pipeline { agent any parameters { // 保留你原有的 Image Tag 插件(用户友好) imageTag( name: 'IMAGE_NAME', description: 'lessiesit/flymoon-email 镜像', registry: 'https://uswccr.ccs.tencentyun.com', image: 'lessiesit/flymoon-email', credentialId: 'dxin_img_hub_auth', // Jenkins 用此凭据注入环境变量 filter: '.*', defaultTag: 'latest', verifySsl: true ) } stages { stage('🔍 查询镜像 Labels') { steps { script { def pureTag = (params.IMAGE_NAME ?: 'latest').split(/\s+/)[0] def fullImage = "uswccr.ccs.tencentyun.com/lessiesit/flymoon-email:${pureTag}" echo "📌 正在查询镜像 Labels: ${fullImage}" // 用 withCredentials 获取凭据(安全注入环境变量) withCredentials([usernamePassword( credentialsId: 'dxin_img_hub_auth', usernameVariable: 'TCR_USER', passwordVariable: 'TCR_PASS' )]) { // 直接调用你的 shell 脚本(已验证成功) def labelsOutput = sh( script: """ set -euo pipefail /data/sh/get-image-labels.sh '${fullImage}' '${env.TCR_USER}' '${env.TCR_PASS}' """, returnStdout: true ).trim() // 将 Labels 存入环境变量,供后续 stage 使用 env.IMAGE_LABELS = labelsOutput echo "✅ Labels 查询成功!" echo labelsOutput } } } } stage('🚀 部署') { steps { script { def pureTag = (params.IMAGE_NAME ?: 'latest').split(/\s+/)[0] echo "✅ 开始部署镜像: ${pureTag}" echo "🏷️ Labels (from query): ${env.IMAGE_LABELS}" // 你的实际部署命令(示例) // sh "kubectl set image deployment/flymoon-email email=uswccr.ccs.tencentyun.com/lessiesit/flymoon-email:${pureTag}" } } } } }