diff --git a/Dockerfile b/Dockerfile index 75c3919..69298da 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM 39.170.26.156:8443/library/python:3.9-slim +FROM 39.170.26.156:8443/library/python:3.10-bookworm WORKDIR /app diff --git a/Jenkinsfile b/Jenkinsfile index 9bec76a..bd06dcc 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -1,32 +1,30 @@ -def dockerImage - pipeline { agent { docker { - image 'cicd/ubuntu:22.04-docker-py312-jdk8-nodejs20-mvn389' - args '-u root:root -v /var/run/docker.sock:/var/run/docker.sock' + image "cicd/ubuntu:22.04-docker-py312-jdk8-nodejs20-mvn389" + args '-v /var/run/docker.sock:/var/run/docker.sock -v /home/jenkins:/home/jenkins -v /etc/docker:/etc/docker' + registryUrl 'https://39.170.26.156:8443' + registryCredentialsId '3a4a4463-784d-4e91-9457-9dfd64722ecb' } } environment { - GIT_REPO = 'https://wdxz-gitea.best-envision.com/qiaoxinjiu/effekt-interface.git' - GIT_CREDENTIALS_ID = 'ebe42f70-146f-4a4b-8090-eded24a77173' + GIT_URL = 'https://wdxz-gitea.best-envision.com/qiaoxinjiu/effekt-interface.git' + GIT_BRANCH = 'master' - HARBOR_URL = '39.170.26.156:8443' + REPO_HOST = '39.170.26.156:8443' + REGISTRY = '39.170.26.156:8443' HARBOR_PROJECT = 'effekt' - IMAGE_NAME = 'effekt-interface' - IMAGE = "${HARBOR_URL}/${HARBOR_PROJECT}/${IMAGE_NAME}" - IMAGE_TAG = 'latest' - HARBOR_CREDENTIALS_ID = '3a4a4463-784d-4e91-9457-9dfd64722ecb' + IMAGE_REPO = 'effekt-interface' + IMAGE_NAME = "${REGISTRY}/${HARBOR_PROJECT}/${IMAGE_REPO}" + BUILD_IMAGE = '39.170.26.156:8443/cicd/ubuntu:22.04-docker-py312-jdk8-nodejs20-mvn389' - APP_NAME = 'effekt-interface' + DEPLOY_HOST = '124.220.32.45' + DEPLOY_PORT = '22' + DEPLOY_USER = 'user' + CONTAINER_NAME = 'effekt-interface' HOST_PORT = '5010' CONTAINER_PORT = '5010' - - DEPLOY_HOST = '39.170.26.156' - DEPLOY_PORT = '22' - DEPLOY_USER = 'root' - DEPLOY_CREDENTIALS_ID = '82d14a67-250f-46b0-8b13-50e874a11933' } options { @@ -36,63 +34,68 @@ pipeline { } stages { - stage('Checkout') { + stage('Checkout Code') { steps { - checkout([ - $class: 'GitSCM', - branches: [[name: '*/master']], - userRemoteConfigs: [[ - url: env.GIT_REPO, - credentialsId: env.GIT_CREDENTIALS_ID - ]] - ]) + git branch: "${GIT_BRANCH}", + credentialsId: 'ebe42f70-146f-4a4b-8090-eded24a77173', + url: "${GIT_URL}" } } - stage('Build Image') { + stage('Check Environment') { steps { - script { - dockerImage = docker.build("${env.IMAGE}:${env.IMAGE_TAG}") + sh ''' + set -e + echo "=== Build Container Environment ===" + whoami + docker --version + git --version + command -v python >/dev/null 2>&1 && python --version || echo "python: not installed" + command -v python3 >/dev/null 2>&1 && python3 --version || echo "python3: not installed" + command -v pip >/dev/null 2>&1 && pip --version || echo "pip: not installed" + command -v pip3 >/dev/null 2>&1 && pip3 --version || echo "pip3: not installed" + echo "=== Workspace ===" + pwd + ls -la + ''' + } + } + + stage('Build Docker Image') { + steps { + withDockerRegistry(registry: [credentialsId: '3a4a4463-784d-4e91-9457-9dfd64722ecb', url: 'https://39.170.26.156:8443']) { + sh ''' + set -e + docker build --no-cache \ + -t ${IMAGE_NAME}:${BUILD_NUMBER} \ + -t ${IMAGE_NAME}:latest \ + -f Dockerfile \ + . + ''' } } } stage('Push Image To Harbor') { steps { - script { - docker.withRegistry("https://${env.HARBOR_URL}", env.HARBOR_CREDENTIALS_ID) { - dockerImage.push(env.IMAGE_TAG) - } + withDockerRegistry(registry: [credentialsId: '3a4a4463-784d-4e91-9457-9dfd64722ecb', url: 'https://39.170.26.156:8443']) { + sh ''' + set -e + docker push ${IMAGE_NAME}:${BUILD_NUMBER} + docker push ${IMAGE_NAME}:latest + ''' } } } - stage('Deploy') { + stage('Deploy To Server') { steps { script { - def remote = [ - name: 'deploy-server', - host: env.DEPLOY_HOST, - port: env.DEPLOY_PORT as int, - user: env.DEPLOY_USER, - allowAnyHosts: true, - credentialsId: env.DEPLOY_CREDENTIALS_ID - ] - - withCredentials([usernamePassword(credentialsId: env.HARBOR_CREDENTIALS_ID, usernameVariable: 'HARBOR_USER', passwordVariable: 'HARBOR_PASS')]) { - sshCommand remote: remote, command: """ - set -e - docker login ${env.HARBOR_URL} -u ${HARBOR_USER} -p '${HARBOR_PASS}' - docker pull ${env.IMAGE}:${env.IMAGE_TAG} - docker rm -f ${env.APP_NAME} || true - docker run -d \\ - --name ${env.APP_NAME} \\ - --restart always \\ - -p ${env.HOST_PORT}:${env.CONTAINER_PORT} \\ - ${env.IMAGE}:${env.IMAGE_TAG} - docker ps --filter name=${env.APP_NAME} - """, sudo: false - } + deploy_node_by_password( + remote_host: env.DEPLOY_HOST, + remote_port: env.DEPLOY_PORT, + credentials_id: '82d14a67-250f-46b0-8b13-50e874a11933' + ) } } } @@ -100,34 +103,80 @@ pipeline { stage('Verify') { steps { script { - def remote = [ - name: 'deploy-server', - host: env.DEPLOY_HOST, - port: env.DEPLOY_PORT as int, - user: env.DEPLOY_USER, - allowAnyHosts: true, - credentialsId: env.DEPLOY_CREDENTIALS_ID - ] + withCredentials([ + usernamePassword( + credentialsId: '82d14a67-250f-46b0-8b13-50e874a11933', + passwordVariable: 'DEPLOY_PASS', + usernameVariable: 'DEPLOY_USER_CREDENTIAL' + ) + ]) { + def remote = [:] + remote.name = env.DEPLOY_HOST + remote.host = env.DEPLOY_HOST + remote.port = Integer.valueOf(env.DEPLOY_PORT) + remote.allowAnyHosts = true + remote.user = DEPLOY_USER_CREDENTIAL + remote.password = DEPLOY_PASS - sshCommand remote: remote, command: """ - set -e - docker ps --filter name=${env.APP_NAME} - curl -I http://127.0.0.1:${env.HOST_PORT} - """, sudo: false + sshCommand remote: remote, sudo: false, command: """ + set -e + docker ps --filter name=${CONTAINER_NAME} + curl -I http://127.0.0.1:${HOST_PORT} + """ + } } } } } post { - always { - sh 'docker image prune -f || true' - } success { - echo 'Pipeline finished successfully.' + echo '流水线执行成功:代码拉取、构建、推送、部署已完成' } failure { - echo 'Pipeline failed.' + echo '流水线执行失败:请查看对应阶段日志' + } + always { + sh ''' + docker image prune -f || true + ''' } } } + +def deploy_node_by_password(Map args) { + withCredentials([ + usernamePassword( + credentialsId: args.credentials_id, + passwordVariable: 'DEPLOY_PASS', + usernameVariable: 'DEPLOY_USER_CREDENTIAL' + ), + usernamePassword( + credentialsId: '3a4a4463-784d-4e91-9457-9dfd64722ecb', + passwordVariable: 'HARBOR_PASS', + usernameVariable: 'HARBOR_USER' + ) + ]) { + def remote = [:] + remote.name = args.remote_host + remote.host = args.remote_host + remote.port = Integer.valueOf(args.remote_port) + remote.allowAnyHosts = true + remote.user = DEPLOY_USER_CREDENTIAL + remote.password = DEPLOY_PASS + + def deployCommand = """ + echo '${HARBOR_PASS}' | docker login '${REGISTRY}' -u '${HARBOR_USER}' --password-stdin && + docker pull '${IMAGE_NAME}:latest' && + docker rm -f '${CONTAINER_NAME}' || true && + docker run -d \ + --name '${CONTAINER_NAME}' \ + --restart always \ + -p '${HOST_PORT}:${CONTAINER_PORT}' \ + '${IMAGE_NAME}:latest' && + docker logout '${REGISTRY}' || true + """ + + sshCommand remote: remote, sudo: false, command: deployCommand + } +}