Jenkins
→ 返回运维工具
开源自托管 CI/CD 平台,插件生态丰富,适合企业内部搭建构建流水线。
核心概念
| 概念 | 说明 |
|---|---|
| Pipeline | 流水线,用 Jenkinsfile 定义 |
| Stage | 流水线阶段,如 Build、Test、Deploy |
| Step | Stage 中的具体操作 |
| Agent | 执行 Job 的节点 |
| Credential | 存储密码、Token、SSH 密钥 |
Jenkinsfile(声明式)
pipeline {
agent any
tools {
jdk 'JDK17'
maven 'Maven3'
}
environment {
DOCKER_CREDS = credentials('docker-hub')
IMAGE_NAME = "myrepo/myapp:${env.BUILD_NUMBER}"
}
stages {
stage('Checkout') {
steps { checkout scm }
}
stage('Build') {
steps { sh 'mvn -B clean package -DskipTests' }
}
stage('Test') {
steps { sh 'mvn -B test' }
post {
always { junit 'target/surefire-reports/*.xml' }
}
}
stage('Docker Build & Push') {
steps {
sh """
docker build -t ${IMAGE_NAME} .
echo ${DOCKER_CREDS_PSW} | docker login -u ${DOCKER_CREDS_USR} --password-stdin
docker push ${IMAGE_NAME}
"""
}
}
stage('Deploy') {
when { branch 'main' }
steps {
sh "kubectl set image deployment/myapp myapp=${IMAGE_NAME}"
}
}
}
post {
failure { mail to: 'dev@example.com', subject: '构建失败', body: env.BUILD_URL }
always { cleanWs() }
}
}多分支流水线
自动为每个分支创建流水线,识别仓库根目录的 Jenkinsfile:
新建任务 → 多分支流水线 → 配置 Branch Sources → 扫描仓库
常用插件
| 插件 | 用途 |
|---|---|
| Pipeline | 流水线核心 |
| Git / GitHub | 代码拉取、Webhook |
| Docker Pipeline | Docker 操作 |
| Kubernetes | 动态创建 K8s Agent |
| Blue Ocean | 现代化 UI |
| Credentials Binding | 安全注入凭据 |
Webhook 触发
GitHub 仓库 Settings → Webhooks:
- URL:
http://jenkins.example.com/github-webhook/ - Jenkins Job 触发器 → GitHub hook trigger for GITScm polling
凭据管理
Manage Jenkins → Credentials,支持用户名密码、Secret text、SSH 密钥。
withCredentials([usernamePassword(
credentialsId: 'nexus-creds',
usernameVariable: 'NEXUS_USER',
passwordVariable: 'NEXUS_PASS'
)]) {
sh 'mvn deploy -Dusername=$NEXUS_USER -Dpassword=$NEXUS_PASS'
}相关文档
- Docker — 构建推送镜像
- Kubernetes — 部署目标
- GitHub Actions — 云端 CI/CD 替代方案