Jenkins流水线的最佳实践
0 条评论安装
这里我选择使用docker直接部署,当然你也可以选择用helm。链接
常用插件
- GitLab Authentication
- Generic Webhook Trigger
- Matrix Authorization Strategy
- Build Name and Description Setter
- DingTalk
- build user vars plugin
流水线脚本
pipeline {
agent any
tools {
jdk 'jdk1.8'
maven 'maven_3.6.1'
}
environment{
harbor_url="harbor.goldlion.com.cn:30003"
harborprj_name="jll"
gitlab_projectname="http://10.0.1.112:30080/e3plus/e3plus-integration.git"
harborimg_name="e3plus-integration"
src_buildpath="${WORKSPACE}"
docker_imageinfo="${harbor_url}/${harborprj_name}/${harborimg_name}:${brancher}_${BUILD_ID}"
rancher_base_url="https://10.0.1.112:32001/p/local:p-fnf2k/workload/deployment:e3plus:"
}
options {
buildDiscarder logRotator(artifactDaysToKeepStr: '1', artifactNumToKeepStr: '1', daysToKeepStr: '30', numToKeepStr: '30')
disableConcurrentBuilds()
skipStagesAfterUnstable()
timeout(25)
timestamps()
}
triggers {
// 由 Generic Webhook Trigger 提供的触发器
GenericTrigger(
// 参数, 在这里配置的参数会被配置为环境变量
// 支持使用 JSONPath 和 XPath 进行提取
// 提取来源为 webhook 发送的 request body 中的内容
// GitLab 发送的 request body 内容格式可通过文档查看, 文档地址为你的 GitLab 访问地址 + /help/user/project/integrations/webhooks
genericVariables: [
// 提取分支名称, 格式为 refs/heads/{branch}
[key: 'WEBHOOK_REF', value: '$.ref'],
// 提取用户显示名称
[key: 'WEBHOOK_USER_NAME', value: '$.user_name'],
// 提取最近提交 id
[key: 'WEBHOOK_RECENT_COMMIT_ID', value: '$.commits[-1].id'],
// 提取最近提交 message
[key: 'WEBHOOK_RECENT_COMMIT_MESSAGE', value: '$.commits[-1].message'],
// 如需更多参数可通过查看 request body 参数文档进行提取
],
// 项目运行消息, 会显示在 Jenkins Blue 中的项目活动列表中
causeString: '$WEBHOOK_USER_NAME 推送 commit 到 $WEBHOOK_REF 分支',
// token, 因为对外的 webhook url 是一致的, 当希望触发某个特定的 Job 时可以为每个 Job 配置不同的 token, 然后在 webhook 中配置该参数
token: 'Gitlab-Webhook-Trigger',
// 打印通过 genericVariables 配置的变量
printContributedVariables: true,
// 打印 request body 内容
printPostContent: true,
// 避免使用已触发工作的信息作出响应
silentResponse: false,
// 可选的正则表达式过滤, 比如希望仅在 master 分支上触发, 你可以进行如下配置
regexpFilterText: '$WEBHOOK_REF',
regexpFilterExpression: 'refs/heads/jll-master|refs/heads/jll-release'
)
}
stages{
stage('设置变量') {
steps {
script {
// sh 'env'
echo "${docker_imageinfo}"
def description = "builder";
if (env.WEBHOOK_REF) {
def ref = "${WEBHOOK_REF}"
def branch = ref.substring(ref.lastIndexOf('/') + 1)
brancher = branch
env.brancher = branch
env.BUILD_USER = '${WEBHOOK_USER_NAME}'
buildName env.BUILD_USER
description = description + ": ${WEBHOOK_USER_NAME}<br/>";
}else {
buildName "${brancher}"
description = description + ": ${BUILD_USER}<br/>";
}
echo "source: ${env.docker_imageinfo}"
env.docker_imageinfo="${harbor_url}/${harborprj_name}/${harborimg_name}:${brancher}_${BUILD_ID}"
echo "old : ${env.docker_imageinfo}"
// currentBuild.description = description +"image:<mark>${harborprj_name}/${harborimg_name}:${brancher}_${BUILD_ID}</mark>"
buildDescription(description +"image: <mark>${harborprj_name}/${harborimg_name}:${brancher}_${BUILD_ID}</mark>")
}
}
}
stage('清理'){
steps{
script{
try {
//sh 'git remote prune origin'
sh " mvn -Dmaven.test.skip=true -U clean "
echo "清理"
}catch(all) {
}
}
}
}
stage('拉取代码'){
steps{
script{
echo "pull code is ${brancher}"
echo "old : ${env.docker_imageinfo}"
git branch: '${brancher}', credentialsId: '1', url: "${gitlab_projectname}"
}
}
}
stage('编译打包'){
steps{
dir("${src_buildpath}") {
script{
sh "java -version"
sh " mvn -Dmaven.test.skip=true -U clean install"
//sh "echo build"
}
}
}
}
stage('镜像打包') {
steps {
dir("${src_buildpath}") {
withCredentials([usernamePassword(credentialsId: 'harbor', passwordVariable: 'password', usernameVariable: 'username')]) {
sh (returnStdout: true, script: ''' # 打包镜像上传
echo "\$docker_imageinfo"
pwd
docker login -u \${username} -p \${password} \${harbor_url}
#打包镜像
docker build -t \${docker_imageinfo} .
#推送镜像到私服
docker push \${docker_imageinfo}
#delete images
docker rmi \${docker_imageinfo}
''')
}
}
}
}
stage ("rancher-deploy"){
steps {
script {
if ( env.brancher == 'jll-release') {
rancherRedeploy alwaysPull: true, credential: 'rancher_uat', images: sh (returnStdout: true, script: ''' # 打包镜像上传
echo \${docker_imageinfo}
'''), workload: '/project/local:p-fnf2k/workload/deployment:e3plus:e3plus-integration'
}else if ( env.brancher == 'jll-master') {
rancherRedeploy alwaysPull: true, credential: 'rancher_dev', images: sh (returnStdout: true, script: ''' # 打包镜像上传
echo \${docker_imageinfo}
'''), workload: '/project/local:p-4899t/workload/deployment:e3plus:e3plus-integration'
}
}
}
}
}
post {
success {
dingtalk (
robot: '2',
type:'ACTION_CARD',
atAll: false,
title: "构建成功:${env.JOB_NAME}",
messageUrl: 'xxxx',
text: [
"### [${env.JOB_NAME}](${env.JOB_URL}) ",
'---',
// "- 任务:[${currentBuild.displayName}_${BUILD_ID}](${env.BUILD_URL})",
'- 状态:<font color=green >成功</font>',
"- 持续时间:${currentBuild.durationString}".split("and counting")[0],
"- 执行人:${currentBuild.buildCauses.shortDescription}",
"- 镜像后缀:[${env.brancher}_${env.BUILD_ID}](${rancher_base_url}${env.JOB_NAME})",
]
)
}
failure {
dingtalk (
robot: "2",
type:'ACTION_CARD',
atAll: false,
title: "构建失败:${env.JOB_NAME}",
messageUrl: 'xxxx',
text: [
"### [${env.JOB_NAME}](${env.JOB_URL}) ",
'---',
"- 任务:[${currentBuild.displayName}_${BUILD_ID}](${env.BUILD_URL})",
'- 状态:<font color=#EE0000 >失败</font>',
"- 持续时间:${currentBuild.durationString}".split("and counting")[0],
"- 执行人:${currentBuild.buildCauses.shortDescription}",
]
)
}
}
}