基于Jenkins的openEuler Embedded CI部署
[Jenkins]openEuler Embedded 构建CI部署流程
系统:Ubuntu 22.04 LTS
1 安装和配置Jenkins
1.1 安装Jenkins
参考链接:Linux - Jenkins.io
# 配置源并安装jenkins
curl -fsSL https://pkg.jenkins.io/debian-stable/jenkins.io-2023.key | sudo tee \
/usr/share/keyrings/jenkins-keyring.asc > /dev/null
echo deb [signed-by=/usr/share/keyrings/jenkins-keyring.asc] \
https://pkg.jenkins.io/debian-stable binary/ | sudo tee \
/etc/apt/sources.list.d/jenkins.list > /dev/null
sudo apt update
sudo apt install fontconfig openjdk-17-jre jenkins
# 可用java --version查看版本
# 以便Jenkins运行任务时与Docker主机连接并进行一些操作
sudo gpasswd -a jenkins docker
# 加入群组后,需要重启jenkins才会生效
sudo service jenkins restart
# 拉取openeuler-embedded的docker镜像
sudo docker pull swr.cn-north-4.myhuaweicloud.com/openeuler-embedded/openeuler-ci-test:latest
访问Jenkins页面(127.0.0.1:8080),设置用户名(user)和密码(********)
Dashboard - System Configuration - Plugins,安装插件Docker和Docker Pipeline
1.2 配置Docker Cloud
Dashboard - Set up a distributed build - Configure a cloud - New Cloud(或Dashboard - Clouds - New cloud):
Cloud name: oe_cloud
Type: docker
Docker Cloud Details
# 主要用于连接上Docker主机
Docker Host URI: unix:///var/run/docker.sock
# 可用docker context ls命令查询,取name列带星号的那一行的DOCKER ENDPOINT值
Server credentials:
# 连接Docker主机是需要进行的验证,若Jenkins和Docker在同一台主机,该处可不填
Enabled # 点击勾选生效
# 其他选项可使用默认值或者不填写
Docker Agent templates
Add Docker Template
Docker Agent templates:
# 用于作为Agent节点模板,Pipeline任务执行时通过模板生成容器,模板配置的一些内容会传入到Docker中,或者作为运行docker镜像的命令
Labels: oe_label
# 标签,在Pipeline的Jenkinsfile中可指定标签,执行任务时Jenkins会根据标签找到模板,使用该模板运行容器
Enabled # 点击勾选生效
Name: oe
# 用于从此模板创建的所有 Jenkins 节点的名称前缀
Docker Image: swr.cn-north-4.myhuaweicloud.com/openeuler-embedded/openeuler-ci-test:latest
# 希望 docker 运行的映像的哈希值或标记名称
Remote File System Root: /home/jenkins/agent
# 镜像中供Jenkins使用的根目录,上面镜像的根目录为/home/jenkins/agent
Usage: 只允许运行绑定到这台机器的Job
# 建议使用只允许运行绑定到这台机器的Job。绑定指的是Jenkinsfile中的标签绑定。
Connect method: Attach Docker container
# 建议使用Attach Docker container,也可使用Connect with JNLP或Connect with SSH,注意前置选项。
User: jenkins
# 运行容器时使用的用户名,上面镜像的用户名为jenkins
Pull strategy: Pull once and update latest
# 其他选项可使用默认值或者不填写
1.3 配置credentials
Dashboard - Manage Jenkins - Credentials - Stores scoped to Jenkins - System一项 - Global credentials - Add Credentials
Kind: Username with password
Username: user
Id: oe_credentials
1.4 配置 pipeline
参考链接:embedded-ci
Dashboard - Create a Job:
Item name: oe_task
Type: Pipeline
为了避免字符串插值造成敏感信息泄露,应使用单引号代替双引号(参考链接)。
version 1:
pipeline {
agent { node "oe_label" } // oe_label is in Docker Agent templates
environment {
PATH = "/home/jenkins/.local/bin:${env.PATH}"
}
stages {
stage('clone openeuler-ci') {
steps {
dir('/home/jenkins/agent'){
script {
if(fileExists('embedded-ci') == false) {
sh 'git clone https://gitee.com/openeuler/embedded-ci.git -v /home/jenkins/agent/embedded-ci --depth=1'
}
}
}
}
}
stage('run ci') {
steps {
dir('/home/jenkins/agent/embedded-ci'){
script{
withCredentials([usernamePassword(credentialsId: 'oe_credentials', passwordVariable: 'PASSWORD', usernameVariable: 'USERNAME')]) {
sh """python3 main.py ci \
-e /home/user/Work/ci_output \ // path for store output
-i "127.0.0.1" \ // ip for store output
-u $USERNAME \ // username
-w $PASSWORD \ // password
-dm \ // delete tmp folder
-o openeuler \ // reserve
-p yocto-meta-openeuler // reserve
"""
}
}
}
}
}
}
}
version 2:
pipeline {
agent { node "oe_label" } // oe_label is in Docker Agent templates
environment {
PATH = "/home/jenkins/.local/bin:${env.PATH}"
}
stages {
stage('clone openeuler-ci') {
steps {
dir('/home/jenkins/agent'){
script {
if(fileExists('embedded-ci') == false) {
sh 'git clone https://gitee.com/openeuler/embedded-ci.git -v /home/jenkins/agent/embedded-ci --depth=1'
}
}
}
}
}
stage('run ci') {
steps {
dir('/home/jenkins/agent/embedded-ci'){
script{
withCredentials([usernamePassword(credentialsId: 'oe_credentials', passwordVariable: 'PASSWORD', usernameVariable: 'USERNAME')]) {
sh 'python3 main.py ci -e /home/user/Work/ci_output -i "127.0.0.1" -u $USERNAME -w $PASSWORD -dm -o openeuler -p yocto-meta-openeuler'
}
}
}
}
}
}
}
浙公网安备 33010602011771号