xuqmGroup/XuqmGroup-Web
0
0
派生 0
代码 工单 合并请求 版本发布 百科 动态
c11e8f6d71
XuqmGroup-Web/Jenkinsfile
XuqmGroup 168bf4662c docs(deploy): 添加部署文档和安全设计规范 
- 新增 XuqmGroup 部署文档,包含部署方案、架构建议和部署步骤
- 添加安全设计规范,涵盖密码安全、AppSecret验证和服务端API认证
- 补充平台REST API规范,定义Server-to-Server调用接口和错误码
- 创建Java IM服务端SDK计划文档,规划Maven包发布和接口实现
2026-05-08 18:32:00 +08:00

63 行
2.0 KiB
Groovy
原始文件 Blame 文件历史

pipeline {
agent any
parameters {
string(name: 'BRANCH', defaultValue: 'main', description: 'Git 分支名')
string(name: 'IMAGE_TAG', defaultValue: 'latest', description: '镜像 Tag')
booleanParam(name: 'DEPLOY', defaultValue: true, description: '构建后是否自动部署')
}
environment {
ACR_REGISTRY = 'crpi-n44qjpuucgjt8e8c.cn-beijing.personal.cr.aliyuncs.com'
ACR_NAMESPACE = 'xuqmgroup'
ACR_USERNAME = 'xuqinmin12'
PROD_HOST = '106.54.23.149'
PROD_USER = 'ubuntu'
COMPOSE_FILE = '/opt/xuqm/deploy/compose.production.yaml'
IMAGE_NAME = 'web'
DOCKER_BUILDKIT = '1'
}
stages {
stage('Checkout') {
steps { checkout scm }
}
stage('Docker Build & Push') {
steps {
withCredentials([string(credentialsId: 'ACR_PASSWORD', variable: 'ACR_PASS')]) {
script {
def fullImage = "${ACR_REGISTRY}/${ACR_NAMESPACE}/${IMAGE_NAME}:${params.IMAGE_TAG}"
bat """
docker login ${ACR_REGISTRY} -u ${ACR_USERNAME} -p %ACR_PASS%
docker pull ${fullImage} || exit 0
docker build --build-arg BUILDKIT_INLINE_CACHE=1 --cache-from ${fullImage} -t ${fullImage} .
docker push ${fullImage}
docker rmi ${fullImage}
"""
}
}
}
}
stage('Deploy to Production') {
when { expression { return params.DEPLOY } }
steps {
withCredentials([sshUserPrivateKey(credentialsId: 'PROD_SSH_KEY', keyFileVariable: 'SSH_KEY')]) {
script {
def fullImage = "${ACR_REGISTRY}/${ACR_NAMESPACE}/${IMAGE_NAME}:${params.IMAGE_TAG}"
bat """
ssh -i "%SSH_KEY%" -o StrictHostKeyChecking=no ${PROD_USER}@${PROD_HOST} "docker pull ${fullImage} && docker compose -f ${COMPOSE_FILE} up -d --no-deps web && docker image prune -f"
"""
}
}
}
}
}
post {
success { echo "✅ web:${params.IMAGE_TAG} 构建部署成功" }
failure { echo "❌ 构建失败,请检查日志" }
}
}
在新工单中引用 查看 Git Blame 复制永久链接