jenkins自动化构建docker镜像并上传至harbor仓库

1、插件下载

首先进入jenkins之后需要现在"Maven"、"GitLab"、"Jdk"、"SSH"、"Git"的相关插件,这里不再赘述,需要什么插件直接安装即可

搜索对应插件后选择直接安装即可

2、系统全局配置

2.1 Maven配置

配置maven安装的相应的setting文件

不知道具体目录的可以通过"mvn -v"之后的Maven home查看

bash 复制代码
vim /usr.local/apache-maven-3.9.6/conf/setting.xml

修改mirrors下的源地址,因为后面在jenkins中进行jar包打包的时候需要通过maven下载对应的依赖,使用默认maven仓库地址可能会导致失败

bash 复制代码
    <mirror>
      <id>mirrorId</id>
      <mirrorOf>repositoryId</mirrorOf>
      <name>Human Readable Name for this Mirror.</name>
      <url>http://my.repository.com/repo/path</url>
    </mirror>
     -->
    <!-- 阿里云仓库 -->
    <mirror>
        <id>alimaven</id>
        <mirrorOf>central</mirrorOf>
        <name>aliyun maven</name>
        <url>http://maven.aliyun.com/nexus/content/repositories/central/</url>
    </mirror>
 
    <!-- 中央仓库1 -->
    <mirror>
        <id>repo1</id>
        <mirrorOf>central</mirrorOf>
        <name>Human Readable Name for this Mirror.</name>
        <url>http://repo1.maven.org/maven2/</url>
    </mirror>
 
    <!-- 中央仓库2 -->
    <mirror>
        <id>repo2</id>
        <mirrorOf>central</mirrorOf>
        <name>Human Readable Name for this Mirror.</name>
        <url>http://repo2.maven.org/maven2/</url>
    </mirror>

修改maven打包后jar包的java编译编译工具版本,原来setting.xml中的默认版本为jdk1.4,修改为17

bash 复制代码
    <profile>
      <id>jdk-17</id>

      <activation>
        <jdk>17</jdk>
      </activation>

      <repositories>
        <repository>
          <id>jdk17</id>
          <name>Repository for JDK 17 builds</name>
          <url>http://www.myhost.com/maven/jdk17</url>
          <layout>default</layout>
          <snapshotPolicy>always</snapshotPolicy>
        </repository>
      </repositories>
    </profile>

我的完整setting.xml如下,可参照

bash 复制代码
<?xml version="1.0" encoding="UTF-8"?>

<!--
Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements.  See the NOTICE file
distributed with this work for additional information
regarding copyright ownership.  The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License.  You may obtain a copy of the License at

    http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied.  See the License for the
specific language governing permissions and limitations
under the License.
-->

<!--
 | This is the configuration file for Maven. It can be specified at two levels:
 |
 |  1. User Level. This settings.xml file provides configuration for a single user,
 |                 and is normally provided in ${user.home}/.m2/settings.xml.
 |
 |                 NOTE: This location can be overridden with the CLI option:
 |
 |                 -s /path/to/user/settings.xml
 |
 |  2. Global Level. This settings.xml file provides configuration for all Maven
 |                 users on a machine (assuming they're all using the same Maven
 |                 installation). It's normally provided in
 |                 ${maven.conf}/settings.xml.
 |
 |                 NOTE: This location can be overridden with the CLI option:
 |
 |                 -gs /path/to/global/settings.xml
 |
 | The sections in this sample file are intended to give you a running start at
 | getting the most out of your Maven installation. Where appropriate, the default
 | values (values used when the setting is not specified) are provided.
 |
 |-->
<settings xmlns="http://maven.apache.org/SETTINGS/1.2.0"
          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
          xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.2.0 https://maven.apache.org/xsd/settings-1.2.0.xsd">
  <!-- localRepository
   | The path to the local repository maven will use to store artifacts.
   |
   | Default: ${user.home}/.m2/repository
  <localRepository>/path/to/local/repo</localRepository>
  -->

  <!-- interactiveMode
   | This will determine whether maven prompts you when it needs input. If set to false,
   | maven will use a sensible default value, perhaps based on some other setting, for
   | the parameter in question.
   |
   | Default: true
  <interactiveMode>true</interactiveMode>
  -->

  <!-- offline
   | Determines whether maven should attempt to connect to the network when executing a build.
   | This will have an effect on artifact downloads, artifact deployment, and others.
   |
   | Default: false
  <offline>false</offline>
  -->

  <!-- pluginGroups
   | This is a list of additional group identifiers that will be searched when resolving plugins by their prefix, i.e.
   | when invoking a command line like "mvn prefix:goal". Maven will automatically add the group identifiers
   | "org.apache.maven.plugins" and "org.codehaus.mojo" if these are not already contained in the list.
   |-->
  <pluginGroups>
    <!-- pluginGroup
     | Specifies a further group identifier to use for plugin lookup.
    <pluginGroup>com.your.plugins</pluginGroup>
    -->
  </pluginGroups>

  <!-- TODO Since when can proxies be selected as depicted? -->
  <!-- proxies
   | This is a list of proxies which can be used on this machine to connect to the network.
   | Unless otherwise specified (by system property or command-line switch), the first proxy
   | specification in this list marked as active will be used.
   |-->
  <proxies>
    <!-- proxy
     | Specification for one proxy, to be used in connecting to the network.
     |
    <proxy>
      <id>optional</id>
      <active>true</active>
      <protocol>http</protocol>
      <username>proxyuser</username>
      <password>proxypass</password>
      <host>proxy.host.net</host>
      <port>80</port>
      <nonProxyHosts>local.net|some.host.com</nonProxyHosts>
    </proxy>
    -->
  </proxies>

  <!-- servers
   | This is a list of authentication profiles, keyed by the server-id used within the system.
   | Authentication profiles can be used whenever maven must make a connection to a remote server.
   |-->
  <servers>
    <!-- server
     | Specifies the authentication information to use when connecting to a particular server, identified by
     | a unique name within the system (referred to by the 'id' attribute below).
     |
     | NOTE: You should either specify username/password OR privateKey/passphrase, since these pairings are
     |       used together.
     |
    <server>
      <id>deploymentRepo</id>
      <username>repouser</username>
      <password>repopwd</password>
    </server>
    -->

    <!-- Another sample, using keys to authenticate.
    <server>
      <id>siteServer</id>
      <privateKey>/path/to/private/key</privateKey>
      <passphrase>optional; leave empty if not used.</passphrase>
    </server>
    -->
  </servers>

  <!-- mirrors
   | This is a list of mirrors to be used in downloading artifacts from remote repositories.
   |
   | It works like this: a POM may declare a repository to use in resolving certain artifacts.
   | However, this repository may have problems with heavy traffic at times, so people have mirrored
   | it to several places.
   |
   | That repository definition will have a unique id, so we can create a mirror reference for that
   | repository, to be used as an alternate download site. The mirror site will be the preferred
   | server for that repository.
   |-->
  <mirrors>
    <!-- mirror
     | Specifies a repository mirror site to use instead of a given repository. The repository that
     | this mirror serves has an ID that matches the mirrorOf element of this mirror. IDs are used
     | for inheritance and direct lookup purposes, and must be unique across the set of mirrors.
     |
    <mirror>
      <id>mirrorId</id>
      <mirrorOf>repositoryId</mirrorOf>
      <name>Human Readable Name for this Mirror.</name>
      <url>http://my.repository.com/repo/path</url>
    </mirror>
     -->
    <!-- 阿里云仓库 -->
    <mirror>
        <id>alimaven</id>
        <mirrorOf>central</mirrorOf>
        <name>aliyun maven</name>
        <url>http://maven.aliyun.com/nexus/content/repositories/central/</url>
    </mirror>
 
    <!-- 中央仓库1 -->
    <mirror>
        <id>repo1</id>
        <mirrorOf>central</mirrorOf>
        <name>Human Readable Name for this Mirror.</name>
        <url>http://repo1.maven.org/maven2/</url>
    </mirror>
 
    <!-- 中央仓库2 -->
    <mirror>
        <id>repo2</id>
        <mirrorOf>central</mirrorOf>
        <name>Human Readable Name for this Mirror.</name>
        <url>http://repo2.maven.org/maven2/</url>
    </mirror>
  </mirrors>

  <!-- profiles
   | This is a list of profiles which can be activated in a variety of ways, and which can modify
   | the build process. Profiles provided in the settings.xml are intended to provide local machine-
   | specific paths and repository locations which allow the build to work in the local environment.
   |
   | For example, if you have an integration testing plugin - like cactus - that needs to know where
   | your Tomcat instance is installed, you can provide a variable here such that the variable is
   | dereferenced during the build process to configure the cactus plugin.
   |
   | As noted above, profiles can be activated in a variety of ways. One way - the activeProfiles
   | section of this document (settings.xml) - will be discussed later. Another way essentially
   | relies on the detection of a property, either matching a particular value for the property,
   | or merely testing its existence. Profiles can also be activated by JDK version prefix, where a
   | value of '1.4' might activate a profile when the build is executed on a JDK version of '1.4.2_07'.
   | Finally, the list of active profiles can be specified directly from the command line.
   |
   | NOTE: For profiles defined in the settings.xml, you are restricted to specifying only artifact
   |       repositories, plugin repositories, and free-form properties to be used as configuration
   |       variables for plugins in the POM.
   |
   |-->
  <profiles>
    <!-- profile
     | Specifies a set of introductions to the build process, to be activated using one or more of the
     | mechanisms described above. For inheritance purposes, and to activate profiles via <activatedProfiles/>
     | or the command line, profiles have to have an ID that is unique.
     |
     | An encouraged best practice for profile identification is to use a consistent naming convention
     | for profiles, such as 'env-dev', 'env-test', 'env-production', 'user-jdcasey', 'user-brett', etc.
     | This will make it more intuitive to understand what the set of introduced profiles is attempting
     | to accomplish, particularly when you only have a list of profile id's for debug.
     |
     | This profile example uses the JDK version to trigger activation, and provides a JDK-specific repo.
    <profile>
      <id>jdk-17</id>

      <activation>
        <jdk>17</jdk>
      </activation>

      <repositories>
        <repository>
          <id>jdk17</id>
          <name>Repository for JDK 17 builds</name>
          <url>http://www.myhost.com/maven/jdk17</url>
          <layout>default</layout>
          <snapshotPolicy>always</snapshotPolicy>
        </repository>
      </repositories>
    </profile>
    -->

    <!--
     | Here is another profile, activated by the property 'target-env' with a value of 'dev', which
     | provides a specific path to the Tomcat instance. To use this, your plugin configuration might
     | hypothetically look like:
     |
     | ...
     | <plugin>
     |   <groupId>org.myco.myplugins</groupId>
     |   <artifactId>myplugin</artifactId>
     |
     |   <configuration>
     |     <tomcatLocation>${tomcatPath}</tomcatLocation>
     |   </configuration>
     | </plugin>
     | ...
     |
     | NOTE: If you just wanted to inject this configuration whenever someone set 'target-env' to
     |       anything, you could just leave off the <value/> inside the activation-property.
     |
    <profile>
      <id>env-dev</id>

      <activation>
        <property>
          <name>target-env</name>
          <value>dev</value>
        </property>
      </activation>

      <properties>
        <tomcatPath>/path/to/tomcat/instance</tomcatPath>
      </properties>
    </profile>
    -->
  </profiles>

  <!-- activeProfiles
   | List of profiles that are active for all builds.
   |
  <activeProfiles>
    <activeProfile>alwaysActiveProfile</activeProfile>
    <activeProfile>anotherAlwaysActiveProfile</activeProfile>
  </activeProfiles>
  -->
</settings>

2.2 git下载

在jenkins中自动构建项目的时候,我们的第一步是从gitlab仓库中拉取我们的代码,所以必不可少需要进行git的安装

如果自动安装失败,需要修改jenkins的镜像文件

bash 复制代码
#进入配置文件
vim /etc/docker/daemon.json
# 在文件在最后,增添如下源地址
"registry-mirrors": [
    "https://docker.m.daocloud.io",
    "https://dockerhub.icu",
    "https://registry.aliyuncs.com",
    "https://docker.nju.edu.cn"
  ]
# 保存后退出
# 重启加载dokcer配置
systemctl reload daemon.json
# 重启docker容器使之生效
systemctl restart docker

如果还是安装失败,可自行百度"centos7系统安装git的教程",安装过程较为简单,这里不再赘述

3、maven任务构建

我这里在gitlab中创建了一个非常基础的maven项目进行测试,所以构建了maven项目

如果你的界面中没有这个maven任务构建的选项,则说明你没有安装对应的maven插件,可在安装完对应maven插件后再继续进行。

构建任务的命名按自己的意向命名即可

构建完成任务后进入配置界面

3.1 重要配置描述

git配置

URL需要到安装的虚拟机中的gitlab项目中进行复制

第二步需要需要添加gitlab凭证,就是你登录部署gitlab这台虚拟机的账户和密码

在配置完全局凭证之后,就可以在任务中的凭证栏选择你刚才配置的凭证了

触发器默认选第一项即可

build栏目如下

build post的配置

在我们进行完成jar包的构建之后,需要将构建好的jar包文件打包成docker镜像,并上传到harbor仓库之中,选择第二个选项的意思是在完成jar的打包之后才进行下一步,然后输入需要执行的shell脚本自行自动化部署

bash 复制代码
# 进入jenkins打包完成的地址,下面有构建完成的jar包,你们打包完成后如果没有进行目录的修改,前缀应该和我的相同
cd /var/lib/jenkins/workspace/test-bjw/
# 进行docker镜像的构建,注意命名不可以用大写,否则会报错,还有就是这条命令最后有一个'.'不要忽略,它表示在该目录下执行
docker build -t jenkins_bjw-1.0-snapshot .
# 连接远程harbor仓库
docker login -u admin -p Harbor12345 192.168.1.5:80
# 对docker镜像进行tag标签处理
docker tag jenkins_bjw-1.0-snapshot 192.168.1.5:80/jenkins/jenkins-bjw:v0
# 上传到harbor仓库之中
docker push 192.168.1.5:80/jenkins/jenkins-bjw:v0

构建不成功的可看下一节"可能遇到的问题"

4、 可能遇到的问题

(1)maven打包jar包失败

maven默认情况下,下载依赖的仓库地址非常慢,如果jenkins在进行jar包构建的时候依赖下载失败,请重新检查是否更换了mirror地址,具体操作在本文开始环节

(2)docker构建镜像的时候找不到Dockerfile文件

docker构建项目的时候需要安装Dockerfile的配置进行,但是有时候我们的目录下并没有该Dockerfile文件,所以需要进行Dockerfile文件的创建

1、从idea中打开对应项目,并复制Dockerfile下的内容

2、创建Dockerfile文件

bash 复制代码
vim Dockerfile

插入刚才复制的内容,如果你的项目中没有,可以按照我的文件进行修改

(3)docker中jenkins用户组不存在或者权限不足

我们知道jenkins在进行任务构建的时候需要进行dokcer命令的执行,若权限不足会导致失败

bash 复制代码
# 在docker中添加jenkins用户组
sudo usermod -aG docker jenkins
# 若还是失败,可以重启Jenkins和docker使该命令生效
(4)虚拟机中配置insecure-registries

不配置该条目将无法访问harbor容器

bash 复制代码
# 进入配置文件
vim /etc/docker/daemon.json
# 增添对应配置,对应上面的截图进行修改
"insecure-registries": ["harbor.domain.io"]
# 重启docker服务使之生效
service docker restart

效果如下,为harbor的虚拟机ip地址以及对应的服务端口号

(5)上传harbor容器的时候可能会因为命令输入错误而失败,对应的操作详见我的另一篇博客"虚拟机(CentOS7)虚拟机安装harbor及简单使用"

5、 成功部署

jenkins控制台输出如下

harbor容器中docker镜像如下

相关推荐
鸠摩智首席音效师5 分钟前
Docker 中如何限制CPU和内存的使用 ?
docker·容器
Michaelwubo13 分钟前
Docker dockerfile镜像编码 centos7
运维·docker·容器
jingyu飞鸟20 分钟前
centos-stream9系统安装docker
linux·docker·centos
好像是个likun44 分钟前
使用docker拉取镜像很慢或者总是超时的问题
运维·docker·容器
玖疯子3 小时前
介绍 Docker 的基本概念和优势,以及在应用程序开发中的实际应用。
docker
暴富的Tdy3 小时前
【快速上手Docker 简单配置方法】
docker·容器·eureka
coder_pig3 小时前
📝小记:Ubuntu 部署 Jenkins 打包 Flutter APK
flutter·ubuntu·jenkins
程序猿000001号4 小时前
Selenium 深度解析:自动化浏览器操作的利器
selenium·测试工具·自动化
Karoku0664 小时前
【k8s集群应用】kubeadm1.20高可用部署(3master)
运维·docker·云原生·容器·kubernetes
豆豆豆豆变4 小时前
docker之compose篇
docker·容器·自动化运维