收益
- 不用再通過指令行釋出
- 釋出環境穩定,可以重複執行
- 釋出過程中不需要輸入密碼
準備
- linux伺服器已安裝jenkins、git、openjdk8和maven3.5+已就緒
- git服務
- 一個已經能夠釋出jar檔案至Maven中央倉庫的項目
jenkins和git服務可參考樹莓派4B基于docker搭建devops平台進行準備,如何釋出jar檔案至Maven中央倉庫可參考将 JAR 釋出到中央 Maven 倉庫。
本實踐環境中使用的jenkins就是參考樹莓派4B基于docker搭建devops平台進行搭建的,參考文檔中使用的jenkins鏡像已經内置git、openjdk8和maven3.8.4,且同時支援樹莓派和普通x86伺服器;sdkg是一個已經準備好的可釋出jar檔案至Maven中央倉庫的項目,如您也準備好了一個能夠釋出jar檔案至Maven中央倉庫的項目,可以将它 push到搭建好的git伺服器,如gogs;或者任何可選的代碼托管平台,如github、gitee、codeup、coding等等。
pipeline設計與實作
步驟
- 下載下傳源碼
- 編譯并釋出jar檔案至Maven中央倉庫
腳本
node {
stage('git chekout') {
git branch: "master", url: 'https://gitee.com/fastjrun/sdkg.git'
}
stage('mvn deploy') {
sh 'sh build.sh publish_plugin'
}
}
build.sh
#!/bin/bash
echo "build ..."
if [ "local_plugin" = $1 ] ; then
mvn clean install -pl sdkg-plugin,base-sdkg/base-sdkg-client,base-sdkg/base-sdkg-provider,base-sdkg/base-sdkg-sb2-test,base-sdkg/example-sdkg/example-sdkg-client,base-sdkg/example-sdkg/example-sdkg-provider,base-sdkg/example-sdkg/example-sdkg-generator,base-sdkg/eladmin-sdkg/eladmin-sdkg-client,base-sdkg/eladmin-sdkg/eladmin-sdkg-provider,base-sdkg/eladmin-sdkg/eladmin-sdkg-generator -am
elif [ "publish_plugin" = $1 ] ; then
mvn clean deploy -Prelease -pl sdkg-plugin,base-sdkg/base-sdkg-client,base-sdkg/base-sdkg-provider,base-sdkg/base-sdkg-sb2-test,base-sdkg/example-sdkg/example-sdkg-client,base-sdkg/example-sdkg/example-sdkg-provider,base-sdkg/example-sdkg/example-sdkg-generator,base-sdkg/eladmin-sdkg/eladmin-sdkg-client,base-sdkg/eladmin-sdkg/eladmin-sdkg-provider,base-sdkg/eladmin-sdkg/eladmin-sdkg-generator -am
elif [ "package_example" = $1 ] ; then
mvn compile -pl base-sdkg/example-sdkg/example-codeg/example-api -am -Dapigc.skip=false
mvn compile -pl base-sdkg/example-sdkg/example-codeg/example-bundle -am -Dbdgc.skip=false
mvn compile -pl base-sdkg/example-sdkg/example-codeg/example-bundle-mock -am -Dbdmgc.skip=false
mvn compile -pl base-sdkg/example-sdkg/example-codeg/example-client -am -Dclientgc.skip=false
mvn package -pl base-sdkg/example-sdkg/example-codeg/example-api,base-sdkg/example-sdkg/example-codeg/example-bundle,base-sdkg/example-sdkg/example-codeg/example-bundle-mock,base-sdkg/example-sdkg/example-codeg/example-client -am
elif [ "package_eladmin" = $1 ] ; then
mvn compile -pl base-sdkg/eladmin-sdkg/eladmin-codeg/eladmin-api -am -Dapigc.skip=false
mvn compile -pl base-sdkg/eladmin-sdkg/eladmin-codeg/eladmin-bundle -am -Dbdgc.skip=false
mvn compile -pl base-sdkg/eladmin-sdkg/eladmin-codeg/eladmin-bundle-mock -am -Dbdmgc.skip=false
mvn compile -pl base-sdkg/eladmin-sdkg/eladmin-codeg/eladmin-client -am -Dclientgc.skip=false
mvn package -pl base-sdkg/eladmin-sdkg/eladmin-codeg/eladmin-api,base-sdkg/eladmin-sdkg/eladmin-codeg/eladmin-bundle,base-sdkg/eladmin-sdkg/eladmin-codeg/eladmin-bundle-mock,base-sdkg/eladmin-sdkg/eladmin-codeg/eladmin-client -am
fi
echo "build done."
pipeline執行
配置任務
jenkins控制台建立item
輸入任務名稱sdkg-nexus,選擇Pipeline後,點“确定”按鈕,進入配置任務頁面
選擇Pipeline script from SCM後,顯示SCM下拉選擇框如下
選擇Git後,顯示Repository标簽和Repository URL輸入框如下
Repository URL輸入https://gitee.com/fastjrun/sdkg.git
腳本路徑輸入deploy-nexus-gitee.groovy
點“儲存”按鈕後,這個釋出jar檔案至Maven中央倉庫的任務就配置好了
任務執行實踐
以參考樹莓派4B基于docker搭建devops平台首次部署的jenkins執行本任務,是不能完全成功執行本任務的,需要做一些配置才能通過jenkins将jar包釋出至maven中央倉庫。
這裡我們将通過不斷執行任務并解決遇到的問題直至成功的方式來完成本次實踐。
1、首次執行報錯“gpg: no default secret key: No secret key”
-
問題分析
該錯誤是因為沒有找到對應的secret key,我們需要從别處導入secret key或者建立secret key并配置到settings.xml中。
-
處理方案及步驟
這裡我們選擇建立secret key,并配置到settings.xml中
1. 建立secret key并上傳到伺服器
## 進入容器
[root@pi155 ~]# docker exec -it jenkins bash
bash-4.2# gpg --gen-key
gpg (GnuPG) 2.0.22; Copyright (C) 2013 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Please select what kind of key you want:
(1) RSA and RSA (default)
(2) DSA and Elgamal
(3) DSA (sign only)
(4) RSA (sign only)
Your selection? 4
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048)
Requested keysize is 2048 bits
Please specify how long the key should be valid.
0 = key does not expire
<n> = key expires in n days
<n>w = key expires in n weeks
<n>m = key expires in n months
<n>y = key expires in n years
Key is valid for? (0)
Key does not expire at all
Is this correct? (y/N) y
GnuPG needs to construct a user ID to identify your key.
Real name: fastjrun
Email address: [email protected]
Comment: nexus
You selected this USER-ID:
"fastjrun (nexus) <[email protected]>"
Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
You need a Passphrase to protect your secret key.
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
建立secret key過程中需要輸入密碼如下
這裡,我們會遇到問題2,請參考問題2進行處理。
建立secret key後,上傳到伺服器
bash-4.2# gpg --list-keys
/root/.gnupg/pubring.gpg
------------------------
pub 2048R/94DC8DA4 2022-02-04
uid fastjrun (nexus) <[email protected]>
## 上傳到伺服器
bash-4.2# gpg --keyserver hkp://keyserver.ubuntu.com:11371 --send-keys 94DC8DA4
gpg: sending key 94DC8DA4 to hkp server keyserver.ubuntu.com
## 立即查詢會報找不到
bash-4.2# gpg --keyserver hkp://keyserver.ubuntu.com:11371 --recv-keys 94DC8DA4
gpg: requesting key 94DC8DA4 from hkp server keyserver.ubuntu.com
gpgkeys: key 94DC8DA4 not found on keyserver
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0
## 過個幾分鐘查詢才會有結果
bash-4.2# gpg --keyserver hkp://keyserver.ubuntu.com:11371 --recv-keys 94DC8DA4
gpg: requesting key 94DC8DA4 from hkp server keyserver.ubuntu.com
gpg: key 94DC8DA4: "fastjrun (nexus) <[email protected]>" not changed
gpg: Total number processed: 1
gpg: unchanged: 1
2.建立secret key并上傳到伺服器
[root@pi155 ~]# cd /opt/server/jenkins/data/.m2
[root@pi155 .m2]# docker cp jenkins:/opt/maven/conf/settings.xml ./
修改settings.xml檔案,主要修改内容如下:
<server>
<id>sonatype-nexus-staging</id>
<username>fastjrun</username>
<password>MyPaswsord@1234</password>
</server>
<server>
<id>sonatype-nexus-snapshots</id>
<username>fastjrun</username>
<password>MyPaswsord@1234</password>
</server>
<properties>
<gpg.passphrase>MyPaswsord@1234</gpg.passphrase>
<gpg.keyname>94DC8DA4</gpg.keyname>
</properties>
2、首次建立secret key發現被卡住
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
-
問題分析 //TODO
該問題原因未知,直接上處理方案
-
處理方案及步驟
安裝 rng-tools 這個工具,通過 yum install rng-tools完成安裝。之後再執行指令:rngd -r /dev/urandom,再重新執行gpg --gen-key,則發現生成密鑰可以瞬間完成了。
gpg: /root/.gnupg/trustdb.gpg: trustdb created
gpg: key 94DC8DA4 marked as ultimately trusted
public and secret key created and signed.
gpg: checking the trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
pub 2048R/94DC8DA4 2022-02-04
Key fingerprint = 2BF5 BA27 7795 2D8F 097D 8CEB C326 C0AA 94DC 8DA4
uid fastjrun (nexus) <[email protected]>
Note that this key cannot be used for encryption. You may want to use
the command "--edit-key" to generate a subkey for this purpose.