From 6e766fd4ccafabc92856e43615c11f65fe9d2f83 Mon Sep 17 00:00:00 2001 From: dxin Date: Wed, 15 Oct 2025 18:01:30 +0800 Subject: [PATCH] + --- .../python_s2_lessie_sourcing_agents.conf | 109 ++++++++++++++++++ .../ai-api-key密钥原文件/credentials | 11 ++ .../superlinear-470909-dec3d35a18d6.json | 13 +++ test-k8s-server/configmap/资源清单命令.sh | 5 + test-k8s-server/readme | 0 .../手动测试实验/docker-compose.yml | 6 +- 容器化相关文件/手动测试实验/s2_Dockerfile | 47 ++++++++ 问IA.md | 83 ++++++++++++- 8 files changed, 270 insertions(+), 4 deletions(-) create mode 100644 jenkins/构建镜像配置/python_s2_lessie_sourcing_agents.conf create mode 100644 test-k8s-server/configmap/ai-api-key密钥原文件/credentials create mode 100644 test-k8s-server/configmap/ai-api-key密钥原文件/superlinear-470909-dec3d35a18d6.json create mode 100644 test-k8s-server/configmap/资源清单命令.sh create mode 100644 test-k8s-server/readme create mode 100644 容器化相关文件/手动测试实验/s2_Dockerfile diff --git a/jenkins/构建镜像配置/python_s2_lessie_sourcing_agents.conf b/jenkins/构建镜像配置/python_s2_lessie_sourcing_agents.conf new file mode 100644 index 0000000..0d5addc --- /dev/null +++ b/jenkins/构建镜像配置/python_s2_lessie_sourcing_agents.conf @@ -0,0 +1,109 @@ +pipeline { + agent any + + environment { + REGISTRY = "uswccr.ccs.tencentyun.com" // 镜像仓库地址 + NAMESPACE = "lessie.s2" // 命名空间 + IMAGE_NAME = "lessie-sourcing-agents" // 镜像名(固定前缀) + CREDENTIALS_ID = "dxin_img_hub_auth" // 容器仓库凭证ID + } + + stages { + stage('拉取代码') { + steps { + // 拉取指定分支代码(通过参数 params.Code_branch 动态指定) + git branch: "${params.Code_branch}", + credentialsId: 'fly_gitlab_auth', + url: 'http://172.24.16.20/python/lessie-sourcing-agents.git' + } + } + + stage('获取提交信息') { + steps { + script { + // 获取最近一次提交的哈希值(短格式,前8位) + env.GIT_COMMIT_SHORT = sh( + script: 'git rev-parse --short HEAD', + returnStdout: true + ).trim() + + // 获取最近一次提交的作者 + env.GIT_AUTHOR = sh( + script: 'git log -1 --pretty=format:%an', + returnStdout: true + ).trim() + + // 获取最近一次提交的时间(格式化) + env.GIT_COMMIT_TIME = sh( + script: 'git log -1 --pretty=format:%cd --date=format:"%Y%m%d-%H%M%S"', + returnStdout: true + ).trim() + + // 获取最近一次提交的备注信息(转义特殊字符,避免构建失败) + env.GIT_COMMIT_MSG = sh( + script: 'git log -1 --pretty=format:%s | sed "s/\"/\\\\\"/g"', // 转义双引号 + returnStdout: true + ).trim() + + // 生成唯一 Tag:时间戳 + 短哈希(确保唯一性) + env.IMAGE_TAG = "${GIT_COMMIT_TIME}-${GIT_COMMIT_SHORT}" + } + } + } + + stage('构建容器镜像') { + steps { + script { + // 构建镜像,修复 NAMESPACE 变量引用,添加标签信息 + sh """ + docker build -t ${REGISTRY}/${NAMESPACE}/${IMAGE_NAME}:${IMAGE_TAG} \ + --label "git-commit=${GIT_COMMIT_SHORT}" \ + --label "git-author=${GIT_AUTHOR}" \ + --label "git-message=${GIT_COMMIT_MSG}" \ + --label "build-time=${GIT_COMMIT_TIME}" \ + . # Dockerfile 所在目录(当前目录) + """ + } + } + } + + stage('推送镜像到仓库') { + steps { + script { + // 登录容器仓库 + withCredentials([usernamePassword( + credentialsId: env.CREDENTIALS_ID, + usernameVariable: 'REGISTRY_USER', + passwordVariable: 'REGISTRY_PWD' + )]) { + sh "docker login ${REGISTRY} -u ${REGISTRY_USER} -p ${REGISTRY_PWD}" + } + + // 推送主镜像(带唯一 Tag) + sh "docker push ${REGISTRY}/${NAMESPACE}/${IMAGE_NAME}:${IMAGE_TAG}" + + // 推送 latest 标签(修正路径,包含命名空间) + sh "docker tag ${REGISTRY}/${NAMESPACE}/${IMAGE_NAME}:${IMAGE_TAG} ${REGISTRY}/${NAMESPACE}/${IMAGE_NAME}:latest" + sh "docker push ${REGISTRY}/${NAMESPACE}/${IMAGE_NAME}:latest" + + // 登出仓库 + sh "docker logout ${REGISTRY}" + } + } + } + } + + post { + // always { + // // 清理工作(可选,避免节点磁盘占用过高) + // sh "docker system prune -f" + // } + success { + // 输出构建结果(修正镜像地址显示) + echo "镜像构建成功!" + echo "镜像地址:${REGISTRY}/${NAMESPACE}/${IMAGE_NAME}:${IMAGE_TAG}" + echo "latest 标签地址:${REGISTRY}/${NAMESPACE}/${IMAGE_NAME}:latest" + echo "对应代码提交:${GIT_COMMIT_SHORT}(${GIT_COMMIT_MSG})" + } + } +} \ No newline at end of file diff --git a/test-k8s-server/configmap/ai-api-key密钥原文件/credentials b/test-k8s-server/configmap/ai-api-key密钥原文件/credentials new file mode 100644 index 0000000..b6f1ef3 --- /dev/null +++ b/test-k8s-server/configmap/ai-api-key密钥原文件/credentials @@ -0,0 +1,11 @@ +[default] +aws_access_key_id=AKIATFBMO2N44W2D26QM +aws_secret_access_key=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 + +[bedrock-216989094777] +aws_access_key_id=AKIATFBMO2N4VQ5RA653 +aws_secret_access_key=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 + +[bedrock-767398059253] +aws_access_key_id=AKIA3FLD5DT2Z3NDDWNU +aws_secret_access_key=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 \ No newline at end of file diff --git a/test-k8s-server/configmap/ai-api-key密钥原文件/superlinear-470909-dec3d35a18d6.json b/test-k8s-server/configmap/ai-api-key密钥原文件/superlinear-470909-dec3d35a18d6.json new file mode 100644 index 0000000..3bd95dd --- /dev/null +++ b/test-k8s-server/configmap/ai-api-key密钥原文件/superlinear-470909-dec3d35a18d6.json @@ -0,0 +1,13 @@ +{ + "type": "service_account", + "project_id": "superlinear-470909", + "private_key_id": "dec3d35a18d6dc493d9f2a61cebaf89e244fd936", + "private_key": "-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCv3SQukw3xbiqP\njJVH2JhTRTmBcZcBDbsYrPvcmptwxW4HR7WM64OK9pMWP2N2F9I8HmJqJbnCKI0M\n/ClkJZdfWQZnmhG7/GaOxPf3tZlqeJBauizTJI5sdcGpo2YFdYz8ru6xg0Um0leK\n4/YaJlifTgK9T2Rf63z1wVrYxTCJy6W0paBQZBJR9Y3gKviYL5XPBHNIJIMKDpPu\nhojHLlP66ID+9812tFA4TfPiGk2G+xxJqiQhIO2ftqdYKmuaJMuCYrpBN+0mXwe7\nW1mzb/Yhxh7/27ZHny30uc9WaiQ2rVgxQO/LgIv1JuMt2bQlNPPoFOAvEpK2RN4m\n4m/4t21lAgMBAAECggEADfOqFWzSsBrokvtY83p2OTL2eTO5AlsjwvUkRQ/Z8ZQk\nIr04ZL3hcXKW4C62tg11PxI9BgVIq6PabtOJeBm4XNbb+HejXQnM3Bo5vuPgEC+Q\n6jW3bSfLCcU80De3lgrJnNlG8/vBTm9lBQ6JPXFZ2gePFZQ5FxgAUaHdknFwZJoK\n0SySvMN7g2urq3I5PXizGSPzOrPfea/M4vumKYPuzzXhqweo6rNaxa72OgbJiX9u\nPByUMA3KcfJ17b6M0hvRg3hMTVD5e7P33H6hvWKgqJNgouTwoKZ9EGPxS3bzNZZ4\nFCRkJFvk27F8BIzJTF8ol5W6anZuiigq3+hcbRKcIQKBgQDpb2Vr2GfiX5oPmr2/\nV+ecoy7SEfMRClT+CG/S6X5RdAvK3WKtHnNxqeS9Xr7T9UVtCoH4xFUdiaLpm89b\nW8damTOvV54mWJ/Mujo+1UsXnAZIZa56JF9bZssCRIvFpX3qSv7syFGBDsroVkTC\nghVYYtxYo+N1j0bK6k/3/tueRQKBgQDA3RTIETcAJ2Clfueh0p57F928W94NXbgB\nngb/Exf40eQqJvuIC+vcjEhAq0ORF0G3yZLgsvN/pPt8PULyLRNedQQq7H36t17r\nBPISPOvQDH/Ut8PQyEn3nKRuMWfescvsdb0ONsurfB/AZSNVwS9wcyvy+8+UedZZ\n1wtbFsWUoQKBgCBPUdtmfaKAlwNX6LGGSkGM+JsM7vbJ1k++/TNVLC28ATHYCKNr\nlpEB8e4gIguWZECedrTm/9zxwwHQlhfQETzB/bxkRTiLhbrBf/RYc2dWKix1Hnw7\ncpNlG+45bJszt8TpEnXVmCpj0MPtxOCjPq8YJ+WA8afA6AyH9/+cX+t9AoGBAJEB\n6M0gPGVONhlYmFoQXP4aDKrBu+v6yg3VPldsiLqZPV8AHmDE7drOUsjkvBGMFepU\nka2GfxQ6/KcF/J7Pi1+axb5sP7BRTPmRp1xVF8w+iaJrZLxGy250BSGg3gMPVU79\nm17jjjDqS4lBwdaJQNzgi2vPLtzo2mSEDlK3hWjhAoGAdkYyjkQvd9eNdoVDcJeH\nXwXlp7RyB+0urpf7EaBzcL0xT+jKev/8DmuYx3rK+zlbBw58Kt/56UzEusLNSTRl\nmVP55lyksLzq2+HUunSkz+0E1TOhrN5MHOrOI8HqYc1eXz8OkZE/7c6o05tJOyHV\n3SeNh5V4jNsKDdeDljMITkM=\n-----END PRIVATE KEY-----\n", + "client_email": "superlinear-claude-service@superlinear-470909.iam.gserviceaccount.com", + "client_id": "103396741707999098774", + "auth_uri": "https://accounts.google.com/o/oauth2/auth", + "token_uri": "https://oauth2.googleapis.com/token", + "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs", + "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/superlinear-claude-service%40superlinear-470909.iam.gserviceaccount.com", + "universe_domain": "googleapis.com" +} \ No newline at end of file diff --git a/test-k8s-server/configmap/资源清单命令.sh b/test-k8s-server/configmap/资源清单命令.sh new file mode 100644 index 0000000..e8b1acf --- /dev/null +++ b/test-k8s-server/configmap/资源清单命令.sh @@ -0,0 +1,5 @@ +# 创建包含 AWS 凭证的 ConfigMap +kubectl create configmap aws-credentials --from-file=credentials=./ai-api-key密钥原文件/credentials -n test-lessie + +# 创建包含 google 凭证的 ConfigMap +kubectl create configmap google-credentials --from-file=superlinear-470909-dec3d35a18d6.json=./ai-api-key密钥原文件/superlinear-470909-dec3d35a18d6.json -n test-lessie \ No newline at end of file diff --git a/test-k8s-server/readme b/test-k8s-server/readme new file mode 100644 index 0000000..e69de29 diff --git a/容器化相关文件/手动测试实验/docker-compose.yml b/容器化相关文件/手动测试实验/docker-compose.yml index 73f2300..8463909 100644 --- a/容器化相关文件/手动测试实验/docker-compose.yml +++ b/容器化相关文件/手动测试实验/docker-compose.yml @@ -10,8 +10,8 @@ networks: services: sourcing-agents: - container_name: sourcing-agents-local - image: uswccr.ccs.tencentyun.com/lessie/lessie-sourcing-agents:v0.1 + container_name: lessie-sourcing-agents-s2 + image: uswccr.ccs.tencentyun.com/lessie/lessie-sourcing-agents:latest restart: always environment: @@ -19,7 +19,7 @@ services: TZ: Asia/Shanghai ports: - - "7002:7001" + - "7001:7001" volumes: # 日志映射 diff --git a/容器化相关文件/手动测试实验/s2_Dockerfile b/容器化相关文件/手动测试实验/s2_Dockerfile new file mode 100644 index 0000000..949e3b6 --- /dev/null +++ b/容器化相关文件/手动测试实验/s2_Dockerfile @@ -0,0 +1,47 @@ +FROM python:3.12-slim AS builder + +ENV PYTHONDONTWRITEBYTECODE=1 \ + PYTHONUNBUFFERED=1 \ + UV_LINK_MODE=copy \ + UV_VERSION=0.4.17 \ + UV_PROJECT_ENVIRONMENT=/opt/venv + +WORKDIR /app + +# Install build prerequisites, fetch uv, then remove leftover apt metadata. +RUN apt-get update && apt-get install -y --no-install-recommends curl ca-certificates build-essential && \ + rm -rf /var/lib/apt/lists/* + +RUN curl -LsSf https://astral.sh/uv/install.sh | sh -s -- --version "${UV_VERSION}" + +# Pre-copy manifests for better layer caching. +COPY pyproject.toml uv.lock requirements.txt ./ + +RUN /root/.local/bin/uv sync --frozen --no-dev --python /usr/local/bin/python && \ + /root/.local/bin/uv cache prune --ci + +FROM python:3.12-slim AS runtime + +ARG APP_PORT=8000 + +ENV APP_ENV=local \ + APP_PORT=${APP_PORT} + +WORKDIR /app + +# Runtime dependencies required by packages like faiss-cpu. +RUN apt-get update && apt-get install -y --no-install-recommends libgomp1 && \ + rm -rf /var/lib/apt/lists/* + +# Bring in the pre-built virtual environment from the builder stage. +COPY --from=builder /opt/venv /opt/venv + +# Ship only the application sources in the runtime image. +COPY . . + +ENV PATH="/opt/venv/bin:${PATH}" \ + VIRTUAL_ENV="/opt/venv" + +EXPOSE ${APP_PORT} + +CMD ["sh", "-c", "python server.py --host ${HOST:-0.0.0.0} --port ${APP_PORT:-8000}"] diff --git a/问IA.md b/问IA.md index 33d42ab..ae86537 100644 --- a/问IA.md +++ b/问IA.md @@ -220,4 +220,85 @@ Downgrade to Basic / Plus / Pro java、go代码就在jenkins机器上构建成jar、二进制文件,然后scp到目标服务器,执行启动命令 python代码就是在jenkins机器上直接同步到目标服务器上,然后jenkins 机器ssh登录到目标服务执行pip安装依赖命令后执行启动命令,python的日志很大,安装完依赖有1G+ -、 \ No newline at end of file +、 + + + + + + +[default] +aws_access_key_id=AKIATFBxxxxxQM +aws_secret_access_key=LdZXdtSxHjxxxxxxxxVn6ExM1BnnZe + +[bedrock-216989094777] +aws_access_key_id=AKIATFBxxxxVQ5RA653 +aws_secret_access_key=z7AOlHA+SxxxxxxxxH7vYxbyM2RVT + +[bedrock-767398059253] +aws_access_key_id=AKIAxxxxx2Z3NDDWNU +aws_secret_access_key=qd7DJnxxxxxxnFSPrjiz/18F4 + + + + + +PS C:\备份文件\工作相关配置文件\test-k8s-server\configmap> kubectl apply -f aws-credentials-configmap.yaml +E1015 14:46:20.079445 18448 request.go:1196] "Unexpected error when reading response body" err="net/http: request canceled (Client.Timeout or context cancellation while reading body)" +PS C:\备份文件\工作相关配置文件\test-k8s-server\configmap> kubectl apply -f google-superlinear-configmap.yaml +E1015 14:47:21.094340 18544 request.go:1196] "Unexpected error when reading response body" err="context deadline exceeded (Client.Timeout or context cancellation while reading body)" +PS C:\备份文件\工作相关配置文件\test-k8s-server\configmap> ls + + Directory: C:\备份文件\工作相关配置文件\test-k8s-server\configmap + +Mode LastWriteTime Length Name +---- ------------- ------ ---- +d---- 2025/10/15 14:23 ai-api-key密钥原文件 +-a--- 2025/10/15 14:43 99 资源清单命令.sh +-a--- 2025/10/15 14:45 533 aws-credentials-configmap.yaml +-a--- 2025/10/15 14:42 2589 google-superlinear-configmap.yaml + +PS C:\备份文件\工作相关配置文件\test-k8s-server\configmap> cat .\aws-credentials-configmap.yaml + + +apiVersion: v1 +kind: ConfigMap +metadata: + name: aws-credentials + namespace: test-lessie +data: + credentials: | + [default] + aws_access_key_id=xxxxxxxxxxxx44W2D26QM + aws_secret_access_key=LdZXdtSxxxxxxxxxxxxxBH6JFDQXtSwVn6ExM1BnnZe + + [bedrock-216989094777] + aws_access_key_id=AKIAxxxxxxxxxxVQ5RA653 + aws_secret_access_key=z7AOlHA+SbtxxxxxxxxxxxxxcH7vYxbyM2RVT + + [bedrock-767398059253] + aws_access_key_id=AKIAxxxxxxxxxxxZ3NDDWNU + aws_secret_access_key=qd7DJnlpl5fxxxxxxxxxxxxxrA4BsDHnFSPrjiz/18F4 +PS C:\备份文件\工作相关配置文件\test-k8s-server\configmap> cat .\google-superlinear-configmap.yaml + + +apiVersion: v1 +kind: ConfigMap +metadata: + name: google-credentials + namespace: test-lessie +data: + credentials: + { + "type": "service_account", + "project_id": "superxxxxxxar-47xxxxxxxxx09", + "private_key_id": "dec3d35a18d6dxxxxxxxxxx2a61cebaf89e244fd936", + "private_key": "-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCv3SQukw3xbiqP\njJVH2JhTRTmBcZcBDbsYrPvcmptwxW4HR7WM64OK9pMWP2N2F9I8HmJqJbnCKI0M\n/ClkJZdfWQZnmhG7/GaOxPf3tZlqeJBauizTJI5sdcGpxxxxxxxxxxxxxxxxxxxxxxm0leK\n4/YaJlifTgK9T2Rf63z1wVrYxTCJy6W0paBQZBJR9Y3gKviYL5XPBHNIJIMKDpPu\nhojHLlP66ID+9812tFA4TfPiGk2G+xxJqiQhIO2ftqdYKmuaJMuCYrpBN+0mXwe7\nW1mzb/Yhxh7/27ZHny30uc9WaiQ2rVgxQO/LgIv1JuMt2bQlNPPoFOAvEpK2RN4m\n4m/4t21lAgMBAAECggEADfOqFWzSsBrokvtY83p2OTL2eTO5AlsjwvUkRQ/Z8ZQk\nIr04ZL3xxxxxxxxxxxxtg11PxI9BgVIq6PabtOJeBm4XNbb+HejXQnM3Bo5vuPgEC+Q\n6jW3bSfLCcU80De3lgrJnNlG8/vBTm9lBQ6JPXFZ2gePFZQ5FxgAUaHdknFwZJoK\n0SySvMN7xxxxxxxxg2urq3I5PXizGSPzOrPfea/M4vumKYPuzzXhqweo6rNaxa72OgbJiX9u\nPByUMA3KcfJ17b6M0hvRg3hMTVD5e7P33H6hvWKgqJNgouTwoKZ9EGPxS3bzNZZ4\nFCRkJFvk27F8BIzJTF8ol5W6anZuiigq3+hcbRKcIQKBgQDpb2Vr2GfiX5oPmr2/\nV+ecoy7SEfMRClT+CG/S6X5RdAvK3WKxxxxxxxS4lBwdaJQNzgi2vPLtzo2mSEDlK3hWjhAoGAdkYyjkQvd9eNdoVDcJeH\nXwXlp7RyB+0urpf7EaBzcL0xT+jKev/8DmuYx3rK+zlbBw58Kt/56UzEusLNSTRl\nmVP55lyksLzq2+HUunSkz+0E1TOhrN5MHOrOI8HqYc1eXz8OkZE/7c6o05tJOyHV\n3SeNh5V4jNsKDdeDljMITkM=\n-----END PRIVATE KEY-----\n", + "client_email": "superlinear-claude-service@superlinear-470909.iam.gserviceaccount.com", + "client_id": "103396741707999098774", + "auth_uri": "https://accountsxxxxxxxxxxxuth2/auth", + "token_uri": "https://oauth2xxxxxxxxxxxom/token", + "auth_provider_x509_cert_url": "https://www.googxxxxxxxxxxxcom/oauth2/v1/certs", + "client_x509_cert_url": "https://www.googleapisxxxxxxxxxxxxxxxx09/superlinear-claude-service%xxxxxxxx-470909.iam.gserviceaccount.com", + "universe_domain": "gooxxxxxxeapis.com" + } \ No newline at end of file