gitlab配置公钥 代码仓库:代码仓库:https://github.com/wq-h/demo-2048.git
创建密钥
# ssh-keygen -t rsa -b 2048 -C "weiqun_h@163.com" -N "" -f /root/.ssh/id_rsa Generating public/private rsa key pair. Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: SHA256:lo1dX2Kj+5Z8n7LiICLc9yYJdkhlY9W2YpNsTn/pmrI weiqun_h@163.com The key's randomart image is: +---[RSA 2048]----+ | ... | | = o | | + o o o + .| | . & o + + | | . . S * . o | | . .+ o . . + | | o.ooo.. +. . | | . oooo...++ o| | oE++oo+oo| +----[SHA256]-----+
gitlab配置公钥
jenkins 创建凭据 选择ssh username with private key类型 添加私钥
jenkins配置流水线
pipeline { agent any // 可以在任何可用的代理上执行pipeline或stage environment { // 指令指定一系列键值对,这些键值对将被定义为所有step或特定stage的step的环境变量 GIT_REPO="https://gitlub.com/wq-h/demo-2048.git" // 构建项目的git仓库地址 GIT_BRANCH="master" // 构建项目的git分支 SSH_ID="51561e93-8c3c-4904-8fce-2c0014c5dc9f" // Jenkins里配置ssh key的唯一标识 MVN_CMD="mvn clean package && cd target && jar -xf 2048.war" // maven编译命令 TARGET_DIR="target" // 编译项目输出jar或war包的路径 BASE_IMAGE="harbor.od.com/system_containers/tomcat:v8.0" // Dockerfile底层镜像 Repository="harbor.od.com/infra" // docker仓库组 IMAGE_NAME="demo-2048" // 构建镜像的镜像名称 IMAGE_TAG="${BUILD_TIMESTAMP}" // 构建时的时间,为构建镜像的tag NAMESPACE="demo" // 更新服务时的namespace DEPLOY="demo-2048" // 更新服务时deploy的名称 } stages { // 在pipeline内只容许出现只有一次 stage('检出代码') { // 阶段,pipeline 工作所在的位置 steps { // 步骤,在stage指令中执行的一个或多个步骤 deleteDir() // 递归删除WORKSPACE下的文件和文件夹 checkout([$class: 'GitSCM', branches: [[name: "*/${GIT_BRANCH}"]], doGenerateSubmoduleConfigurations: false, extensions: [], submoduleCfg: [], userRemoteConfigs: [[credentialsId: "${SSH_ID}", url: "${GIT_REPO}"]]]) } } stage('构建代码') { tools { // 定义自动安装和放置工具的部分PATH maven "apache-maven-3.6.3" // 工具名称必须在Jenkins 管理Jenkins → 全局工具配置中预置 } steps { sh "${MVN_CMD}" } post { // post定义将在pipeline运行或stage结束时运行的操作 success { // 成功之后提取制品 archiveArtifacts "${TARGET_DIR}/*.war" } } } stage('构建镜像') { steps { // 创建Dockerfile并构建 writeFile file: "${TARGET_DIR}/Dockerfile", text: """FROM ${BASE_IMAGE} COPY ./*.war /usr/local/tomcat/webapps""" sh "cd ./target && docker build -t ${Repository}/${IMAGE_NAME}:${IMAGE_TAG} ." } } stage('推送镜像') { steps { sh "docker push ${Repository}/${IMAGE_NAME}:${IMAGE_TAG}" } } stage('更新服务') { steps { //sh "kubectl get po -A" sh "kubectl set image deploy/${DEPLOY} ${DEPLOY}=${Repository}/${IMAGE_NAME}:${IMAGE_TAG} -n${NAMESPACE} " } } } }