注册    登录
创作新主题
社区所有版块导航
Python
python开源   Django   Python   DjangoApp   pycharm  
DATA
docker   Elasticsearch  
分享
问与答   闲聊   招聘   翻译   创业   分享发现   分享创造   求职   区块链   支付之战  
aigc
aigc   chatgpt  
WEB开发
linux   MongoDB   Redis   DATABASE   NGINX   其他Web框架   web工具   zookeeper   tornado   NoSql   Bootstrap   js   peewee   Git   bottle   IE   MQ   Jquery  
机器学习
机器学习算法  
Python88.com
反馈   公告   社区推广  
产品
短视频  
印度
印度  
关注
Py学习  »  Git

Jenkins集成GitLab

马哥Linux运维 • 4 年前 • 574 次点击  

Jenkins免密拉取GitLab项目

1.在Jenkins上为GitLab创建一个专有的拉取代码的账号 Jenkins需要构建哪些项目就在GitLab给予账号相应权限 我这里已经创建过Jenkins用户,下面用它登录后添加SSH-KEY

-w1020

2.在Jenkins服务器上生成ssh-key

                [root@jenkins ~]# ssh-keygen -t rsaGenerating public/private rsa key pair.Enter file in which to save the key (/root/.ssh/id_rsa):Enter passphrase (empty for no passphrase):Enter same passphrase again:Your identification has been saved in /root/.ssh/id_rsa.Your public key has been saved in /root/.ssh/id_rsa.pub.The key fingerprint is:SHA256:IUQIuu0SAdSbZvENbIjFYTrUrnuqKGBmZtwPj6lvz60 root@jenkinsThe key's randomart image is:+---[RSA 2048]----+|ooB=+oo          ||ooo*.=           ||oo. * + .        || +.*


    
 . o .       ||+ *     S        ||.@ o             ||O o *            ||oo =.o.          ||=o*..E..         |+----[SHA256]-----+

查看公钥

                [root@jenkins ~]# cat /root/.ssh/id_rsa.pubssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7ckQQf4N93Rjf0ts3Lk4siL6FZmZiBiB+ouwTgw9kKof2NeJTguf0aNfDsgSEet4+bJ53ZKztsFZE/C+sqk7grqeLeYDFBWgdZBz1dmCYT51tRFmZPDEDclOIMc2tz0G50g6DFA1dvIfkzeVbKjBNN0o80FSAwAzrtjMrkyaDcrOmYekiSPM8JYJTTcFLCzIBXz7SXOmKH5vyoAIVpdcwnIhkHNLKfD0MdzGb7Kz/pKMnLubodcxyNir6fqw76qwMe1DE0NtQzpaCrTYhVnAizVqCDek0GMZjTG1vWYNn6a8G7omV3Gde1XjcmjAj6ftVQiVLBRJaIGKI4R/B//nd root@jenkins

将Jenkins的公钥填入GitLab账号中

-w1314

3.测试SSH-KEY 到jenkins服务器上拉取项目来测试ssh-key免密是否生效

                [root@jenkins ~]# yum install git -y[root@jenkins ~]# git clone git@106.14.10.124:dev01/sample.git正克隆到 'sample'...The authenticity of host '106.14.10.124 (106.14.10.124)' can't be established.ECDSA key fingerprint is SHA256:bO22/HlgAAGXi9CXTxDE6wvNCUcTs2OajL9PinZMN/0.ECDSA key fingerprint is MD5:ec:4f:14


    
:0a:b6:72:cf:6e:da:5b:fa:5b:be:b9:2f:db.Are you sure you want to continue connecting (yes/no)? yesWarning: Permanently added '106.14.10.124' (ECDSA) to the list of known hosts.remote: Enumerating objects: 6, done.remote: Counting objects: 100% (6/6), done.remote: Compressing objects: 100% (4/4), done.remote: Total 6 (delta 0), reused 0 (delta 0), pack-reused 0接收对象中: 100% (6/6), done.

如上,ssh-key已生效

配置jenkins自动拉取代码

1.jenkins 服务器添加证书 系统配置——》Manage Credentials

-w1617

系统配置——》Manage Credentials——》Jenkins——》全局凭证——》添加凭证

-w1617

这样的话Jenkins服务器拉取GitLab的代码就不需要再进行认证了。

Jenkins安装GitLab插件

1.安装插件 插件名称:

GitLabGitlab HookGitlab AuthenticationGitLab Logo

-w1599

安装完成后重启Jenkins


GitLab为Jenkins生成Token

1.我们使用Jenkins用户登录GitLab 然后使用Jenkins用户创建Token

-w1621

2.复制创建的Token

-w1615

3.打开Jenkins 系统管理——》系统配置

-w1425

输入以下相关内容

-w1152

选择凭证,测试后保存

-w1377

4.查看凭证 现在有以下两种方式与GitLab进行认证

通过GitLab上Jenkins用户的密钥(GitLab绑定Jenkins用户的公钥,Jenkins绑定GitLab上Jenkins用户的私钥)、通过GitLab上Jenkins用户的API Token绑定到Jenkins上的GitLab authentication插件上进行连接。

-w1512


Jenkins构建流水线

1.创建Project 新建任务——》流水线

-w1395

2.选择流水线语法

-w1164

3.生成流水线脚本

-w1626

复制生成的git脚本

4.编写Pipline脚本 我这里脚本如下

                node {    stage('拉取代码'){        git credentialsId: 'b907af22-5a74-4eee-aa5f-a822c764279c', url: 'git@172.19.95.139:dev01/sample.git'        echo "Code Pull"    }    stage('代码扫描'){        echo "Code Scanning"    }    stage('代码构建'){


    
        echo "Code Build"    }    stage('是否部署'){        input '是否部署'    }        stage('开始部署'){        sh '/opt/jenkins/sample/sample_release.sh'    }}

将以上脚本写流水线中

-w1507

上面脚本最后执行了/opt/jenkins/sample/sample_release.sh脚本,我们到执行任务的Jenkins服务器上去编写这个部署脚本。脚本如下:jenkins服务器将/usr/local/src/sample.zip文件拷贝到了172.19.182.107上

                [root@jenkins /]# cat /opt/jenkins/sample/sample_release.sh#!/usr/bin/env bash
scp /usr/local/src/sample.zip root@172.19.182.107:/usr/local/

这里我们需要先让Jenkins服务器与172.19.182.107做免密登录,将Jenkins的公钥拷贝到172.19.182.107服务中的/root/.ssh/authorized_keys文件中

                #Jenkins的公钥(这里为root的公钥,Jenkins进程就需要用root用户运行)[root@jenkins /]# cat /root/.ssh/id_rsa.pubssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7ckQQf4N93Rjf0ts3Lk4siL6FZmZiBiB+ouwTgw9kKof2NeJTguf0aNfDsgSEet4+bJ53ZKztsFZE/C+sqk7grqeLeYDFBWgdZBz1dmCYT51tRFmZPDEDclOIMc2tz0G50g6DFA1dvIfkzeVbKjBNN0o80FSAwAzrtjMrkyaDcrOmYekiSPM8JYJTTcFLCzIBXz7SXOmKH5vyoAIVpdcwnIhkHNLKfD0MdzGb7Kz/pKMnLubodcxyNir6fqw76qwMe1DE0NtQzpaCrTYhVnAizVqCDek0GMZjTG1vWYNn6a8G7omV3Gde1XjcmjAj6ftVQiVLBRJaIGKI4R/B//nd root@jenkins
#172.19.182.107服务器的authorized_keys文件


    
cat /root/.ssh/authorized_keysssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7ckQQf4N93Rjf0ts3Lk4siL6FZmZiBiB+ouwTgw9kKof2NeJTguf0aNfDsgSEet4+bJ53ZKztsFZE/C+sqk7grqeLeYDFBWgdZBz1dmCYT51tRFmZPDEDclOIMc2tz0G50g6DFA1dvIfkzeVbKjBNN0o80FSAwAzrtjMrkyaDcrOmYekiSPM8JYJTTcFLCzIBXz7SXOmKH5vyoAIVpdcwnIhkHNLKfD0MdzGb7Kz/pKMnLubodcxyNir6fqw76qwMe1DE0NtQzpaCrTYhVnAizVqCDek0GMZjTG1vWYNn6a8G7omV3Gde1XjcmjAj6ftVQiVLBRJaIGKI4R/B//nd root@jenkins
#测试免密登录[root@jenkins /]# ssh root@172.19.182.107Last login: Tue Jun 30 20:26:12 2020 from 172.19.206.72
Welcome to Alibaba Cloud Elastic Compute Service !

Jenkins执行任务

1.进入到任务中

-w1362

2.点击立即构建

-w961

3.是否部署

-w1385
-w1329

☆ END ☆


Python社区是高质量的Python/Django开发社区
本文地址:http://www.python88.com/topic/71117
Reply
 
574 次点击  
登录后回复
关于   移动版
Py学习 - 专注于Python技术发展的社区(原Django社区)
沪ICP备11025650号