The Change Of Game Program No.1

声明式pipeline:

1. 先检查harbor仓库中是否有对应的项目分支，如果不存在则自动创建并配置好相应的tag保留机制与机器人配置(api格式为：http://do-web.pikaqiu.com/dev-pkq，cosign和notary暂不开启，前者在devops阶段验签麻烦，后者harbor目前似乎不支持开启)
2. 拉取svn代码拉取(基于目前应用是传统部署+容器化部署同时进行，所以先进行maven构建之后，基于构建好的包再进行镜像构建)
3. 进行docker容器镜像的构建（以时间戳为tag），并删除本地所缓存的刚构建完的镜像（此处可配置Cosign和notary验签，但目前暂不配置）
4. 因为仓库均是私有化配置，远程机器需要使用机器人账号登陆才可以拉取相应tag的镜像，与此同时，应用服务是通过docker swarm进行部署，但容器化的部署在云平台的弹性伸缩上且按时间进行自动扩缩，故先存config后基于具体的操作再部署应用

• pipeline-script：

pipeline {
    agent {
        // 基于此job需要在另一个job的构建产物下进行，所以最好绑定在同一个node上
        label 'slave-mix'
    }
    options {
        timestamps() // 启用时间戳
    }
    environment {
        PATH = "PATH+EXTRA=/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/bin"
    }
    parameters {
        // 此处配置项目具体的参数，不展示......
    }
    stages {
        stage('perpare') {
            steps {
                echo "check harbor program"
                script {
                    retry(3) {
                        response = httpRequest httpMode: 'GET', url: "http://${params.autoUrl}/create/${params.DeployEnv}", validResponseCodes: "100:511", ignoreSslErrors: true, contentType: 'APPLICATION_JSON_UTF8'
                        if (response.status != 200) {
                            echo "访问失败，正在重试..."
                            sleep(5000)
                            sh "exit 1"
                        } else {
                            sh "exit 0"
                        }
                    }
                }
            }
        }
        stage('buildAndPush') {
            environment {
                // 此处很关键，需要获取另一个job的相关信息
                NEW_JOB_NAME = sh(script: "echo ${env.JOB_NAME} | awk -F \"/\" '{print \$2}'", returnStdout: true).trim()
                IMAGE_NAME = "${params.harborUrl}/${params.DeployEnv}/${params.ApplicationName}:${params.BUILD_TIMESTAMP_1}"
                OLD_JOB_NAME = sh(script: "echo ${params.maven_build_job_name} | awk -F \"/\" '{print \$2}'", returnStdout: true).trim()
                robot_name = sh(script: "ls /code/secrets | grep ${params.DeployEnv} | awk -F \".\" '{print \$1}' | sed 's/\\\$/\\\\\$/g' | base64", returnStdout: true).trim()
                robot_name_1 = sh(script: "ls /code/secrets | grep ${params.DeployEnv} | awk -F \".\" '{print \$1}' | sed 's/\\\$/\\\\\$/g'", returnStdout: true).trim()
                robot_passwd = sh(script: "cat /code/secrets/${robot_name_1}.log | grep 'robotSecret' | awk -F \":\" '{print \$2}' | base64", returnStdout: true).trim()
                Maven_PATH = sh(script: "echo ${env.WORKSPACE}/${params.ProjectName}/${params.ApplicationDirName}/target | sed 's/${NEW_JOB_NAME}/${OLD_JOB_NAME}/g'", returnStdout: true).trim()
                Docker_PATH = sh(script: "echo ${env.WORKSPACE}/${params.ProjectName}/${params.ApplicationDirName}/target/docker_build | sed 's/${NEW_JOB_NAME}/${OLD_JOB_NAME}/g'", returnStdout: true).trim()
            }
            steps {
                echo "clean up history image"
                sh "/bin/bash /code/cleanImage.sh ${params.harborUrl}"
                echo "start build ${env.IMAGE_NAME} image"
                script {
                    docker.build("${env.IMAGE_NAME}","-f ${env.Docker_PATH}/${params.DockerFileName} ${env.Docker_PATH}")
                }
                echo "start push ${env.IMAGE_NAME} image"
                script {
                    docker.withRegistry("https://${params.harborUrl}", "${params.DeployEnv}") {
                        docker.image("${env.IMAGE_NAME}").push()
                    }
                }
                echo "send msg into program.packet"
                sh "cd ${env.Maven_PATH} && mkdir -p ${params.ApplicationName}/container && echo 'robotName@-@${env.robot_name}\nrobotPassword@-@${env.robot_passwd}\nimageName@-@${env.IMAGE_NAME}' > ${params.ApplicationName}/container/docker_build.log && zip ${env.Maven_PATH}/${params.ApplicationFileName} -r ${params.ApplicationName}/container/docker_build.log && rm -rf ${params.ApplicationName}"
            }
        }
    }
}