总体步骤
*.安装NFS。
*.创建Volumes。
*.使用Tekton hub的git-clone。
*.使用Tekton hub的maven打包工程。
*.使用Tekton hub的kaniko构建镜像并推送docker hub。
*.安装NFS。
#安装NFS文件服务;
yum install nfs-utils -y
#配置共享目录&权限;
mkdir -p /data/nfs/
vim /etc/exports
/data/nfs/ *(rw,sync,no_root_squash)
#启动NFS服务;
service nfs restart
注意:如有访问权限问题,可百度设置chown -R 或 chmod 设置下
*.创建Volumes,PV及PVC:用来存储代码及maven私服库。
apiVersion: v1
kind: PersistentVolume
metadata:
name: pv-nfs-maven-workspace
namespace: default
spec:
capacity:
storage: 50G
accessModes:
- ReadWriteMany
nfs:
# FIXME: use the right IP
server: 172.30.100.170
path: /data/nfs/maven-workspace
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: pvc-nfs-maven-workspace
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 50G*.使用Tekton hub的git-clone。
*.创建git账户的secret
kind: Secret
apiVersion: v1
metadata:
name: my-basic-auth-secret
type: Opaque
stringData:
.gitconfig: |
[credential "http://100.100.100.100:8111/"] #具体是到git网站还是具体项目,记不清了,自己尝试下即可
helper = store
.git-credentials: |
http://用户名:密码@100.100.100.100:8111/ #具体是到git网站还是具体项目,记不清了,自己尝试下即可
*.安装task:git-clone
kubectl apply -f https://raw.githubusercontent.com/tektoncd/catalog/main/task/git-clone/0.8/git-clone.yaml
*.使用Tekton hub的maven编译工程。
*.修改setting.xml中的<localRepository>/workspace/source/repository</localRepository> 与实际的一致
*.创建maven的setting配置,configmap
kubectl create cm custom-maven-settings --from-file=setting.xml
*.手动的将私服库传到NFS的共享目录中
*.安装task:maven
kubectl apply -f https://raw.githubusercontent.com/tektoncd/catalog/main/task/maven/0.2/maven.yaml
*.使用Tekton hub的kaniko构建镜像并推送docker hub。
*.创建docker hub的账户信息secret,此文件就是docker login后生成的
kubectl create secret generic secret-docker-hub --from-file=/root/.docker/config.json
*.安装task:kaniko
kubectl apply -f https://raw.githubusercontent.com/tektoncd/catalog/main/task/kaniko/0.6/kaniko.yamlapiVersion: tekton.dev/v1beta1
kind: Pipeline
metadata:
name: pipeline-web-forward
spec:
workspaces:
- name: shared-workspace # 共享目录:存放mvn本地私服库、clone的代码、mvn编译代码、build打镜像
- name: maven-settings # maven的setting文件,修改本地私服库地址:<localRepository>/workspace/source/repository</localRepository>
- name: git-basic-auth # git的账户信息
- name: docker-hub-auth # docker hub的账户信息
tasks:
- name: fetch-repository
taskRef:
name: git-clone
workspaces:
- name: output
workspace: shared-workspace
- name: basic-auth
workspace: git-basic-auth
params:
- name: url
value: http://xxxxx/xxxx/xxxx.git
- name: subdirectory
value: ""
- name: deleteExisting
value: "true"
- name: gitInitImage
value: "registry.cn-hangzhou.aliyuncs.com/coolops/tekton-git-init:v0.29"
- name: maven-run
taskRef:
name: maven
params:
- name: MAVEN_IMAGE
value: gcr.dockerproxy.com/cloud-builders/mvn:latest
- name: MAVEN_MIRROR_URL
value: http://repo1.maven.org/maven2
- name: CONTEXT_DIR
value: "ops_mng" # clone下来的项目文件夹名称,pom.xml存放在这个下面
- name: GOALS
value:
- clean
- install
workspaces:
- name: maven-settings
workspace: maven-settings
- name: source
workspace: shared-workspace
- name: kaniko-build
taskRef:
name: kaniko
params:
- name: IMAGE
value: xxxx/web-forward:v1 #自定义的镜像名称和tag,没有传Dokcerfile地址,会默认读取当前文件夹下的Dockerfile
- name: BUILDER_IMAGE
value: gcr.dockerproxy.com/kaniko-project/executor:v1.5.1
workspaces:
- name: dockerconfig
workspace: docker-hub-auth
- name: source
workspace: shared-workspaceapiVersion: tekton.dev/v1beta1
kind: PipelineRun
metadata:
name: maven-test-pipeline-run
spec:
pipelineRef:
name: pipeline-web-forward
workspaces:
- name: maven-settings
configMap:
name: custom-maven-settings
- name: shared-workspace
persistentvolumeclaim:
claimName: pvc-nfs-maven-workspace
- name: git-basic-auth
secret:
secretName: my-basic-auth-secret
- name: docker-hub-auth
secret:
secretName: secret-docker-hub
扫一扫
505
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
