pipeline { agent any parameters { choice( name: 'SERVICE', choices: ['all', 'tenant-service', 'im-service', 'push-service', 'update-service', 'file-service', 'license-service', 'demo-service'], description: '要构建的服务模块(all = 全部,每个服务独立版本号)' ) } environment { ACR_REGISTRY = 'crpi-n44qjpuucgjt8e8c.cn-beijing.personal.cr.aliyuncs.com' ACR_NAMESPACE = 'xuqmgroup' ACR_USERNAME = 'xuqinmin12' PROD_HOST = '106.54.23.149' PROD_USER = 'ubuntu' COMPOSE_FILE = '/opt/xuqm/deploy/compose.production.yaml' VERSIONS_FILE = '/opt/xuqm/deploy/versions.json' DOCKER_BUILDKIT = '1' } options { timeout(time: 60, unit: 'MINUTES') buildDiscarder(logRotator(numToKeepStr: '30')) disableConcurrentBuilds() } stages { stage('Checkout') { steps { checkout([ $class: 'GitSCM', branches: [[name: 'main']], extensions: [[$class: 'CleanBeforeCheckout']], userRemoteConfigs: scm.userRemoteConfigs ]) } } stage('Resolve Versions') { steps { script { def allServices = ['tenant-service', 'im-service', 'push-service', 'update-service', 'file-service', 'license-service', 'demo-service'] // 支持从 job 名自动推断服务(如 xuqmgroup-update-service → update-service) def jobService = env.JOB_NAME.tokenize('/').last() .replaceFirst(/^xuqmgroup-/, '') def resolvedService = allServices.contains(jobService) ? jobService : params.SERVICE def targets = resolvedService == 'all' ? allServices : [resolvedService] echo "Job: ${env.JOB_NAME} → SERVICE=${resolvedService}" // serviceVersions: Map def serviceVersions = [:] for (svc in targets) { def vf = "VERSION.${svc}" def current = fileExists(vf) ? readFile(vf).trim() : '1.0.0' def parts = current.tokenize('.') while (parts.size() < 3) parts.add('0') def newVer = "${parts[0]}.${parts[1]}.${parts[2].toInteger() + 1}" serviceVersions[svc] = newVer writeFile file: vf, text: newVer echo "${svc}: ${current} → ${newVer}" } env.SERVICE_VERSIONS_JSON = groovy.json.JsonOutput.toJson(serviceVersions) } } } stage('Docker Build & Push') { steps { withCredentials([string(credentialsId: 'ACR_PASSWORD', variable: 'ACR_PASS')]) { script { def serviceVersions = new groovy.json.JsonSlurper().parseText(env.SERVICE_VERSIONS_JSON) for (entry in serviceVersions) { def svc = entry.key def ver = entry.value def base = "${ACR_REGISTRY}/${ACR_NAMESPACE}/${svc}" def versionedImage = "${base}:${ver}" def latestImage = "${base}:latest" echo "Building ${svc}:${ver}..." bat """ docker login ${ACR_REGISTRY} -u ${ACR_USERNAME} -p %ACR_PASS% if %errorlevel% neq 0 exit /b 1 docker pull --platform=linux/amd64 ${latestImage} || echo Pull failed, will build fresh docker build --platform=linux/amd64 --build-arg SERVICE_MODULE=${svc} --build-arg SERVICE_VERSION=${ver} --build-arg BUILDKIT_INLINE_CACHE=1 --cache-from ${latestImage} -t ${versionedImage} -t ${latestImage} . if %errorlevel% neq 0 exit /b 1 docker push ${versionedImage} if %errorlevel% neq 0 exit /b 1 docker push ${latestImage} if %errorlevel% neq 0 exit /b 1 docker rmi ${versionedImage} ${latestImage} exit /b 0 """ } } } } } stage('Deploy to Production') { steps { lock('prod-deploy') { withCredentials([sshUserPrivateKey(credentialsId: 'PROD_SSH_KEY', keyFileVariable: 'SSH_KEY')]) { script { def serviceVersions = new groovy.json.JsonSlurper().parseText(env.SERVICE_VERSIONS_JSON) for (entry in serviceVersions) { def svc = entry.key def latestImage = "${ACR_REGISTRY}/${ACR_NAMESPACE}/${svc}:latest" echo "Deploying ${svc}..." retry(2) { bat """ ssh -i "%SSH_KEY%" -o StrictHostKeyChecking=no ${PROD_USER}@${PROD_HOST} "docker image prune -f 2>/dev/null || true; docker pull ${latestImage} || exit 1; docker compose -f ${COMPOSE_FILE} up -d --no-deps --force-recreate ${svc} || exit 1; docker image prune -f" """ } } // 合并更新 versions.json(只改动本次构建涉及的服务,不覆盖其它服务或 web 条目) def releasedAt = new Date().format("yyyy-MM-dd'T'HH:mm:ss'Z'", TimeZone.getTimeZone('UTC')) def builtJson = groovy.json.JsonOutput.toJson(serviceVersions) def allSvcsList = groovy.json.JsonOutput.toJson(['tenant-service', 'im-service', 'push-service', 'update-service', 'file-service', 'license-service', 'demo-service']) def updateScript = """\ import json, os path = '${env.VERSIONS_FILE}' d = json.load(open(path)) if os.path.exists(path) else {} built = ${builtJson} all_svcs = ${allSvcsList} d.setdefault('services', {}) for s in all_svcs: d['services'].setdefault(s, {}) if s in built: d['services'][s]['version'] = built[s] d['services'][s]['changed'] = True else: d['services'][s].setdefault('version', 'unknown') d['services'][s]['changed'] = False # platformVersion 取 tenant-service 版本(主服务),私有部署 check-update 用此字段判断是否有新版本 if 'tenant-service' in built: d['platformVersion'] = built['tenant-service'] elif 'platformVersion' not in d: d['platformVersion'] = list(built.values())[0] if built else 'unknown' d['releasedAt'] = '${releasedAt}' json.dump(d, open(path, 'w'), indent=2, ensure_ascii=False) print('versions.json updated, platformVersion=' + d.get('platformVersion', '')) """.stripIndent() writeFile file: 'update_versions.py', text: updateScript bat """ scp -i "%SSH_KEY%" -o StrictHostKeyChecking=no update_versions.py ${PROD_USER}@${PROD_HOST}:/tmp/update_versions.py ssh -i "%SSH_KEY%" -o StrictHostKeyChecking=no ${PROD_USER}@${PROD_HOST} "python3 /tmp/update_versions.py && rm /tmp/update_versions.py" """ } } } } } stage('Commit Versions') { steps { script { def serviceVersions = new groovy.json.JsonSlurper().parseText(env.SERVICE_VERSIONS_JSON) def versionFiles = serviceVersions.keySet().collect { "VERSION.${it}" }.join(' ') def summary = serviceVersions.collect { svc, ver -> "${svc}=${ver}" }.join(', ') bat """ git config user.email "jenkins@xuqm.com" git config user.name "Jenkins CI" git add ${versionFiles} git diff --cached --quiet || git commit -m "ci: bump versions [${summary}] [skip ci]" git push origin HEAD:main """ } } } } post { success { script { def serviceVersions = new groovy.json.JsonSlurper().parseText(env.SERVICE_VERSIONS_JSON ?: '{}') def summary = serviceVersions.collect { svc, ver -> "${svc}:${ver}" }.join(', ') echo "✅ 构建部署成功 — ${summary}" } } failure { echo "❌ 构建失败,请检查日志" } } }