溃分析
  • .net2005怎么读string形的xml,不是xml文件。
  • .pings勒索病毒的威胁:如何应对.pings勒索病毒的突袭?
  • [100天算法】-目标和(day 79)
  • [2024最新教程]地表最强AGI:Claude 3注册账号/登录账号/访问方法,小白教程包教包会
  • [C# WPF] 如何给控件添加边框(Border)?
  • [C#][opencvsharp]opencvsharp sift和surf特征点匹配
  • [C++]——继承 深继承
  • [CodeForces-759D]Bacterial Melee
  • [Django ]Django 的数据库操作
  • [Docker]十二.Docker consul集群搭建、微服务部署,Consul集群+Swarm集群部署微服务实战