使用Jenkins进行CI / CD管道实现

时间:2018-05-07 14:46:45

标签: jenkins

我正在尝试使用kubernetes,Jenkins和我在On-Premise服务器上的私有SVN代码存储库来实现CI / CD管道。当我看到实现管道的例子时,我只看到GitHub的使用 - Web钩子。当提交到GitHub存储库时触发使用Web挂钩。在我的开发场景中,我正在使用SVN存储库。所以在我之前的堆栈溢出讨论中,我发现在Jenkins中添加了一个SVN插件。在这里,我感到怀疑,

  1. 我们可以使用SVN插件,而不是使用GitHub的Web挂钩触发功能?在Jenkins中是否有任何配置说在构建项目,测试和部署代码回购时提交?否则,我是否需要始终依赖jenkins的cron工作?
  2. 与GitHub一样 - Web钩子,当提交代码仓库时,我们可以在jenkins中配置哪个触发操作?

1 个答案:

答案 0 :(得分:1)

Subversion plugin page有几个很好的例子,可以使用post-commit钩子来获取你正在寻找的行为。要回答您的问题,请看:

  1. 您可以将脚本添加到post-commit目录中的$REPOSITORY/hooks文件中(参见下面的示例)
  2. 您需要为Jenkins工作启用SCM轮询,但是您提供的时间表并不重要(您可以根据需要将其设置为不常用,例如每月或每年)。如果您禁用轮询,则提交挂钩将不会触发Jenkins构建。
  3. 我将提供他们的示例脚本以防止链接腐烂;我真的只熟悉基于git的回购,所以我可能无法在这些脚本上提供很多帮助。

    首先,这里是他们的基本示例,假设您已将Jenkins配置为启用匿名读取访问并禁用CSRF(因此它根本不是一个非常安全的示例)。这将添加到post-commit目录中的$REPOSITORY/hooks文件:

    REPOS="$1"
    REV="$2"
    UUID=`svnlook uuid $REPOS`
    /usr/bin/wget \
      --header "Content-Type:text/plain;charset=UTF-8" \
      --post-data "`svnlook changed --revision $REV $REPOS`" \
      --output-document "-" \
      --timeout=2 \
      http://server/subversion/${UUID}/notifyCommit?rev=$REV
    

    他们还有一个更加健壮的例子,它考虑了安全性:

    #!/bin/sh
    REPOS="$1"
    REV="$2"
    
    # No environment is passed to svn hook scripts; set paths to external tools explicitly:
    WGET=/usr/bin/wget
    SVNLOOK=/usr/bin/svnlook
    
    # If your server requires authentication, it is recommended that you set up a .netrc file to store your username and password
    # Better yet, since Jenkins v. 1.426, use the generated API Token in place of the password
    # See https://wiki.jenkins-ci.org/display/JENKINS/Authenticating+scripted+clients
    # Since no environment is passed to hook scripts, you need to set $HOME (where your .netrc lives)
    # By convention, this should be the home dir of whichever user is running the svn process (i.e. apache)
    HOME=/var/www/
    
    UUID=`$SVNLOOK uuid $REPOS`
    NOTIFY_URL="subversion/${UUID}/notifyCommit?rev=${REV}"
    CRUMB_ISSUER_URL='crumbIssuer/api/xml?xpath=concat(//crumbRequestField,":",//crumb)'
    
    function notifyCI {
        # URL to Hudson/Jenkins server application (with protocol, hostname, port and deployment descriptor if needed)
        CISERVER=$1
    
        # Check if "[X] Prevent Cross Site Request Forgery exploits" is activated
        # so we can present a valid crumb or a proper header
        HEADER="Content-Type:text/plain;charset=UTF-8"
        CRUMB=`$WGET --auth-no-challenge --output-document - ${CISERVER}/${CRUMB_ISSUER_URL}`
        if [ "$CRUMB" != "" ]; then HEADER=$CRUMB; fi
    
        $WGET \
            --auth-no-challenge \
            --header $HEADER \
            --post-data "`$SVNLOOK changed --revision $REV $REPOS`" \
            --output-document "-"\
            --timeout=2 \
            ${CISERVER}/${NOTIFY_URL}
    }
    
    # The code above was placed in a function so you can easily notify multiple Jenkins/Hudson servers:
    notifyCI "http://myPC.company.local:8080"
    notifyCI "http://jenkins.company.com:8080/jenkins"