CI/CD:持续集成/持续部署

1. 安装docker、docker-compose

# 安装Docker
yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
sed -i 's+download.docker.com+mirrors.aliyun.com/docker-ce+' /etc/yum.repos.d/docker-ce.repo
yum makecache fast
yum -y install docker-ce
systemctl enable docker --now

安装Docker Compose

下载地址:GitHub - docker/compose: Define and run multi-container applications with Docker

# 安装Docker Compose
wget https://github.com/docker/compose/releases/download/v2.26.0/docker-compose-linux-x86_64
mv docker-compose-linux-x86_64 
chmod +x /usr/local/bin/docker-compose

2. GitLab部署

2.1. gitlab部署

GitLab的部署方式有很多,这里使用docker来部署GitLab,docker-compose.yml文件位置如下:

version: '3.6'
services:gitlab:image: gitlab/gitlab-ce:latestcontainer_name: gitlabrestart: alwaysenvironment:GITLAB_OMNIBUS_CONFIG: |external_url 'http://10.10.10.11:80'gitlab_rails['gitlab_shell_ssh_prot'] = 22ports:- '80:80'- '443:443'- '2224:22'volumes:- './config:/etc/gitlab'- './logs:/var/log/gitlab'- './data:/var/opt/gitlab'

启动gitlab

docker-compose -f /home/gitlab/docker-compose.yml up -d# 查看日志输出完毕即可通过浏览器访问
docker logs -f gitlab# 查看密码
docker exec -it gitlab bash
cat /etc/gitlab/initial_root_password

2.2. 修改密码

修改密码:点击头像选择Preferences->Password->Save changes

2.3. 修改语言

修改语言:点击头像选择Preferences->Localization->Language选项中选择Chinese->Save changes

2.4. 关闭注册功能

关闭注册功能:点击Menu->Admin->Settings->找到Sign-up restrictions点击Expand->取消勾选Sign-up enabled->Save changes

3. Harbor部署

3.1. harbor部署

官网:Harbor

下载地址:GitHub - goharbor/harbor: An open source trusted cloud native registry project that stores, signs, and scans content.

# 下载Harbor安装程序
wget https://github.com/goharbor/harbor/releases/download/v2.10.2/harbor-offline-installer-v2.10.2.tgz
tar -zxvf harbor-offline-installer-v2.10.2.tgz
mv harbor /usr/local# 修改配置文件
cd /usr/local/harbor/
cp harbor.yml.tmpl harbor.yml
vim harbor.yml

# 开始安装
./prepare
./install.sh
# Harbor安装完成之后通过docker-compose来管理
docker-compose ps

4. Jenkins部署

4.1. jenkins部署

Jenkins的dokcer-compose文件如下:

version: "3.6"
services:jenkins:image: jenkins/jenkins:2.414.3-ltscontainer_name: jenkinsrestart: alwaysprivileged: trueuser: rootenvironment:TZ: 'Asia/Shanghai'ports:- 8080:8080- 50000:50000volumes:- ./data:/var/jenkins_home- /var/run/docker.sock:/var/run/docker.sock- /usr/bin/docker:/usr/bin/docker- /etc/docker/daemon.json:/etc/docker/daemon.json

启动jenkins

docker-compose -f /home/jenkins/docker-compose.yml up -d# 查看密码
docker logs -f jenkins

4.2. 修改国内插件下载地址:

# 修改插件下载地址
cd /home/jenkins/data/updates
sed -i 's/https:\/\/updates.jenkins.io\/download/https:\/\/mirrors.tuna.tsinghua.edu.cn\/jenkins/g' default.json #适用于新版本。
sudo sed -i 's/https:\/\/www.google.com/https:\/\/www.baidu.com/g' default.json
docker-compose -f /home/jenkins/docker-compose.yml  restart

4.3. 插件安装

插件安装:点击Manage Jenkins->Plugins->Available plugins

# 安装如下插件:
Git Parameter
Publish Over SSH
SonarQube Scanner
Pipeline
Pipeline Stage View
Chinese

4.4. 配置全局环境JDK和Maven

JDK下载地址:Java Archive Downloads - Java SE 8u211 and later

Maven下载地址:Maven – Welcome to Apache Maven

将下载的安装包上传到服务器。

tar -zxvf jdk-8u381-linux-x64.tar.gz -C 
tar -zxvf apache-maven-3.9.6-bin.tar.gz 
mv jdk1.8.0_381/ /home/jenkins/data/jdk
mv apache-maven-3.9.6 /home/jenkins/data/maven# 配置maven私服地址
cd /usr/local/maven
vim conf/settings.xml
# 在mirrors节点下面添加子节点
--------------------------------------
<mirror><id>nexus-aliyun</id><mirrorOf>*</mirrorOf><name>Nexus aliyun</name><url>http://maven.aliyun.com/nexus/content/groups/public</url>
</mirror>

# 配置jdk8编译插件
<profile>    <id>jdk8</id>    <activation>    <activeByDefault>true</activeByDefault>    <jdk>1.8</jdk>    </activation>    <properties>    <maven.compiler.source>1.8</maven.compiler.source>    <maven.compiler.target>1.8</maven.compiler.target>    <maven.compiler.compilerVersion>1.8</maven.compiler.compilerVersion>    </properties>    </profile>
   <activeProfiles><activeProfile>jdk8</activeProfile><activeProfile>anotherAlwaysActiveProfile</activeProfile></activeProfiles>

配置完成之后进入jenkinsWEB界面点击Manage Jenkins->Tools->JDK installations和Maven installations,分别加入JDK路径和Maven路径

4.5. Jenkins容器内部使用docker

将宿主机/var/run/docker.sock文件映射给jenkins容器并赋予权限,重启jinkins容器

chown root:root /var/run/docker.sock
chmod o+rw /var/run/docker.sock
docker-compose -f /home/jenkins/docker-compose.yml  up -d

5. SonarQube部署

官网:Download | SonarQube | Sonar

version: "3.6"
services:sonarqube:image: sonarqube:lts-communitydepends_on:- dbports:- "9000:9000"environment:SONAR_JDBC_URL: jdbc:postgresql://db:5432/sonarSONAR_JDBC_USERNAME: sonarSONAR_JDBC_PASSWORD: sonarvolumes:- sonarqube_data:/opt/sonarqube/data- sonarqube_extensions:/opt/sonarqube/extensions- sonarqube_logs:/opt/sonarqube/logsnetworks:- sonarqube_netdb:image: postgres:12ports:- "5432:5432"environment:POSTGRES_USER: sonarPOSTGRES_PASSWORD: sonarvolumes:- postgresql:/var/lib/postgresql- postgresql_data:/var/lib/postgresql/datanetworks:- sonarqube_net
networks:sonarqube_net:driver: bridge
volumes:sonarqube_data:sonarqube_extensions:sonarqube_logs:postgresql:postgresql_data:

5.1. 插件安装:

Administration->Marketplace搜索框输入Chinese->点击install

5.2. sonar-scaner安装

下载地址:https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-4.6.1.2450-linux.zip

unzip sonar-scanner-cli-4.6.1.2450-linux.zip
mv sonar-scanner-4.6.1.2450-linux/ /home/jenkins/data/sonar-scanner
vim /home/jenkins/data/sonar-scanner/conf/sonar-scanner.properties

报错:
ERROR: [1] bootstrap checks failed. You must address the points described in the following [1] lines before starting Elasticsearch.
bootstrap check failure [1] of [1]: max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]# 修改虚拟内存大小
vim /etc/sysctl.conf
# 在文件末尾添加 
vm.max_map_count=262144
# 保存并退出后,执行 
sysctl -p

默认的账号和密码都是admin

5.3. SonarQube与Jenkins整合

点击Manage Jenkins->System->SonarQube servers->Add SonarQube server加入SonarQube信息

点击Manage Jenkins->Tools->SonarQube Scanner installations->Add SonarQube Scanner

6. 创建自由风格的任务

流程:拉取代码-->maven打包-->SonarQube代码检测-->制作镜像推送到Harbor-->部署

点击New Item->选择Freestyle project

6.1. 拉取代码

添加tag标签:勾选This project is parameterized->点击Add Parameter->勾选->Git Parameter

配置Git:在Source Code Management位置->点击Git->输入Git的URL和账号密码

根据tag拉取代码:在Build Steps下->点击Add build step->勾选Execute shell并拉到顶部位置->输入git checkout $tag

测试:

在jenkins目录下可以看到拉取的代码:

6.2. Maven打包

配置构建参数:在Build Steps下->点击Add build step->勾选Invoke top-level Maven targets->输入打包命令clean package -DskipTests

再次测试:

可以看到已经打包成功

6.3. SonarQube代码检测

打包后使用SonarQube扫码代码:找到Build Steps点击Add Build Steps->Execute SonarQube Scanner

sonar.projectname=${JOB_NAME}
sonar.projectKey=${JOB_NAME}
sonar.source=./
sonar.java.binaries=./target/

再次Build,能够看到输出日志结果是SUCCESS,登录SonarQube能看到检测结果

6.4. 制作镜像推送到Harbor

制作镜像并推送到Harbor:找到Build Steps点击Add Build Steps->勾选Execute shell输入shell命令

cp target/*.jar docker/
docker build -t ${JOB_NAME}:$tag docker/
docker login -uadmin -p 123456Aa 192.168.32.146:1080
docker tag ${JOB_NAME}:$tag 192.168.32.146:1080/library/${JOB_NAME}:$tag
docker push 192.168.32.146:1080/library/${JOB_NAME}:$tag

若docker login -uadmin -p 123456Aa 192.168.32.146:1080报如下错误

# WARNING! Using --password via the CLI is insecure. Use --password-stdin.
# Error response from daemon: Get "https://192.168.32.146:1080/v2/": http: server gave HTTP response to HTTPS client在/etc/docker/daemon.json文件中加入一行
"insecure-registries": ["192.168.32.146:1080"], # Harbor地址

再次Build,等待日志输出SUCCESS后查看部署机器和Harbor仓库:

6.5. 部署

在部署的机器上编写发布脚本:

Harbor_add=$1
Harbor_repo=$2
project=$3
version=$4ImageName=$Harbor_add/$Harbor_repo/$project:$versionContainerId=`docker ps -a | grep ${project} | awk '{print $1}'`if [ "$ContainerId" != "" ]; thendocker stop $ContainerId && docker rm $ContainerId
fitag=`docker images | grep ${project} | awk '{print $2}'` if [[ "$tag" =~ "$version" ]]; then
docker rmi -f $ImageName
fi
docker login -uadmin -p Harbor12345 $Harbor_add
docker pull $ImageNamedocker run -d -p 8084:8080 --name $project $ImageName

在Jenkins上添加部署机:

部署:在Post-build Actions下->点击Add post-build action->选择Send build artifacts over SSH

deploy.sh 192.168.32.146:1080 library ${JOB_NAME} $tag
docker image prune -f

最后测试:

7. Pipeline任务

准备Jenkinsfile文件,在代码中新增一个Jenkinsfile文件,根据之前的步骤逐步生成流水线脚本。

7.1. 生成拉取代码脚本

点击任务pipeline_test-->Configure-->Pipeline Syntax-->在Sample Step中选择checkou:Check out from version control填入Git信息后点击Generate Pipeline Script

7.2. 生成Maven构建项目脚本

在Sample Step中选择sh:Shell Script填入Maven命令后点击Generate Pipeline Script

/var/jenkins_home/maven/bin/mvn clean package -DskipTests

7.3. 生成SonarQube检测代码质量脚本

同上:

/var/jenkins_home/sonar-scanner/bin/sonar-scanner -Dsonar.projectname=${JOB_NAME}  -Dsonar.projectKey=${JOB_NAME} -Dsonar.source=./ -Dsonar.java.binaries=./target/  -Dsonar.login=da3b131bd550db98f33e5d8359d2e03be1ea1a8f

7.4. 生成制作镜像脚本

cp target/*.jar docker/
docker build -t ${JOB_NAME}:$tag docker/

7.5. 推送镜像到Harbor

docker login -uadmin -p 123456Aa 192.168.32.146:1080
docker tag ${JOB_NAME}:$tag 192.168.32.146:1080/library/${JOB_NAME}:$tag
docker push 192.168.32.146:1080/library/${JOB_NAME}:$tag

7.6. 生成部署脚本

在Sample Step中选择sshPublisher:Send build artifacts over SSH填入部署命令后点击Generate Pipeline Script

deploy.sh $HarborAddress $Repo $JOB_NAME $tag 

7.7. Jenkinsfile文件

pipeline {agent anyenvironment{Harbor_user = 'admin'Harbor_passwd = '123456Aa'HarborAddress = '192.168.32.146:1080'Repo = 'library' }   stages {stage('拉取git仓库代码') {steps {checkout scmGit(branches: [[name: '${tag}']], extensions: [], userRemoteConfigs: [[credentialsId: 'cb59a2fa-6308-4d49-9a16-3b049aecd2c1', url: 'http://192.168.32.146:1180/root/freestyle_test.git']])}}stage('Maven构建项目') {steps {sh '/var/jenkins_home/maven/bin/mvn clean package -DskipTests'}}stage('SonarQube检测代码质量') {steps {sh '/var/jenkins_home/sonar-scanner/bin/sonar-scanner -Dsonar.projectname=${JOB_NAME}  -Dsonar.projectKey=${JOB_NAME} -Dsonar.source=./ -Dsonar.java.binaries=./target/  -Dsonar.login=da3b131bd550db98f33e5d8359d2e03be1ea1a8f'}}stage('制作镜像') {steps {sh '''cp target/*.jar docker/docker build -t ${JOB_NAME}:$tag docker/'''}}stage('推送镜像到Harbor') {steps {sh '''docker login -u${Harbor_user} -p ${Harbor_passwd} ${HarborAddress}docker tag ${JOB_NAME}:$tag ${HarborAddress}/${Repo}/${JOB_NAME}:$tagdocker push ${HarborAddress}/${Repo}/${JOB_NAME}:$tag'''}}stage('部署') {steps {sshPublisher(publishers: [sshPublisherDesc(configName: 'test_host', transfers: [sshTransfer(cleanRemote: false, excludes: '', execCommand: "deploy.sh $HarborAddress $Repo $JOB_NAME $tag ", execTimeout: 120000, flatten: false, makeEmptyDirs: false, noDefaultExcludes: false, patternSeparator: '[, ]+', remoteDirectory: '', remoteDirectorySDF: false, removePrefix: '', sourceFiles: '')], usePromotionTimestamp: false, useWorkspaceInPromotion: false, verbose: false)])}}}
}

部署脚本由于引用了Jenkinsfile变量和全局变量,需把变量处单引号改为双引号。

7.8. 准备执行任务

在Pipeline下选择Pipeline script from SCM填入Git信息保存并启动任务

7.9. 部署成功后通知到企业微信机器人

安装Qy Wechat Notification插件,这个插件可以通过企业微信群机器人发送构建信息,然后来到Manage Jenkins-->System下找到企业微信通知配置,填入信息

并在Jenkinsfile中加入如下内容

    post{success{qyWechatNotification failNotify: true, mentionedId: '', mentionedMobile: '', webhookUrl: 'https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=自己的机器人KEY', moreInfo:'部署成功!'}failure{qyWechatNotification failNotify: true, mentionedId: '', mentionedMobile: '', webhookUrl: 'https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=自己的机器人KEY', moreInfo:'部署失败!'}}# mentionedId: '需要通知UserID', mentionedMobile: '需要通知的通知手机号码', 可以为空

效果

最终完整Jenkinsfile

pipeline {agent anyenvironment{Harbor_user = 'admin'Harbor_passwd = '123456Aa'HarborAddress = '192.168.32.146:1080'Repo = 'library' }   stages {stage('拉取git仓库代码') {steps {checkout scmGit(branches: [[name: '${tag}']], extensions: [], userRemoteConfigs: [[credentialsId: 'cb59a2fa-6308-4d49-9a16-3b049aecd2c1', url: 'http://192.168.32.146:1180/root/freestyle_test.git']])}}stage('Maven构建项目') {steps {sh '/var/jenkins_home/maven/bin/mvn clean package -DskipTests'}}stage('SonarQube检测代码质量') {steps {sh '/var/jenkins_home/sonar-scanner/bin/sonar-scanner -Dsonar.projectname=${JOB_NAME}  -Dsonar.projectKey=${JOB_NAME} -Dsonar.source=./ -Dsonar.java.binaries=./target/  -Dsonar.login=da3b131bd550db98f33e5d8359d2e03be1ea1a8f'}}stage('制作镜像') {steps {sh '''cp target/*.jar docker/docker build -t ${JOB_NAME}:$tag docker/'''}}stage('推送镜像到Harbor') {steps {sh '''docker login -u${Harbor_user} -p ${Harbor_passwd} ${HarborAddress}docker tag ${JOB_NAME}:$tag ${HarborAddress}/${Repo}/${JOB_NAME}:$tagdocker push ${HarborAddress}/${Repo}/${JOB_NAME}:$tag'''}}stage('部署') {steps {sshPublisher(publishers: [sshPublisherDesc(configName: 'test_host', transfers: [sshTransfer(cleanRemote: false, excludes: '', execCommand: "deploy.sh $HarborAddress $Repo $JOB_NAME $tag ", execTimeout: 120000, flatten: false, makeEmptyDirs: false, noDefaultExcludes: false, patternSeparator: '[, ]+', remoteDirectory: '', remoteDirectorySDF: false, removePrefix: '', sourceFiles: '')], usePromotionTimestamp: false, useWorkspaceInPromotion: false, verbose: false)])}}}post{success{qyWechatNotification failNotify: true, mentionedId: '', mentionedMobile: '', webhookUrl: 'https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=自己的机器人KEY', moreInfo:'部署成功!'}failure{qyWechatNotification failNotify: true, mentionedId: '', mentionedMobile: '', webhookUrl: 'https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=自己的机器人KEY', moreInfo:'部署失败!'}}
}

8. 部署到K8S

在Jenkins下添加K8S机器,Post-build Actions下->点击Add post-build action->选择Send build artifacts over SSH,工作目录为/usr/local/pipeline

在Gitlab仓库中新增pipeline_test.yaml文件

apiVersion: apps/v1    
kind: Deployment     
metadata:  namespace: test      labels:app: pipelinetestname: pipelinetest
spec:        replicas: 2      selector:matchLabels:app: pipelinetesttemplate:        metadata:        labels:app: pipelinetestspec:           containers:- name: pipelinetestimage: 192.168.32.146:1080/library/pipeline_test:v2.0.0imagePullPolicy: Alwaysports:- containerPort: 8080
---
apiVersion: v1
kind: Service
metadata:namespace: test   labels:app: pipelinetestname: pipelinetest      
spec:selector:     app: pipelinetest  ports:- port: 8084    protocol: TCP   targetPort: 8080  type: ClusterIP
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:namespace: test   name: pipelinetest annotations:nginx.ingress.kubernetes.io/rewrite-target: /  
spec:rules:- host: pipeline.test.comhttp:paths:- path: /pathType: Prefixbackend:service:name: pipelinetestport:number: 8084

修改Jenkinsfile脚本,将pipeline_test.yaml传到K8Smaster节点,会传到/usr/local/pipeline下

pipeline {agent anyenvironment{Harbor_user = 'admin'Harbor_passwd = '123456Aa'HarborAddress = '192.168.32.146:1080'Repo = 'library' }   stages {stage('拉取git仓库代码') {steps {checkout scmGit(branches: [[name: '${tag}']], extensions: [], userRemoteConfigs: [[credentialsId: 'cb59a2fa-6308-4d49-9a16-3b049aecd2c1', url: 'http://192.168.32.146:1180/root/freestyle_test.git']])}}stage('Maven构建项目') {steps {sh '/var/jenkins_home/maven/bin/mvn clean package -DskipTests'}}stage('SonarQube检测代码质量') {steps {sh '/var/jenkins_home/sonar-scanner/bin/sonar-scanner -Dsonar.projectname=${JOB_NAME}  -Dsonar.projectKey=${JOB_NAME} -Dsonar.source=./ -Dsonar.java.binaries=./target/  -Dsonar.login=da3b131bd550db98f33e5d8359d2e03be1ea1a8f'}}stage('制作镜像') {steps {sh '''cp target/*.jar docker/docker build -t ${JOB_NAME}:$tag docker/'''}}stage('推送镜像到Harbor') {steps {sh '''docker login -u${Harbor_user} -p ${Harbor_passwd} ${HarborAddress}docker tag ${JOB_NAME}:$tag ${HarborAddress}/${Repo}/${JOB_NAME}:$tagdocker push ${HarborAddress}/${Repo}/${JOB_NAME}:$tag'''}}stage('将yaml文件传到K8Smaster') {steps {sshPublisher(publishers: [sshPublisherDesc(configName: 'k8s', transfers: [sshTransfer(cleanRemote: false, excludes: '', execCommand: '', execTimeout: 120000, flatten: false, makeEmptyDirs: false, noDefaultExcludes: false, patternSeparator: '[, ]+', remoteDirectory: '', remoteDirectorySDF: false, removePrefix: '', sourceFiles: 'pipeline_test.yaml')], usePromotionTimestamp: false, useWorkspaceInPromotion: false, verbose: false)])}}}post{success{qyWechatNotification failNotify: true, mentionedId: '', mentionedMobile: '', webhookUrl: 'https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=自己的机器人key', moreInfo:'部署成功!'}failure{qyWechatNotification failNotify: true, mentionedId: '', mentionedMobile: '', webhookUrl: 'https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=自己的机器人key', moreInfo:'部署失败!'}}
}

在Gitlab新打一个标签,重新构建检查pipeline_test.yaml文件是否成功

Jenkins免密登录K8Smaster

# 进入Jenkins容器内
docker exec -it jenkins bash
# SSH免密登录
ssh-keygen
ssh-copy-id root@192.168.33.209

新增部署命令ssh root@192.168.33.209 kubectl apply -f /usr/local/pipeline/pipeline_test.yaml,加入到Jenkinsfile脚本中

完整Jenkinsfile

pipeline {agent anyenvironment{Harbor_user = 'admin'Harbor_passwd = '123456Aa'HarborAddress = '192.168.32.146:1080'Repo = 'library' }   stages {stage('拉取git仓库代码') {steps {checkout scmGit(branches: [[name: '${tag}']], extensions: [], userRemoteConfigs: [[credentialsId: 'cb59a2fa-6308-4d49-9a16-3b049aecd2c1', url: 'http://192.168.32.146:1180/root/freestyle_test.git']])}}stage('Maven构建项目') {steps {sh '/var/jenkins_home/maven/bin/mvn clean package -DskipTests'}}stage('SonarQube检测代码质量') {steps {sh '/var/jenkins_home/sonar-scanner/bin/sonar-scanner -Dsonar.projectname=${JOB_NAME}  -Dsonar.projectKey=${JOB_NAME} -Dsonar.source=./ -Dsonar.java.binaries=./target/  -Dsonar.login=da3b131bd550db98f33e5d8359d2e03be1ea1a8f'}}stage('制作镜像') {steps {sh '''cp target/*.jar docker/docker build -t ${JOB_NAME}:$tag docker/'''}}stage('推送镜像到Harbor') {steps {sh '''docker login -u${Harbor_user} -p ${Harbor_passwd} ${HarborAddress}docker tag ${JOB_NAME}:$tag ${HarborAddress}/${Repo}/${JOB_NAME}:$tagdocker push ${HarborAddress}/${Repo}/${JOB_NAME}:$tag'''}}stage('将yaml文件传到K8Smaster') {steps {sshPublisher(publishers: [sshPublisherDesc(configName: 'k8s', transfers: [sshTransfer(cleanRemote: false, excludes: '', execCommand: '', execTimeout: 120000, flatten: false, makeEmptyDirs: false, noDefaultExcludes: false, patternSeparator: '[, ]+', remoteDirectory: '', remoteDirectorySDF: false, removePrefix: '', sourceFiles: 'pipeline_test.yaml')], usePromotionTimestamp: false, useWorkspaceInPromotion: false, verbose: false)])}}stage('部署') {steps {sh 'ssh root@192.168.33.209 kubectl apply -f /usr/local/pipeline/pipeline_test.yaml'}}}post{success{qyWechatNotification failNotify: true, mentionedId: '', mentionedMobile: '', webhookUrl: 'https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=自己的机器人key', moreInfo:'部署成功!'}failure{qyWechatNotification failNotify: true, mentionedId: '', mentionedMobile: '', webhookUrl: 'https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=自己的机器人key', moreInfo:'部署失败!'}}
}

完成!

9. 自动化CI

GitLab发现源代码有变化时,就会触发Jenkins执行构建,需要安装GitLab插件,点击Jenkins --> My Views --> [项目名称] --> Configure

在Jenkins全局配置中去掉gitlab认证

回到gitlab在项目中点击Settings --> Webhooks在URL处粘贴上Build when a change is pushed to GitLab. GitLab webhook URL

# 若gitlab和jenkins在同一主机上会报错:Url is blocked: Requests to the local network are not allowed
# 进入gitlab点击Menu --> Admin --> Settings --> Network -->Outbound requests勾选上Allow requests to the local network from web hooks and services

最后去掉根据tag标签拉取代码,并且更改Jenkinsfile文件中的代码拉取tag为*/master,docker镜像版本修改为latest,pipeline_test.yaml文件中的镜像版本改为latest

由于这个流程如果yaml文件没有变动就不会部署成功,需要在部署命令后增加ssh root@192.168.33.209 kubectl rollout restart deployment pipelinetest -n test

pipeline {agent anyenvironment{Harbor_user = 'admin'Harbor_passwd = '123456Aa'HarborAddress = '192.168.32.146:1080'Repo = 'library' }   stages {stage('拉取git仓库代码') {steps {checkout scmGit(branches: [[name: '*/master']], extensions: [], userRemoteConfigs: [[credentialsId: 'cb59a2fa-6308-4d49-9a16-3b049aecd2c1', url: 'http://192.168.32.146:1180/root/freestyle_test.git']])}}stage('Maven构建项目') {steps {sh '/var/jenkins_home/maven/bin/mvn clean package -DskipTests'}}stage('SonarQube检测代码质量') {steps {sh '/var/jenkins_home/sonar-scanner/bin/sonar-scanner -Dsonar.projectname=${JOB_NAME}  -Dsonar.projectKey=${JOB_NAME} -Dsonar.source=./ -Dsonar.java.binaries=./target/  -Dsonar.login=da3b131bd550db98f33e5d8359d2e03be1ea1a8f'}}stage('制作镜像') {steps {sh '''cp target/*.jar docker/docker build -t ${JOB_NAME}:latest docker/'''}}stage('推送镜像到Harbor') {steps {sh '''docker login -u${Harbor_user} -p ${Harbor_passwd} ${HarborAddress}docker tag ${JOB_NAME}:latest ${HarborAddress}/${Repo}/${JOB_NAME}:latestdocker push ${HarborAddress}/${Repo}/${JOB_NAME}:latest'''}}stage('将yaml文件传到K8Smaster') {steps {sshPublisher(publishers: [sshPublisherDesc(configName: 'k8s', transfers: [sshTransfer(cleanRemote: false, excludes: '', execCommand: '', execTimeout: 120000, flatten: false, makeEmptyDirs: false, noDefaultExcludes: false, patternSeparator: '[, ]+', remoteDirectory: '', remoteDirectorySDF: false, removePrefix: '', sourceFiles: 'pipeline_test.yaml')], usePromotionTimestamp: false, useWorkspaceInPromotion: false, verbose: false)])}}stage('部署') {steps {sh 'ssh root@192.168.33.209 kubectl apply -f /usr/local/pipeline/pipeline_test.yaml'sh 'ssh root@192.168.33.209 kubectl rollout restart deployment pipelinetest -n test'}}}post{success{qyWechatNotification failNotify: true, mentionedId: '', mentionedMobile: '', webhookUrl: 'https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=自己的机器人key', moreInfo:'部署成功!'}failure{qyWechatNotification failNotify: true, mentionedId: '', mentionedMobile: '', webhookUrl: 'https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=自己的机器人key', moreInfo:'部署失败!'}}
}

本文来自互联网用户投稿,该文观点仅代表作者本人,不代表本站立场。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如若转载,请注明出处:http://www.rhkb.cn/news/333977.html

如若内容造成侵权/违法违规/事实不符,请联系长河编程网进行投诉反馈email:809451989@qq.com,一经查实,立即删除!

相关文章

『ZJUBCA Weekly Feed 07』MEV | AO超并行计算机 | Eigen layer AVS生态

一文读懂MEV&#xff1a;区块链的黑暗森林法则 01 &#x1f4a1;TL;DR 这篇文章介绍了区块链中的最大可提取价值&#xff08;MEV&#xff09;概念&#xff0c;MEV 让矿工和验证者通过抢先交易、尾随交易和三明治攻击等手段获利&#xff0c;但也导致网络拥堵和交易费用增加。为了…

c++(四)

c&#xff08;四&#xff09; 运算符重载可重载的运算符不可重载的运算符运算符重载的格式运算符重载的方式友元函数进行运算符重载成员函数进行运算符重载 模板定义的格式函数模板类模板 标准模板库vector向量容器STL中的listmap向量容器 运算符重载 运算符相似&#xff0c;运…

Android刮刮卡自定义控件

效果图 刮刮卡自定义控件 import android.content.Context; import android.graphics.Bitmap; import android.graphics.Canvas; import android.graphics.Color; import android.graphics.Paint; import android.graphics.Path; import android.graphics.PorterDuff; import …

Linux--进程间通信(1)(匿名管道)

目录 1.了解进程通信 1.1进程为什么要通信 1.2 进程如何通信 1.3进程间通信的方式 2.管道 2.1管道的初步理解 2.2站在文件描述符的角度-进一步理解管道 2.3 管道的系统调用接口&#xff08;匿名管道&#xff09; 2.3.1介绍接口函数&#xff1a; 2.3.2编写一个管道的代…

AI Agent教育行业落地案例

【AI赋能教育】揭秘Duolingo背后的AI Agent&#xff0c;让学习更高效、更有趣&#xff01; ©作者|Blaze 来源|神州问学 引言 随着科技的迅猛发展&#xff0c;人工智能技术已经逐步渗透到我们生活的各个方面。而随着AI技术的广泛应用&#xff0c;教育培训正引领着一场新的…

微软语音使用小计

简介 使用微软语音可以实现语音转文字和文字转语音。测试了下&#xff0c;使用还是挺方便的。 使用微软语音有两种方式。一种是使用命令行的形式&#xff0c;另一种是调用SDK的方式。 适合使用语音 CLI 的情况&#xff1a; 想在极少设置且无需编写代码的情况下试验语音服务…

Vulnhub靶机 whowantsobeking :1 打靶 渗透详细过程(萌新)

Vulnhub靶机搭建配置 先搭建vulnhub靶机&#xff1a;https://www.vulnhub.com/entry/who-wants-to-be-king-1,610/ 下载镜像之后whowantsobeking.ova后&#xff0c;用VMware Workstation Pro打开依次点击文件-打开&#xff0c;选择我们刚才下载的ova文件打开&#xff0c;修改…

JavaWeb开发 2.Web开发 Web前端开发 ①介绍

内心一旦平静&#xff0c;外界便鸦雀无声 —— 24.5.27 一、初识Web前端 网页有哪些部分组成? 文字、图片、音频、视频、超链接 ...网页&#xff0c;背后的本质是什么? 前端代码前端的代码是如何转换成用户眼中的网页的? 通过浏览器转化(解析和渲染)成用户看…

表空间[MAIN]处于脱机状态

达梦数据库还原后&#xff0c;访问数据库报错&#xff1a;表空间[MAIN]处于脱机状态 解决方法&#xff1a; 1&#xff1a;检查备份文件 DMRMAN 中使用 CHECK 命令对备份集进行校验&#xff0c;校验备份集是否存在及合法。 ##语法&#xff1a;CHECK BACKUPSET <备份集目录…

小识MFC,一套设计优雅与不优雅并存的类库----小话MFC(2)

Q1&#xff1a; CPoint继承于POINT&#xff0c;这样有什么好处&#xff1f; A&#xff1a; 继承的一个最基本的好处当然就是减少代码量。CPoint和POINT内部数据一样&#xff0c;只是一个提供了更多的方法来操作对象。 typedef struct tagPOINT {LONG x;LONG y; } POINT, *P…

小程序大能量:盲盒平台搭建与营销策略

一、引言 在移动互联网的浪潮下&#xff0c;小程序以其轻量级、即用即走的特点&#xff0c;成为了商家与消费者沟通的新桥梁。盲盒经济作为近年来兴起的消费趋势&#xff0c;结合小程序平台&#xff0c;不仅为用户带来了全新的购物体验&#xff0c;也为商家带来了更多的商业机…

【管理咨询宝藏115】某大型电力集团5年战略发展报告终稿

本报告首发于公号“管理咨询宝藏”&#xff0c;如需阅读完整版报告内容&#xff0c;请查阅公号“管理咨询宝藏”。 【管理咨询宝藏115】某大型电力集团5年战略发展报告终稿 【格式】PDF版本 【关键词】战略规划、大型国企、战略报告 【核心观点】 - 战略领导人敏锐的直觉和城…

【乐吾乐3D可视化组态编辑器】模型类型与属性

编辑器地址&#xff1a;3D可视化组态 - 乐吾乐Le5le 本章主要为您介绍模型的属性功能。 一个模型至少会包含一个节点&#xff08;Node&#xff09;&#xff0c;从节点类型上可以分为转换节点&#xff08;TransformNode&#xff09;、网格&#xff08;Mesh&#xff09;、实例网…

5.27作业

定义自己的命名空间my_sapce&#xff0c;在my_sapce中定义string类型的变量s1&#xff0c;再定义一个函数完成对字符串的逆置。 #include <iostream> #include <string.h>using namespace std; namespace my_space {string s1;void RevString(string &s1); } v…

OrangePi AIpro 开箱初体验及语音识别样例

OrangePi AIpro 开箱初体验及语音识别样例 一、 前言 首先非常感谢官方大大给予这次机会&#xff0c;让我有幸参加此次活动。 OrangePi AIpro联合华为精心打造&#xff0c;采用昇腾AI技术路线&#xff0c;具体为4核64位处理器AI处理器&#xff0c;集成图形处理器&#xff0c;…

【JavaScript】P3 JavaScipt 注释方法、结束符、输入输出

小结&#xff1a; Js 注释&#xff1a; 单行注释&#xff1a;//多行注释&#xff1a;/* */ Js 结束符&#xff1a; 分号; 可以加也可以不加 Js 输入输出&#xff1a; 输入&#xff1a;prompt()输出&#xff1a;document.write() 在页面中打印&#xff0c;console.log() 在控制…

浅谈金融行业数据安全分类分级

数据安全管理是一项从上而下的、多方配合开展的工作。在进行数据安全管理组织架构建设时&#xff0c;需要从上而下建设&#xff1b;从而全面推动数据安全管理工作的执行和落地&#xff1b;以保证数据安全的合法合规、并长效推动业务的发展和稳定运行。 金融行业机构应设立数据…

【Sql Server】随机查询一条表记录,并重重温回顾下存储过程的封装和使用

大家好&#xff0c;我是全栈小5&#xff0c;欢迎来到《小5讲堂》。 这是《Sql Server》系列文章&#xff0c;每篇文章将以博主理解的角度展开讲解。 温馨提示&#xff1a;博主能力有限&#xff0c;理解水平有限&#xff0c;若有不对之处望指正&#xff01; 目录 前言随机查询语…

自定义CSS属性(@property)解决自定义CSS变量无法实现过渡效果的问题

且看下面的代码&#xff1a; <!DOCTYPE html> <html lang"en"><head><meta charset"UTF-8" /><meta name"viewport" content"widthdevice-width, initial-scale1.0" /><title>demot</title&g…

Python批量docx或doc文档转换pdf

说明&#xff1a; 1、因为项目需要&#xff0c;需要手动将十几个word文档转换成pdf文档 2、python请安装3.9.0以上&#xff0c;否则一些依赖库无法正常用 #! /usr/bin/python3 # -*- coding: utf-8 -*-import os import comtypes.client# 批量将docx文件转换pdf文件 def docx_t…