dxin/jenkins-pipeline
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
db4a0b109cdd9160ca4893d87940160c45adb196
jenkins-pipeline/SCM/部署镜像/s1/v4/DM_s1_flymoon_admin_web.groovy
dxinn db4a0b109c 1
2026-02-03 19:37:58 +08:00

345 lines
16 KiB
Groovy
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

@NonCPS
def getHiddenParams() {
def results = [:]
def action = currentBuild.rawBuild.getAction(hudson.model.ParametersAction.class)
if (action) {
results.user = action.getParameter("ACTUAL_USER")?.getValue()
}
return results
}
pipeline {
agent any
parameters {
imageTag(
name: 'IMAGE_NAME',
description: 'sit 仓库镜像 (除非输入 CUSTOM_IMAGE, 否则使用这里的)',
registry: 'https://uswccr.ccs.tencentyun.com',
image: 'lessiesit/flymoon-admin-web',
credentialId: 'dxin_img_hub_auth',
filter: '.*',
defaultTag: '',
tagOrder: 'DSC_VERSION',
verifySsl: true
)
string(
name: 'CUSTOM_IMAGE',
defaultValue: '',
description: '手输完整镜像<registry>/<namespace>/<repo>:<tag>,例如: uswccr.ccs.tencentyun.com/lessiesit/flymoon-admin-web:v0.0.1 (填充后,则忽略镜像仓库选择)'
)
booleanParam(
name: 'ROLLBACK_VERSION',
defaultValue: false,
description: '是否快速回滚上一个版本?'
)
choice(
name: 'BRANCH_NAME',
choices: ['dxin', 'opt'],
description: '选择资源清单Yaml的分支'
)
}
environment {
LARK_ROBOT = "4b8d66d0-c0f0-4587-b0e5-cff772cb3046" // 飞书机器人ID用于发送部署通知
KUBECONFIG = credentials('k8s-test-config-admin') // k8s 凭证 ID, Jenkins 中配置的凭证名称
Deployment_yaml = "${WORKSPACE}/lessie-ai/sit/s1/flymoon-admin-web.yaml"
Deployment_name = "s1-flymoon-admin-web"
K8s_namespace = "sit"
Pod_container_name = "flymoon-admin-web"
}
stages {
stage('回滚上版') {
when { expression { return params.ROLLBACK_VERSION == true } }
steps {
script {
sh """
echo "=== 开始回滚到上一个版本 ==="
kubectl rollout undo deployment/${Deployment_name} -n ${K8s_namespace}
echo "=== 回滚中... ==="
kubectl rollout status deployment/${Deployment_name} -n ${K8s_namespace} --timeout=60s
echo "=== 查看所使用的镜像 ==="
kubectl get deployment ${Deployment_name} -n ${K8s_namespace} -o=jsonpath='{.spec.template.spec.containers[*].image}'
echo "=== 回滚完成 ==="
"""
}
}
}
stage('决定镜像') {
steps {
script {
// 调用上面的非 CPS 方法,安全拿值
def hidden = getHiddenParams()
env.ACTUAL_USER = hidden.user ?: (currentBuild.getBuildCauses('hudson.model.Cause$UserIdCause')[0]?.userName ?: "系统触发")
env.ACTUAL_BRANCH = hidden.branch ?: "未知"
echo "触发用户: ${env.ACTUAL_USER}"
// 当前时间格式YYYY-MM-DD HH:MM:SS
env.currentTime = sh(script: 'date "+%Y-%m-%d %H:%M:%S"', returnStdout: true).trim()
def imageRegex = /^([a-zA-Z0-9.-]+)(:[0-9]+)?\/([a-zA-Z0-9._-]+)\/([a-zA-Z0-9._-]+):([a-zA-Z0-9._-]+)$/
if (params.CUSTOM_IMAGE?.trim()) {
echo "检测手输镜像格式: ${params.CUSTOM_IMAGE}"
def customImage = params.CUSTOM_IMAGE.trim()
// 验证镜像格式
def matcher = (customImage =~ imageRegex)
if (!matcher.matches()) {
error "CUSTOM_IMAGE 格式不正确,必须是 registry/namespace/repository:tag 格式\n" +
"示例: uswccr.ccs.tencentyun.com/lessiesit/flymoon-payment:v1.0.0\n" +
"当前输入: ${customImage}"
}
echo "使用手输镜像: ${customImage}"
env.IMAGE_FULL_NAME = customImage
} else {
def img = "uswccr.ccs.tencentyun.com/${params.IMAGE_NAME}"
echo "使用 imageTag 插件镜像: ${img}"
env.IMAGE_FULL_NAME = img
}
}
}
}
stage('查询镜像') {
when { expression { return params.ROLLBACK_VERSION == false } }
steps {
script {
echo "查询镜像: ${IMAGE_FULL_NAME}"
def result = sh(returnStdout: true, script: """
/data/sh/get-image-labels-fast.sh \
"${IMAGE_FULL_NAME}" \
"100038894437" \
'h8H1o6Fd!HLXn' | awk '/^{/,/^}\$/'
""").trim()
if (result == "" || result == null) {
error("查询镜像 label 失败,请检查镜像是否存在或凭证问题")
}
echo "镜像 Label:\n${result}"
env.IMAGE_LABEL = result
}
}
}
stage('拉取yaml') {
when { expression { return params.ROLLBACK_VERSION == false } }
steps {
git branch: "${params.BRANCH_NAME}",
credentialsId: 'fly_gitlab_auth',
url: 'http://172.24.16.20/opt/opt-config.git'
}
}
stage('修改YAML') {
when { expression { return params.ROLLBACK_VERSION == false } }
steps {
script {
def oldImg = sh (
script: """
kubectl get deployment ${Deployment_name} -n ${K8s_namespace} -o=jsonpath='{.spec.template.spec.containers[*].image}' 2>/dev/null || echo "无(可能是首次部署)"
""",
returnStdout: true
).trim()
env.OLD_IMAGE_NAME = oldImg
echo "--- 目前正常运行的旧镜像: ${OLD_IMAGE_NAME} ---"
echo "--- 所选择新的镜像: ${env.IMAGE_FULL_NAME} ---"
echo "--- 修改 Deployment YAML 中的镜像为新镜像版本 ---"
sh """
sed -i 's#image:.*#image: ${IMAGE_FULL_NAME}#' ${Deployment_yaml}
"""
}
}
}
stage('部署k8s') {
when { expression { return params.ROLLBACK_VERSION == false } }
steps {
script {
def ANNOTATION = "更新 image 为 ${IMAGE_FULL_NAME}"
sh """
echo "===Apply Deployment YAML ==="
kubectl apply -f ${Deployment_yaml} -n ${K8s_namespace}
echo "=== 查看当前新使用的镜像 ==="
kubectl get deployment ${Deployment_name} -n ${K8s_namespace} -o=jsonpath='{.spec.template.spec.containers[*].image}'
echo "=== 添加注解 ==="
kubectl annotate deployment/${Deployment_name} kubernetes.io/change-cause="${ANNOTATION}" --overwrite -n ${K8s_namespace}
echo "=== 查看历史版本 ==="
kubectl rollout history deployment/${Deployment_name} -n ${K8s_namespace}
"""
}
}
}
stage('部署情况') {
when { expression { return params.ROLLBACK_VERSION == false } }
steps {
script {
echo "=== 检测部署状态并验证新版本运行情况 ==="
echo "--- 检查 Deployment 更新状态 ---"
def rolloutStatus = sh(
script: "kubectl rollout status deployment/${Deployment_name} -n ${K8s_namespace} --timeout=60s",
returnStatus: true
)
if (rolloutStatus != 0){
echo "Deployment ${Deployment_name} 发布 **超时或失败**,开始排查..."
sh """
echo "--- Deployment 状态 ---"
kubectl describe deployment ${Deployment_name} -n ${K8s_namespace} || true
echo '--- Pod 列表 ---'
kubectl get pods -n ${K8s_namespace} -l app=${Pod_container_name} -o wide || true
echo "--- Pod 描述 (describe) ---"
for pod in \$(kubectl get pods -n ${K8s_namespace} -l app=${Pod_container_name} -o jsonpath='{.items[*].metadata.name}'); do
echo "-- Pod 描述 \$pod --"
kubectl describe pod \$pod -n ${K8s_namespace} || true
done
echo "--- 最近 200 行 Pod 日志 ---"
for pod in \$(kubectl get pods -n ${K8s_namespace} -l app=${Pod_container_name} -o jsonpath='{.items[*].metadata.name}'); do
echo "-- logs \$pod --"
kubectl logs \$pod -n ${K8s_namespace} --tail=200 || true
done
"""
error("=== Deployment 发布失败,请检查以上输出定位问题 ===")
}
echo "=== 检查 Pods 是否全部 Ready ==="
sh "kubectl get pods -l app=${Pod_container_name} -n ${K8s_namespace} -o wide"
echo "=== 获取最新 Pod 名称 ==="
NEW_POD = sh (
script: "kubectl get pods -l app=${Pod_container_name} -n ${K8s_namespace} --sort-by=.metadata.creationTimestamp -o jsonpath='{.items[-1].metadata.name}'",
returnStdout: true
).trim()
echo "=== 新 Pod 启动日志(最近20行) ==="
sh "kubectl logs ${NEW_POD} -n ${K8s_namespace} --tail=20 || true"
echo "部署成功:${NEW_POD} 已正常运行"
}
}
}
stage('变更说明') {
when { expression { return params.ROLLBACK_VERSION == false } }
steps {
script {
env.CHANGE_MSG = """
jenkins执行人: ${env.ACTUAL_USER}
修改时间: ${env.currentTime}
旧镜像: ${OLD_IMAGE_NAME}
新镜像: ${IMAGE_FULL_NAME}
部署对象: ${Deployment_name}
镜像标签: ${env.IMAGE_LABEL}
""".stripIndent().trim()
echo env.CHANGE_MSG
}
}
}
stage('提交变更') {
when { expression { return params.ROLLBACK_VERSION == false } }
steps {
script {
withCredentials([usernamePassword(credentialsId: 'fly_gitlab_auth', usernameVariable: 'GIT_USER', passwordVariable: 'GIT_PASS')]) {
sh """
cd ${WORKSPACE}
git config user.name "jenkins"
git config user.email "jenkins@local"
# 检查工作树是否有变化
if ! git diff --exit-code ${Deployment_yaml} > /dev/null 2>&1; then
echo "检测到更改,正在提交..."
git add ${Deployment_yaml}
git commit -m "更新镜像 \${CHANGE_MSG}"
else
echo "${Deployment_yaml} 没有变化, 无需commit"
fi
# 检查是否需要推送(是否有新的提交)
LOCAL=\$(git rev-parse @)
REMOTE=\$(git rev-parse @{u} 2>/dev/null || true)
BASE=\$(git merge-base @ @{u} 2>/dev/null || true)
if [ "\$LOCAL" = "\$REMOTE" ]; then
echo "已与远程系统同步更新"
elif [ "\$LOCAL" = "\$BASE" ]; then
echo "需要从远程获取数据"
git pull http://172.24.16.20/opt/opt-config.git ${params.BRANCH_NAME}
elif [ "\$REMOTE" = "\$BASE" ]; then
echo "将更改推送到远程服务器..."
# 生成临时 .netrc 文件
echo "machine 172.24.16.20 login \$GIT_USER password \$GIT_PASS" > ~/.netrc
chmod 600 ~/.netrc
git push http://172.24.16.20/opt/opt-config.git ${params.BRANCH_NAME}
else
echo "与远程模式不同,跳过推送操作"
fi
"""
}
}
}
}
}
post {
success {
lark (
robot: "${LARK_ROBOT}",
type: "CARD",
title: "${Deployment_name}部署成功",
text: [
"📅 **部署时间**: ${currentTime}",
"📋 **任务名称**: [${JOB_NAME}](${JOB_URL})",
"🔢 **任务编号**: [${BUILD_DISPLAY_NAME}](${BUILD_URL})",
"🌟 **部署状态**: <font color='green'>部署成功</font>",
"⏱️ **部署用时**: ${currentBuild.duration.intdiv(1000)} 秒",
"📦 **部署镜像**: ${env.IMAGE_FULL_NAME}",
"📝 **镜像摘要**: ${env.IMAGE_LABEL}",
"📦 **上次镜像**: ${OLD_IMAGE_NAME}",
"👤 **执行账号**: ${env.ACTUAL_USER}",
]
)
echo "=== 部署成功,所选择镜像: ${IMAGE_FULL_NAME} ==="
}
failure {
lark (
robot: "${LARK_ROBOT}",
type: "CARD",
title: "${Deployment_name}部署失败",
text: [
"📅 **部署时间**: ${currentTime}",
"📋 **任务名称**: [${JOB_NAME}](${JOB_URL})",
"🔢 **任务编号**: [${BUILD_DISPLAY_NAME}](${BUILD_URL})",
"🌟 **部署状态**: <font color='red'>部署失败</font>",
"⏱️ **部署用时**: ${currentBuild.duration.intdiv(1000)} 秒",
"📦 **部署镜像**: ${env.IMAGE_FULL_NAME}",
"📝 **镜像摘要**: ${env.IMAGE_LABEL}",
"📦 **上次镜像**: ${OLD_IMAGE_NAME}",
"👤 **执行账号**: ${env.ACTUAL_USER}",
]
)
echo "有步骤失败,请检查!"
}
aborted {
lark (
robot: "${LARK_ROBOT}",
type: "CARD",
title: "${Deployment_name}部署取消",
text: [
"📅 **部署时间**: ${currentTime}",
"📋 **任务名称**: [${JOB_NAME}](${JOB_URL})",
"🔢 **任务编号**: [${BUILD_DISPLAY_NAME}](${BUILD_URL})",
"🌟 **部署状态**: <font color='red'>部署取消</font>",
"⏱️ **部署用时**: ${currentBuild.duration.intdiv(1000)} 秒",
"📦 **部署镜像**: ${env.IMAGE_FULL_NAME}",
"📝 **镜像摘要**: ${env.IMAGE_LABEL}",
"📦 **上次镜像**: ${OLD_IMAGE_NAME}",
"👤 **执行账号**: ${env.ACTUAL_USER}",
]
)
echo "部署被中止!"
}
}
}
Reference in New Issue View Git Blame Copy Permalink