Skip to content

Instantly share code, notes, and snippets.

@ctlaltlaltc

ctlaltlaltc/devops.groovy

Created January 18, 2021 11:46
Show Gist options
  • Save ctlaltlaltc/998bb7a56d3fab34e29c92cb9a57eb1e to your computer and use it in GitHub Desktop.
Save ctlaltlaltc/998bb7a56d3fab34e29c92cb9a57eb1e to your computer and use it in GitHub Desktop.
Download ZIP
kubemanager devops pipeline demo code
Raw
devops.groovy
def kubemanager_ip="10.113.85.155"
def kubemanager_registry_ip="10.113.85.156"
def kubemanager_token="token-8wmgj:v6vbx2b6t22bqtqth28wnrzdxnt4hnqb4n5b5qcmfzfc2r64spx49n"
def kubemanager_project="c-zk8h7:p-s4qjg"
podTemplate(yaml: """
apiVersion: v1
kind: Pod
spec:
volumes:
- name: docker-socket
emptyDir: {}
- name: sangfor-registry-ca
emptyDir: {}
- name: workspace
emptyDir: {}
containers:
- name: jnlp
image: registry.sangfor.com/apps/inbound-agent:4.6-1
args: ['\$(JENKINS_SECRET)', '\$(JENKINS_NAME)']
volumeMounts:
- name: workspace
mountPath: /workspace
- name: docker
image: registry.sangfor.com/apps/docker:20.10.2
command:
- cat
tty: true
volumeMounts:
- name: docker-socket
mountPath: /var/run
- name: workspace
mountPath: /workspace
- name: docker-daemon
image: registry.sangfor.com/apps/docker:20.10.2-dind
securityContext:
privileged: true
volumeMounts:
- name: docker-socket
mountPath: /var/run
- name: sangfor-registry-ca
mountPath: /etc/docker/certs.d
- name: workspace
mountPath: /workspace
- name: cd-tools
image: registry.sangfor.com/apps/kubemanager-cd:sangfor
imagePullPolicy: Always
command:
- cat
tty: true
volumeMounts:
- name: sangfor-registry-ca
mountPath: /etc/docker/certs.d
- name: workspace
mountPath: /workspace
""") {
node(POD_LABEL) {
stage('Clone') {
container('jnlp') {
sh """
git clone -b modify-repo-url https://github.com/ctlaltlaltc/docker-nginx.git /workspace/docker-nginx
"""
}
}
stage('Setting') {
container('cd-tools') {
sh """
# Setting sangfor registry private certificate
# Setting sangfor kubemanager registry ip
mkdir -p /etc/docker/certs.d/$kubemanager_registry_ip
wget --no-check-certificate -q -O- https://$kubemanager_registry_ip/api/systeminfo/getcert > /etc/docker/certs.d/$kubemanager_registry_ip/ca.crt
"""
}
}
stage('Build') {
container('docker') {
sh """
docker version
export DOCKER_BUILDKIT=1
docker build --progress plain -t $kubemanager_registry_ip/library/nginx-devops:latest /workspace/docker-nginx/stable/alpine
"""
}
}
stage('Publish') {
container('docker') {
sh """
docker login -u user -p password $kubemanager_registry_ip
docker push $kubemanager_registry_ip/library/nginx-devops:latest
"""
}
}
stage('Deploy') {
container('cd-tools'){
sh """
kubemanager login https://$kubemanager_ip --skip-verify --token $kubemanager_token --context $kubemanager_project
if ! kubemanager kubectl get namespace devops; then
kubemanager kubectl create namespace devops
fi
# rollout update
if ! kubemanager kubectl -n devops get deploy nginx; then
kubemanager kubectl -n devops create deployment nginx --image=$kubemanager_registry_ip/library/nginx-devops:latest
else
kubemanager kubectl -n devops rollout restart deployment/nginx
fi
# expose service
if ! kubemanager kubectl -n devops get service nginx-http; then
kubemanager kubectl -n devops expose deployment nginx --port=80 --target-port=80 --name=nginx-http
fi
kubemanager kubectl -n devops wait --for=condition=available --timeout=600s deployment/nginx
"""
}
}
stage('Test') {
container('cd-tools') {
sh """
true
"""
}
}
stage('Teardown') {
container('jnlp') {
sh """
true
"""
}
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment