1. CI/CD概述
CI/CD是持续集成(Continuous Integration)和持续部署(Continuous Deployment)的缩写,是一种软件开发实践,通过自动化的方式频繁地将代码集成到共享仓库并部署到生产环境。CI/CD的目标是减少手动操作,提高开发效率,确保代码质量,加快交付速度。更多学习教程www.fgedu.net.cn
CI/CD的主要组成部分:
- 持续集成(CI):开发人员频繁地将代码集成到共享仓库,每次集成都会触发自动构建和测试,以尽早发现问题
- 持续交付(CD):在CI的基础上,将代码自动部署到测试环境,确保代码可以随时部署到生产环境
- 持续部署(CD):在持续交付的基础上,将代码自动部署到生产环境,实现完全自动化的部署流程
CI/CD的好处:
- 减少手动操作,提高开发效率
- 尽早发现并解决问题,提高代码质量
- 加快交付速度,缩短开发周期
- 提高系统稳定性和可靠性
- 便于回滚,降低部署风险
2. Jenkins安装与配置
Jenkins是一个开源的自动化服务器,用于实现CI/CD流程。
2.1 安装Jenkins
# 添加Jenkins仓库
$ wget -q -O – https://pkg.jenkins.io/debian/jenkins.io.key | sudo apt-key add –
$ sudo sh -c ‘echo deb https://pkg.jenkins.io/debian-stable binary/ > /etc/apt/sources.list.d/jenkins.list’
# 更新包管理器
$ sudo apt-get update
# 安装Jenkins
$ sudo apt-get install jenkins
# 启动Jenkins服务
$ sudo systemctl start jenkins
# 设置Jenkins开机自启
$ sudo systemctl enable jenkins
# 检查Jenkins服务状态
$ sudo systemctl status jenkins
2.2 配置Jenkins
$ sudo cat /var/lib/jenkins/secrets/initialAdminPassword
# 访问Jenkins Web界面
# 打开浏览器,访问 http://fgedudb:8080
# 输入初始管理员密码
# 安装推荐的插件
# 创建管理员用户
# 完成Jenkins配置
2.3 安装必要插件
# 点击 “Manage Jenkins” -> “Manage Plugins”
# 在 “Available” 标签页中搜索并安装以下插件:
# – Git Plugin
# – Pipeline Plugin
# – Blue Ocean
# – Docker Plugin
# – Maven Integration Plugin
# – NodeJS Plugin
# 点击 “Install without restart”
3. Jenkins Pipeline
Jenkins Pipeline是Jenkins的核心功能,用于定义整个CI/CD流程。学习交流加群风哥微信: itpux-com
3.1 创建Pipeline项目
# 点击 “New Item”
# 输入项目名称,选择 “Pipeline”
# 点击 “OK”
# 在 “Pipeline” 部分,选择 “Pipeline script” 或 “Pipeline script from SCM”
# 输入Pipeline脚本或配置SCM信息
# 点击 “Save”
3.2 Pipeline脚本示例
pipeline {
agent any
stages {
stage(‘Checkout’) {
steps {
git branch: ‘main’, url: ‘https://github.com/username/repository.git’
}
}
stage(‘Build’) {
steps {
sh ‘mvn clean package’
}
}
stage(‘Test’) {
steps {
sh ‘mvn test’
}
}
stage(‘Deploy’) {
steps {
sh ‘scp target/app.jar user@server:/path/to/app/’
sh ‘ssh user@server “systemctl restart app.service”‘
}
}
}
post {
success {
echo ‘Build successful!’
}
failure {
echo ‘Build failed!’
mail to: ‘admin@fgedu.net.cn’, subject: ‘Build Failed’, body: ‘The build failed. Please check Jenkins.’
}
}
}
3.3 多分支Pipeline
# 点击 “New Item”
# 输入项目名称,选择 “Multibranch Pipeline”
# 点击 “OK”
# 在 “Branch Sources” 部分,添加Git仓库信息
# 配置其他选项
# 点击 “Save”
# Jenkins会自动检测仓库中的分支和PR,并为每个分支创建Pipeline
4. GitHub Actions
GitHub Actions是GitHub提供的CI/CD服务,允许直接在GitHub仓库中定义和运行CI/CD流程。
4.1 创建GitHub Actions工作流
# 创建工作流文件,例如 ci.yml
# ci.yml
name: CI
on:
push:
branches: [ main ]
pull_request:
branches: [ main ]
jobs:
build:
runs-on: ubuntu-latest
steps:
– uses: actions/checkout@v2
– name: Set up JDK 11
uses: actions/setup-java@v2
with:
java-version: ’11’
distribution: ‘adopt’
– name: Build with Maven
run: mvn clean package
– name: Run tests
run: mvn test
deploy:
needs: build
runs-on: ubuntu-latest
if: github.ref == ‘refs/heads/main’
steps:
– uses: actions/checkout@v2
– name: Deploy to server
uses: appleboy/ssh-action@master
with:
host: ${{ secrets.SERVER_HOST }}
username: ${{ secrets.SERVER_USER }}
key: ${{ secrets.SERVER_KEY }}
script: |
cd /path/to/app
git pull
mvn clean package
systemctl restart app.service
4.2 环境变量和密钥
# 点击 “Settings” -> “Secrets and variables” -> “Actions”
# 点击 “New repository secret”
# 输入密钥名称和值
# 点击 “Add secret”
# 在工作流文件中使用密钥
jobs:
deploy:
runs-on: ubuntu-latest
steps:
– name: Deploy to server
uses: appleboy/ssh-action@master
with:
host: ${{ secrets.SERVER_HOST }}
username: ${{ secrets.SERVER_USER }}
key: ${{ secrets.SERVER_KEY }}
script: |
# 部署脚本
5. GitLab CI/CD
GitLab CI/CD是GitLab内置的CI/CD服务,使用.gitlab-ci.yml文件定义CI/CD流程。学习交流加群风哥QQ113257174
5.1 创建GitLab CI/CD配置文件
# .gitlab-ci.yml
stages:
– build
– test
– deploy
variables:
MAVEN_OPTS: “-Dmaven.repo.local=$CI_PROJECT_DIR/.m2/repository”
cache:
paths:
– .m2/repository/
build:
stage: build
image: maven:3.8.4-openjdk-11
script:
– mvn clean package
artifacts:
paths:
– target/*.jar
test:
stage: test
image: maven:3.8.4-openjdk-11
script:
– mvn test
deploy:
stage: deploy
image: alpine:latest
script:
– apk add –no-cache openssh-client
– mkdir -p ~/.ssh
– echo “$SSH_PRIVATE_KEY” > ~/.ssh/id_rsa
– chmod 600 ~/.ssh/id_rsa
– ssh -o StrictHostKeyChecking=no $SERVER_USER@$SERVER_HOST “cd /path/to/app && git pull && systemctl restart app.service”
only:
– main
5.2 设置GitLab CI/CD变量
# 点击 “Settings” -> “CI/CD” -> “Variables”
# 点击 “Add variable”
# 输入变量名称和值
# 选择 “Protect variable” 和 “Mask variable”(对于敏感信息)
# 点击 “Add variable”
6. CI/CD最佳实践
遵循CI/CD最佳实践可以提高CI/CD流程的效率和可靠性。更多学习教程公众号风哥教程itpux_com
6.1 代码质量
- 使用静态代码分析工具(如SonarQube)
- 运行单元测试和集成测试
- 使用代码覆盖率工具(如JaCoCo)
- 实施代码审查流程
6.2 构建优化
# Jenkins Pipeline
pipeline {
agent any
options {
buildDiscarder(logRotator(numToKeepStr: ‘5’))
}
stages {
stage(‘Build’) {
steps {
sh ‘mvn clean package -DskipTests’
}
}
}
post {
success {
archiveArtifacts artifacts: ‘target/*.jar’, fingerprint: true
}
}
}
# GitHub Actions
jobs:
build:
runs-on: ubuntu-latest
steps:
– uses: actions/checkout@v2
– name: Cache Maven packages
uses: actions/cache@v2
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles(‘**/pom.xml’) }}
restore-keys: |
${{ runner.os }}-maven-
– name: Build with Maven
run: mvn clean package
6.3 部署策略
- 蓝绿部署:同时运行两个环境,切换流量
- 滚动部署:逐步更新实例
- 金丝雀部署:先部署到少量实例,验证后再全量部署
- 回滚策略:准备回滚方案,以便在部署失败时快速回滚
6.4 监控和日志
- 集成监控工具(如Prometheus、Grafana)
- 设置告警机制
- 集中管理日志(如ELK Stack)
- 监控CI/CD流程本身的执行情况
6.5 安全性
- 保护敏感信息(使用密钥管理)
- 定期更新依赖包
- 扫描容器镜像漏洞
- 实施最小权限原则
CI/CD是现代软件开发的重要实践,通过自动化的方式提高开发效率,确保代码质量,加快交付速度。掌握CI/CD的基础知识,结合现代CI/CD工具,可以构建出更加可靠、高效的软件开发流程。author:www.itpux.com
本文由风哥教程整理发布,仅用于学习测试使用,转载注明出处:http://www.fgedu.net.cn/10327.html
