技术干货：Jenkins集成GitLab

Jenkins免密拉取GitLab项目

1.在Jenkins上为GitLab创建一个专有的拉取代码的账号 Jenkins需要构建哪些项目就在GitLab给予账号相应权限 我这里已经创建过Jenkins用户，下面用它登录后添加SSH-KEY

2.在Jenkins服务器上生成ssh-key

[root@jenkins ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:IUQIuu0SAdSbZvENbIjFYTrUrnuqKGBmZtwPj6lvz60 root@jenkins
The key's randomart image is:
+---[RSA ]----+
|ooB=+oo          |
|ooo*.=           |
|oo. * + .        |
| +.* . o .       |
|+ *     S        |
|.@ o             |
|O o *            |
|oo =.o.          |
|=o*..E..         |
+----[SHA256]-----+

查看公钥

[root@jenkins ~]# cat /root/.ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7ckQQf4N93Rjf0ts3Lk4siL6FZmZiBiB+ouwTgw9kKof2NeJTguf0aNfDsgSEet4+bJ53ZKztsFZE/C+sqk7grqeLeYDFBWgdZBz1dmCYT51tRFmZPDEDclOIMc2tz0G50g6DFA1dvIfkzeVbKjBNN0o80FSAwAzrtjMrkyaDcrOmYekiSPM8JYJTTcFLCzIBXz7SXOmKH5vyoAIVpdcwnIhkHNLKfD0MdzGb7Kz/pKMnLubodcxyNir6fqw76qwMe1DE0NtQzpaCrTYhVnAizVqCDek0GMZjTG1vWYNn6a8G7omV3Gde1XjcmjAj6ftVQiVLBRJaIGKI4R/B//nd root@jenkins

3.测试SSH-KEY 到jenkins服务器上拉取项目来测试ssh-key免密是否生效

[root@jenkins ~]# yum install git -y
[root@jenkins ~]# git clone git@106.14.10.124:dev01/sample.git
正克隆到 'sample'...
The authenticity of host '106.14.10.124 (106.14.10.124)' can't be established.
ECDSA key fingerprint is SHA256:bO22/HlgAAGXi9CXTxDE6wvNCUcTs2OajL9PinZMN/.
ECDSA key fingerprint is MD5:ec:4f::0a:b6::cf:6e:da:5b:fa:5b:be:b9:2f:db.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '106.14.10.124' (ECDSA) to the list of known hosts.
remote: Enumerating objects: , done.
remote: Counting objects: % (/), done.
remote: Compressing objects: % (/), done.
remote: Total  (delta ), reused  (delta ), pack-reused
接收对象中: % (/), done.

如上，ssh-key已生效

配置jenkins自动拉取代码

1.jenkins 服务器添加证书 系统配置——》Manage Credentials

系统配置——》Manage Credentials——》Jenkins——》全局凭证——》添加凭证

这样的话Jenkins服务器拉取GitLab的代码就不需要再进行认证了。

Jenkins安装GitLab插件

1.安装插件 插件名称：

•GitLab

•Gitlab Hook

•Gitlab Authentication

•GitLab Logo

安装完成后重启Jenkins

GitLab为Jenkins生成Token

1.我们使用Jenkins用户登录GitLab 然后使用Jenkins用户创建Token

2.复制创建的Token

3.打开Jenkins 系统管理——》系统配置

输入以下相关内容

选择凭证，测试后保存

4.查看凭证 现在有以下两种方式与GitLab进行认证

•通过GitLab上Jenkins用户的密钥(GitLab绑定Jenkins用户的公钥，Jenkins绑定GitLab上Jenkins用户的私钥)、

•通过GitLab上Jenkins用户的API Token绑定到Jenkins上的GitLab authentication插件上进行连接。
Jenkins构建流水线
创建Project 新建任务——》流水线

2.选择流水线语法

3.生成流水线脚本

复制生成的git脚本

4.编写Pipline脚本 我这里脚本如下

node {
    stage('拉取代码'){
        git credentialsId: 'b907af22-5a74-4eee-aa5f-a822c764279c', url: 'git@172.19.95.139:dev01/sample.git'
        echo "Code Pull"
    }
    stage('代码扫描'){
        echo "Code Scanning"
    }
    stage('代码构建'){
        echo "Code Build"
    }
    stage('是否部署'){
        input '是否部署'
    }
    stage('开始部署'){
        sh '/opt/jenkins/sample/sample_release.sh'
    }
}

将以上脚本写流水线中

上面脚本最后执行了/opt/jenkins/sample/sample_release.sh脚本，我们到执行任务的Jenkins服务器上去编写这个部署脚本。脚本如下：jenkins服务器将/usr/local/src/sample.zip文件拷贝到了172.19.182.107上

[root@jenkins /]# cat /opt/jenkins/sample/sample_release.sh
#!/usr/bin/env bash

scp /usr/local/src/sample.zip root@172.19.182.107:/usr/local/

这里我们需要先让Jenkins服务器与172.19.182.107做免密登录,将Jenkins的公钥拷贝到172.19.182.107服务中的/root/.ssh/authorized_keys文件中

#Jenkins的公钥(这里为root的公钥,Jenkins进程就需要用root用户运行)
[root@jenkins /]# cat /root/.ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7ckQQf4N93Rjf0ts3Lk4siL6FZmZiBiB+ouwTgw9kKof2NeJTguf0aNfDsgSEet4+bJ53ZKztsFZE/C+sqk7grqeLeYDFBWgdZBz1dmCYT51tRFmZPDEDclOIMc2tz0G50g6DFA1dvIfkzeVbKjBNN0o80FSAwAzrtjMrkyaDcrOmYekiSPM8JYJTTcFLCzIBXz7SXOmKH5vyoAIVpdcwnIhkHNLKfD0MdzGb7Kz/pKMnLubodcxyNir6fqw76qwMe1DE0NtQzpaCrTYhVnAizVqCDek0GMZjTG1vWYNn6a8G7omV3Gde1XjcmjAj6ftVQiVLBRJaIGKI4R/B//nd root@jenkins

#172.19..107服务器的authorized_keys文件
cat /root/.ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7ckQQf4N93Rjf0ts3Lk4siL6FZmZiBiB+ouwTgw9kKof2NeJTguf0aNfDsgSEet4+bJ53ZKztsFZE/C+sqk7grqeLeYDFBWgdZBz1dmCYT51tRFmZPDEDclOIMc2tz0G50g6DFA1dvIfkzeVbKjBNN0o80FSAwAzrtjMrkyaDcrOmYekiSPM8JYJTTcFLCzIBXz7SXOmKH5vyoAIVpdcwnIhkHNLKfD0MdzGb7Kz/pKMnLubodcxyNir6fqw76qwMe1DE0NtQzpaCrTYhVnAizVqCDek0GMZjTG1vWYNn6a8G7omV3Gde1XjcmjAj6ftVQiVLBRJaIGKI4R/B//nd root@jenkins

#测试免密登录
[root@jenkins /]# ssh root@172.19.182.107
Last login: Tue Jun  ::  from 172.19.206.72

Welcome to Alibaba Cloud Elastic Compute Service !

Jenkins执行任务

1.进入到任务中

2.点击立即构建

3.是否部署

 

 

爆肝整理的，2020超全学习资料免费分享给大家，点击后面的链接，可直接领取：https://apprhKAAI3V6603.h5.xeknow.com/st/76WHBZtWV （免费！免费！免费！）