关于kubesphere:kubesphere自定义jenkins-agent

43次阅读

共计 3110 个字符,预计需要花费 8 分钟才能阅读完成。

背景

kubesphere 流水线自带的 agent 只有四类:base、maven、nodejs、go,当须要构建其余框架的我的项目,就须要自定义 jenkins agent 了。

筹备工作

采纳官网的 docker.io/kubesphere/builder-base:v2.1.0 作为根底镜像,在此之上,装置 jdk 和 sonnar scanner cli,构建代码扫描环境。

应用如下 Dockerfile 构建用于打包的根底镜像:

FROM docker.io/kubesphere/builder-base:v2.1.0

RUN mkdir /usr/local/java /opt/sonar-scanner

# copy the jdk  archive to the image,and it will automaticlly unzip the tar file
ADD jdk-8u181-linux-x64.tar.gz /usr/local/java/

# make a symbol link
RUN ln -s /usr/local/java/jdk1.8.0_181 /usr/local/java/jdk

# set environment variables
ENV JAVA_HOME /usr/local/java/jdk
ENV JRE_HOME ${JAVA_HOME}/jre
ENV CLASSPATH .:${JAVA_HOME}/lib:${JRE_HOME}/lib
ENV PATH ${JAVA_HOME}/bin:$PATH

COPY sonar-scanner-cli-4.6.0.2311-linux /opt/sonar-scanner

RUN ln -s /opt/sonar-scanner/bin/sonar-scanner /usr/sbin

将 Dockerfile 置于一个空目录即可,下载 JDK 和 sonnar-scanner 的压缩包放到目录下,其中 sonnar-scanner 须要解压,而后打包并推送:

docker build -t general:v1.0 .
docker tag general:v1.0 xxx.com/general:v1.0
docker push xxx.com/general:v1.0

配置 jenkins agent

登录 kubesphere,进入【配置核心】-【配置】,搜寻 jenkins-casc-config,批改配置。

在 go 的形容下增加如下:

          - name: "general"
            namespace: "kubesphere-devops-system"
            label: "general"
            nodeUsageMode: "EXCLUSIVE"
            idleMinutes: 0
            containers:
            - name: "general"
              image: "xxx.com/public/general:v1.0" # 镜像地址
              command: "cat"
              args: ""
              ttyEnabled: true
              resourceRequestCpu: "100m"
              resourceLimitCpu: "4000m"
              resourceRequestMemory: "100Mi"
              resourceLimitMemory: "8192Mi"
            - name: "jnlp"
              image: "jenkins/jnlp-slave:3.27-1"
              command: "jenkins-slave"
              args: "^${computer.jnlpmac} ^${computer.name}"
              resourceRequestCpu: "50m"
              resourceRequestMemory: "400Mi"
              resourceLimitMemory: "1536Mi"
            workspaceVolume:
              emptyDirWorkspaceVolume:
                memory: false
            volumes:
            - hostPathVolume:
                hostPath: "/var/run/docker.sock"
                mountPath: "/var/run/docker.sock"
            - hostPathVolume:
                hostPath: "jenkins_general_cache"
                mountPath: "/home/jenkins/general/pkg"
            - hostPathVolume:
                hostPath: "sonar_cache"
                mountPath: "/root/.sonar/cache"
            yaml: "spec:\r\n  affinity:\r\n    nodeAffinity:\r\n      preferredDuringSchedulingIgnoredDuringExecution:\r\n      - weight: 1\r\n        preference:\r\n          matchExpressions:\r\n          - key: node-role.kubernetes.io/worker\r\n            operator: In\r\n            values:\r\n            - ci\r\n  tolerations:\r\n  - key: \"node.kubernetes.io/ci\"\r\n    operator: \"Exists\"\r\n    effect: \"NoSchedule\"\r\n  - key: \"node.kubernetes.io/ci\"\r\n    operator: \"Exists\"\r\n    effect: \"PreferNoSchedule\"\r\n  containers:\r\n  - name: \"general\"\r\n    resources:\r\n      requests:\r\n        ephemeral-storage: \"1Gi\"\r\n      limits:\r\n        ephemeral-storage: \"10Gi\"\r\n  securityContext:\r\n    fsGroup: 1000\r\n"

已将相干镜像上传到 dockerhub,仓库为 leksas/kubesphere-sonnar-scanner:v1

应用

在流水线中,编辑 Jenkinsfile 如下:

pipeline {
  agent {
    node {label 'general'}

  }
  stages {stage('SCM') {
      steps {git(url: 'your project url', credentialsId: 'gitlab-account', branch: 'dev', changelog: true, poll: false)
      }
    }
    stage('Code Analysis') {
      steps {container('general') {withCredentials([string(credentialsId : 'snoar-token' ,variable : 'SONAR_TOKEN' ,)]) {withSonarQubeEnv('sonar') {sh 'sonar-scanner -Dsonar.projectKey=your project name -Dsonar.sources=. -Dsonar.host.url=your sonnar server url -Dsonar.token=$SONAR_TOKEN'}
          }

          timeout(unit: 'HOURS', activity: true, time: 1) {waitForQualityGate 'true'}

        }

      }
    }
  }
}

比照参考链接中的计划,该镜像集成了 sonnar scanner,任何语言都能够应用此 agent 去调用 sonnarqube 执行代码扫描。

相干链接:
JDK1.8 下载链接
sonar-scanner-cli-4.6.0.2311 下载链接

参考链接:
https://kubesphere.com.cn/for…

正文完
 0