架构班的小伙伴作业看这里哦:(学习杰哥视频的作业第25-26天)
1、配置jenkins实现代码自动发布部署,回滚。
1 Jenkins实现代码自动上线
1)Jenkins服务编写上线脚本
[root@jenkins ~]#mkdir /scripts && cd /scripts/
[root@jenkins scripts]# vim html_deploy.sh
#!/bin/bash
DATE=$(date +%Y-%m-%d-%H-%M-%S)
web_server="192.168.1.8"
Sdir=/opt
Ddir=/code
#1)进入项目目录,将内容进行打包,${WORKSPACE}是Jenkins的内置变量,表示构建目录的绝对路径
get_code(){
cd ${WORKSPACE} && \
tar zcf ${Sdir}/web-${DATE}.tar.gz ./*
}
#2)将内容通过scp复制到web网页目录
scp_web_server(){
for hosts in ${web_server}
do
scp ${Sdir}/web-${DATE}.tar.gz root@${hosts}:/opt
ssh root@${hosts} "mkdir -p ${Ddir}/web-${DATE} && \
tar zxf ${Sdir}/web-${DATE}.tar.gz -C ${Ddir}/web-${DATE}
rm -rf ${Ddir}/web && \
ln -s ${Ddir}/web-${DATE} ${Ddir}/web"
done
}
deploy(){
get_code
scp_web_server
}
deploy
[root@jenkins scripts]# chmod +x html_deploy.sh
[root@jenkins scripts]# ps -ef | grep jenkins
#可以看出jenkins的运行用户是jenkins
jenkins 58626 1 1 11:23 ? 00:00:39 /etc/alternatives/java -Dcom.sun.akuma.Daemon=daemonized -Djava.awt.headless=true -DJENKINS_HOME=/var/lib/jenkins -jar /usr/lib/jenkinsjenkins.war --logfile=/var/log/jenkins/jenkins.log --webroot=/var/cache/jenkins/war --daemon --httpPort=8080 --debug=5 --handlerCountMax=100 --handlerCountMaxIdle=20
root 61336 2046 0 12:06 pts/0 00:00:00 grep --color=auto jenkins
[root@jenkins scripts]# vim /etc/sysconfig/jenkins
JENKINS_USER="root"
#为了防止权限问题,直接将jenkins的运行用户改为root
[root@jenkins scripts]# systemctl restart jenkins
#重启jenkins服务
[root@jenkins scripts]# ssh-copy-id [email protected]
#配置Jenkins可以免密登录到nginx服务器
2)git服务器编辑网页代码并上传:
[root@gitlab web-demo]# echo "lvzhenjiang" >> index.html
[root@gitlab web-demo]# git add .
[root@gitlab web-demo]# git commit -m "first"
[root@gitlab web-demo]# git push origin master
2 Jenkins实现代码自动部署与回退及重复构建
1)git服务器创建几个tag标签并上传至gitlab:
[root@gitlab ~]# cd web-demo/
[root@gitlab web-demo]# echo "
lvzhenjiang-version-v1.1
" > index.html[root@gitlab web-demo]# git add .
[root@gitlab web-demo]# git commit -m "v1.1"
[root@gitlab web-demo]# git push origin master
[root@gitlab web-demo]# git tag -a "v1.1" -m "v1.1"
[root@gitlab web-demo]# git push origin v1.1
[root@gitlab web-demo]# echo "
lvzhenjiang-version-v1.2
" > index.html[root@gitlab web-demo]# git add .
[root@gitlab web-demo]# git commit -m "v1.2"
[root@gitlab web-demo]# git push origin master
[root@gitlab web-demo]# git tag -a "v1.2" -m "v1.2"
[root@gitlab web-demo]# git push origin v1.2
[root@gitlab web-demo]# echo "
lvzhenjiang-version-v1.3
" > index.html[root@gitlab web-demo]# git add .
[root@gitlab web-demo]# git commit -m "v1.3"
[root@gitlab web-demo]# git push origin master
[root@gitlab web-demo]# git tag -a "v1.3" -m "v1.3"
[root@gitlab web-demo]# git push origin v1.3
2)Jenkins服务器安装插件并配置:
使用该方式就需安装插件:Git Parameter。
安装方式:系统管理——>插件管理——>可选插件——搜索Git Parameter——>直接安装!
[root@jenkins ~]# systemctl restart jenkins
#安装完成后,需重启Jenkins!
[root@jenkins ~]# cd /scripts/
[root@jenkins scripts]# vim html_deploy_tag.sh #优化脚本
#!/bin/bash
DATE=$(date +%Y-%m-%d-%H-%M-%S)
web_server="192.168.1.8"
Sdir=/opt
Ddir=/code
Name=${DATE}-${git_version} #${git_version}是在jenkins界面定义的变量
#1)进入项目目录,将内容进行打包
#${WORKSPACE}是Jenkins的内置变量,表示构建目录的绝对路径
get_code(){
cd ${WORKSPACE} && \
tar zcf ${Sdir}/web-${Name}.tar.gz ./*
}
#2)将内容通过scp复制到web网页目录
scp_web_server(){
for hosts in ${web_server}
do
scp ${Sdir}/web-${Name}.tar.gz root@${hosts}:/opt
ssh root@${hosts} "mkdir -p ${Ddir}/web-${Name} && \
tar zxf ${Sdir}/web-${Name}.tar.gz -C ${Ddir}/web-${Name}
rm -rf ${Ddir}/web && \
ln -s ${Ddir}/web-${Name} ${Ddir}/web"
done
}
deploy(){
get_code
scp_web_server
}
deploy
[root@jenkins scripts]# chmod +x html_deploy_tag.sh
2、实现jenkins对代码自动扫描
1:部署 SonarQube:
1.1:数据库准备:
root@s4:~# apt-get install mysql-server mysql-client
root@s4:~# vim /etc/mysql/mysql.conf.d/mysqld.cnf #配置文件路径
root@s4:~# mysql
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 3
Server version: 5.7.26-0ubuntu0.18.04.1 (Ubuntu)
Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
#创建数据库默认编码 utf-8 并授权
mysql> create database sonar default character set utf8 collate utf8_general_ci;
Query OK, 1 row affected (0.00 sec)
mysql> GRANT ALL PRIVILEGES ON sonar.* TO 'sonar'@'%' IDENTIFIED BY '123456';
Query OK, 0 rows affected, 1 warning (0.00 sec)
1.2:测试 sonar 账户连接 mysql:
root@s4:~# mysql -usonar -p123456
mysql: [Warning] Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 6
Server version: 5.7.26-0ubuntu0.18.04.1 (Ubuntu)
Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> show databases;
1.3:解压 sonarqube 并配置文件:
sonar 依赖于 java 环境,而且 java 版本必须是 1.8 版本或更高,否则 sonar 启动失败
6.7.X 版本的 sonar 需要调用 elasticsearch,而且默认需要使用普通用户启动
root@s4:~# cd /usr/local/src/
root@s4:/usr/local/src# unzip sonarqube-6.7.7.zip
root@s4:/usr/local/src# ln -sv /usr/local/src/sonarqube-6.7.7 /usr/local/sonarqube
'/usr/local/sonarqube' -> '/usr/local/src/sonarqube-6.7.7'
root@s4:/usr/local/src# chown sonarqube.sonarqube /usr/local/src/sonarqube-6.7.7
/usr/local/sonarqube -R #更改目录权限属主和属组为 sonarqube
root@s4:/usr/local/src# cd /usr/local/sonarqube
root@s4:/usr/local/sonarqube# ll #验证权限属主和属组都为 sonarqube
root@s4:/usr/local/sonarqube# su – sonarqube # 切换为 sonarqube 账户
sonarqube@s4:~$ cd /usr/local/sonarqube
sonarqube@s4:/usr/local/sonarqube$ vim conf/sonar.properties
sonarqube@s4:/usr/local/sonarqube$ grep "^[a-Z]" conf/sonar.properties
sonar.jdbc.username=sonar
sonar.jdbc.password=123456
sonar.jdbc.url=jdbc:mysql://127.0.0.1:3306/sonar?useUnicode=true&characterEncoding=ut
f8&rewriteBatchedStatements=true&useConfigs=maxPerformance&useSSL=false
sonar.web.host=0.0.0.0
sonar.web.port=9000
1.4:启动 sonarqube:
sonarqube@s4:/usr/local/sonarqube$ ./bin/linux-x86-64/sonar.sh start
Starting SonarQube...
Started SonarQube.
1.5:登录到 web 界面:
点击有上角 login 登录,默认用户名密码都是 admin
1.6:安装其他插件:
Sonarquebe 对代码的扫描都基于插件实现,因此要安装要扫描的开发语言插件:
Php Java Python
2:jenkins 服务器部署扫描器 sonar-scanner:
下载地址:https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/
官方文档:https://docs.sonarqube.org/latest/analysis/scan/sonarscanner/
2.1:部署 sonar-scanner:
sonarqube 通过调用扫描器 sonar-scanner 进行代码质量分析,即扫描器的具体工作就
是扫描代码:
root@jenkins-master:~# cd /usr/local/src/
root@jenkins-master:/usr/local/src# unzip sonar-scanner-cli-4.0.0.1744-linux.zip
root@jenkins-master:/usr/local/src# ln -sv /usr/local/src/sonar-scanner-4.0.0.1744-
linux /usr/local/sonar-scanner
'/usr/local/sonar-scanner' -> '/usr/local/src/sonar-scanner-4.0.0.1744-linux'
root@jenkins-master:/usr/local/src# cd /usr/local/sonar-scanner
root@jenkins-master:/usr/local/sonar-scanner# vim conf/sonar-scanner.properties
#----- Default SonarQube server
sonar.host.url=http://192.168.7.104:9000
#----- Default source code encoding
sonar.sourceEncoding=UTF-8
2.2:准备测试代码:
# unzip sonar-examples-master.zip
# cd sonar-examples-master/
# cd projects/languages/php/php-sonar-runner
# pwd
/usr/local/src/sonar-examples-master/projects/languages/php/php-sonar-runner
# ll
total 24
drwxr-xr-x 3 root root 4096 Jul 25 2016 ./
drwxr-xr-x 4 root root 4096 Jul 25 2016 ../
-rw-r--r-- 1 root root 453 Jul 25 2016 README.md
-rw-r--r-- 1 root root 331 Jul 25 2016 sonar-project.properties
drwxr-xr-x 2 root root 4096 Jul 25 2016 src/
-rw-r--r-- 1 root root 272 Jul 25 2016 validation.txt
# cat sonar-project.properties 以下为默认生成的配置文件
# Required metadata
sonar.projectKey=org.sonarqube:php-simple-sq-scanner #自定义项目 key
sonar.projectName=PHP :: Simple Project :: SonarQube Scanner #项目名称,会显示在 web
sonar.projectVersion=1.0 #项目版本
# Comma-separated paths to directories with sources (required)
sonar.sources=src #源代码目录
# Language
sonar.language=php #代码语言类型
# Encoding of the source files
sonar.sourceEncoding=UTF-8 #编码格式
2.3:在源代码目录执行扫描:
#手动在当前项目代码目录执行扫描,以下是扫描过程的提示信息,扫描的配置文件
sonar-project.propertie 每个项目都要有
# pwd
/usr/local/src/sonar-examples-master/projects/languages/php/php-sonar-runner
# /usr/local/sonar-scanner/bin/sonar-scanner
2.4 sonarquebe we 界面验证扫描结果:
3:jenkins 执行代码扫描:
3.1:jenkins 安装 SonarQube 插件 :
安装插件 SonarQube Scanner,然后配置 SonarQube server,系统管理-系统设置。
3.2:添加 sonarquebe URL: Jenkins—系统管理—系统设置--SonarQube servers:
3.3:让 jenkins 添加 Sonarscanner 扫描器:
添加扫描器:Jenkins--系统管理-全局工具配置:
3.3.1:手动指定绝对路径:
3.3.2:自动安装:
3.4:配置扫描:
选择自己的项目(linuxNN-job1-develop)-构建-execute sonarqube scanner,将配置文件的
内容修改成如下格式填写完成后点保存:
sonar.projectKey=job1-develop
sonar.projectName=job1-develop
sonar.projectVersion=1.0
sonar.sources=./
sonar.language=php
sonar.sourceEncoding=UTF-8
3.5 配置项目进行扫描:
3.6 构建项目并测试 sonar-scanner 是否生效:
点击项目的立即构建,下图是执行成功的信息:
Started by user jenkinsadmin
Building on master in workspace /var/lib/jenkins/workspace/linux36-job1-develop
[WS-CLEANUP] Deleting project workspace...
[WS-CLEANUP] Deferred wipeout is used...
[WS-CLEANUP] Done
3.7 查看项目的构建历史: