pipeline { agent any parameters { choice(name: 'APP', choices: ['tenant-platform', 'ops-platform'], description: '要构建的 Web 应用') booleanParam(name: 'DEPLOY', defaultValue: true, description: '构建后是否自动部署') booleanParam(name: 'NO_CACHE', defaultValue: false, description: '禁用 Docker 构建缓存(缓存错误时使用)') } environment { ACR_REGISTRY = 'crpi-n44qjpuucgjt8e8c.cn-beijing.personal.cr.aliyuncs.com' ACR_NAMESPACE = 'xuqmgroup' ACR_USERNAME = 'xuqinmin12' PROD_HOST = '106.54.23.149' PROD_USER = 'ubuntu' COMPOSE_FILE = '/opt/xuqm/deploy/compose.production.yaml' VERSIONS_FILE = '/opt/xuqm/deploy/versions.json' DOCKER_BUILDKIT = '1' } options { timeout(time: 20, unit: 'MINUTES') buildDiscarder(logRotator(numToKeepStr: '20')) disableConcurrentBuilds() } stages { stage('Checkout') { steps { checkout([ $class: 'GitSCM', branches: [[name: 'main']], extensions: [[$class: 'CleanBeforeCheckout']], userRemoteConfigs: scm.userRemoteConfigs ]) } } stage('Resolve Build Plan') { steps { script { switch (params.APP) { case 'tenant-platform': env.IMAGE_NAME = 'tenant-web' env.DOCKERFILE = 'Dockerfile.tenant' env.DEPLOY_SERVICE = 'tenant-web' env.VERSION_FILE = 'VERSION.tenant-web' env.BUILD_ARGS = '--build-arg TENANT_APP_BASE=/ --build-arg TENANT_API_BASE_URL=/api' break case 'ops-platform': env.IMAGE_NAME = 'ops-web' env.DOCKERFILE = 'Dockerfile.ops' env.DEPLOY_SERVICE = 'ops-web' env.VERSION_FILE = 'VERSION.ops-web' env.BUILD_ARGS = '--build-arg OPS_APP_BASE=/ --build-arg OPS_API_BASE_URL=/api' break default: error("Unsupported APP: ${params.APP}") } // 自动递增版本号(与后端 Jenkinsfile 保持一致) def vf = env.VERSION_FILE def current = fileExists(vf) ? readFile(vf).trim() : '1.0.0' def parts = current.tokenize('.') while (parts.size() < 3) parts.add('0') env.SERVICE_VERSION = "${parts[0]}.${parts[1]}.${parts[2].toInteger() + 1}" writeFile file: vf, text: env.SERVICE_VERSION echo "${env.IMAGE_NAME}: ${current} → ${env.SERVICE_VERSION}" } } } stage('Docker Build & Push') { steps { withCredentials([string(credentialsId: 'ACR_PASSWORD', variable: 'ACR_PASS')]) { script { def versionedImage = "${env.ACR_REGISTRY}/${env.ACR_NAMESPACE}/${env.IMAGE_NAME}:${env.SERVICE_VERSION}" def latestImage = "${env.ACR_REGISTRY}/${env.ACR_NAMESPACE}/${env.IMAGE_NAME}:latest" def cacheArgs = params.NO_CACHE ? '--no-cache' : "--build-arg BUILDKIT_INLINE_CACHE=1 --cache-from ${latestImage}" def gitCommit = env.GIT_COMMIT ?: 'unknown' bat """ docker login ${env.ACR_REGISTRY} -u ${env.ACR_USERNAME} -p %ACR_PASS% if %errorlevel% neq 0 exit /b 1 docker pull --platform=linux/amd64 ${latestImage} || echo Pull failed, will build fresh docker build --platform=linux/amd64 -f ${env.DOCKERFILE} ${env.BUILD_ARGS} --build-arg GIT_COMMIT=${gitCommit} --build-arg SERVICE_VERSION=${env.SERVICE_VERSION} ${cacheArgs} -t ${versionedImage} -t ${latestImage} . if %errorlevel% neq 0 exit /b 1 docker push ${versionedImage} if %errorlevel% neq 0 exit /b 1 docker push ${latestImage} if %errorlevel% neq 0 exit /b 1 docker rmi ${versionedImage} ${latestImage} exit /b 0 """ } } } } stage('Deploy to Production') { when { expression { return params.DEPLOY } } steps { lock('prod-deploy') { withCredentials([sshUserPrivateKey(credentialsId: 'PROD_SSH_KEY', keyFileVariable: 'SSH_KEY')]) { script { def latestImage = "${env.ACR_REGISTRY}/${env.ACR_NAMESPACE}/${env.IMAGE_NAME}:latest" retry(2) { bat """ ssh -i "%SSH_KEY%" -o StrictHostKeyChecking=no ${env.PROD_USER}@${env.PROD_HOST} "docker image prune -f 2>/dev/null || true; docker pull ${latestImage} || exit 1; docker compose -f ${env.COMPOSE_FILE} up -d --no-deps --force-recreate ${env.DEPLOY_SERVICE} || exit 1; docker image prune -f" """ } // 更新 versions.json(与后端 Jenkinsfile 保持一致的合并逻辑) def svcName = env.DEPLOY_SERVICE def svcVer = env.SERVICE_VERSION def releasedAt = new Date().format("yyyy-MM-dd'T'HH:mm:ss'Z'", TimeZone.getTimeZone('UTC')) def updateScript = """\ import json, os path = '${env.VERSIONS_FILE}' d = json.load(open(path)) if os.path.exists(path) else {} d.setdefault('services', {}) d['services'].setdefault('${svcName}', {}) d['services']['${svcName}']['version'] = '${svcVer}' d['services']['${svcName}']['changed'] = True d['releasedAt'] = '${releasedAt}' json.dump(d, open(path, 'w'), indent=2, ensure_ascii=False) print('versions.json updated: ${svcName}=${svcVer}') """.stripIndent() writeFile file: 'update_versions_web.py', text: updateScript bat """ scp -i "%SSH_KEY%" -o StrictHostKeyChecking=no update_versions_web.py ${env.PROD_USER}@${env.PROD_HOST}:/tmp/update_versions_web.py ssh -i "%SSH_KEY%" -o StrictHostKeyChecking=no ${env.PROD_USER}@${env.PROD_HOST} "python3 /tmp/update_versions_web.py && rm /tmp/update_versions_web.py" """ } } } } } stage('Commit Version') { steps { bat """ git config user.email "jenkins@xuqm.com" git config user.name "Jenkins CI" git add ${env.VERSION_FILE} git diff --cached --quiet || git commit -m "ci: bump ${env.IMAGE_NAME} to ${env.SERVICE_VERSION} [skip ci]" git push origin HEAD:main """ } } } post { success { echo "✅ ${env.IMAGE_NAME}:${env.SERVICE_VERSION} 构建部署成功" } failure { echo "❌ 构建失败,请检查日志" } } }