admin/k3s-gitops
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
dfe1a41795a4e1b96d8ed789afcb58873cb18408
k3s-gitops/apps/demo
admin dfe1a41795 Update apps/demo
2026-01-06 07:27:29 +00:00

349 lines
11 KiB
Plaintext
Raw Blame History

// Declarative Jenkins Pipeline definition
pipeline {
// Jenkins can execute this pipeline on any available agent/node
agent any
// Global environment variables available in all stages
environment {
// Logical application name
// Used in Docker image name, Kubernetes deployment, labels, logs
APP_NAME = 'demo-nginx'
// Kubernetes namespace where the application is deployed
NAMESPACE = 'demo-app'
// Docker registry hostname
DOCKER_REGISTRY = 'docker.io'
// Docker Hub repository / namespace (Docker Hub username or org)
DOCKER_REPO = 'vladcrypto'
// Internal Gitea service URL (cluster-internal DNS)
GITEA_URL = 'http://gitea-http.gitea.svc.cluster.local:3000'
// Git repository path inside Gitea
GITEA_REPO = 'admin/k3s-gitops'
// Branch used for GitOps updates
GITEA_BRANCH = 'main'
// Jenkins build number (unique per run)
BUILD_TAG = "${env.BUILD_NUMBER}"
// Image tag composed of:
// - branch name (e.g. main, feature-x)
// - Jenkins build number
// Ensures traceability and uniqueness
IMAGE_TAG = "${env.BRANCH_NAME}-${env.BUILD_NUMBER}"
}
stages {
// ============================
// STAGE: Generate application source
// ============================
stage('Checkout Source') {
steps {
// Log message in Jenkins console
echo "Checking out application source code..."
// Shell block to generate Dockerfile dynamically
sh '''
# Create Dockerfile in workspace
cat > Dockerfile << 'EOF'
# Use lightweight official Nginx Alpine image
FROM nginx:1.25.3-alpine
# Replace default Nginx index page
# Embed Jenkins build number and image tag directly into HTML
RUN echo "<html><body>\
<h1>Demo Nginx - Build ${BUILD_NUMBER}</h1>\
<p>Environment: Production</p>\
<p>Version: ${IMAGE_TAG}</p>\
</body></html>" > /usr/share/nginx/html/index.html
# Copy custom Nginx configuration into container
COPY nginx.conf /etc/nginx/nginx.conf
# Expose HTTP port (documentation only, runtime handled by Kubernetes)
EXPOSE 80
# Run Nginx in foreground (required for containers)
CMD ["nginx", "-g", "daemon off;"]
EOF
'''
// Shell block to generate nginx.conf dynamically
sh '''
# Create Nginx configuration file
cat > nginx.conf << 'EOF'
# User under which Nginx worker processes run
user nginx;
# Automatically scale workers to CPU cores
worker_processes auto;
# Error log configuration
error_log /var/log/nginx/error.log warn;
# PID file location
pid /var/run/nginx.pid;
# Event handling configuration
events {
# Maximum number of simultaneous connections per worker
worker_connections 1024;
}
http {
# Load MIME types
include /etc/nginx/mime.types;
# Default MIME type
default_type application/octet-stream;
# Define access log format
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
# Enable access logging
access_log /var/log/nginx/access.log main;
# Enable zero-copy file transfers
sendfile on;
# Keepalive timeout for client connections
keepalive_timeout 65;
# HTTP server definition
server {
# Listen on port 80
listen 80;
# Default catch-all server name
server_name _;
# Root location serving static content
location / {
root /usr/share/nginx/html;
index index.html;
}
# Health endpoint for Kubernetes probes
location /health {
# Disable access logs for health checks
access_log off;
# Always return HTTP 200
return 200 "healthy\n";
# Explicit content type
add_header Content-Type text/plain;
}
}
}
EOF
'''
}
}
// ============================
// STAGE: Build Docker image
// ============================
stage('Build Docker Image') {
steps {
script {
// Log which image is being built
echo "Building Docker image: ${DOCKER_REGISTRY}/${DOCKER_REPO}/${APP_NAME}:${IMAGE_TAG}"
// Build Docker image
sh """
docker build \
# Versioned image tag
-t ${DOCKER_REGISTRY}/${DOCKER_REPO}/${APP_NAME}:${IMAGE_TAG} \
# Latest tag for convenience
-t ${DOCKER_REGISTRY}/${DOCKER_REPO}/${APP_NAME}:latest \
# Build context = current workspace
.
"""
// Success marker
echo "✅ Image built successfully!"
}
}
}
// ============================
// STAGE: Push image to registry
// ============================
stage('Push to Registry') {
// Execute this stage ONLY on main branch
when { branch 'main' }
steps {
script {
echo "Pushing image to registry..."
// Inject Docker registry credentials from Jenkins
withCredentials([usernamePassword(
credentialsId: 'docker-registry-credentials',
usernameVariable: 'DOCKER_USER',
passwordVariable: 'DOCKER_PASS'
)]) {
sh """
# Login to Docker registry using stdin (secure)
echo "\${DOCKER_PASS}" | docker login ${DOCKER_REGISTRY} \
-u "\${DOCKER_USER}" --password-stdin
# Push versioned image
docker push ${DOCKER_REGISTRY}/${DOCKER_REPO}/${APP_NAME}:${IMAGE_TAG}
# Push latest tag
docker push ${DOCKER_REGISTRY}/${DOCKER_REPO}/${APP_NAME}:latest
# Logout for security hygiene
docker logout ${DOCKER_REGISTRY}
"""
}
echo "✅ Image pushed successfully!"
}
}
}
// ============================
// STAGE: Update GitOps manifests
// ============================
stage('Update GitOps Manifests') {
// GitOps updates only from main branch
when { branch 'main' }
steps {
script {
echo "Updating Kubernetes manifests..."
// Inject Gitea credentials
withCredentials([usernamePassword(
credentialsId: 'gitea-credentials',
usernameVariable: 'GIT_USER',
passwordVariable: 'GIT_PASS'
)]) {
sh """
# Remove previous repo clone if exists
rm -rf k3s-gitops || true
# Clone GitOps repository with credentials
git clone http://\${GIT_USER}:\${GIT_PASS}@gitea-http.gitea.svc.cluster.local:3000/admin/k3s-gitops.git
# Enter repository directory
cd k3s-gitops
# Configure Git identity for Jenkins commits
git config user.name "Jenkins"
git config user.email "jenkins@thedevops.dev"
# Update image field in Kubernetes Deployment manifest
sed -i 's|image: .*|image: ${DOCKER_REGISTRY}/${DOCKER_REPO}/${APP_NAME}:${IMAGE_TAG}|' \
apps/demo-nginx/deployment.yaml
# Stage changed file
git add apps/demo-nginx/deployment.yaml
# Commit change (ignore if no diff)
git commit -m "chore(demo-nginx): Update image to ${IMAGE_TAG}" || echo "No changes"
# Push change to main branch
git push origin main
"""
}
echo "✅ Manifests updated!"
}
}
}
// ============================
// STAGE: Verify Kubernetes deployment
// ============================
stage('Verify Deployment') {
// Only verify deployments from main
when { branch 'main' }
steps {
script {
echo "Verifying deployment..."
sh """
# Give Kubernetes time to start rollout
sleep 30
# Check rollout status (do not fail pipeline hard)
kubectl rollout status deployment/${APP_NAME} \
-n ${NAMESPACE} --timeout=300s || true
# List pods for visibility
kubectl get pods -n ${NAMESPACE} -l app=${APP_NAME}
"""
echo "✅ Deployment completed!"
}
}
}
}
// ============================
// POST actions (always executed)
// ============================
post {
// On successful pipeline execution
success {
echo """
✅ Pipeline SUCCESS!
Image: ${DOCKER_REGISTRY}/${DOCKER_REPO}/${APP_NAME}:${IMAGE_TAG}
Namespace: ${NAMESPACE}
"""
}
// On pipeline failure
failure {
echo "❌ Pipeline failed!"
}
// Always executed (success or failure)
always {
// Cleanup local Docker images to free disk space
sh """
docker rmi ${DOCKER_REGISTRY}/${DOCKER_REPO}/${APP_NAME}:${IMAGE_TAG} || true
docker rmi ${DOCKER_REGISTRY}/${DOCKER_REPO}/${APP_NAME}:latest || true
# Stop and remove any temporary test containers
docker stop test-${BUILD_NUMBER} 2>/dev/null || true
docker rm test-${BUILD_NUMBER} 2>/dev/null || true
"""
// Clean Jenkins workspace directory
cleanWs()
}
}
}
Reference in New Issue View Git Blame Copy Permalink