Jenkins 2.3:Jenkins 从 Gitlab 拉取代码
2.3:Jenkins 从 Gitlab 拉取代码配置Jenkins能基于SSH的方式从Gitlab拉取指定的代码。具体实现方式是:创建Jenkins服务器的SSH密钥对;为相应的Gitlab用户添加密钥对的公钥,相当于Jenkins拉取代码时,使用的是该Gitlab用户,拥有其相应的代码克隆权限;Jenkins添加密钥对的私钥,实现基于key的连接;将Gitlab项目的SSH克隆地址配置到相应的
2.3:Jenkins 从 Gitlab 拉取代码
配置Jenkins能基于SSH的方式从Gitlab拉取指定的代码。具体实现方式是:
- 创建Jenkins服务器的SSH密钥对;
- 为相应的Gitlab用户添加密钥对的公钥,相当于Jenkins拉取代码时,使用的是该Gitlab用户,拥有其相应的代码克隆权限;
- Jenkins添加密钥对的私钥,实现基于key的连接;
- 将Gitlab项目的SSH克隆地址配置到相应的Jenkins任务中,在构建时将代码拉取到Jenkins服务器的相应目录,为接下来的测试、部署等操作做好准备。
2.3.1:Jenkins 服务器创建密钥对
root@jenkins:~# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:vEteNdz+UG6ovGyWMUjLUUSgMh/i0rScRlfa727ZGvc root@jenkins.yqc.com
The key's randomart image is:
+---[RSA 2048]----+
| o+o |
| = . |
| * = .. |
| * X .oo . |
| . B So += . .|
| o .+ooo + |
| o . o*= o|
| o o +*+.= |
| o +Bo E|
+----[SHA256]-----+
查看生成的公钥(将为Gitlab的某个用户配置):
root@jenkins:~# cat /root/.ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDacxPlA23FipKolinqtY9ZqT8uYmcFZDbqt0Gy6ZHPLLojckY9FWaDe0xoDSEB/5gREaqLtkfySDm89ZljG3v96Iq8Sq0lcz/tyknhhIAcZsBCAdexVENdGFwPtptNeanxKD3MQMfxGIn9gzPExnnIaIjb4ClU4qT3vAkitfzJFI8hfUin7joTUhgOYfwyNl3SshfUNfV13xG/CZplHdHdvyxKWxhRgM5gt8ucUEHohlBbQPqM1P5EVWGOF8Wi3dOeK+qfJWqXs/XAEDwRhWo7UW0m8WhqUrTX63P3c9DDYml+2PDoD39POIJ8XabRnKXpWjdNyndjukimxIeZ5M5D root@jenkins.yqc.com
查看生成的私钥(将为Jenkins配置):
root@jenkins:~# cat /root/.ssh/id_rsa
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEA2nMT5QNtxYqSqJYp6rWPWak/LmJnBWQ26rdBsumRzyy6I3JG
PRVmg3tMaA0hAf+YERGqi7ZH8kg5vPWZYxt7/eiKvEqtJXM/7cpJ4YSAHGbAQgHX
sVRDXRhcD7abTXmp8Sg9zEDH8RiJ/YMzxMZ5yGiI2+ApVOKk97wJIrX8yRSPIX1I
p+46E1IYDmH8MjZd0rIX1DX1dd8RvwmaZR3R3b8sSlsYUYDOYLfLnFBB6IZQW0D6
jNT+RFVhjhfFot3TnivqnyVql7P1wBA8EYVqO1FtJvFoalK01+tz93PQw2Jpftjw
6A9/TziCfF2m0Zyl6Vo3Tcp3Y7pIpsSHmeTOQwIDAQABAoIBAEV3vQbh/UGJnLPh
9Ph/vlNr//yXLF3JjbE8j7b+kfDJL3RgPbflG1GKnzSjoDCLgGdFL+/4Co8gqsPN
cnbS4a5QCfZw5Pj42oabAr2lrjvZ7R/QiDALNNThDz2r+1066HEZM/XFUA/6lr84
vvi/iTDTFVqewWYOIRnrARi5uOaUfaY6F6N8ozUyBLGnD2S9e07yump5Wnq9M+4E
AVVOYhcPBpoT2IaRXUS7nxXIdCg0RO8lpN0h0/Ek+QMgcgA4I/m0vr4xDLj8Crwo
RsQPMMWIxV8WeY+67ZinPG/ufiuQdvcZeblid05h6Px+e/cJARADwlaeS50Tx43Y
oUAFFFkCgYEA9I/GLgXp96xUDJglkrUANx1j9utOyvioRwjMewfM2XUNQ+UTveYe
n2PudDvzoCTKJ6ASBeKdPZ9O49sqptJCW2BomaMpu9QIMl43dtF7OmH/+oiuHVsq
EEHY+VUOKkiqYAFkPE26stcSZB5SemuMxcQIj/43dAUNWgFJxWUJt6cCgYEA5Kqn
ZSZOayLqH1DlsKyglkLyDzTwyNWV1Uwr9U1ToYjmm6v2806OOMnZJwLqL/ymwnQt
hLdNsJ1yjyPncZ82tLb3rOC3Yzhz8DCdS3rah3IeM8PwLNoDsLDKcpYtBbAbfWok
DefNAjYfXtaf8f8jnSnqSKMuHSLQM95QG/QxCAUCgYAk0QgaoZVJTc4RX044ubrg
kTIdV+syryBWIUL3OoNiMTbgA7pnGh9+C0M4iFXyw9cTBAvyitz1C+iKcNII7xpC
O09D4cZEmnTpcDmVT4/niB1LEAx2KuU4MVGCp4VMZEgRz+PRGDqE9c+09sOf3lUA
6LQJSVH7y07pP8xlRQKjfQKBgQDeGZ9jkLRkPVJXvnSKiPGlYTrJaGtjNolE1qpv
pX7QjC8pDvta0Xc0U2G3EY6zs1upzbwUhxJPtG37+Cyp4LH7Dyg74zxchA2gQyfU
k2xEWKRbNTpH5i3lZaINcC4ksyvQQdLpKremKTmJHT/XhjBqS7cCfHSi2hiN+KWo
sSManQKBgGqPTX6Y/7S3gvFRG3prU+IMiiq2WeI8UbGqtzgjp21vUkw6fqBg3rP5
B4Q23dqdhGANRn4HTuiHZqVoKj/HRsWIsbLmkpEutO89hHlcHF52o2mm5LMCEnjU
q0l0cFNoaV4bykIAONVPkJ4GUWAkuBOCvG/otdWc4e4QPSN+JByz
-----END RSA PRIVATE KEY-----
2.3.2:为 Gitlab 用户添加 SSH Key(公钥)
使用相应用户帐号登录Gitlab(这里直接使用的root管理员,意味着通过这个SSH密钥对验证成功后,Jenkins可以拉取所有项目的代码)。
点击右上角头像,打开Settings,进入用户设置界面:
点击SSH Keys,在key输入框中粘贴公钥内容,在Title框中输入Key名称用于标识,完成后点击Add key进行添加。
这样,就为Gitlab的root用户帐号添加了Jenkins服务器root用户的公钥。
测试SSH Key是否添加成功,可以使用Jenkins服务器的root用户,基于SSH的方式Clone代码,验证免密拉取代码。
root@jenkins:~# git clone git@192.168.1.121:test-software/test-app1.git
Cloning into 'test-app1'...
The authenticity of host '192.168.1.121 (192.168.1.121)' can't be established.
ECDSA key fingerprint is SHA256:7axVWAVMgqQAAr3voX79pFVkb0zNywL1j+eKpbtJVac.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.1.121' (ECDSA) to the list of known hosts.
remote: Enumerating objects: 10, done.
remote: Counting objects: 100% (10/10), done.
remote: Compressing objects: 100% (5/5), done.
remote: Total 10 (delta 1), reused 10 (delta 1)
Receiving objects: 100% (10/10), done.
Resolving deltas: 100% (1/1), done.
2.3.3:为 Jenkins 添加全局凭据(私钥)
使用管理员帐号登录Jenkins(这里是jenkins用户),打开系统管理-Manage Credentials,进入凭据管理页面:
鼠标移动到全局,点击出现的下三角,进入添加凭据页面:
选择以SSH用户+私钥的方式添加凭据,填写用户名和私钥,点击Add完成创建:
2.3.4:测试代码拉取
2.3.4.1:创建 Jenkins 任务
创建一个简单的拉取Gitlab代码的Jenkins任务,验证Jenkins是否可以成功从Gitlab拉取代码。
在首页点击新建任务,进行任务的创建。
因为只测试代码拉取,所以仅配置Gitlab的相关信息即可:
2.3.4.2:执行构建
任务创建完成后,会在首页的任务列表中看到,鼠标移动到任务名称,点击下三角,选择立即构建,执行任务:
2.3.4.3:查看控制台输出
首页点击任务名称,进入该任务。
找到相应的构建历史条目,鼠标移动到此处,点击下三角,进入控制台输出:
查看控制台输出信息:
2.3.4.4:查看拉取的代码
Jenkins使用Git源码管理拉取下来的代码都存放在/var/lin/jenkins/jobs/ITEM_NAME/workspace
下:
root@jenkins:~# ll /var/lib/jenkins/jobs/Gitlab\ SSH\ Clone\ Test/workspace
total 16
drwxr-xr-x 3 jenkins jenkins 4096 Apr 29 15:10 ./
drwxr-xr-x 5 jenkins jenkins 4096 Apr 29 15:10 ../
drwxr-xr-x 8 jenkins jenkins 4096 Apr 29 15:10 .git/
-rw-r--r-- 1 jenkins jenkins 87 Apr 29 15:10 index.html
更多推荐
所有评论(0)