Created
January 18, 2021 11:46
-
-
Save ctlaltlaltc/998bb7a56d3fab34e29c92cb9a57eb1e to your computer and use it in GitHub Desktop.
kubemanager devops pipeline demo code
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
def kubemanager_ip="10.113.85.155" | |
def kubemanager_registry_ip="10.113.85.156" | |
def kubemanager_token="token-8wmgj:v6vbx2b6t22bqtqth28wnrzdxnt4hnqb4n5b5qcmfzfc2r64spx49n" | |
def kubemanager_project="c-zk8h7:p-s4qjg" | |
podTemplate(yaml: """ | |
apiVersion: v1 | |
kind: Pod | |
spec: | |
volumes: | |
- name: docker-socket | |
emptyDir: {} | |
- name: sangfor-registry-ca | |
emptyDir: {} | |
- name: workspace | |
emptyDir: {} | |
containers: | |
- name: jnlp | |
image: registry.sangfor.com/apps/inbound-agent:4.6-1 | |
args: ['\$(JENKINS_SECRET)', '\$(JENKINS_NAME)'] | |
volumeMounts: | |
- name: workspace | |
mountPath: /workspace | |
- name: docker | |
image: registry.sangfor.com/apps/docker:20.10.2 | |
command: | |
- cat | |
tty: true | |
volumeMounts: | |
- name: docker-socket | |
mountPath: /var/run | |
- name: workspace | |
mountPath: /workspace | |
- name: docker-daemon | |
image: registry.sangfor.com/apps/docker:20.10.2-dind | |
securityContext: | |
privileged: true | |
volumeMounts: | |
- name: docker-socket | |
mountPath: /var/run | |
- name: sangfor-registry-ca | |
mountPath: /etc/docker/certs.d | |
- name: workspace | |
mountPath: /workspace | |
- name: cd-tools | |
image: registry.sangfor.com/apps/kubemanager-cd:sangfor | |
imagePullPolicy: Always | |
command: | |
- cat | |
tty: true | |
volumeMounts: | |
- name: sangfor-registry-ca | |
mountPath: /etc/docker/certs.d | |
- name: workspace | |
mountPath: /workspace | |
""") { | |
node(POD_LABEL) { | |
stage('Clone') { | |
container('jnlp') { | |
sh """ | |
git clone -b modify-repo-url https://github.com/ctlaltlaltc/docker-nginx.git /workspace/docker-nginx | |
""" | |
} | |
} | |
stage('Setting') { | |
container('cd-tools') { | |
sh """ | |
# Setting sangfor registry private certificate | |
# Setting sangfor kubemanager registry ip | |
mkdir -p /etc/docker/certs.d/$kubemanager_registry_ip | |
wget --no-check-certificate -q -O- https://$kubemanager_registry_ip/api/systeminfo/getcert > /etc/docker/certs.d/$kubemanager_registry_ip/ca.crt | |
""" | |
} | |
} | |
stage('Build') { | |
container('docker') { | |
sh """ | |
docker version | |
export DOCKER_BUILDKIT=1 | |
docker build --progress plain -t $kubemanager_registry_ip/library/nginx-devops:latest /workspace/docker-nginx/stable/alpine | |
""" | |
} | |
} | |
stage('Publish') { | |
container('docker') { | |
sh """ | |
docker login -u user -p password $kubemanager_registry_ip | |
docker push $kubemanager_registry_ip/library/nginx-devops:latest | |
""" | |
} | |
} | |
stage('Deploy') { | |
container('cd-tools'){ | |
sh """ | |
kubemanager login https://$kubemanager_ip --skip-verify --token $kubemanager_token --context $kubemanager_project | |
if ! kubemanager kubectl get namespace devops; then | |
kubemanager kubectl create namespace devops | |
fi | |
# rollout update | |
if ! kubemanager kubectl -n devops get deploy nginx; then | |
kubemanager kubectl -n devops create deployment nginx --image=$kubemanager_registry_ip/library/nginx-devops:latest | |
else | |
kubemanager kubectl -n devops rollout restart deployment/nginx | |
fi | |
# expose service | |
if ! kubemanager kubectl -n devops get service nginx-http; then | |
kubemanager kubectl -n devops expose deployment nginx --port=80 --target-port=80 --name=nginx-http | |
fi | |
kubemanager kubectl -n devops wait --for=condition=available --timeout=600s deployment/nginx | |
""" | |
} | |
} | |
stage('Test') { | |
container('cd-tools') { | |
sh """ | |
true | |
""" | |
} | |
} | |
stage('Teardown') { | |
container('jnlp') { | |
sh """ | |
true | |
""" | |
} | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment