GitLabCI模板库的流水线优化实践

还是按照之前的目录结构完成的，jobs目录用于存放作业模板。templates目录用于存放流水线模板。这次使用default-pipeline.yml作为所有作业的基础模板。

作业模板

作业分为Build、test、codeanalysis、artifactory、deploy部分，在每个作业中配置了rules功能开关，由变量控制最终作业的运行。

jobs/build.yml 构建作业模板

包含两个作业模板，分别是普通的构建模板(maven/npm/gradle)和docker 镜像构建模板。

1. ## build相关作业
2.  
3. .build:
4. stage: build
5. script:
6. - |
7. ${BUILD_SHELL}
8. variables:
9. GIT_CHECKOUT: "true"
10. rules:
11. - if: " $RUN_PIPELINE_BUILD == 'no' "
12. when: never
13. - when: always
14.  
15.  
16. ## 构建镜像
17. .build-docker:
18. stage: buildimage
19. script:
20. - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWD $CI_REGISTRY
21. - docker build -t ${IMAGE_NAME} -f ${DOCKER_FILE_PATH} .
22. - docker push ${IMAGE_NAME}
23. - docker rmi ${IMAGE_NAME}
24. rules:
25. - if: " $RUN_BUILD_IMAGE == 'no' "
26. when: never
27. - when: always

jobs/test.yml 测试作业模板

主要用于运行项目单元测试，例如maven、gradle、npm单元测试。

1. #单元测试
2. .test:
3. stage: test
4. script:
5. - $TEST_SHELL
6. artifacts:
7. reports:
8. junit: ${JUNIT_REPORT_PATH}
9. rules:
10. - if: " $RUN_PIPELINE_TEST == 'no' "
11. when: never
12. - when: always

jobs/codeanalysis.yml 代码扫描模板

包含两个作业模板，分别为扫描作业和获取扫描结果。这里面将扫描参数进行了分类，通用的项目参数、特殊的合并请求参数、自定义的项目参数。

1. ##代码扫描
2. ##
3. ##
4. ##
5.  
6. .code_analysis:
7. variables:
8. GLOBAL_PROJECT_ARGS: "-Dsonar.projectKey=${CI_PROJECT_NAME}
9. -Dsonar.projectName=${CI_PROJECT_NAME}
10. -Dsonar.projectVersion=${CI_COMMIT_REF_NAME}
11. -Dsonar.projectDescription=${CI_PROJECT_TITLE}"
12. GLOBAL_SERVER_ARGS: "-Dsonar.ws.timeout=30
13. -Dsonar.links.homepage=${CI_PROJECT_URL}
14. -Dsonar.host.url=${SONAR_SERVER_URL}
15. -Dsonar.login=${SONAR_SERVER_LOGIN}
16. -Dsonar.sourceEncoding=UTF-8 "
17. GLOBAL_MR_ARGS: " -Dsonar.pullrequest.key=${CI_MERGE_REQUEST_IID}
18. -Dsonar.pullrequest.branch=${CI_MERGE_REQUEST_SOURCE_BRANCH_NAME}
19. -Dsonar.pullrequest.base=${CI_MERGE_REQUEST_TARGET_BRANCH_NAME}
20. -Dsonar.gitlab.ref_name=${CI_COMMIT_REF_NAME}
21. -Dsonar.gitlab.commit_sha=${CI_COMMIT_SHA}
22. -Dsonar.gitlab.project_id=${CI_PROJECT_PATH}
23. -Dsonar.pullrequest.gitlab.repositorySlug=${CI_PROJECT_ID} "
24. MULTI_BRANCH_ARGS: "-Dsonar.branch.name=${CI_COMMIT_REF_NAME}"
25. stage: code_analysis
26. script:
27. - echo ${GLOBAL_PROJECT_ARGS} ${GLOBAL_SERVER_ARGS} ${SONAR_SCAN_ARGS} ${GLOBAL_MR_ARGS}
28. #sonar-scanner $GLOBAL_PROJECT_ARGS $GLOBAL_SERVER_ARGS $SCAN_JAVA_ARGS
29. - |
30. if [ $CI_PIPELINE_SOURCE == 'merge_request_event' ]
31.  
32. then
33. echo "sonar-scanner ${GLOBAL_PROJECT_ARGS} ${GLOBAL_SERVER_ARGS} ${SONAR_SCAN_ARGS} "
34. sonar-scanner ${GLOBAL_PROJECT_ARGS} ${GLOBAL_SERVER_ARGS} ${SONAR_SCAN_ARGS}
35. else
36. echo "sonar-scanner ${GLOBAL_PROJECT_ARGS} ${GLOBAL_SERVER_ARGS} ${SONAR_SCAN_ARGS} ${MULTI_BRANCH_ARGS}"
37. sonar-scanner ${GLOBAL_PROJECT_ARGS} ${GLOBAL_SERVER_ARGS} ${SONAR_SCAN_ARGS} ${MULTI_BRANCH_ARGS}
38. fi
39. rules:
40. - if: " $RUN_CODE_ANALYSIS == 'no' "
41. when: never
42. - when: always
43.  
44.  
45. #### 获取代码扫描结果
46. .get_analysis_result:
47. stage: get_analysis_result
48. script:
49. - |
50. SONAR_REPORT_URL=$(grep "ceTaskUrl" .scannerwork/report-task.txt | awk -F = '{OFS="=";print $2,$3}')
51. echo ${SONAR_REPORT_URL}
52.  
53.  
54. for i in {1..10}
55. do
56. curl -k -u "${SONAR_SERVER_LOGIN}":"" ${SONAR_REPORT_URL} -o sonar_result.txt -s
57. grep '"status":"SUCCESS"' sonar_result.txt && SONAR_SCAN_RESULT='SUCCESS'
58.  
59. if [ ${SONAR_SCAN_RESULT} == 'SUCCESS' ]
60. then
61. echo "${SONAR_SCAN_RESULT}"
62. SONAR_SCAN_RESULT=SUCCESS
63.  
64. curl -k -u "${SONAR_SERVER_LOGIN}":"" "${SONAR_SERVER_URL}/api/qualitygates/project_status?projectKey=$CI_PROJECT_NAME&branch=$CI_COMMIT_REF_NAME" -o result.txt -s
65. echo "result info ---->>>>>"
66. cat result.txt
67. result=`cat result.txt | awk -F ':' '{print $3}' | awk -F '"' '{print$2}'`
68.  
69. echo $result
70.  
71. if [ $result == 'ERROR' ]
72. then
73. echo "${result}"
74. exit 122
75. break;
76. else
77. echo "success!"
78. break;
79. fi
80.  
81. else
82. SONAR_SCAN_RESULT='ERROR'
83. echo "第$i次获取结果信息，不是成功状态，睡眠10秒！"
84. cat sonar_result.txt
85. sleep 10
86. fi
87. done
88.  
89. rules:
90. - if: " $RUN_CODE_ANALYSIS == 'no' "
91. when: never
92. - when: always

jobs/artifactory.yml 制品管理作业

包含两个作业，制品上传与下载。使用artifactory制品库接口。

1. ## 制品库相关
2. ##
3.  
4. .deploy-artifact:
5. stage: deploy-artifact
6. script:
7. - echo "curl -u${ARTIFACT_USER}:${ARTIFACT_PASSWD} -T ${ARTIFACT_PATH} $ARTIFACTORY_URL/$ARTIFACTORY_NAME/$TARGET_FILE_PATH/$TARGET_ARTIFACT_NAME"
8. - curl -u${ARTIFACT_USER}:${ARTIFACT_PASSWD} -T ${ARTIFACT_PATH} "$ARTIFACTORY_URL/$ARTIFACTORY_NAME/$TARGET_FILE_PATH/$TARGET_ARTIFACT_NAME"
9. rules:
10. - if: " $RUN_DEPLOY_ARTIFACTS == 'no' "
11. when: never
12. - when: always
13.  
14.  
15. .down-artifact:
16. stage: down-artifact
17. script:
18. - curl -u${ARTIFACT_USER}:${ARTIFACT_PASSWD} -O "$ARTIFACTORY_URL/$ARTIFACTORY_NAME/$TARGET_FILE_PATH/$TARGET_ARTIFACT_NAME"
19. - ls

jobs/deploy.yml 发布作业模板

发布基于k8s的发布和回滚配置。

1. ## 应用发布
2.  
3.  
4. ## 使用kubectl镜像发布
5. .deploy_k8s:
6. stage: deploy
7. script:
8. - echo $KUBE_TOKEN
9. - kubectl config set-cluster my-cluster --server=${KUBE_URL} --certificate-authority="${KUBE_CA_PEM_FILE}"
10. - kubectl config set-credentials admin --token=${KUBE_TOKEN}
11. - ls -a
12. - sed -i "s#__namespace__#${NAMESPACE}#g" ${DEPLOY_FILE}
13. - sed -i "s#__appname__#${APP_NAME}#g" ${DEPLOY_FILE}
14. - sed -i "s#__containerport__#${CONTAINER_PORT}#g" ${DEPLOY_FILE}
15. - sed -i "s#__nodeport__#${NODE_PORT}#g" ${DEPLOY_FILE}
16. - sed -i "s#__imagename__#${IMAGE_NAME}#g" ${DEPLOY_FILE}
17. - sed -i "s#__CI_ENVIRONMENT_SLUG__#${CI_ENVIRONMENT_SLUG}#g" ${DEPLOY_FILE}
18. - sed -i "s#__CI_PROJECT_PATH_SLUG__#${CI_PROJECT_PATH_SLUG}#g" ${DEPLOY_FILE}
19. - sed -i "s#__ingressdomain__#${ENV_URL}#g" ${DEPLOY_FILE}
20. - cat ${DEPLOY_FILE}
21. - "kubectl create secret docker-registry ${APP_NAME} \
22. --docker-server=${CI_REGISTRY} \
23. --docker-username=$CI_REGISTRY_USER \
24. --docker-password=${CI_REGISTRY_PASSWD} \
25. --docker-email=test@test.com -n ${NAMESPACE} || echo 'secrets already exists'"
26. - kubectl apply -f ${DEPLOY_FILE}
27. rules:
28. - if: " $RUN_DEPLOY_K8S == 'no'"
29. when: never
30. - when: manual
31. environment:
32. name: "${ENV_NAME}"
33. url: "http://${ENV_NAME}.${CI_PROJECT_NAMESPACE}.${CI_PROJECT_NAME}.devops.com"
34.  
35.  
36.  
37.  
38. ## 回滚
39. .rollout_k8s:
40. stage: deploy
41. script:
42. - rm -rf $HOME/.kube
43. - kubectl config set-cluster my-cluster --server=${KUBE_URL} --certificate-authority="${KUBE_CA_PEM_FILE}"
44. - kubectl config set-credentials admin --token=${KUBE_TOKEN}
45. - kubectl rollout history deployment ${APP_NAME} -n ${NAMESPACE}
46. - kubectl rollout undo deployment ${APP_NAME} -n ${NAMESPACE}
47. rules:
48. - if: " $RUN_DEPLOY_K8S == 'no' "
49. when: never
50. - when: manual
51. environment:
52. name: "${ENV_NAME}"
53. action: stop

default流水线模板

templates/default-pipeline.yml 模板分成个部分：

• include导入作业模板
• variables 定义全局变量
• workflow 定义流水线控制
• jobs 构建与发布作业

include导入作业模板

1. include:
2. - project: 'cidevops/cidevops-newci-service'
3. ref: master
4. file: 'jobs/build.yml'
5. - project: 'cidevops/cidevops-newci-service'
6. ref: master
7. file: 'jobs/test.yml'
8. - project: 'cidevops/cidevops-newci-service'
9. ref: master
10. file: 'jobs/codeanalysis.yml'
11. - project: 'cidevops/cidevops-newci-service'
12. ref: master
13. file: 'jobs/deploy.yml'
14. - project: 'cidevops/cidevops-newci-service'
15. ref: master
16. file: 'jobs/artifactory.yml'

variables 定义全局变量

1. variables:
2. ## 全局配置
3. GIT_CLONE_PATH: ${CI_BUILDS_DIR}/builds/${CI_PROJECT_NAMESPACE}/${CI_PROJECT_NAME}/${CI_PIPELINE_ID}
4. GIT_CHECKOUT: "false"
5. CACHE_DIR: ""
6.  
7. ## 作业控制
8. RUN_PIPELINE_BUILD: "" #是否运行构建 yes/no
9. RUN_PIPELINE_TEST: "" #是否运行测试 yes/no
10. RUN_CODE_ANALYSIS: "" #是否代码扫描 yes/no
11. RUN_BUILD_IMAGE: "" #是否生成镜像 yes/no
12. RUN_DEPLOY_ARTIFACTS: "" #是否上传制品 yes/no
13. RUN_DEPLOY_K8S: "" #是否发布K8S yes/no
14.  
15. ## 依赖容器镜像
16. BUILD_IMAGE: ""
17. CURL_IMAGE: "curlimages/curl:7.70.0"
18. SONAR_IMAGE: "sonarsource/sonar-scanner-cli:latest"
19. KUBECTL_IMAGE: "lucj/kubectl:1.17.2"
20.  
21.  
22. ## 构建测试参数
23. MAVEN_OPTS: "" #maven构建参数
24. GRADLE_OPTS: "" #gradle构建参数
25. BUILD_SHELL: '' #构建命令
26.  
27. ## 单元测试参数
28. TEST_SHELL : 'mvn test --settings=./settings.xml ' #测试命令
29. JUNIT_REPORT_PATH: 'target/surefire-reports/TEST-*.xml' #单元测试报告
30.  
31. ## 代码扫描
32. SONAR_SOURCE_DIR : "src" #项目源码目录
33. SONAR_SERVER_URL: "http://192.168.1.200:30090" #SonarQube服务器信息
34. SONAR_SERVER_LOGIN: "ee2bcb37deeb6dfe3a07fe08fb529559b00c1b7b" #Sonar Token最好在项目中定义。
35. SONAR_SCAN_ARGS: "-Dsonar.sources=${SONAR_SOURCE_DIR}" #项目扫描参数
36.  
37. ## 构建镜像
38. CI_REGISTRY: 'registry.cn-beijing.aliyuncs.com' #镜像仓库地址
39. CI_REGISTRY_USER: 'xxxxxx' #仓库用户信息
40. #CI_REGISTRY_PASSWD: 'xxxxxxxx.' #仓库用户密码
41. IMAGE_NAME: "${CI_REGISTRY}/${CI_PROJECT_PATH}:${CI_COMMIT_REF_NAME}-${CI_COMMIT_SHORT_SHA}" #镜像名称
42. DOCKER_FILE_PATH: "./Dockerfile" #Dockerfile位置
43.  
44. ## 上传制品库(artifactory)
45. ARTIFACTORY_URL: "http://192.168.1.200:30082/artifactory" #制品库地址
46. ARTIFACTORY_NAME: "${CI_PROJECT_NAMESPACE}" #制品库名称
47. ARTIFACT_PACKAGE: "jar" #制品类型
48. ARTIFACT_PATH: "target/*.${ARTIFACT_PACKAGE}" #制品位置
49. TARGET_FILE_PATH: "${CI_PROJECT_NAMESPACE}/${CI_PROJECT_NAME}/${CI_COMMIT_REF_NAME}-${CI_COMMIT_SHORT_SHA}" #目标制品位置(目录结构)
50. TARGET_ARTIFACT_NAME: "${CI_PROJECT_NAME}-${CI_COMMIT_REF_NAME}-${CI_COMMIT_SHORT_SHA}.${ARTIFACT_PACKAGE}" #目标制品名称
51.  
52. ## 部署应用k8s
53. APP_NAME: "$CI_PROJECT_NAME" #应用名称 <--> deploymentName
54. CONTAINER_PORT: "8081" #服务端口 <--> servicesPort
55. NAMESPACE: "$CI_PROJECT_NAME-$CI_PROJECT_ID-$CI_ENVIRONMENT_SLUG" #名称空间
56. ENV_URL: "${ENV_NAME}.${CI_PROJECT_NAMESPACE}.${CI_PROJECT_NAME}.devops.com" #IngressHosts

流水线设置

1. ## 流水线控制
2. workflow:
3. rules:
4. - if: "$CI_MERGE_REQUEST_ID" #过滤合并请求
5. when: never
6. - if: "$CI_PIPELINE_SOURCE == 'web'" #允许在web页面发布
7. - if: "$CI_COMMIT_REF_NAME =~ /^RELEASE-*/ || $CI_COMMIT_REF_NAME =~ /master/ " #过滤版本分支和主干分支提交代码触发
8. when: never
9. - if: "$CI_COMMIT_BEFORE_SHA == '0000000000000000000000000000000000000000'" #过滤分支创建请求
10. when: never
11. ### 默认策略
12. - when: always
13.  
14.  
15. ## 运行阶段
16. stages:
17. - build
18. - test
19. - parallel01
20. - get_analysis_result
21. - deploy-artifact
22. - deploy-feature
23. - rollout-feature
24. - deploy-uat
25. - rollout-uat
26. - deploy-stag
27. - rollout-stag
28. - deploy-prod
29. - rollout-prod
30.  
31. cache:
32. paths:
33. - ${CACHE_DIR}
34.  
35. before_script:
36. - export

构建作业配置

1. ################# Jobs Configure #####################
2. ## 构建作业
3. build:
4. image: ${BUILD_IMAGE}
5. extends: .build
6.  
7. ## 测试作业
8. test:
9. image: ${BUILD_IMAGE}
10. extends: .test
11. before_script:
12. - ls
13. - ls ${CACHE_DIR}
14.  
15. ## 代码扫描
16. code_analysis:
17. stage: parallel01
18. image: ${SONAR_IMAGE}
19. extends: .code_analysis
20.  
21. ## 获取构建结果
22. get_analysis_result:
23. image: ${CURL_IMAGE}
24. extends: .get_analysis_result
25. needs:
26. - code_analysis
27.  
28.  
29. ## 构建镜像
30. build_image:
31. image: docker:latest
32. services:
33. - name: docker:dind
34. stage: parallel01
35. extends: .build-docker
36.  
37.  
38. ## 上传制品
39. deploy_artifact:
40. image: ${CURL_IMAGE}
41. stage: deploy-artifact
42. extends: .deploy-artifact
43.  
44. ## 下载制品
45. #down_artifact:
46. # image: ${CURL_IMAGE}
47. # stage: down_artifact
48. # extends: .down-artifact

发布部署作业配置

1. #################Deploy Feature Jobs Configure #####################
2. ## feature发布应用
3. deploy_feature:
4. variables:
5. DEPLOY_FILE: 'deployment.yaml'
6. ENV_NAME: 'feature'
7. stage: deploy-feature
8. image: ${KUBECTL_IMAGE}
9. extends: .deploy_k8s
10. environment:
11. on_stop: "rollout_feature"
12. rules:
13. - if: $RUN_DEPLOY_K8S == 'no'
14. when: never
15. - if: $CI_COMMIT_REF_NAME =~ /^RELEASE-*/ || $CI_COMMIT_REF_NAME =~ /master/ || $CI_COMMIT_TAG
16. when: never
17. - when: manual
18.  
19. ## 应用回滚
20. rollout_feature:
21. variables:
22. DEPLOY_FILE: 'deployment.yaml'
23. ENV_NAME: 'feature'
24. stage: rollout-feature
25. image: ${KUBECTL_IMAGE}
26. extends: .rollout_k8s
27. needs:
28. - deploy_feature
29. rules:
30. - if: $RUN_DEPLOY_K8S == 'no'
31. when: never
32. - if: $CI_COMMIT_REF_NAME =~ /^RELEASE-*/ || $CI_COMMIT_REF_NAME =~ /master/ || $CI_COMMIT_TAG
33. when: never
34. - when: on_failure
35.  
36.  
37. #################Deploy UAT Jobs Configure #####################
38. ## UAT
39. deploy_uat:
40. variables:
41. DEPLOY_FILE: 'config/deployment-uat.yaml'
42. ENV_NAME: 'uat'
43. stage: deploy-uat
44. image: ${KUBECTL_IMAGE}
45. extends: .deploy_k8s
46. environment:
47. on_stop: "rollout_uat"
48. rules:
49. - if: $RUN_DEPLOY_K8S == 'no'
50. when: never
51. - if: $CI_COMMIT_REF_NAME =~ /^RELEASE-*/ || $CI_COMMIT_REF_NAME =~ /master/ || $CI_COMMIT_TAG
52. when: manual
53. - when: never
54.  
55. ## UAT应用回滚
56. rollout_uat:
57. variables:
58. DEPLOY_FILE: 'config/deployment-uat.yaml'
59. ENV_NAME: 'uat'
60. stage: rollout-uat
61. image: ${KUBECTL_IMAGE}
62. extends: .rollout_k8s
63. needs:
64. - deploy_uat
65. rules:
66. - if: $RUN_DEPLOY_K8S == 'no'
67. when: never
68. - if: $CI_COMMIT_REF_NAME =~ /^RELEASE-*/ || $CI_COMMIT_REF_NAME =~ /master/ || $CI_COMMIT_TAG
69. when: on_failure
70. - when: never
71.  
72. #################Deploy STAG Jobs Configure #####################
73. ## STAG
74. deploy_stag:
75. variables:
76. DEPLOY_FILE: 'config/deployment-stag.yaml'
77. ENV_NAME: 'stag'
78. stage: deploy-stag
79. image: ${KUBECTL_IMAGE}
80. extends: .deploy_k8s
81. environment:
82. on_stop: "rollout_stag"
83. needs:
84. - deploy_uat
85. rules:
86. - if: $RUN_DEPLOY_K8S == 'no'
87. when: never
88. - if: $CI_COMMIT_REF_NAME =~ /^RELEASE-*/ || $CI_COMMIT_REF_NAME =~ /master/ || $CI_COMMIT_TAG
89. when: manual
90. - when: never
91.  
92. ## STAG应用回滚
93. rollout_stag:
94. variables:
95. DEPLOY_FILE: 'config/deployment-stag.yaml'
96. ENV_NAME: 'stag'
97. stage: rollout-stag
98. image: ${KUBECTL_IMAGE}
99. extends: .rollout_k8s
100. needs:
101. - deploy_stag
102. rules:
103. - if: $RUN_DEPLOY_K8S == 'no'
104. when: never
105. - if: $CI_COMMIT_REF_NAME =~ /^RELEASE-*/ || $CI_COMMIT_REF_NAME =~ /master/ || $CI_COMMIT_TAG
106. when: on_failure
107. - when: never
108.  
109. #################Deploy PROD Jobs Configure #####################
110. ## PROD
111. deploy_prod:
112. variables:
113. DEPLOY_FILE: 'config/deployment-prod.yaml'
114. ENV_NAME: 'prod'
115. stage: deploy-prod
116. image: ${KUBECTL_IMAGE}
117. extends: .deploy_k8s
118. environment:
119. on_stop: "rollout_prod"
120. needs:
121. - deploy_stag
122. rules:
123. - if: $RUN_DEPLOY_K8S == 'no'
124. when: never
125. - if: $CI_COMMIT_REF_NAME =~ /^RELEASE-*/ || $CI_COMMIT_REF_NAME =~ /master/ || $CI_COMMIT_TAG
126. when: manual
127. - when: never
128.  
129. ## PROD应用回滚
130. rollout_prod:
131. variables:
132. DEPLOY_FILE: 'config/deployment-prod.yaml'
133. ENV_NAME: 'prod'
134. stage: rollout-prod
135. image: ${KUBECTL_IMAGE}
136. extends: .rollout_k8s
137. needs:
138. - deploy_prod
139. rules:
140. - if: $RUN_DEPLOY_K8S == 'no'
141. when: never
142. - if: $CI_COMMIT_REF_NAME =~ /^RELEASE-*/ || $CI_COMMIT_REF_NAME =~ /master/ || $CI_COMMIT_TAG
143. when: on_failure
144. - when: never

JAVA项目交付流水线

导入作业模板

1. include:
2. - project: 'cidevops/cidevops-newci-service'
3. ref: master
4. file: 'templates/default-pipeline.yml'

配置项目参数

1. variables:
2. ## 全局配置
3. GIT_CLONE_PATH: ${CI_BUILDS_DIR}/builds/${CI_PROJECT_NAMESPACE}/${CI_PROJECT_NAME}/${CI_PIPELINE_ID}
4. GIT_CHECKOUT: "false"
5. CACHE_DIR: "target/"
6.  
7. ## 作业控制
8. RUN_PIPELINE_BUILD: "yes" #是否运行构建 yes/no
9. RUN_PIPELINE_TEST: "yes" #是否运行测试 yes/no
10. RUN_CODE_ANALYSIS: "yes" #是否代码扫描 yes/no
11. RUN_BUILD_IMAGE: "yes" #是否生成镜像 yes/no
12. RUN_DEPLOY_ARTIFACTS: "no" #是否上传制品 yes/no
13. RUN_DEPLOY_K8S: "yes" #是否发布K8S yes/no
14.  
15. ## 依赖容器镜像
16. BUILD_IMAGE: "maven:3.6.3-jdk-8"
17. CURL_IMAGE: "curlimages/curl:7.70.0"
18. SONAR_IMAGE: "sonarsource/sonar-scanner-cli:latest"
19. KUBECTL_IMAGE: "lucj/kubectl:1.17.2"
20.  
21.  
22. ## 构建测试参数
23. MAVEN_OPTS: "-Dmaven.repo.local=/home/gitlab-runner/ci-build-cache/maven " #maven构建参数
24. BUILD_SHELL: 'mvn clean package -DskipTests --settings=./settings.xml ' #构建命令
25. #GRADLE_OPTS: "" #gradle构建参数
26.  
27. ## 单元测试参数
28. TEST_SHELL : 'mvn test --settings=./settings.xml ' #测试命令
29. JUNIT_REPORT_PATH: 'target/surefire-reports/TEST-*.xml' #单元测试报告
30.  
31. ## 代码扫描
32. SONAR_SOURCE_DIR : "src" #项目源码目录
33. SONAR_SERVER_URL: "http://192.168.1.200:30090" #SonarQube服务器信息
34. SONAR_SERVER_LOGIN: "ee2bcb37deeb6dfe3a07fe08fb529559b00c1b7b" #Sonar Token最好在项目中定义。
35. SONAR_SCAN_ARGS: "-Dsonar.sources=${SONAR_SOURCE_DIR}
36. -Dsonar.java.binaries=target/classes
37. -Dsonar.java.test.binaries=target/test-classes
38. -Dsonar.java.surefire.report=target/surefire-reports " #项目扫描参数
39.  
40. ## 构建镜像
41. CI_REGISTRY: 'registry.cn-beijing.aliyuncs.com' #镜像仓库地址
42. CI_REGISTRY_USER: 'xxxxxx' #仓库用户信息
43. #CI_REGISTRY_PASSWD: 'xxxxxxxx.' #仓库用户密码
44. IMAGE_NAME: "${CI_REGISTRY}/${CI_PROJECT_PATH}:${CI_COMMIT_REF_NAME}-${CI_COMMIT_SHORT_SHA}" #镜像名称
45. DOCKER_FILE_PATH: "./Dockerfile" #Dockerfile位置
46.  
47. ## 上传制品库(artifactory)
48. #ARTIFACTORY_URL: "http://192.168.1.200:30082/artifactory" #制品库地址
49. #ARTIFACTORY_NAME: "${CI_PROJECT_NAMESPACE}" #制品库名称
50. #ARTIFACT_PACKAGE: "jar" #制品类型
51. #ARTIFACT_PATH: "target/*.${ARTIFACT_PACKAGE}" #制品位置
52. #TARGET_FILE_PATH: "${CI_PROJECT_NAMESPACE}/${CI_PROJECT_NAME}/${CI_COMMIT_REF_NAME}-${CI_COMMIT_SHORT_SHA}" #目标制品位置(目录结构)
53. #TARGET_ARTIFACT_NAME: "${CI_PROJECT_NAME}-${CI_COMMIT_REF_NAME}-${CI_COMMIT_SHORT_SHA}.${ARTIFACT_PACKAGE}" #目标制品名称
54.  
55. ## 部署应用k8s
56. APP_NAME: "$CI_PROJECT_NAME" #应用名称 <-->deploymentName
57. CONTAINER_PORT: "8081" #服务端口 <--> servicesPort
58. NAMESPACE: "$CI_PROJECT_NAME-$CI_PROJECT_ID-$CI_ENVIRONMENT_SLUG" #名称空间
59. ENV_URL: "${ENV_NAME}.${CI_PROJECT_NAMESPACE}.${CI_PROJECT_NAME}.devops.com" #IngressHosts

指定CI文件

运行流水线测试

docker镜像仓库

部署环境演示

Kubernetes集群中应用状态

原文链接：https://mp.weixin.qq.com/s/M3Cz1rV1_fy5l1VChJPlGQ