15308555518/ website
1
0
Fork 0
mirror of https://github.com/kubesphere/website.git synced 2025-12-26 00:12:48 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

finish devops 

Signed-off-by: zhuxiujuan28 <562873187@qq.com>
This commit is contained in:
zhuxiujuan28 2024-10-23 17:29:27 +08:00
parent e48e27f664
commit 3b4e7b4929
61 changed files with 1205 additions and 1392 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
content/en/docs/v4.1/11-use-extensions/01-devops/01-overview.adoc
View File

@ -1,6 +1,6 @@
---
title: "Overview"
keywords: "Kubernetes, {ks_product}, DevOps, Overview"
keywords: "Kubernetes, {ks_product-en}, DevOps, Overview"
description: "Introduces the basic principles of DevOps."
weight: 01
---

2
content/en/docs/v4.1/11-use-extensions/01-devops/02-devops-projects/01-create-a-devops-project.adoc
View File

@ -1,6 +1,6 @@
---
title: "Create DevOps Projects"
keywords: "Kubernetes, {ks_product}, Workspace, DevOps Projects, Create DevOps Projects"
keywords: "Kubernetes, {ks_product-en}, Workspace, DevOps Projects, Create DevOps Projects"
description: "Learn how to create DevOps projects."
weight: 01
---

2
content/en/docs/v4.1/11-use-extensions/01-devops/02-devops-projects/02-view-a-devops-project-list.adoc
View File

@ -1,6 +1,6 @@
---
title: "View DevOps Project List"
keywords: "Kubernetes, {ks_product}, Workspace, DevOps Projects, View DevOps Project List"
keywords: "Kubernetes, {ks_product-en}, Workspace, DevOps Projects, View DevOps Project List"
description: "Learn how to view the DevOps project list."
weight: 02
---

2
content/en/docs/v4.1/11-use-extensions/01-devops/02-devops-projects/03-edit-devops-project-information.adoc
View File

@ -1,6 +1,6 @@
---
title: "Edit DevOps Project Information"
keywords: "Kubernetes, {ks_product}, Workspace Management, DevOps Projects, Edit DevOps Project Information"
keywords: "Kubernetes, {ks_product-en}, Workspace Management, DevOps Projects, Edit DevOps Project Information"
description: "Learn how to edit DevOps project information."
weight: 03
---

2
content/en/docs/v4.1/11-use-extensions/01-devops/02-devops-projects/04-delete-devops-projects.adoc
View File

@ -1,6 +1,6 @@
---
title: "Delete DevOps Projects"
keywords: "Kubernetes, {ks_product}, Workspace Management, DevOps Projects, Delete DevOps Project"
keywords: "Kubernetes, {ks_product-en}, Workspace Management, DevOps Projects, Delete DevOps Project"
description: "Learn how to delete DevOps projects."
weight: 04
---

2
content/en/docs/v4.1/11-use-extensions/01-devops/02-devops-projects/_index.adoc
View File

@ -1,6 +1,6 @@
---
title: "Manage DevOps Projects"
keywords: "Kubernetes, {ks_product}, Workspace, DevOps Projects"
keywords: "Kubernetes, {ks_product-en}, Workspace, DevOps Projects"
description: "Learn how to view and manage DevOps projects."
weight: 02
layout: "second"

2
content/en/docs/v4.1/11-use-extensions/01-devops/03-how-to-use/01-devops-project-management.adoc
View File

@ -1,6 +1,6 @@
---
title: "Create and Manage DevOps Projects"
keywords: "Kubernetes, {ks_product}, DevOps projects, DevOps project management"
keywords: "Kubernetes, {ks_product-en}, DevOps projects, DevOps project management"
description: "Demonstrates how to create and manage DevOps projects."
weight: 01
---

80
content/en/docs/v4.1/11-use-extensions/01-devops/03-how-to-use/02-pipelines/01-create-a-pipeline-using-graphical-editing-panel.adoc
View File

@ -1,6 +1,6 @@
---
title: "Create Pipelines Using the Graphic Editing Panel"
keywords: "Kubernetes, {ks_product}, DevOps projects, Using DevOps, Pipelines, Create Pipelines Using the Graphic Editing Panel"
title: "Create a Pipeline Using Graphic Editing Panels"
keywords: "Kubernetes, {ks_product-en}, DevOps projects, Using DevOps, Pipelines, Create Pipelines Using the Graphic Editing Panel"
description: "Introduces how to create pipelines using the graphic editing panel."
weight: 01
---
@ -14,15 +14,15 @@ This section demonstrates how to use the graphic editing panel to create pipelin
* **DevOps** must have been installed and enabled.
* Already have an account on link:http://www.dockerhub.com[Docker Hub].
* You have an account on link:http://www.dockerhub.com[Docker Hub].
* A workspace, a DevOps project, and a user (e.g. **project-regular**) have been created, and the user has been invited to the DevOps project with the **operator** role. Refer to link:../../05-devops-settings/02-role-and-member-management[Role and Member Management].
* A dedicated CI node has been set up to run pipelines. Refer to link:../../05-devops-settings/04-set-ci-node[Set up a CI node for caching dependencies].
* A dedicated CI node has been set up to run pipelines. Refer to link:../../05-devops-settings/04-set-ci-node[Set CI Nodes for Dependency Cache].
* Configured an email server to receive pipeline notifications (optional). Refer to link:../09-jenkins-email[Set up an email server for pipelines].
* An email server has been configured to receive pipeline notifications (optional). Refer to link:../09-jenkins-email[Set an Email Server for Pipelines].
* Configured SonarQube to include code analysis in the pipeline (optional). Refer to link:../../../04-how-to-integrate/01-sonarqube[Integrate SonarQube into the pipeline].
* SonarQube has been configured to include code analysis in the pipeline (optional). Refer to link:../../../04-how-to-integrate/01-sonarqube/[Integrate SonarQube into Pipelines].
== Pipeline Overview
@ -30,28 +30,28 @@ This example pipeline consists of the following stages:
[.admon.note,cols="a"]
|===
| Description
| Note
|
* **Stage 1: Checkout SCM**: Fetch the source code from the GitHub repository.
* **Stage 2: Unit Test**: Proceed to the next stage only after passing this test.
* **Stage 2: Unit Test**: It will not proceed with the next stage until the test is passed.
* **Stage 3: Code Analysis**: Configure SonarQube for static code analysis.
* **Stage 4: Build and Push**: Build the image, tag it as **snapshot-$BUILD_NUMBER**, and push it to Docker Hub, where **$BUILD_NUMBER** is the run ID of the record in the pipeline running records.
* **Stage 4: Build and Push**: Build the image, tag it as **snapshot-$BUILD_NUMBER**, and push it to Docker Hub, where **$BUILD_NUMBER** is the run ID of the record in the pipeline run records.
* **Stage 5: Artifacts**: Generate an artifact (JAR package) and save it.
|===
== Step 1: Create Credentials
. Log in to the {ks_product-en} web console with the **project-regular** user.
. Log in to the {ks_product-en} web console as the **project-regular** user.
. Click **Workspace Management** and navigate to your DevOps project. Under **DevOps Project Settings**, create the following credentials in the **Credentials** page. For more information on creating credentials, refer to link:../../05-devops-settings/01-credential-management[Credential Management].
+
--
//note
[.admon.note,cols="a"]
|===
| Note
@ -70,14 +70,14 @@ If your account or password contains special characters such as **@** and **$**,
|===
--
. Create another credential for SonarQube (**sonar-token**) for Stage 3 (Code Analysis). Choose the credential type **Access Token** and enter the SonarQube token in the **Token** field. Refer to link:../../../04-how-to-integrate/01-sonarqube[Create a SonarQube Token for a new project]. Click **OK** to complete the process.
. Create another credential for SonarQube (**sonar-token**) for Stage 3 (Code Analysis). Choose the credential type **Access Token** and enter the SonarQube token in the **Token** field. Refer to link:../../../04-how-to-integrate/01-sonarqube/#_create_a_sonarqube_token_for_the_new_project[Create a SonarQube Token for the New Project]. Click **OK** to complete the process.
. Once created, you will see the created credentials on the credentials page.
. Once created, you will see the credentials on the credentials page.
== Step 2: Create a Pipeline
. Log in to the {ks_product-en} web console with the **project-regular** user.
. Log in to the {ks_product-en} web console as the **project-regular** user.
. Click **Workspace Management** and navigate to your DevOps project. Click **Pipelines** and then click **Create**.
@ -109,7 +109,7 @@ If your account or password contains special characters such as **@** and **$**,
// note
[.admon.note,cols="a"]
|===
| Description
| Note
|
For other fields, use default values or refer to link:../05-pipeline-settings[Pipeline Settings] for custom configurations.
@ -128,7 +128,7 @@ For other fields, use default values or refer to link:../05-pipeline-settings[Pi
. Click **Next** and then click **Create**.
//note
[.admon.note,cols="a"]
|===
|Note
@ -141,7 +141,7 @@ The **Sync Status** on the pipeline details page shows the synchronization resul
The graphical editing panel consists of two areas: the **canvas** on the left and the **content** on the right. It automatically generates a Jenkinsfile based on your configurations for different stages and steps, providing a more user-friendly experience for developers.
//note
[.admon.note,cols="a"]
|===
|Note
@ -154,7 +154,7 @@ The pipeline includes link:https://www.jenkins.io/en/doc/book/pipeline/syntax/#d
. On the graphical editing panel, select **node** from the **Type** dropdown list and **maven** from the **Label** dropdown list.
+
--
//note
[.admon.note,cols="a"]
|===
|Note
@ -201,7 +201,7 @@ image:/images/ks-qkcp/en/devops-user-guide/use-devops/create-a-pipeline-using-gr
mvn clean test
----
//note
[.admon.note,cols="a"]
|===
|Note
@ -223,11 +223,11 @@ image:/images/ks-qkcp/en/devops-user-guide/use-devops/create-a-pipeline-using-gr
+
image:/images/ks-qkcp/en/devops-user-guide/use-devops/create-a-pipeline-using-graphical-editing-panel/maven_container.png[,100%]
. Click the **maven** container step and **Add nesting steps** to add a nested step. Click **WithCredentials** and select SonarQube token (**sonar-token**) from the **Credential Name** list. Enter **SONAR_TOKEN** in the **Variable** and click **OK**.
. Click the **maven** container step and **Add nesting steps** to add a nesting step. Click **WithCredentials** and select SonarQube token (**sonar-token**) from the **Credential Name** list. Enter **SONAR_TOKEN** in the **Variable** and click **OK**.
+
image:/images/ks-qkcp/en/devops-user-guide/use-devops/create-a-pipeline-using-graphical-editing-panel/sonarqube_credentials.png[,100%]
. Under the **WithCredentials** step, click **Add nesting steps** to add another nested step.
. Under the **WithCredentials** step, click **Add nesting steps** to add another nesting step.
+
image:/images/ks-qkcp/en/devops-user-guide/use-devops/create-a-pipeline-using-graphical-editing-panel/nested_step.png[,100%]
@ -235,7 +235,7 @@ image:/images/ks-qkcp/en/devops-user-guide/use-devops/create-a-pipeline-using-gr
+
image:/images/ks-qkcp/en/devops-user-guide/use-devops/create-a-pipeline-using-graphical-editing-panel/sonar_env.png[,100%]
. Under the **WithSonarQubeEnv** step, click **Add nesting steps** to add another nested step.
. Under the **WithSonarQubeEnv** step, click **Add nesting steps** to add another nesting step.
+
image:/images/ks-qkcp/en/devops-user-guide/use-devops/create-a-pipeline-using-graphical-editing-panel/add_nested_step.png[,100%]
@ -293,7 +293,7 @@ image::/images/ks-qkcp/en/devops-user-guide/use-devops/create-a-pipeline-using-g
image::/images/ks-qkcp/en/devops-user-guide/use-devops/create-a-pipeline-using-graphical-editing-panel/docker_credential.png[100%]
//note
[.admon.note,cols="a"]
|===
|Note
@ -325,7 +325,7 @@ docker push $REGISTRY/$DOCKERHUB_NAMESPACE/$APP_NAME:SNAPSHOT-$BUILD_NUMBER
image::/images/ks-qkcp/en/devops-user-guide/use-devops/create-a-pipeline-using-graphical-editing-panel/push_to_docker.png[100%]
--
=== Stage 5: Generate Artifacts
=== Stage 5: Artifacts
. Click the plus icon to the right of the **Build and Push** stage to add a new stage for storing artifacts, name it **Artifacts**. In this example, a JAR file is used.
+
@ -343,41 +343,41 @@ image:/images/ks-qkcp/en/devops-user-guide/use-devops/create-a-pipeline-using-gr
. Click the **Run Records** tab to view the running status of the pipeline and click a record to see details.
. If the pipeline reaches the **Push with Tag** stage, it will pause at this stage and require a user with approval permissions to click **Continue**.
. If the pipeline reaches the **Push with Tag** stage, it will pause at this stage and require a user with approval permissions to click **Proceed**.
. Log in to the {ks_product-en} web console as the **project-admin** user, navigate to **Workspace Management**, access your DevOps project, and click the **graphical-pipeline** pipeline. Under the **Run Records** tab, click the record to be reviewed and click **Proceed** to approve the pipeline.
. Log in to the {ks_product-en} web console as the **project-admin** user, navigate to **Workspace Management**, access your DevOps project, and click the **graphical-pipeline** pipeline. Under the **Run Records** tab, click the record to be reviewed and click **Continue** to approve the pipeline.
//note
[.admon.note,cols="a"]
|===
|Note
|
To simultaneously run multiple pipelines that do not include multibranch pipelines, select these pipelines on the **Pipelines** list page and click **Run** to run them in bulk.
To simultaneously run multiple pipelines that do not include multibranch configurations, select these pipelines on the **Pipelines** list page and click **Run** to run them in bulk.
|===
== 步骤 5查看流水线详情
== Step 5: View Pipeline Details
. 以 **project-regular** 用户登录 {ks_product_both} Web 控制台,点击**企业空间管理**并进入您的 DevOps 项目,点击 **graphical-pipeline** 流水线。
. Log in to the {ks_product-en} web console as the **project-regular** user, navigate to **Workspace Management**, access your DevOps project, and click the **graphical-pipeline** pipeline.
. 在**运行记录**页签下,点击**状态**下的记录,进入**运行记录**详情页。如果任务状态为**成功**,流水线所有阶段都会显示**成功**。
. Under the **Run Records** tab, click a record under **Status** to access the details of the run record. If the task status is **Successful**, all stages of the pipeline will show **Successful**.
. 在**运行日志**页签下,点击每个阶段查看其详细日志。点击**查看完整日志**,根据日志排除故障和问题,也可以将日志下载到本地进行进一步分析。
. Under the **Run Logs** tab, click each stage to view detailed logs. Click **View Full Logs** to troubleshoot and analyze issues based on the logs, which can also be downloaded for further analysis.
== 步骤 6下载制品
== Step 6: Download Artifacts
在**运行记录**详情页,点击**制品**页签,然后点击制品右侧的图标下载该制品。
On the **Artifacts** tab of the run record details page, click the icon next to the artifact to download it.
== 步骤 7查看代码分析结果
== Step 7: View Code Analysis Results
在**代码检查**页面,查看由 SonarQube 提供的本示例流水线的代码分析结果。如果没有事先配置 SonarQube则该部分不可用。有关更多信息请参阅link:../../../04-how-to-integrate/01-sonarqube/[将 SonarQube 集成到流水线]。
Navigate to the **Code Check** page to view the code analysis results provided by SonarQube for this pipeline. This page will be unavailable if SonarQube has not been configured beforehand. For more information, refer to link:../../../04-how-to-integrate/01-sonarqube/[Integrate SonarQube into Pipelines].
== 步骤 8验证 Kubernetes 资源
== Step 8: Verify Kubernetes Resources
如果流水线的每个阶段都成功运行,则会自动构建一个 Docker 镜像并推送至您的 Docker Hub 仓库。
If each stage of the pipeline runs successfully, a Docker image will be automatically built and pushed to your Docker Hub repository.
. 流水线成功运行后,会推送一个镜像至 Docker Hub。登录 Docker Hub 查看结果。
. After a successful pipeline run, an image will be pushed to Docker Hub. Log in to Docker Hub to view the result.
+
image:/images/ks-qkcp/en/devops-user-guide/use-devops/create-a-pipeline-using-graphical-editing-panel/dockerhub_image.png[,100%]
. 该应用名称为 **APP_NAME** 的值,本示例中即 **devops-sample**。Tag 为 **SNAPSHOT-$BUILD_NUMBER** 的值,**$BUILD_NUMBER** 即**运行记录**页签下记录的**运行 ID**。
. The application name is **APP_NAME**, which in this example is **devops-sample**. The tag value is **SNAPSHOT-$BUILD_NUMBER**, where **$BUILD_NUMBER** corresponds to the **Run ID** listed under the **Run Records** tab.

388
content/en/docs/v4.1/11-use-extensions/01-devops/03-how-to-use/02-pipelines/02-create-a-pipeline-using-jenkinsfile.adoc
View File

@ -1,356 +1,301 @@
---
title: "使用 Jenkinsfile 创建流水线"
keywords: "Kubernetes, {ks_product}, DevOps 项目, 使用 DevOps, 流水线, 使用 Jenkinsfile 创建流水线"
description: "介绍如何使用 Jenkinsfile 创建流水线。"
title: "Create a Pipeline Using a Jenkinsfile"
keywords: "Kubernetes, {ks_product-en}, DevOps projects, using DevOps, pipelines, creating pipelines using Jenkinsfile"
description: "Introduction to creating pipelines using Jenkinsfile."
weight: 02
---
Jenkinsfile 是一个文本文件,包含 Jenkins 流水线的定义并被检入源代码控制仓库。Jenkinsfile 将整个工作流存储为代码,因此它是代码审查和流水线迭代过程的基础。有关更多信息,请参阅 link:https://www.jenkins.io/zh/doc/book/pipeline/jenkinsfile/[Jenkins 官方文档]。
A Jenkinsfile is a text file that contains the definition of a Jenkins pipeline and is checked into a source code control repository. As it stores the entire workflow as code, the Jenkinsfile forms the basis for code reviews and pipeline iterations. For more information, refer to the link:https://www.jenkins.io/zh/doc/book/pipeline/jenkinsfile/[Jenkins Documentation].
This document demonstrates how to create a pipeline based on a Jenkinsfile from a GitHub repository.
本文档演示如何基于 GitHub 仓库中的 Jenkinsfile 创建流水线。
// 本文档演示如何基于 GitHub 仓库中的 Jenkinsfile 创建流水线,并使用该流水线将示例应用程序分别部署到可从外部访问的开发环境和生产环境。
//note
[.admon.note,cols="a"]
|===
|说明
|Note
|
DevOps 支持创建两种类型的流水线:一种是本文档中介绍的基于 SCM 中 Jenkinsfile 创建的流水线另一种是link:../01-create-a-pipeline-using-graphical-editing-panel/[通过图形编辑面板创建的流水线]。
Jenkinsfile in SCM 需要源代码管理 (SCM) 中有内置 Jenkinsfile换句话说Jenkinsfile 必须是 SCM 的一部分。DevOps 系统会根据代码仓库的现有 Jenkinsfile 自动构建 CI/CD 流水线。通过定义工作流,例如 **stage** 和 **step** 可以满足特定的构建、测试和部署要求。
DevOps supports creating two types of pipelines: pipelines created based on a Jenkinsfile in SCM as described in this document, and link:../01-create-a-pipeline-using-graphical-editing-panel/[pipelines created through the graphical editing panel].
The Jenkinsfile in SCM requires an internal Jenkinsfile in Source Control Management (SCM), meaning the Jenkinsfile must be part of the SCM. The DevOps system automatically builds the CI/CD pipeline based on the existing Jenkinsfile in the code repository. By defining workflows such as **stage** and **step**, specific build, test, and deployment requirements can be met.
|===
== Prerequisites
* **DevOps** must have been installed and enabled.
* 已有一个 link:https://hub.docker.com/[Docker Hub] 账户和一个 link:https://github.com/[GitHub] 账户。
* You have a link:https://hub.docker.com[Docker Hub] account and a link:https://github.com[GitHub] account.
* 已创建一个企业空间、一个 DevOps 项目和一个用户 (例如 **project-regular**),并已邀请该用户至 DevOps 项目且授予 **operator** 角色。请参阅link:../../05-devops-settings/02-role-and-member-management[角色和成员管理]。
* A workspace, a DevOps project, and a user (e.g. **project-regular**) have been created, and the user has been invited to the DevOps project with the **operator** role. Refer to link:../../05-devops-settings/02-role-and-member-management[Role and Member Management].
* 已设置 CI 专用节点用于运行流水线。请参阅link:../../05-devops-settings/04-set-ci-node/[为依赖项缓存设置 CI 节点]。
* A dedicated CI node has been set up to run pipelines. Refer to link:../../05-devops-settings/04-set-ci-node[Set CI Nodes for Dependency Cache].
* 已安装和配置 SonarQube可选。请参阅link:../../../04-how-to-integrate/01-sonarqube/[将 SonarQube 集成到流水线]。如果跳过这一部分,则没有下面的 **SonarQube 分析**阶段。
* SonarQube has been installed and configured (optional). Refer to link:../../../04-how-to-integrate/01-sonarqube/[Integrate SonarQube into Pipelines]. If you skip this, the **SonarQube Analysis** stage will be omitted.
== 流水线概述
== Pipeline Overview
本示例流水线包括以下阶段。
This example pipeline consists of the following stages:
//note
[.admon.note,cols="a"]
|===
|说明
| Note
|
* **阶段 1Checkout SCM**:从 GitHub 仓库检出源代码。
* **Stage 1: Checkout SCM**: Fetch the source code from the GitHub repository.
* **阶段 2单元测试**:待该测试通过后才会进行下一阶段。
* **Stage 2: Unit Test**: It will not proceed with the next stage until the test is passed.
* **阶段 3SonarQube 分析**SonarQube 代码质量分析。
* **Stage 3: SonarQube Analysis**: The SonarQube code quality analysis.
* **阶段 4构建并推送快照镜像**:根据**策略设置**中选定的分支来构建镜像,并将 **SNAPSHOT-$BRANCH_NAME-$BUILD_NUMBER** 标签推送至 Docker Hub其中 **$BUILD_NUMBER** 是流水线运行记录列表中的记录的运行 ID。
* **Stage 4: Build and Push**: Build an image based on the selected branches in **Strategy Settings** and push the **SNAPSHOT-$BRANCH_NAME-$BUILD_NUMBER** tag to Docker Hub, where **$BUILD_NUMBER** is the run ID of the record in the pipeline run records.
* **阶段 5推送最新镜像**:将 v4.1.0-sonarqube 分支标记为 **latest**,并推送至 Docker Hub。
// * **阶段 6部署至开发环境**:将 v4.1.0-sonarqube 分支部署到开发环境,此阶段需要审核。
* **阶段 6带标签推送**:生成标签并发布到 GitHub该标签会推送到 Docker Hub。
// * **阶段 8部署至生产环境**:将已发布的标签部署到生产环境。
* **Stage 5: Push Latest**: Tag the `v4.1.0-sonarqube` branch as **latest** and push it to Docker Hub.
* **Stage 6: Push with Tag**: Generate a tag and release it to GitHub, which will be pushed to Docker Hub.
|===
== 步骤 1创建凭证
. 以 **project-regular** 用户登录{ks_product_both} Web 控制台。
== Step 1: Create Credentials
. 点击**企业空间管理**并进入您的 DevOps 项目,在 **DevOps 项目设置**下的**凭证**页面创建以下凭证。有关如何创建凭证的更多信息请参阅link:../../05-devops-settings/01-credential-management/[凭证管理]。
. Log in to the {ks_product-en} web console as the **project-regular** user.
. Click **Workspace Management** and navigate to your DevOps project. Under **DevOps Project Settings**, create the following credentials in the **Credentials** page. For more information on creating credentials, refer to link:../../05-devops-settings/01-credential-management[Credential Management].
+
--
//note
[.admon.note,cols="a"]
|===
|说明
| Note
|
如果您的账户或密码中包含任何特殊字符,例如 **@** 和 **$**,可能会因为无法识别而在流水线运行时导致错误。在这种情况下,请先在一些第三方网站(例如 link:https://www.urlencoder.org/[urlencoder])上对账户或密码进行编码,然后将输出结果复制粘贴作为您的凭证信息。
If your account or password contains special characters such as **@** and **$**, errors may occur during pipeline runs due to unrecognized characters. In such cases, encode your account or password on a third-party website (e.g., link:https://www.urlencoder.org[urlencoder]) and then copy and paste the encoded result as your credential information.
|===
[%header,cols="1a,2a,2a"]
|===
|凭证 ID |类型 |用途
| Credential ID | Type | Where to use
|dockerhub-id
|用户名和密码
|Docker Hub
| dockerhub-id
| Username and Password
| Docker Hub
|github-id
|用户名和密码
|GitHub
// |demo-kubeconfig
// |kubeconfig
// |Kubernetes
| Username and Password
| GitHub
|===
--
. 再为 SonarQube 创建一个凭证 (**sonar-token**),用于上述的阶段 3代码分析。凭证类型选择**访问令牌**,在**令牌**字段输入 SonarQube 令牌请参阅link:../../../04-how-to-integrate/01-sonarqube/[为新项目创建 SonarQube 令牌 (Token)]。点击**确定**完成操作。
. Create another credential for SonarQube (**sonar-token**) for Stage 3 (Code Analysis). Choose the credential type **Access Token** and enter the SonarQube token in the **Token** field. Refer to link:../../../04-how-to-integrate/01-sonarqube/#_create_a_sonarqube_token_for_the_new_project[Create a SonarQube Token for the New Project]. Click **OK** to complete the process.
. 还需要创建具有如下图所示权限的 GitHub 个人访问令牌 (PAT),然后在 DevOps 项目中,使用生成的令牌创建用于 GitHub 认证的账户凭证(例如,**github-token**)。
. You also need to create a GitHub Personal Access Token (PAT) with the permissions shown in the following image. Then, in the DevOps project, use the generated token to create account credentials for GitHub authentication (e.g., **github-token**).
+
--
image:/images/ks-qkcp/zh/devops-user-guide/use-devops/create-a-pipeline-using-a-jenkinsfile/github-token-scope.png[,100%]
//note
[.admon.note,cols="a"]
|===
|说明
|Note
|
如需创建 GitHub 个人访问令牌,请转到您 GitHub 账户的 **Settings**,点击 **Developer settings**,选择 **Personal access tokens**,然后点击 **Generate new token**。
To create a GitHub Personal Access Token, go to your GitHub account's **Settings**, click **Developer settings**, select **Personal access tokens**, and then click **Generate new token**.
|===
--
. 您将在凭证页面看到已创建的凭证。
. Once created, you will see the credentials on the credentials page.
== 步骤 2在 GitHub 仓库中修改 Jenkinsfile
== Step 2: Modify the Jenkinsfile in your GitHub repository
. 登录 GitHub 并 Fork GitHub 仓库 link:https://github.com/kubesphere/devops-maven-sample[devops-maven-sample] 的所有分支至您的 GitHub 个人账户。
. Log in to GitHub and fork all branches of the repository link:https://github.com/kubesphere/devops-maven-sample[devops-maven-sample] to your personal GitHub account.
. 在您自己的 GitHub 仓库 **devops-maven-sample** 中,切换到 v4.1.0-sonarqube 分支,点击根目录中的文件 **Jenkinsfile-online**。
. In your GitHub repository **devops-maven-sample**, switch to the `v4.1.0-sonarqube` branch and click on the file **Jenkinsfile-online** in the root directory.
. 点击右侧的编辑图标,编辑环境变量。
. Click the edit icon on the right to edit the environment variables.
+
--
[%header,cols="1a,2a,2a"]
[%header,cols="1a,1a,2a"]
|===
|条目 |值 |描述信息
|Entry |Value |Description
|DOCKER_CREDENTIAL_ID
|dockerhub-id
|您在{ks_product_both}中为 Docker Hub 账户设置的**名称**。
|The **name** for your Docker Hub account in KubeSphere.
|GITHUB_CREDENTIAL_ID
|github-id
|您在{ks_product_both}中为 GitHub 账户设置的**名称**,用于将标签推送至您的 GitHub 仓库。
// |KUBECONFIG_CREDENTIAL_ID
// |demo-kubeconfig
// |您在{ks_product_both}中为 kubeconfig 设置的**名称**,用于访问运行中的 Kubernetes 集群。
|The **name** for your GitHub account in KubeSphere to push tags to your GitHub repository.
|REGISTRY
|docker.io
|默认为 **docker.io**,用作推送镜像的地址。
|It defaults to **docker.io**, used as the address to push images.
|DOCKERHUB_NAMESPACE
|your-dockerhub-id
|请替换为您的 Docker Hub 账户名,也可以替换为该账户下的 Organization 名称。
|Replace it with your Docker Hub account name or the organization name under that account.
|GITHUB_ACCOUNT
|your-github-id
|请替换为您的 GitHub 账户名。例如,如果您的 GitHub 地址是 link:https://github.com/kubesphere/[],则您的 GitHub 账户名为 **kubesphere**,也可以替换为该账户下的 Organization 名称。
|Replace it with your GitHub account name. For example, if your GitHub URL is link:https://github.com/kubesphere/[], your GitHub account name is **kubesphere** or the organization name under that account.
|APP_NAME
|devops-maven-sample
|应用名称。
|The application name.
|SONAR_CREDENTIAL_ID
|sonar-token
|您在{ks_product_both}中为 SonarQube 令牌设置的**名称**,用于代码质量检测。
|The **name** for the SonarQube token in KubeSphere used for code quality checks.
|===
//note
[.admon.note,cols="a"]
|===
|说明
|Note
|
Jenkinsfile 中 **mvn** 命令的参数 **-o** 表示开启离线模式。本教程中已下载相关依赖项,以节省时间并适应某些环境中的网络干扰。离线模式默认开启。
In the Jenkinsfile, the **-o** parameter for the **mvn** command enables offline mode. Relevant dependencies have been downloaded in this tutorial to save time and accommodate network disruptions in certain environments. Offline mode is enabled by default.
|===
--
. 编辑环境变量后,点击 **Commit changes**,更新 v4.1.0-sonarqube 分支中的文件。
. After editing the environment variables, click **Commit changes** to update the file in the `v4.1.0-sonarqube` branch.
// == 步骤 3创建项目
== Step 3: Create a Pipeline
// 创建两个项目,例如 **kubesphere-sample-dev** 和 **kubesphere-sample-prod**,分别代表开发环境和生产环境。待流水线成功运行,将在这两个项目中自动创建应用程序的相关部署 (Deployment) 和服务 (Service)。
. Log in to {ks_product-en} web console as the **project-regular** user.
// //note
// [.admon.note,cols="a"]
// |===
// |说明
. Click **Workspace Management** and navigate to your DevOps project. Click **Pipelines** and then click **Create**.
// |
// 您需要提前创建 **project-admin** 账户,用作 CI/CD 流水线的审核者。
. In the pop-up dialog, name it **jenkinsfile-in-scm**.
// |===
. Under **Pipeline Type**, select **Multi-branch Pipeline**.
// . 以 **project-admin** 用户登录{ks_product_left},在创建 DevOps 项目的企业空间中创建以下两个项目。
// +
// --
// [%header,cols="1a,1a"]
// |===
// |项目名称|别名
// |kubesphere-sample-dev
// |development environment
// |kubesphere-sample-prod
// |production environment
// |===
// --
// . 邀请 **project-regular** 账户至这两个项目,并赋予 **operator** 角色。
== 步骤 3创建流水线
. 以 **project-regular** 用户登录{ks_product_both} Web 控制台。
. 点击**企业空间管理**并进入您的 DevOps 项目,在**流水线**页面点击**创建**。
. 在弹出的对话框中,将其命名为 **jenkinsfile-in-scm**。
. 在**流水线类别**下,选择**多分支流水线**。
. 在**代码仓库**下,选择一个代码仓库,点击**下一步**继续。
. Under **Code Repository**, choose a code repository and click **Next** to proceed.
+
--
若没有可用的代码仓库,点击下方的**创建代码仓库**。有关更多信息请参阅link:../../04-import-code-repositories/[导入代码仓库]。
If there are no available code repositories, click **Create a code repository** below. For more information, see link:../../04-import-code-repositories/[Import Code Repositories].
--
.. 在**导入代码仓库**对话框,输入代码仓库名称(自定义),点击选择代码仓库。
.. In the **Import Code Repository** dialog, enter a custom code repository name and click **Select a code repository**.
.. 在 **GitHub** 页签,从**凭证**的下拉菜单中选择 **github-token**,然后点击**确定**。
.. On the **GitHub** tab, select **github-token** from the **Credential** dropdown menu and click **OK**.
.. 在 GitHub 列表中,选择您的 GitHub 账户,与该令牌相关的所有仓库将在右侧列出。选择 **devops-maven-sample** 并点击**选择**。
.. In the GitHub list, select your GitHub account, and all repositories associated with that token will be listed on the right. Choose **devops-maven-sample** and click **Select**.
.. 点击**确定**选择您的代码仓库。
.. Click **OK** to select your code repository.
. 在**高级设置**中,勾选**删除旧分支**。本教程中,建议**分支保留天数(天)**和**分支最大数量**使用默认值。
. In **Advanced Settings**, check **Delete outdated branches**. In this tutorial, it is recommended to leave **Branch Retention Period (days)** and **Maximum Branches** at their default values.
+
--
删除旧分支意味着您将一并丢弃分支记录。分支记录包括控制台输出、已归档制品以及特定分支相关的其他元数据。更少的分支意味着您可以节省 Jenkins 正在使用的磁盘空间。DevOps 提供两个选项来确定何时丢弃旧分支:
Delete outdated branches means that you will discard the branch record all together. The branch record includes console output, archived artifacts and other relevant metadata of specific branches. Fewer branches mean that you can save the disk space used by Jenkins. KubeSphere provides two options to determine when old branches are discarded:
* 分支保留天数(天):超过保留期限的分支将被删除。
* Branch Retention Period (days). Branches that exceed the retention period are deleted.
* Maximum Branches. The earliest branch is deleted when the number of branches exceeds the maximum number.
* 分支最大数量:分支数量超过最大数量时,删除最旧的分支。
//note
[.admon.note,cols="a"]
|===
|说明
|Note
|
**分支保留天数(天)**和**分支最大数量**可以同时应用于分支。只要某个分支满足其中一个字段所设置的条件,则会删除该分支。例如,如果您将保留天数和最大分支数分别指定为 2 和 3待某个分支的保留天数超过 2 或者分支保留数量超过 3则会删除该分支。DevOps 默认用 7 和 5 预填充这两个字段。
**Branch Retention Period (days)** and **Maximum Branches** apply to branches at the same time. As long as a branch meets the condition of either field, it is deleted. For example, if you specify 2 as the retention period and 3 as the maximum number of branches, any branch that exceed either number is deleted. DevOps prepopulates these two fields with 7 and 5 by default respectively.
|===
--
. 在**策略设置**中DevOps 默认提供四种策略。本示例不会使用**从 Fork 仓库中发现 PR** 这条策略,因此您可以删除该策略。对于其他策略,无需修改设置,直接使用默认值即可。
. In **Strategy Settings**, DevOps offers four strategies by default. You can delete **Discover PRs from Forks**, as this strategy will not be used in this example. For other strategies, no need to change the setting and you can use the default value directly.
+
--
Jenkins 流水线运行时,开发者提交的 Pull Request (PR) 也将被视为一个单独的分支。
**发现分支**
* **排除已提交 PR 的分支**:不扫描源分支,例如源仓库的 master 分支。需要合并这些分支。
* **只包括已提交 PR 的分支**:仅扫描 PR 分支。
* **包括所有分支**:拉取源仓库中的所有分支。
**从原仓库发现 PR**
* **拉取 PR 合并后的代码**PR 合并到目标分支后,基于源代码创建并运行流水线。
* **拉取 PR 提交时的代码**:根据 PR 本身的源代码创建并运行流水线。
* **分别创建两个流水线**:创建两个流水线,一个流水线使用 PR 与目标分支合并后的源代码版本,另一个使用 PR 本身的源代码版本。
//note
[.admon.note,cols="a"]
|===
|说明
|Note
|
选择 GitHub 作为代码仓库,才能启用此处的**策略设置**设置。
To enable **Strategy Settings** here, you should select GitHub as the code repository.
|===
As a Jenkins pipeline runs, the Pull Request (PR) submitted by developers will also be regarded as a separate branch.
**Discover Branches**
* **Exclude branches field as PRs**. The source branch is not scanned such as the origin's master branch. These branches need to be merged.
* **Include only branches filed as PRs**. Only scan the PR branch.
* **Include all branches**. Pull all the branches from the repository origin.
**Discover PRs from Origin**
* **Pull the code with the PR merged**. A pipeline is created and runs based on the source code after the PR is merged into the target branch.
* **Pull the code at the point of the PR**. A pipeline is created and runs based on the source code of the PR itself.
* **Create two pipelines respectively**. Two pipelines are created, one is based on the source code after the PR is merged into the target branch, and the other is based on the source code of the PR itself.
--
. 向下滚动到**脚本路径**,将其更改为 **Jenkinsfile-online**,这是示例仓库中位于根目录下的 Jenkinsfile 的文件名。该字段指定代码仓库中的 Jenkinsfile 路径。它表示仓库的根目录。如果文件位置变更,则脚本路径也需要更改。
. Scroll down to **Script Path**, set it to **Jenkinsfile-online**, which is the file name of Jenkinsfile in the example repository located in the root directory. The field specifies the Jenkinsfile path in the code repository. It indicates the repository's root directory. If the file location changes, the script path also needs to be changed.
. 在**扫描触发器**中,勾选**定时扫描**并设置时间间隔为 **5 分钟**。点击**创建**完成配置。
//note
. In **Scan Trigger**, select **Scan periodically** and set the interval to **5 minutes**. Click **Create** to finish.
+
[.admon.note,cols="a"]
|===
|说明
|Note
|
设置特定的时间间隔让流水线扫描远程仓库,以便根据您在**策略设置**中设置的策略来检测代码更新或新的 PR。
You can set a specific interval to allow pipelines to scan remote repositories, so that any code updates or new PRs can be detected based on the strategy you set in **Strategy Settings**.
|===
== 步骤 4运行流水线
== Step 4: Run the pipeline
. 流水线创建后,会展示在列表中。点击流水线名称查看其详情页。
. After a pipeline is created, click its name to go to its details page.
+
--
//note
[.admon.note,cols="a"]
|===
|说明
|Note
|
* 在**流水线**列表页面点击该流水线右侧的image:/images/ks-qkcp/zh/icons/more.svg[more,18,18],选择**复制**来创建该流水线的副本。
* 如果要同时运行多个不包含多分支的流水线,在**流水线**列表页面,全部选中这些流水线,然后点击**运行**来批量运行它们。
* 流水线详情页面的**同步状态**,显示了{ks_product_both}和 Jenkins 之间的同步结果。若同步成功,将显示**成功**以及绿色的对号图标。
* On the **Pipelines** list page, click the image:/images/ks-qkcp/zh/icons/more.svg[more,18,18] icon on the right of the pipeline, and select **Copy** to create a duplicate of that pipeline.
* To simultaneously run multiple pipelines that do not include multibranch configurations , select these pipelines on the **Pipelines** list page and click **Run** to run them in bulk.
* The **Sync Status** on the pipeline details page shows the synchronization result between KubeSphere and Jenkins. If the synchronization is successful, it will display **Successful** along with a green checkmark icon.
|===
--
. 在**运行记录**页签下,正在扫描多个分支。点击右侧的**运行**,流水线将根据您设置的行为策略来运行。从下拉列表中选择 **v4.1.0-sonarqube** 分支,然后添加标签号,例如 **v0.0.2**。点击**确定**开始运行。
. Under **Run Records**, multiple branches are being scanned. Click **Run** on the right and the pipeline runs based on the behavioral strategy you set. Select **v4.1.0-sonarqube** from the drop-down list and add a tag number such as `v0.0.2`. Click **OK** to trigger a new run.
+
--
//note
[.admon.note,cols="a"]
|===
|说明
|Note
|
* 如果您在此页面上未看到任何运行记录,则需要手动刷新浏览器或点击**更多操作**按钮中的**扫描仓库**。
* 标签名称用于在 GitHub 和 Docker Hub 中指代新生成的发布版本和镜像。现有标签名称不能再次用于字段 **TAG_NAME**。否则,流水线将无法成功运行。
* If you do not see any run records on this page, you need to refresh your browser manually or click **More > Scan Repository**.
* The tag name is used to refer to the newly generated release and image in GitHub and Docker Hub. Existing tag names cannot be reused for the **TAG_NAME** field. Otherwise, the pipeline will not be running successfully.
|===
--
. 稍等片刻,点击运行记录查看详情。
. Wait for a while, click run records to view details.
+
--
//note
[.admon.note,cols="a"]
|===
|说明
|Note
|
运行失败可能由不同因素所引起。本示例中,在上述步骤中编辑分支的环境变量时,仅更改了 v4.1.0-sonarqube 分支的 Jenkinsfile。而 v4.1.0 分支中的这些变量没有修改(使用了错误的 GitHub 和 Docker Hub 账户从而导致失败。其他原因如网络问题、Jenkinsfile 中的编码不正确等也可能导致运行失败。
Activity failures may be caused by different factors. In this example, only the Jenkinsfile of the branch `v4.1.0-sonarqube` is changed as you edit the environment variables in the steps above. While, these variables in the v4.1.0 branch remain unchanged (namely, wrong GitHub and Docker Hub account). If you choose v4.1.0 branch to run, it will result in a failure. Other reasons for failures may be network issues, incorrect coding in the Jenkinsfile and so on.
在运行记录详情页的**运行日志**页签下,查看其日志的详细信息,根据日志排除故障和问题。
In the **Run Logs** tab on the run record details page, you can view detailed information of the logs to troubleshoot and resolve issues.
|===
--
. 流水线如果运行到 **Push with Tag** 阶段,会在此阶段暂停,需要具有审核权限的用户点击**继续**。
// . 流水线如果运行成功,会在 **deploy to dev** 阶段暂停,需要具有审核权限的用户点击**继续**。
. If the pipeline reaches the **Push with Tag** stage, it will pause at this point and require a user with approval permissions to click **Proceed**.
+
--
// 在 Jenkinsfile 中定义了三个阶段 **deploy to dev**、**push with tag** 和 **deploy to production**,每个阶段都需要审核。因此在运行到这些阶段时,流水线会暂停,等待审核。
在开发或生产环境中,可能需要具有更高权限的人员(例如版本管理员)来审核流水线、镜像以及代码分析结果。他们有权决定流水线是否能进入下一阶段。在 Jenkinsfile 中,支持使用 **input** 来指定审核流水线的用户。如果想指定一个用户(例如 **project-admin**)来审核,可以在 Jenkinsfile 中添加一个字段。如果有多个用户,则需要通过逗号进行分隔,如下所示:
In a development or production environment, it requires someone who has higher permissions (for example, release manager) to review the pipeline, images, as well as the code analysis result. They have the authority to determine whether the pipeline can go to the next stage. In the Jenkinsfile, you use the section `input` to specify who reviews the pipeline. If you want to specify a user (for example, `project-admin`) to review it, you can add a field in the Jenkinsfile. If there are multiple users, you need to use commas to separate them as follows:
[,bash]
----
@ -358,98 +303,27 @@ input(id: 'release-image-with-tag', message: 'release image with tag?', submitte
----
--
. 以具有流水线审核权限的用户登录{ks_product_both} Web 控制台,点击**企业空间管理**并进入您的 DevOps 项目,点击流水线名称进入详情页。在**运行记录**页签下,点击要审核的记录,点击**继续**以批准流水线。
//note
. Log in to the {ks_product-en} web console as a user with pipeline approval permissions. Click **Workspace Management** and navigate to your DevOps project. Click the pipeline name to access its details page. Under the **Run Records** tab, click the record you want to review, then click **Proceed** to approve the pipeline.
+
[.admon.note,cols="a"]
|===
|说明
|Note
|
在{ks_product_both}中,如果不指定审核员,那么能够运行流水线的账户也能够继续或终止该流水线。此外,流水线创建者、拥有该项目管理员角色的用户或者您指定的账户也有权限继续或终止流水线。
In KubeSphere, if you do not specify a reviewer, the user that can run a pipeline will be able to continue or terminate the pipeline. Additionally, the pipeline creator, users with the project administrator role, or any accounts specified by you also have the authority to continue or terminate the pipeline.
|===
== 步骤 5检查流水线状态
== Step 5: Check Pipeline Status
. 在运行记录的**流水线**页签下,查看流水线的运行状态。流水线在刚创建时会初始化几分钟。示例流水线有八个阶段,它们已在 link:https://github.com/kubesphere/devops-maven-sample/blob/sonarqube/Jenkinsfile-online[Jenkinsfile-online] 中单独定义。
. Under the **Pipeline** tab in the run records, check the running status of the pipeline. The pipeline may take a few minutes to initialize when first created.
// The sample pipeline consists of eight stages, each defined separately in the link:https://github.com/kubesphere/devops-maven-sample/blob/sonarqube/Jenkinsfile-online[Jenkinsfile-online].
. 点击**运行日志**页签查看流水线运行日志。点击每个阶段查看其详细日志。点击**查看完整日志**,根据日志排除故障和问题,也可以将日志下载到本地进行进一步分析。
. Click the **Run Logs** tab to view the pipeline's running logs. Click each stage to view detailed logs. Click **View Full Logs** to troubleshoot and resolve issues based on the logs, and you can also download the logs for further analysis.
== 步骤 6验证结果
== Step 6: Verify Results
. 流水线成功运行后,点击**代码检查**通过 SonarQube 查看结果。
. After a successful pipeline run, click **Code Check** to view the code analysis results provided by SonarQube. This page will be unavailable if SonarQube has not been configured beforehand.
. 按照 Jenkinsfile 中的定义,通过流水线构建的 Docker 镜像也已成功推送到 Docker Hub。在 Docker Hub 中,您会看到带有标签 **v0.0.2** 的镜像,该标签在流水线运行之前已指定。
. Following the definitions in the Jenkinsfile, the Docker image built by the pipeline has been successfully pushed to Docker Hub. In Docker Hub, you will see an image with the tag **v0.0.2**, specified before the pipeline runs.
. 同时GitHub 中会生成一个新标签和一个新发布版本。
// . 示例应用程序将部署到 **kubesphere-sample-dev** 和 **kubesphere-sample-prod**,并创建相应的部署和服务。转到这两个项目,预期结果如下所示:
// +
// --
// [%header,cols="1a,2a,2a,2a,2a"]
// |===
// |环境 |URL |命名空间 |部署 |服务
// |开发环境
// |http://{$NodeIP}:{$30861}
// |kubesphere-sample-dev
// |ks-sample-dev
// |ks-sample-dev
// |生产环境
// |http://{$NodeIP}:{$30961}
// |kubesphere-sample-prod
// |ks-sample
// |ks-sample
// |===
// //note
// [.admon.note,cols="a"]
// |===
// |说明
// |
// 您可能需要在您的安全组中放行该端口,以便通过 URL 访问应用程序。
// |===
// --
// == 步骤 7访问示例服务
// . 以 **platform-admin** 用户登录{ks_product_both} Web 控制台。
// . 进入 **kubesphere-sample-dev** 项目,在**应用负载**下的**服务**中点击 **ks-sample-dev**。在详情页获取 Endpoint 用于访问该服务。
// . 在右下角的**工具箱**中使用 **kubectl** 执行如下命令:
// +
// [,bash]
// ----
// curl 10.233.120.230:8080
// ----
// . 预期输出:
// +
// --
// [,bash]
// ----
// Really appreciate your star, that's the power of our life.
// ----
// //note
// [.admon.note,cols="a"]
// |===
// |说明
// |
// 使用 **curl** 访问 Endpoint或者访问 {$Virtual IP}:{$Port} 或 {$Node IP}:{$NodePort}。
// |===
// --
// . 也可以在项目 **kubesphere-sample-prod** 中测试服务,您将看到相同的输出结果。
// +
// [,bash]
// ----
// $ curl 10.233.120.236:8080
// Really appreciate your star, that's the power of our life.
// ----
. At the same time, a new tag and a new release have been generated in GitHub.

88
content/en/docs/v4.1/11-use-extensions/01-devops/03-how-to-use/02-pipelines/03-use-pipeline-templates.adoc
View File

@ -1,123 +1,119 @@
---
title: "使用流水线模板创建流水线"
keywords: "Kubernetes, {ks_product}, DevOps 项目, 使用 DevOps, 流水线"
description: "介绍如何使用流水线模板创建流水线。"
title: "Create Pipelines Using Pipeline Templates"
keywords: "Kubernetes, {ks_product-en}, DevOps Projects, Using DevOps, Pipelines"
description: "Learn how to create pipelines using pipeline templates."
weight: 03
---
本文档演示如何在{ks_product_both}上使用流水线模板创建流水线。
This document illustrates how to create pipelines using pipeline templates on KubeSphere.
DevOps 提供图形编辑面板,支持通过交互式操作来定义 Jenkins 流水线的阶段和步骤。内置多个流水线模板,如 Node.js、Maven 以及 Golang使用户能够快速创建对应模板的流水线。DevOps 还提供 CI 以及 CI & CD 流水线模板,但是这两个模板难以满足定制化需求,建议您采用其它内置模板或直接自定义流水线。
DevOps provides a graphic editing panel that facilitates the definition of stages and steps in Jenkins pipelines through interactive operations. It includes various built-in pipeline templates like Node.js, Maven, and Golang, enabling users to swiftly create pipelines based on these templates. While DevOps also offers CI and CI & CD pipeline templates, they might not fully align with custom requirements. It is advisable to use other built-in templates or directly customize pipelines.
* CI 流水线模板
* CI Pipeline Template
+
--
CI 流水线模板包含两个阶段。**clone code** 阶段用于检出代码,**build & push** 阶段用于构建镜像并将镜像推送至 Docker Hub。先为代码仓库和 Docker Hub 仓库创建凭证,然后在相应的步骤中设置仓库的 URL 以及凭证。完成编辑后,流水线即可开始运行。
The CI pipeline template comprises two stages. The **clone code** stage fetches the code, while the **build & push** stage builds the image and pushes it to Docker Hub. Prior to editing, create credentials for the code repository and Docker Hub repository, and then configure the URLs and credentials in the corresponding steps. Once editing is finalized, the pipeline can be initiated.
--
* CI & CD 流水线模板
* CI & CD Pipeline Template
+
--
CI & CD 流水线模板包含六个阶段。有关每个阶段的更多信息请参阅link:../02-create-a-pipeline-using-jenkinsfile/[使用 Jenkinsfile 创建流水线]。先为代码仓库、Docker Hub 仓库创建凭证,然后在相应的步骤中设置仓库的 URL 以及凭证。完成编辑后,流水线即可开始运行。
// CI & CD 流水线模板包含六个阶段。有关每个阶段的更多信息请参阅link:../02-create-a-pipeline-using-jenkinsfile/[使用 Jenkinsfile 创建流水线]。先为代码仓库、Docker Hub 仓库和集群的 kubeconfig 创建凭证,然后在相应的步骤中设置仓库的 URL 以及凭证。完成编辑后,流水线即可开始运行。
The CI & CD pipeline template consists of six stages. For detailed information on each stage, please refer to link:../02-create-a-pipeline-using-jenkinsfile/[Create a Pipeline Using a Jenkinsfile]. Prior to editing, create credentials for the code repository and Docker Hub repository, and then configure the URLs and credentials in the corresponding steps. Once editing is finalized, the pipeline can be initiated.
--
== Prerequisites
* **DevOps** must have been installed and enabled.
* 已创建一个企业空间、一个 DevOps 项目和一个用户 (例如 **project-regular**),并已邀请该用户至 DevOps 项目且授予 **operator** 角色。请参阅link:../../05-devops-settings/02-role-and-member-management[角色和成员管理]。
* A workspace, a DevOps project, and a user (e.g. **project-regular**) have been created, and the user has been invited to the DevOps project with the **operator** role. Refer to link:../../05-devops-settings/02-role-and-member-management[Role and Member Management].
== Steps
下面以 Node.js 为例演示如何使用内置流水线模板。使用 Maven 以及 Golang 流水线模板的操作基本相同。
The following takes Node.js as an example to show how to use a built-in pipeline template. Steps for using Maven and Golang pipeline templates are analogous.
. 以 **project-regular** 用户登录{ks_product_both} Web 控制台。
. Log in to the {ks_product-en} web console as the **project-regular** user.
. 点击**企业空间管理**并进入您的 DevOps 项目,在**流水线**页面点击**创建**。
. Click **Workspace Management** and navigate to your DevOps project. Click **Pipelines** and then click **Create**.
. 在弹出的对话框中,输入流水线名称,点击**下一步**,然后点击**创建**。
. In the pop-up dialog, input the pipeline name, click **Next**, and then click **Create**.
. 点击已创建的流水线,在**流水线配置**页签下,点击**编辑流水线**。
. Click the created pipeline, proceed to the **Pipeline Configurations** tab, and select **Edit Pipeline**.
. 在**创建流水线**对话框,点击 **Node.js**,然后点击**下一步**。
. In the **Create Pipeline** dialog, select **Node.js**, and then click **Next**.
. 在**参数设置**页签,按照实际情况设置以下参数,点击**创建**。
. On the **Parameter Configuration** tab, configure the following parameters according to the actual situation, and then click **Create**.
+
--
[%header,cols="1a,4a"]
|===
|参数 |描述
|Parameter |Description
|GitURL
|需要克隆的项目仓库的地址。
|The URL of the project repository to be cloned.
|GitRevision
|需要检出的分支。
|The branch to be checked out.
|NodeDockerImage
|Node.js 的 Docker 镜像版本。
|The Docker image version for Node.js.
|InstallScript
|安装依赖项的 Shell 脚本。
|Shell script to install dependencies.
|TestScript
|项目测试的 Shell 脚本。
|Shell script for project testing.
|BuildScript
|构建项目的 Sell 脚本。
|Shell script to build the project.
|ArtifactsPath
|制品文件所在的路径。
|ArtifactsLocation
|Path where artifact files are located.
|===
--
. 在左侧的可视化编辑页面,系统默认已添加一系列步骤,点击**添加步骤**或**添加并行阶段**进行修改。
. By default, a series of steps has been added on the left graphic editing panel. Select **Add Step** or **Add Parallel Stage** to make adjustments.
. 点击一个步骤,在页面右侧,您可以执行以下操作。编辑完成后,点击**确定**。
. Click on a step, on the right side of the page, you can:
+
--
* 修改阶段名称。
* Modify the stage name.
* 删除阶段。
* Delete the stage.
* 设置代理类型。
* Specify the agent type.
* 添加条件。
* Add conditions.
* 编辑或删除某一任务。
* Edit or remove a specific task.
* 添加步骤或嵌套步骤。
* Add steps or add nesting steps.
//note
[.admon.note,cols="a"]
|===
|说明
|Note
|
请参阅link:../01-create-a-pipeline-using-graphical-editing-panel/[使用图形编辑面板创建流水线],了解如何在流水线模板中自定义步骤和阶段。
Refer to link:../01-create-a-pipeline-using-graphical-editing-panel/[Create a Pipeline Using Graphic Editing Panels] to get how to customize steps and stages in the pipeline template.
|===
--
. 在右侧的**代理**区域,选择代理类型,默认值为 **kubernetes**,点击**确定**。
. In the **Agent** section on the right, choose the agent type, defaulting to **kubernetes**, and click **OK**.
+
--
[%header,cols="1a,4a"]
|===
|代理类型|说明
|Agent Type |Description
|any
|调用默认的 base pod 模板创建 Jenkins agent 运行流水线。
|Uses the default base pod template to create a Jenkins agent for running pipelines.
|node
|调用指定类型的 pod 模板创建 Jenkins agent 运行流水线,可配置的 label 标签为 base、java、nodejs、maven、go 等。
|Uses a pod template with the specific label to create a Jenkins agent for running pipelines. Available labels include base, java, nodejs, maven, go, and more.
|kubernetes
|通过 yaml 文件定义的标准 kubernetes pod 模板运行 agent执行流水线任务。
|Use a standard Kubernetes pod template defined in a yaml file to create a jenkins agent for running pipelines.
|===
--
. 查看已创建的流水线模板详情,点击**运行**即可运行该流水线。
. Review the details of the created pipeline template, and click **Run** to run the pipeline.

178
content/en/docs/v4.1/11-use-extensions/01-devops/03-how-to-use/02-pipelines/04-gitlab-multibranch-pipeline.adoc
View File

@ -1,225 +1,159 @@
---
title: "使用 GitLab 创建多分支流水线"
keywords: "Kubernetes, {ks_product}, DevOps 项目, 使用 DevOps, 流水线"
description: "介绍如何使用 GitLab 创建多分支流水线。"
title: "Create a Multi-branch Pipeline with GitLab"
keywords: "Kubernetes, {ks_product-en}, DevOps project, use DevOps, pipeline"
description: "Learn how to create a multi-branch pipeline using GitLab."
weight: 04
---
link:https://gitlab.com/users/sign_in[GitLab] is a web-based Git repository management tool that supports public and private repositories, and provides comprehensive DevOps functionalities including source code management, code review, issue tracking, continuous integration, and more. With GitLab, teams can collaborate efficiently on a single platform to complete the entire software development process from coding to deployment.
link:https://gitlab.com/users/sign_in[GitLab] 是一款基于 web 的 Git 仓库管理工具,支持公开和私有仓库,并提供了全面的 DevOps 功能,包括源代码管理、代码审查、问题跟踪、持续集成等。通过 GitLab团队能够在一个平台上高效协作完成从代码编写到部署的整个软件开发过程。
{ks_product_right}支持在 DevOps 项目中使用 GitLab 创建多分支流水线。本文档演示如何使用 GitLab 创建多分支流水线。
{ks_product-en} supports creating multi-branch pipelines using GitLab in DevOps projects. This document demonstrates how to create a multi-branch pipeline with GitLab.
== Prerequisites
* **DevOps** must have been installed and enabled.
* 已创建一个企业空间、一个 DevOps 项目和一个用户 (例如 **project-regular**),并已邀请该用户至 DevOps 项目且授予 **operator** 角色。请参阅link:../../05-devops-settings/02-role-and-member-management[角色和成员管理]。
* A workspace, a DevOps project, and a user (e.g., **project-regular**) have been created, and the user has been invited to the DevOps project with the **operator** role. Refer to link:../../05-devops-settings/02-role-and-member-management[Role and Member Management].
* 已有一个 link:https://gitlab.com/users/sign_in[GitLab] 账户以及一个 link:https://hub.docker.com/[Docker Hub] 账户。
* You have a link:https://gitlab.com/users/sign_in[GitLab] account and a link:https://hub.docker.com/[Docker Hub] account.
== 步骤 1创建凭证
== Step 1: Create Credentials
. 以 **project-regular** 用户登录{ks_product_both} Web 控制台。
. Log in to the {ks_product-en} web console as the **project-regular** user.
. 点击**企业空间管理**并进入您的 DevOps 项目,在 **DevOps 项目设置**下的**凭证**中创建以下凭证。有关如何创建凭证的更多信息请参阅link:../../05-devops-settings/01-credential-management/[凭证管理]。
. Click **Workspace Management** and enter your DevOps project, then create the following credentials under **Credentials** in **DevOps Project Settings**. For more information on how to create credentials, refer to link:../../05-devops-settings/01-credential-management/[Credential Management].
+
--
//note
[.admon.note,cols="a"]
|===
|说明
|Note
|
如果您的账户或密码中包含任何特殊字符,例如 **@** 和 **$**,则可能会因为无法识别而在流水线运行时导致错误。在此情况下,您需要先在第三方网站(例如 link:https://www.urlencoder.org/[urlencoder])上对账户或密码进行编码,然后将输出结果复制粘贴作为您的凭证信息。
If your account or password contains special characters such as **@** and **$**, errors may occur during pipeline runs due to unrecognized characters. In such cases, encode your account or password on a third-party website (e.g., link:https://www.urlencoder.org[urlencoder]) and then copy and paste the encoded result as your credential information.
|===
[%header,cols="1a,2a,2a"]
|===
|凭证 ID|类型|用途
| Credential ID | Type | Where to use
|dockerhub-id
|用户名和密码
|Username and password
|Docker Hub
|gitlab-id
|用户名和密码
|Username and password
|GitLab
// |demo-kubeconfig
// |kubeconfig
// |Kubernetes
|===
--
. 创建完成后,您将在凭证页面看到已创建的凭证。
. After creation, you will see the created credentials on the credentials page.
== Step 2: Edit the Jenkinsfile in your GitLab Repository
== 步骤 2在 GitLab 仓库中编辑 Jenkinsfile
. Log in to GitLab and create a public project. Click **New Project > Import Project**, select **Import repository from URL**, enter the URL of link:https://github.com/kubesphere/devops-maven-sample[devops-maven-sample], choose the visibility level **Public**, and then click **Create Project**.
. 登录 GitLab 并创建一个公开项目。点击**新建项目 > 导入项目**,选择**从 URL 导入仓库**,输入 link:https://github.com/kubesphere/devops-maven-sample[devops-maven-sample] 的 URL可见性级别选择**公开**,然后点击**新建项目**。
. In the newly created project, create a new branch from the v4.1.0 branch, named **gitlab-demo**.
. 在刚刚创建的项目中,从 v4.1.0 分支中创建一个新分支,命名为 **gitlab-demo**。
. In the **gitlab-demo** branch, click the **Jenkinsfile-online** file in the root directory.
. 在 **gitlab-demo** 分支中,点击根目录中的 **Jenkinsfile-online** 文件。
. 点击**编辑**,分别将 **GITHUB_CREDENTIAL_ID**、**GITHUB_ACCOUNT** 以及 **@github.com** 更改为 **GITLAB_CREDENTIAL_ID**、**GITLAB_ACCOUNT** 以及 **@gitlab.com**,然后编辑下表所列条目。还要将 **push latest** 中 **branch** 的值更改为 **gitlab-demo**。
// . 点击**编辑**,分别将 **GITHUB_CREDENTIAL_ID**、**GITHUB_ACCOUNT** 以及 **@github.com** 更改为 **GITLAB_CREDENTIAL_ID**、**GITLAB_ACCOUNT** 以及 **@gitlab.com**,然后编辑下表所列条目。还要将 **push latest** 和 **deploy to dev** 中 **branch** 的值更改为 **gitlab-demo**。
. Click **Edit**, change **GITHUB_CREDENTIAL_ID**, **GITHUB_ACCOUNT**, and **@github.com** to **GITLAB_CREDENTIAL_ID**, **GITLAB_ACCOUNT**, and **@gitlab.com** respectively, and edit the entries listed in the table below. Also, change the value of **branch** in **push latest** to **gitlab-demo**.
+
--
[%header,cols="1a,2a,2a"]
|===
|条目|值|描述信息
|Entry|Value|Description
|GITLAB_CREDENTIAL_ID
|gitlab-id
|您在{ks_product_both}中为自己的 GitLab 账户设置的**名称**,用于将标签推送至您的 GitLab 仓库。
|The **name** you set for your GitLab account in KubeSphere, used to push tags to your GitLab repository.
|DOCKERHUB_NAMESPACE
|your-dockerhub-id
|请替换为您的 Docker Hub 账户名,也可以替换为该账户下的 Organization 名称。
|Replace with your Docker Hub account name, or the name of an organization under the account.
|GITLAB_ACCOUNT
|your-gitlab-id
|请替换为您的 GitLab 账户名,也可以使用该账户的用户组名称。
|Replace with your GitLab account name, or the name of a user group under the account.
|===
//note
[.admon.note,cols="a"]
|===
|说明
|Note
|
有关 Jenkinsfile 中环境变量的更多信息请参阅link:../02-create-a-pipeline-using-jenkinsfile/[使用 Jenkinsfile 创建流水线]。
For more information about environment variables in Jenkinsfile, refer to link:../02-create-a-pipeline-using-jenkinsfile/[Create a Pipeline Using Jenkinsfile].
|===
--
. 点击 **Commit changes** 更新该文件。
. Click **Commit changes** to update the file.
== Step 3: Create a Pipeline
// == 步骤 3创建项目
. Log in to the {ks_product-en} web console as the **project-regular** user.
// 创建两个项目,例如 **kubesphere-sample-dev** 和 **kubesphere-sample-prod**,分别代表开发环境和生产环境。待流水线成功运行,将在这两个项目中自动创建应用程序的相关部署 (Deployment) 和服务 (Service)。
. Click **Workspace Management** and enter your DevOps project, then click **Create** on the **Pipelines** page.
// 有关更多信息请参阅link:../02-create-a-pipeline-using-jenkinsfile/#_步骤_2在_github_仓库中修改_jenkinsfile[使用 Jenkinsfile 创建流水线]。
. In the pop-up dialog, name it **gitlab-multi-branch**.
== 步骤 3创建流水线
. Under **Pipeline Category**, select **Multi-branch Pipeline**.
. 以 **project-regular** 用户登录{ks_product_both} Web 控制台。
. 点击**企业空间管理**并进入您的 DevOps 项目,在**流水线**页面点击**创建**。
. 在弹出的对话框中,将其命名为 **gitlab-multi-branch**。
. 在**流水线类别**下,选择**多分支流水线**。
. 在**代码仓库**下,选择一个代码仓库,点击**下一步**继续。
. Under **Code Repository**, select a code repository and click **Next** to continue.
+
--
若没有可用的代码仓库,点击下方的**创建代码仓库**。有关更多信息请参阅link:../../04-import-code-repositories/[导入代码仓库]。
If no code repository is available, click **Create a code repository** below. For more information, refer to link:../../04-import-code-repositories/[Import Code Repositories].
--
.. 在**导入代码仓库**对话框,输入代码仓库名称(自定义),点击选择代码仓库。
.. In the **Import Code Repository** dialog, enter a name for the code repository (customizable), then click to select the code repository.
.. 在 **GitLab** 页签下的 **GitLab 服务器地址**中选择默认选项 link:https://gitlab.com[],在**项目组/所有者**中输入该 GitLab 项目所属组的名称,然后从**代码仓库**的下拉菜单中选择 **devops-maven-sample** 仓库。点击右下角的image:/images/ks-qkcp/zh/icons/check-dark.svg[check,18,18],然后点击**下一步**。
.. On the **GitLab** tab, select the default option link:https://gitlab.com[] under **GitLab Server Address**, enter the name of the group the GitLab project belongs to in **Project Group/Owner**, then select the **devops-maven-sample** repository from the dropdown menu under **Code Repository**. Click image:/images/ks-qkcp/zh/icons/check-dark.svg[check,18,18] in the bottom right corner, then click **OK**.
+
--
//note
[.admon.note,cols="a"]
|===
|说明
|Note
|
如需使用 GitLab 私有仓库,请参考以下步骤:
To use a private GitLab repository, follow these steps:
* 在 GitLab 上前往**用户设置 > 访问令牌**,创建拥有 API 和 read_repository 权限的个人访问令牌。
* Go to **User Settings > Access Tokens** on GitLab, create a personal access token with API and read_repository permissions.
* link:../../../04-how-to-integrate/01-sonarqube/[登录 Jenkins 面板],前往**系统管理 > Manage Credentials**,使用您的 GitLab 令牌创建 Jenkins 凭证,用于访问 GitLab。然后前往**系统管理 > 系统配置**,在 **GitLab 服务**中添加该凭证。
* 在 DevOps 项目中,选择 **DevOps 项目设置 > 凭证**,使用您的 GitLab 令牌创建一个凭证。创建流水线时,在 **GitLab** 页签的**凭证**中指定该凭证,以便流水线能够从您的 GitLab 私有仓库中拉取代码。
* link:../07-access-jenkins-console[Access Jenkins Dashboard], go to **Manage Jenkins > Manage Credentials**, create Jenkins credentials using your GitLab token for accessing GitLab. Then go to **Manage Jenkins > Configure System**, add the credentials in **GitLab**.
* In the DevOps project, select **DevOps Project Settings > Credentials**, create a credential using your GitLab token. When creating the pipeline, specify this credential in the **Credentials** under the **GitLab** tab so that the pipeline can pull code from your private GitLab repository.
|===
--
. 在**高级设置**页签中,将**脚本路径**更改为 **Jenkinsfile-online** 然后点击**创建**。
. On the **Advanced Settings** tab, change the **Script Path** to **Jenkinsfile-online** and then click **Create**.
+
--
//note
[.admon.note,cols="a"]
|===
|说明
|Note
|
该字段指定代码仓库中的 Jenkinsfile 路径,它表示该仓库的根目录。如果文件位置变更,则脚本路径也需要更改。
This field specifies the path of the Jenkinsfile in the code repository, which represents the root directory of the repository. If the file location changes, the script path also needs to be changed.
|===
--
== Step 4: Run the Pipeline
== 步骤 4运行流水线
. After the pipeline is created, it will be displayed in the list. Click the pipeline name to view its details page.
. Click **Run** on the right. In the pop-up dialog, select **gitlab-demo** from the dropdown menu and add a tag number, such as **v0.0.2**. Click **OK** to trigger a new run.
. Wait a moment, then click the run record to view the details.
. If the pipeline reaches the **Push with Tag** stage, it will pause at this stage and require a user with approval permissions to click **Proceed**.
. 流水线创建后,会展示在列表中。点击流水线名称查看其详情页。
. 点击右侧的**运行**。在弹出的对话框中,从下拉菜单中选择 **gitlab-demo** 并添加一个标签号,比如 **v0.0.2**。点击**确定**来触发一个新运行。
. 稍等片刻,点击运行记录查看详情。
. 流水线如果运行到 **Push with Tag** 阶段,会在此阶段暂停,需要具有审核权限的用户点击**继续**。
// . 流水线如果运行成功,会在 **Deploy to Dev** 阶段暂停,需要具有审核权限的用户点击**继续**。
// +
// --
// //note
// [.admon.note,cols="a"]
// |===
// |说明
== Step 5: Check Pipeline Status
// |
// 在 Jenkinsfile 中定义了三个阶段 **deploy to dev**、**push with tag** 和 **deploy to production**,每个阶段都需要审核。因此在运行到这些阶段时,流水线会暂停,等待审核。
// |===
// --
. On the **Pipeline** tab of the run record, check the running status of the pipeline.
. Click the **Run Logs** tab to view the pipeline run logs. Click each stage to view its detailed logs. Click **View Full Logs** to troubleshoot and resolve issues based on the logs, or download the logs to your local machine for further analysis.
== 步骤 5检查流水线状态
== Step 6: Verify Results
. 在运行记录的**流水线**页签下,查看流水线的运行状态。
. As defined in the Jenkinsfile, the Docker image built by the pipeline has also been successfully pushed to Docker Hub. In Docker Hub, you will see the image with the tag **v0.0.2**, which was specified before the pipeline run.
. 点击**运行日志**页签查看流水线运行日志。点击每个阶段查看其详细日志。点击**查看完整日志**,根据日志排除故障和问题,也可以将日志下载到本地进行进一步分析。
== 步骤 6验证结果
. 按照 Jenkinsfile 中的定义,通过流水线构建的 Docker 镜像也已成功推送到 Docker Hub。在 Docker Hub 中,您会看到带有标签 **v0.0.2** 的镜像,该标签在流水线运行之前已指定。
. 同时GitLab 中也已生成一个新标签。
// . 示例应用程序将部署到 **kubesphere-sample-dev** 和 **kubesphere-sample-prod**,并创建相应的部署和服务。转到这两个项目,预期结果如下所示:
// +
// --
// [%header,cols="1,2,2,1,1"]
// |===
// |环境|URL|命名空间|部署|服务
// |开发环境
// |http://{$NodeIP}:{$30861}
// |kubesphere-sample-dev
// |ks-sample-dev
// |ks-sample-dev
// |生产环境
// |http://{$NodeIP}:{$30961}
// |kubesphere-sample-prod
// |ks-sample
// |ks-sample
// |===
// //note
// [.admon.note,cols="a"]
// |===
// |说明
// |
// 您可能需要在安全组中打开端口,以便使用 URL 访问该应用。有关更多信息请参阅link:../02-create-a-pipeline-using-jenkinsfile/#_步骤_8访问示例服务[访问示例服务]。
// |===
// --
. Meanwhile, a new tag has been generated in GitLab.

170
content/en/docs/v4.1/11-use-extensions/01-devops/03-how-to-use/02-pipelines/05-pipeline-settings.adoc
View File

@ -1,202 +1,204 @@
---
title: "设置流水线"
keywords: "Kubernetes, {ks_product}, DevOps 项目, 使用 DevOps, 流水线"
description: "介绍如何自定义流水线配置。"
title: "Pipeline Settings"
keywords: "Kubernetes, {ks_product-en}, DevOps project, use DevOps, pipeline"
description: "Learn how to customize pipeline configurations."
weight: 05
---
When creating a pipeline, you can customize the pipeline configuration through various settings.
创建流水线时,可以通过各种设置来自定义流水线配置。
流水线创建后,进入流水线详情页,点击**编辑信息**和更多操作中的**编辑设置**,也可以编辑流水线的配置。
本文档详细介绍如何设置流水线。
After the pipeline is created, you can also edit the pipeline's configuration by entering the pipeline details page, clicking **Edit Information** and **More > Edit Settings**.
This document details how to configure pipelines.
== Prerequisites
* **DevOps** must have been installed and enabled.
* 已创建一个企业空间、一个 DevOps 项目和一个用户 (例如 **project-regular**),并已邀请该用户至 DevOps 项目且授予 **operator** 角色。请参阅link:../../05-devops-settings/02-role-and-member-management[角色和成员管理]。
* A workspace, a DevOps project, and a user (e.g., **project-regular**) have been created, and the user has been invited to the DevOps project with the **operator** role. Refer to link:../../05-devops-settings/02-role-and-member-management[Role and Member Management].
== Basic Information
== 基本信息
When creating a pipeline, on the **Basic Information** tab, you can customize the following information:
在**基本信息**页签,您可以自定义以下信息:
* **Name**: The name of the pipeline. Pipelines within the same DevOps project cannot have the same name.
* **名称**:流水线的名称,同一个 DevOps 项目内的流水线不能重名。
* **DevOps Project**: The DevOps project to which the pipeline belongs.
* **DevOps 项目**:流水线所属的 DevOps 项目。
* **Description**: Additional information describing the pipeline. The description should not exceed 256 characters.
* **描述**:描述流水线的附加信息,描述信息不超过 256 个字符。
* **Pipeline Type**: Regular pipeline or multi-branch pipeline. If you choose a multi-branch pipeline, you need to select a code repository.
* **流水线类别**:普通流水线或多分支流水线。若选择多分支流水线,则需要选择一个代码仓库。
* **代码仓库(可选)**:选择一个代码仓库作为流水线的代码源,可选择 GitHub、GitLab、Bitbucket、以及 Git 作为代码源。
* **Code Repository (Optional)**: Select a code repository as the code source for the pipeline. You can choose GitHub, GitLab, Bitbucket, and Git as the code source.
+
====
* GitHub
+
--
如果选择 **GitHub**,则必须指定用于访问 GitHub 的凭证。如果您已预先使用您的 GitHub 令牌创建了凭证,则从下拉菜单中选择已有凭证,或者点击**创建凭证**来创建新凭证。选择凭证后,点击**确定**即可在右侧选择您的仓库。完成所有操作后点击image:/images/ks-qkcp/zh/icons/check-dark.svg[check,18,18]。
If you choose **GitHub**, you must specify the credentials for accessing GitHub. If you have already created credentials using your GitHub token, select the existing credentials from the dropdown menu, or click **Create Credential** to create new credentials. After selecting the credentials, click **OK** to choose your repository on the right. After completing all operations, click image:/images/ks-qkcp/zh/icons/check-dark.svg[check,18,18].
--
* GitLab
+
--
如果选择 **GitLab**,则必须指定 GitLab 服务器地址、项目组/所有者和代码仓库。如果访问代码仓库需要凭证则需要指定一个凭证。完成所有操作后点击image:/images/ks-qkcp/zh/icons/check-dark.svg[check,18,18]。
If you choose **GitLab**, you must specify the GitLab server address, group/owner, and code repository. If credentials are required to access the code repository, you need to specify a credential. After completing all operations, click image:/images/ks-qkcp/zh/icons/check-dark.svg[check,18,18].
--
* Bitbucket
+
--
如果选择 **Bitbucket**,则需要输入您的 Bitbucket 服务器地址。预先使用您的 Bitbucket 用户名和密码创建一个凭证,或者点击**创建凭证**来创建一个新凭证。输入信息后点击**确定**即可在右侧选择您的仓库。完成所有操作后点击image:/images/ks-qkcp/zh/icons/check-dark.svg[check,18,18]。
If you choose **Bitbucket**, you need to enter your Bitbucket server address. Create a credential using your Bitbucket username and password in advance, or click **Create Credential** to create a new credential. After entering the information, click **OK** to choose your repository on the right. After completing all operations, click image:/images/ks-qkcp/zh/icons/check-dark.svg[check,18,18].
--
* Git
+
--
如果选择 **Git**,则需要指定仓库 URL。如果访问代码仓库需要凭证则需要指定一个凭证或者点击**创建凭证**来添加新凭证。完成所有操作后点击image:/images/ks-qkcp/zh/icons/check-dark.svg[check,18,18]。
If you choose **Git**, you need to specify the repository URL. If credentials are required to access the code repository, you need to specify a credential, or click **Create Credential** to add a new credential. After completing all operations, click image:/images/ks-qkcp/zh/icons/check-dark.svg[check,18,18].
--
====
== 高级设置
== Advanced Settings
=== 指定代码仓库
=== Code Repository Specified
如果指定了一个代码仓库,则可以在**高级设置**页签上自定义以下配置:
If you specify a code repository, you can customize the following configurations on the **Advanced Settings** tab:
* 分支设置
* Branch Settings
+
--
**删除旧分支**:自动删除旧分支。分支记录将一起被删除。分支记录包括控制台输出、已归档制品以及特定分支相关的其他元数据。更少的分支意味着您可以节省 Jenkins 正在使用的磁盘空间。DevOps 提供两个选项来确定何时丢弃旧分支:
**Delete outdated branches**: Automatically delete old branches. Branch records will be deleted together. The branch record includes console output, archived artifacts and other relevant metadata of specific branches. Fewer branches mean that you can save the disk space used by Jenkins. KubeSphere provides two options to determine when old branches are discarded:
* **分支保留天数(天)**:超过保留期限的分支将被删除。
* **Branch Retention Period (days)**: Branches that exceed the retention period are deleted.
* **分支最大数量**:分支数量超过最大数量时,删除最旧的分支。
* **Maximum Branches**: The earliest branch is deleted when the number of branches exceeds the maximum number.
//note
[.admon.note,cols="a"]
|===
|说明
|Note
|
**分支保留天数(天)**和**分支最大数量**可以同时应用于分支。只要某个分支满足其中一个字段所设置的条件,则会删除该分支。例如,如果您将保留天数和最大分支数分别指定为 2 和 3待某个分支的保留天数超过 2 或者分支保留数量超过 3则会删除该分支。DevOps 默认用 7 和 5 预填充这两个字段。
**Branch Retention Period (days)** and **Maximum Branches** apply to branches at the same time. As long as a branch meets the condition of either field, it is deleted. For example, if you specify 2 as the retention period and 3 as the maximum number of branches, any branch that exceed either number is deleted. DevOps prepopulates these two fields with 7 and 5 by default respectively.
|===
--
* 策略设置
* Strategy Settings
+
--
在**策略设置**中DevOps 默认提供四种策略。Jenkins 流水线运行时,开发者提交的 PR (Pull Request) 也将被视为一个单独的分支。
DevOps provides four default policies in **Strategy Settings**. As a Jenkins pipeline runs, the Pull Request (PR) submitted by developers will also be regarded as a separate branch.
**发现分支**
[.admon.note,cols="a"]
|===
|Note
* **排除已提交 PR 的分支**:已提交 PR 的分支将被排除。
* **只包括已提交 PR 的分支**:只拉取已提交 PR 的分支。
* **包括所有分支**:拉取源仓库中的所有分支。
|
To enable **Strategy Settings** here, you should select GitHub as the code repository.
|===
**发现标签**
**Discover Branches**
* **启用标签发现**:拥有指定标签的分支将被扫描。
* **禁用标签发现**:拥有指定标签的分支不会被扫描。
- **Exclude branches field as PRs**. The source branch is not scanned such as the origin's master branch. These branches need to be merged.
- **Include only branches filed as PRs**. Only scan the PR branch.
- **Include all branches**. Pull all the branches from the repository origin.
**从原仓库发现 PR**
* **拉取 PR 合并后的代码**PR 合并到目标分支后,将基于源代码创建并运行流水线。
* **拉取 PR 提交时的代码**:根据 PR 本身的源代码创建并运行流水线。
* **分别创建两个流水线**:创建两个流水线,一个流水线使用 PR 与目标分支合并后的源代码版本,另一个使用 PR 本身的源代码版本。
**Discover Tags**
**从 Fork 仓库发现 PR**
* **Enable tag discovery**: Branches with specified tags are scanned.
* **Disable tag discovery**: Branches with specified tags are not scanned.
拉取策略:
**Discover PRs from Origin**
* **拉取 PR 合并后的代码**PR 合并到目标分支后,将基于源代码创建并运行流水线。
* **拉取 PR 提交时的代码**:根据 PR 本身的源代码创建并运行流水线。
* **分别创建两个流水线**:创建两个流水线,一个流水线使用 PR 与目标分支合并后的源代码版本,另一个使用 PR 本身的源代码版本。
* **Pull the code with the PR merged**. A pipeline is created and runs based on the source code after the PR is merged into the target branch.
* **Pull the code at the point of the PR**. A pipeline is created and runs based on the source code of the PR itself.
* **Create two pipelines respectively**. Two pipelines are created, one is based on the source code after the PR is merged into the target branch, and the other is based on the source code of the PR itself.
受信用户:
**Discover PRs from Forks**
* **贡献者**:对 PR 做出贡献的用户。
* **所有人**:每个可以访问 PR 的用户。
* **具有管理员或有编辑权限的用户**:仅限于对 PR 具有管理员或编辑权限的用户。
* **无**:如果选择此选项,那么无论在**拉取策略**中选择了哪个选项,都不会发现 PR。
Pull Strategy:
* **Pull the code with the PR merged**. A pipeline is created and runs based on the source code after the PR is merged into the target branch.
* **Pull the code at the point of the PR**. A pipeline is created and runs based on the source code of the PR itself.
* **Create two pipelines respectively**. Two pipelines are created, one is based on the source code after the PR is merged into the target branch, and the other is based on the source code of the PR itself.
Trusted Users:
* **Contributors**: Users who have contributed to the PR.
* **Everyone**: Every user who can access the PR.
* **Users with admin or write permission**: Only users with admin or write permissions to the PR.
* **None**: If you choose this option, PRs will not be discovered regardless of the option selected in **Pull Strategy**.
--
* 正则过滤
* Filter by Regex
+
--
勾选选框以指定正则表达式来过滤分支、PR 和标签。
Check the box to specify a regular expression to filter branches, PRs, and tags.
--
* 脚本路径
* Script Path
+
--
**脚本路径**参数指定代码仓库中的 Jenkinsfile 路径,它指代仓库的根目录。如果文件位置发生更改,则脚本路径也需要更改。
The **Script Path** parameter specifies the path of the Jenkinsfile in the code repository, which represents the root directory of the repository. If the file location changes, the script path also needs to be changed.
--
* 扫描触发器
* Scan Trigger
+
--
勾选**定时扫描**,并从下拉列表中设置扫描时间间隔。
Check **Scan periodically** and set the scan interval from the dropdown list.
--
* 构建触发器
* Build Trigger
+
--
勾选**通过流水线事件触发**,从**创建流水线时触发**和**删除流水线时触发**的下拉列表中选择一个流水线,以便在创建新的流水线或删除流水线时自动触发指定流水线中的任务。
Check **Trigger through pipeline events** and select a pipeline from the dropdown lists of **Trigger on Pipeline Creation** and **Trigger on Pipeline Deletion** to automatically trigger tasks in the specified pipeline when a new pipeline is created or an existing pipeline is deleted.
--
* 克隆设置
* Clone Settings
+
--
* **启用浅克隆**:如果开启浅克隆,则克隆的代码不会包含标签。
* **克隆深度**:克隆时需要提取的 commit 数量。
* **克隆超时时间min**:完成克隆过程所需要的时长(以分钟为单位)。
* **Enable shallow clone**: If shallow clone is enabled, the cloned code will not include tags.
* **Clone Depth**: The number of commits to fetch during cloning.
* **Clone Timeout Period (min)**: The time required to complete the cloning process (in minutes).
--
* Webhook
+
--
**Webhook** 能有效地让流水线发现远程代码仓库中的更改并自动触发新一轮运行。Webhook 应成为触发 Jenkins 自动扫描 GitHub 和 Git例如 GitLab的主要方法。有关更多信息请参阅link:../06-pipeline-webhook/[使用 Webhook 触发流水线]。
**Webhook** effectively allows the pipeline to discover changes in the remote code repository and automatically trigger a new run. Webhook should be the primary method to trigger Jenkins to automatically scan GitHub and Git (e.g., GitLab). For more information, refer to link:../06-pipeline-webhook/[Trigger a Pipeline Using a Webhook].
--
=== Code Repository Not Specified
=== 不指定代码仓库
If you do not specify a code repository, you can customize the following configurations on the **Advanced Settings** tab:
如果不指定代码仓库,则可以在**高级设置**页签上自定义以下配置:
* 构建设置
* Build Settings
+
--
**删除过期构建记录**:指定何时删除分支下的构建记录。构建记录包括控制台输出、已归档制品以及与特定构建相关的其他元数据。保留较少的构建可以节省 Jenkins 所使用的磁盘空间。DevOps 提供两个选项来确定何时删除旧的构建:
**Delete outdated build records**: Specify when to delete build records under branches. Build records include console output, archived artifacts, and other metadata related to specific builds. Fewer builds mean that you can save the disk space used by Jenkins. KubeSphere provides two options to determine when old builds are discarded:
* **构建记录保留期限(天)**:超过保留期限的构建记录将被删除。
* **构建记录最大数量**:当构建记录数量超过允许的最大数量,最早的构建记录将被删除。
* **Build Record Retention Period (Days)**: Build records that exceed the retention period are deleted.
* **Maximum Build Records**: When the number of build records exceeds the maximum number allowed, the earliest build record is deleted.
//note
[.admon.note,cols="a"]
|===
|说明
|Note
|
**构建记录保留期限(天)**和**构建记录最大数量**可以同时应用于构建记录。只要某个构建记录满足其中一个字段所设置的条件,则会删除该构建记录。例如,如果您将保留期限和最大数量分别指定为 2 和 3待某个构建记录的保留天数超过 2 或者最大数量超过 3则会删除该构建记录。DevOps 默认用 7 和 10 预填充这两个字段。
**Build Record Retention Period (Days)** and **Maximum Build Records** can be applied to build records simultaneously. As long as a build record meets the condition set by one of the fields, it will be deleted. For example, if you specify 2 days for retention and 3 for the maximum number of build records, a build record will be deleted if its retention days exceed 2 or the number of build records exceeds 3. DevOps prepopulates these two fields with 7 and 10 by default respectively.
|===
* **不允许并发构建**:如果勾选此选项,则不能并发运行多个构建。
* **No concurrent builds**: If this option is checked, multiple builds cannot run concurrently.
--
* 构建参数
* Build Parameters
+
--
参数化的构建过程允许在开始运行流水线时传入一个或多个参数。DevOps 默认提供五种参数类型,包括**字符串**、**多行字符串**、**布尔值**、**选项**以及**密码**。当参数化项目时,构建会被替换为参数化构建,其中将提示用户为每个定义的参数输入值。
Parameterized build processes allow passing one or more parameters when starting the pipeline run. DevOps provides five default parameter types, including **String**, **Multi-line string**, **Boolean**, **Options**, and **Password**. When parameterizing a project, the build is replaced with a parameterized build, which will prompt the user to enter a value for each defined parameter.
--
* 构建触发器
* Build Trigger
+
--
**定时构建**:允许定期执行构建。输入 CRON 表达式以设置定时计划。
--
**Build periodically**: Allows periodic execution of builds. Enter a CRON expression to set the schedule.
--

72
content/en/docs/v4.1/11-use-extensions/01-devops/03-how-to-use/02-pipelines/06-pipeline-webhook.adoc
View File

@ -1,77 +1,71 @@
---
title: "使用 Webhook 触发流水线"
keywords: "Kubernetes, {ks_product}, DevOps 项目, 使用 DevOps, 流水线"
description: "介绍如何在 GitHub 仓库中用 webhook 触发流水线。"
title: "Trigger a Pipeline Using a Webhook"
keywords: "Kubernetes, {ks_product-en}, DevOps project, use DevOps, pipeline"
description: "Learn how to trigger pipelines using webhook in GitHub repositories."
weight: 06
---
If you create a Jenkinsfile-based pipeline from a remote code repository, you can configure a webhook in the remote repository so that the pipeline is automatically triggered when changes are made to the remote repository.
若要通过远程代码仓库创建基于 Jenkinsfile 的流水线,可以在远程仓库中配置 webhook以便在远程仓库变更时自动触发流水线。
本文档演示如何在 GitHub 仓库中用 webhook 触发流水线。
This tutorial demonstrates how to trigger a pipeline by using a webhook in GitHub.
== Prerequisites
* **DevOps** must have been installed and enabled.
* 已创建一个企业空间、一个 DevOps 项目和一个用户 (例如 **project-regular**),并已邀请该用户至 DevOps 项目且授予 **operator** 角色。请参阅link:../../05-devops-settings/02-role-and-member-management[角色和成员管理]。
* A workspace, a DevOps project, and a user (e.g., **project-regular**) have been created, and the user has been invited to the DevOps project with the **operator** role. Refer to link:../../05-devops-settings/02-role-and-member-management[Role and Member Management].
* 已通过远程代码仓库创建一个基于 Jenkinsfile 的流水线。有关更多信息请参阅link:../02-create-a-pipeline-using-jenkinsfile/[使用 Jenkinsfile 创建流水线]。
* You have created a Jenkinsfile-based pipeline from a remote code repository. For more information, refer to link:../02-create-a-pipeline-using-jenkinsfile/[Create a Pipeline Using a Jenkinsfile]。
== 配置 Webhook
== Configure a Webhook
=== 获取 webhook URL
=== Get a webhook URL
. 以 **project-regular** 用户登录{ks_product_both} Web 控制台。
. Log in to the {ks_product-en} web console as the **project-regular** user.
. 点击**企业空间管理**并进入您的 DevOps 项目。
. Click **Workspace Management** and enter your DevOps project.
. 在**流水线**页面,点击一个流水线(例如 **jenkins-in-scm**)以查看其详情页面。
. On the **Pipelines** page, click a pipeline (e.g., **jenkins-in-scm**) to view its details page.
. 点击**更多操作**,在下拉菜单中选择**编辑设置**。
. Click **More** and select **Edit Settings** in the drop-down list.
. 在弹出的会话框中,滚动至 **Webhook** 以获得 Webhook push URL。
. In the pop-up dialog box, scroll down to **Webhook** to get the webhook push URL.
=== 在 GitHub 仓库中设置 webhook
=== Set a webhook in the GitHub repository
. 登录您的 GitHub并进入 **devops-maven-sample** 仓库。
. Log in to GitHub and go to your own repository `devops-maven-sample`.
. 点击 **Settings** > **Webhooks**,然后点击 **Add webhook**。
. Click **Settings** > **Webhooks**, and click **Add webhook**.
. 在 **Payload URL** 中输入流水线中的 Webhook push URL然后点击 **Add webhook**。
本教程选择默认的 **Just the push event**,请根据实际需要进行配置。有关更多信息,请参阅 link:https://docs.github.com/en/developers/webhooks-and-events/webhooks/creating-webhooks[GitHub 文档]。
. Enter the webhook push URL of the pipeline for **Payload URL** and click **Add webhook**. This tutorial selects **Just the push event** for demonstration purposes. You can make other settings based on your needs. For more information, see link:https://docs.github.com/en/developers/webhooks-and-events/webhooks/creating-webhooks[GitHub Documentation].
. 配置好的 webhook 会展示在 **Webhooks** 页面。
. The configured webhook is displayed on the **Webhooks** page.
== Trigger the Pipeline Using the Webhook
== 使用 Webhook 触发流水线
=== Submit a Pull Request to the Repository
=== 提交拉取请求到仓库
. On the **Code** page of the devops-maven-sample repository, click **master** and then select the **v4.1.0-sonarqube** branch.
. 在 devops-maven-sample 仓库的 **Code** 页面,点击 **master** 然后选择 **v4.1.0-sonarqube** 分支。
. Go to **/deploy/dev-ol** and click the file **devops-sample.yaml**.
. 转到 **/deploy/dev-ol** 然后点击文件 **devops-sample.yaml**。
. Click image:/images/ks-qkcp/zh/icons/pen-light.svg[pen-light,18,18] to edit the file. For example, change the value of **spec.replicas** to **3**.
. 点击image:/images/ks-qkcp/zh/icons/pen-light.svg[pen-light,18,18]编辑文件。 例如,将 **spec.replicas** 的值改变为 **3**。
. Click **Commit changes**.
. 点击 **Commit changes**。
=== Check Webhook Delivery
=== 检查 webhook 交付
. On the **Settings** > **Webhooks** page of the devops-maven-sample repository, click the created webhook.
. 在 devops-maven-sample 仓库的 **Settings** > **Webhooks** 页面,点击创建的 webhook。
. Click **Recent Deliveries**, then click a specific delivery record to view the details.
. 点击 **Recent Deliveries**,然后点击一个具体交付记录查看详情。
== Check Pipeline Status
. Log in to the {ks_product-en} web console as the **project-regular** user.
== 检查流水线状态
. Click **Workspace Management** and enter your DevOps project.
. 以 **project-regular** 用户登录{ks_product_both} Web 控制台。
. On the **Pipelines** page, click a pipeline (e.g., **jenkins-in-scm**) to view its details page.
. 点击**企业空间管理**并进入您的 DevOps 项目。
. 在**流水线**页面,点击一个流水线(例如 **jenkins-in-scm**)以查看其详情页面。
. 在**运行记录**页签,检查提交到远程仓库 **v4.1.0-sonarqube** 分支的拉取请求是否触发了新的运行。
// . 转到 **kubesphere-sample-dev** 项目的 **工作负载 > 容器组** 页面,检查 3 个 Pods 的状态。如果 3 个 Pods 为运行状态,表示流水线运行正常。
. On the **Run Records** tab, check if the pull request submitted to the remote repository **v4.1.0-sonarqube** branch has triggered a new run.

87
content/en/docs/v4.1/11-use-extensions/01-devops/03-how-to-use/02-pipelines/07-access-jenkins-console.adoc Normal file
View File

@ -0,0 +1,87 @@
---
title: "Access Jenkins Dashboard"
keywords: "Kubernetes, {ks_product-en}, DevOps project, use DevOps, access Jenkins"
description: "Learn how to access the Jenkins dashboard."
weight: 07
---
When DevOps is installed, the Jenkins dashboard is also installed by default. However, you need to configure it according to the following steps before you can access the Jenkins dashboard.
== Prerequisites
**DevOps** must have been installed and enabled.
== Steps
. Run the following command on the cluster node to get the Jenkins address.
+
--
// Bash
[,bash]
----
export NODE_PORT=$(kubectl get --namespace kubesphere-devops-system -o jsonpath="{.spec.ports[0].nodePort}" services devops-jenkins)
export NODE_IP=$(kubectl get nodes --namespace kubesphere-devops-system -o jsonpath="{.items[0].status.addresses[0].address}")
echo http://$NODE_IP:$NODE_PORT
----
You will get output similar to the following:
[,bash]
----
http://10.77.1.201:30180
----
--
. Check the `jenkins.securityRealm.openIdConnect.kubesphereCoreApi` and `jenkins.securityRealm.openIdConnect.jenkinsURL` in the DevOps configuration, ensuring they are modified to the actual accessible addresses of the kubesphere-console and devops-jenkins services, respectively. If not, modify them and wait for the extension to update.
+
[,yaml]
----
jenkins:
securityRealm:
openIdConnect:
# The kubesphere-core api used for jenkins OIDC
# If you want to access to jenkinsWebUI, the kubesphereCoreApi must be specified and browser-accessible
# Modifying this configuration will take effect only during installation
# If you wish for changes to take effect after installation, you need to update the jenkins-casc-config ConfigMap, copy the securityRealm configuration from jenkins.yaml to jenkins_user.yaml, save, and wait for approximately 70 seconds for the changes to take effect.
kubesphereCoreApi: "http://192.168.1.1:30880"
# The jenkins web URL used for OIDC redirect
jenkinsURL: "http://192.168.1.1:30180"
----
. Check all addresses under `securityRealm.oic` in the `jenkins_user.yaml` of the `jenkins-casc-config` ConfigMap, ensuring they are the same as those under `securityRealm.oic` in `jenkins.yaml`, and are modified to the actual accessible address of kubesphere-console. If they are not the same, modify them and wait for them to take effect.
+
[,yaml]
----
securityRealm:
oic:
clientId: "jenkins"
clientSecret: "jenkins"
tokenServerUrl: "http://192.168.1.1:30880/oauth/token"
authorizationServerUrl: "http://192.168.1.1:30880/oauth/authorize"
userInfoServerUrl: "http://192.168.1.1:30880/oauth/userinfo"
endSessionEndpoint: "http://192.168.1.1:30880/oauth/logout"
logoutFromOpenidProvider: true
scopes: openid profile email
fullNameFieldName: url
userNameField: preferred_username
----
. Check the `authentication.issuer.url` in the `kubesphere-config` ConfigMap, ensuring it is modified to the actual accessible address of kubesphere-console. If not, modify it and restart the deployment `ks-apiserver` for it to take effect.
+
--
[,yaml]
----
authentication:
issuer:
url: "http://192.168.1.1:30880"
----
[source,bash]
----
kubectl -n kubesphere-system rollout restart deploy ks-apiserver
----
--
. Use the address http://NodeIP:30180 to access the Jenkins dashboard.
+
Jenkins is configured with KubeSphere LDAP, which means you can log in to Jenkins directly using your KubeSphere account (e.g., `admin/P@88w0rd`).

47
content/en/docs/v4.1/11-use-extensions/01-devops/03-how-to-use/02-pipelines/07-jenkins-setting.adoc
View File

@ -1,55 +1,50 @@
---
title: "设置 Jenkins 系统"
keywords: "Kubernetes, {ks_product}, DevOps 项目, 使用 DevOps, 流水线"
description: "介绍如何在 Jenkins 仪表板上设置 Jenkins 并重新加载配置。"
title: "Jenkins System Settings"
keywords: "Kubernetes, {ks_product-en}, DevOps project, use DevOps, pipeline"
description: "Learn how to set up Jenkins and reload configurations on the Jenkins dashboard."
weight: 07
---
DevOps 系统提供基于 Jenkins 的容器化 CI/CD 功能。Jenkins 作为 CI/CD 工作流的事实标准,具备强大而灵活的特性。然而,许多插件要求用户在使用 Jenkins 之前必须进行系统级配置。
The DevOps system provides containerized CI/CD functionalities based on Jenkins. As the standard for CI/CD workflows, Jenkins is powerful and flexible. However, many plugins require users to perform system-level configurations before using Jenkins.
为了提供可调度的 Jenkins 环境,{ks_product_right}采用了 **Configuration as Code** 的方式进行 Jenkins 系统设置。用户需要登录 Jenkins 仪表板,修改配置后再重新加载。
To provide a schedulable Jenkins environment, KubeSphere adopts the **Configuration as Code** approach for Jenkins system settings. Users need to log in to the Jenkins dashboard, modify the configurations, and then reload them.
本文档演示如何在 Jenkins 仪表板上设置 Jenkins 并重新加载配置。
This document demonstrates how to set up Jenkins and reload configurations on the Jenkins dashboard.
== Prerequisites
{ks_product_right}平台需要安装并启用 **DevOps** 扩展组件。
**DevOps** must have been installed and enabled.
== Jenkins Configuration as Code
{ks_product_right}默认安装 Jenkins Configuration as Code 插件,支持通过 YAML 文件定义 Jenkins 的期望状态,便于再现 Jenkins 的配置包括插件配置。请参阅link:https://github.com/jenkinsci/configuration-as-code-plugin/tree/master/demos[该目录]查看具体的 Jenkins 配置和示例 YAML 文件。
KubeSphere installs the Jenkins Configuration as Code plugin by default, which supports defining the desired state of Jenkins through YAML files, making it easy to reproduce Jenkins configurations (including plugin configurations). Refer to link:https://github.com/jenkinsci/configuration-as-code-plugin/tree/master/demos[this directory] for specific Jenkins configurations and example YAML files.
此外,还可以在 link:https://github.com/kubesphere/ks-jenkins[ks-jenkins] 仓库中找到 **formula.yaml** 文件,查看插件版本并按需自定义这些版本。
Additionally, you can find the **formula.yaml** file in the link:https://github.com/kubesphere/ks-jenkins[ks-jenkins] repository to view plugin versions and customize these versions as needed.
== Modify ConfigMap
== 修改 ConfigMap
It is recommended to configure Jenkins in KubeSphere through Configuration as Code (CasC). The built-in Jenkins CasC file is stored as a ConfigMap.
建议通过 Configuration as Code (CasC) 在{ks_product_both}中配置 Jenkins。将内置 Jenkins CasC 文件存储为 ConfigMap。
. Log in to the {ks_product-en} web console as the **platform-admin** user.
. 以 **platform-admin** 用户登录{ks_product_left} Web 控制台。
. Click **Cluster Management** and enter a cluster.
. 点击**集群管理**,进入一个集群。
. In the left navigation pane, select **Configuration** > **ConfigMaps**. On the **ConfigMaps** page, select **kubesphere-devops-system** from the list, then click **jenkins-casc-config**.
. 在左侧导航栏中选择**配置**下的**配置字典**。在**配置字典**页面,从下拉列表中选择 **kubesphere-devops-system**,然后点击 **jenkins-casc-config**。
. 在详情页面,点击**更多操作**,在下拉列表中选择**编辑 YAML**。
. **jenkins-casc-config** 的配置模板是一个 YAML 文件,位于 **data:jenkins_user.yaml:** 部分。在 ConfigMap 的代理 (Kubernetes Jenkins Agent) 中修改容器镜像、标签、资源请求 (Request) 和限制 (Limit) 等内容,或者在 podTemplate 中添加容器。完成操作后,点击**确定**。
. 等待 1 ~ 2 分钟,会自动重新加载新的配置。
. On the details page, click **More** and select **Edit YAML** from the dropdown list.
. The configuration template for **jenkins-casc-config** is a YAML file located under **data:jenkins_user.yaml:**. Modify the container image, labels, resource requests (Request), and limits (Limit) in the ConfigMap's agent (Kubernetes Jenkins Agent), or add containers in the `podTemplate`. After completing the operations, click **OK**.
. Wait for 1 to 2 minutes, and the new configuration will be reloaded automatically.
//note
[.admon.note,cols="a"]
|===
|说明
|Note
|
* 有关如何通过 CasC 设置 Jenkins 的更多信息,请参阅 link:https://github.com/jenkinsci/configuration-as-code-plugin[Jenkins 文档]。
* For more information on how to configure Jenkins through CasC, refer to link:https://github.com/jenkinsci/configuration-as-code-plugin[Jenkins Documentation].
* 在当前版本中,并非所有插件都支持 CasC 设置。CasC 仅会覆盖通过 CasC 设置的插件配置。
|===
* In the current version, not all plugins support CasC settings. CasC only overrides plugin configurations set through CasC.
|===

76
content/en/docs/v4.1/11-use-extensions/01-devops/03-how-to-use/02-pipelines/08-jenkins-shared-library.adoc
View File

@ -1,76 +1,72 @@
---
title: "在流水线中使用 Jenkins 共享库"
keywords: "Kubernetes, {ks_product}, DevOps 项目, 使用 DevOps, 流水线"
description: "介绍如何在流水线中使用 Jenkins 共享库。"
title: "Use Jenkins Shared Libraries in a Pipeline"
keywords: "Kubernetes, {ks_product-en}, DevOps project, use DevOps, pipeline"
description: "Learn how to use Jenkins shared libraries in a pipeline."
weight: 08
---
For Jenkins pipelines that contain the same stages or steps, you can use Jenkins shared libraries in the Jenkinsfile to avoid pipeline code duplication.
对于包含相同阶段或步骤的 Jenkins 流水线,可以在 Jenkinsfile 中使用 Jenkins 共享库避免流水线代码重复。
本文档演示如何在 DevOps 流水线中使用 Jenkins 共享库。
This document demonstrates how to use Jenkins shared libraries in a DevOps pipeline.
== Prerequisites
* **DevOps** must have been installed and enabled.
* 已创建一个企业空间、一个 DevOps 项目和一个用户 (例如 **project-regular**),并已邀请该用户至 DevOps 项目且授予 **operator** 角色。请参阅link:../../05-devops-settings/02-role-and-member-management[角色和成员管理]。
* A workspace, a DevOps project, and a user (e.g. **project-regular**) have been created, and the user has been invited to the DevOps project with the **operator** role. See link:../../05-devops-settings/02-role-and-member-management[Role and Member Management].
* 已有一个可用 Jenkins 共享库。本教程以 link:https://github.com/devops-ws/jenkins-shared-library[GitHub 仓库]中的 Jenkins 共享库为例。
* You have a usable Jenkins shared library. This tutorial uses the Jenkins shared library in the link:https://github.com/devops-ws/jenkins-shared-library[GitHub repository] as an example.
== 步骤 1在 Jenkins 仪表盘配置共享库
== Step 1: Configure Shared Libraries in the Jenkins Dashboard
. link:../../../04-how-to-integrate/01-sonarqube/[登录 Jenkins 仪表板]并点击左侧导航栏中的**系统管理**。
. link:../07-access-jenkins-console[Log in to the Jenkins dashboard] and click **Manage Jenkins** in the left navigation pane.
. 向下滚动并点击**系统配置**。
. Scroll down and click **Configure System**.
. 向下滚动到 **Global Pipeline Libraries**,然后点击**新增**。
. Scroll down to **Global Pipeline Libraries** and click **Add**.
. 配置字段如下所示。
. Configure the fields as follows.
* **Name** 为共享库设置名称(例如,`demo-shared-library`),以便在 Jenkinsfile 中引用此名称来导入共享库。
* **Name:** Set a name for the shared library (e.g., `demo-shared-library`) so that you can import the shared library by referring to this name in a Jenkinsfile.
* **Default version** 设置共享库所在仓库的一个分支名称,将其作为导入共享库的默认分支。本教程将使用 master。
* **Default version:** Set a branch name of the repository where the shared library is located as the default branch to import the shared library. Enter `master` for this tutorial.
* 在 **Retrieval method** 下,选择 **Modern SCM**。
* Under **Retrieval method**, select **Modern SCM**.
* 在 **Source Code Management** 下,选择 **Git**,并为**项目仓库**输入示例仓库的 URL 。如果您使用自己的仓库且访问此仓库需要凭证,还需要配置**凭证**。
* Under **Source Code Management**, select **Git** and enter the URL of the example repository for **Project Repository**. If you use your own repository and access to this repository requires credentials, you also need to configure **Credentials**.
. 编辑完成后,点击**应用**。
. After editing, click **Apply**.
+
--
//note
[.admon.note,cols="a"]
|===
|说明
|Note
|
您还可以配置link:https://www.jenkins.io/zh/doc/book/pipeline/shared-libraries/#folder-level-shared-libraries[文件夹级别的共享库]。
You can also configure link:https://www.jenkins.io/zh/doc/book/pipeline/shared-libraries/#folder-level-shared-libraries[folder-level shared libraries].
|===
--
== 步骤 2在流水线中使用共享库
== Step 2: Use Shared Libraries in a Pipeline
=== Create a Pipeline
=== 创建流水线
. Log in to the {ks_product_both} web console as the **project-regular** user.
. 以 **project-regular** 用户登录{ks_product_both} Web 控制台。
. Click **Workspace Management** and enter your DevOps project, then click **Create** on the **Pipelines** page.
. 点击**企业空间管理**并进入您的 DevOps 项目,在**流水线**页面点击**创建**。
. In the dialog that appears, name it **demo-shared-library** and click **Next**.
. 在弹出的对话框中,将其命名为 **demo-shared-library**,点击**下一步**。
. In **Advanced Settings**, click **Create** directly to create the pipeline with the default settings.
. 在**高级设置**中,直接点击**创建**,使用默认设置创建流水线。
=== Edit the Pipeline
=== 编辑流水线
. On the pipeline list page, click the pipeline name to enter its detail page, then click **Edit Jenkinsfile**.
. 在流水线列表页面,点击流水线名称进入其详情页面,然后点击**编辑 Jenkinsfile**。
. 在弹出的对话框中,添加以下示例 Jenkinsfile。完成编辑后点击**确定**。
. In the dialog that appears, add the following example Jenkinsfile. After editing, click **OK**.
+
--
[,json]
@ -100,16 +96,16 @@ pipeline {
//note
[.admon.note,cols="a"]
|===
|说明
|Note
|
根据需要,为 **agent** 指定 **label**。
Specify a **label** for **agent** as needed.
|===
--
+
或者,使用以 **@Library('<配置好的共享库名称>') _** 开头的 Jenkinsfile。如果使用这种类型的 Jenkinsfile需要提前在 Jenkins 仪表板上配置共享库。在本教程中,您可以使用以下示例 Jenkinsfile。
Alternatively, use a Jenkinsfile that starts with **@Library('<the configured shared library name>') _**. If you use this type of Jenkinsfile, you need to configure the shared library on the Jenkins dashboard in advance. In this tutorial, you can use the following example Jenkinsfile.
+
--
[,json]
@ -135,16 +131,16 @@ pipeline {
//note
[.admon.note,cols="a"]
|===
|说明
|Note
|
使用 **@Library('demo-shared-library@<分支名称>') _** 来指定特定的分支。
Use **@Library('demo-shared-library@<branch name>') _** to specify a specific branch.
|===
--
== 步骤 3运行流水线
== Step 3: Run the Pipeline
. 在流水线详情页面,点击**运行**运行流水线。
. On the pipeline detail page, click **Run** to run the pipeline.
. 点击**运行记录**页签下的记录,查看流水线运行详情。点击**运行日志**查看日志详细信息。
. Click the record under the **Run Records** tab to view the pipeline run details. Click **Run Logs** to view the log details.

42
content/en/docs/v4.1/11-use-extensions/01-devops/03-how-to-use/02-pipelines/09-jenkins-email.adoc
View File

@ -1,62 +1,58 @@
---
title: "为流水线设置电子邮件服务器"
keywords: "Kubernetes, {ks_product}, DevOps 项目, 使用 DevOps, 流水线"
description: "介绍如何为流水线设置电子邮件服务器。"
title: "Set an Email Server for Pipelines"
keywords: "Kubernetes, {ks_product-en}, DevOps project, use DevOps, pipeline"
description: "Introduce how to set an email server for pipelines."
weight: 09
---
内置 Jenkins 无法与{ks_product_both}的通知系统共享相同的电子邮件配置。因此,您需要单独为 DevOps 流水线配置电子邮件服务器。
The built-in Jenkins cannot share the same email configuration with the notification system of KubeSphere Therefore, you need to configure an email server separately for DevOps pipelines.
== Prerequisites
* **DevOps** must have been installed and enabled.
* 您需要在{ks_product_both}平台具有**集群管理**权限。
* You should have the **Cluster Management** permission on the {ks_product-en} platform.
== Steps
. 以具有**集群管理**权限的账户登录{ks_product_left} Web 控制台。
. Log in to the {ks_product-en} web console with an account that has the **Cluster Management** permission.
. 点击**集群管理**,进入一个集群。
. Click **Cluster Management** and enter a cluster.
. 在左侧导航栏中选择**应用负载**下的**工作负载**,从下拉列表中选择 **kubesphere-devops-system** 项目。点击 **devops-jenkins** 右侧的image:/images/ks-qkcp/zh/icons/more.svg[more,18,18],并选择**编辑 YAML**。
. In the left navigation pane, select **Application Workloads** > **Workloads**, and choose the **kubesphere-devops-system** project from the dropdown list. Click image:/images/ks-qkcp/zh/icons/more.svg[more,18,18] on the right side of **devops-jenkins** and select **Edit YAML**.
. 在 YAML 文件中编辑如下所示的字段。完成修改后,点击**确定**。
. Edit the fields in the YAML file as shown below. After making the changes, click **OK**.
+
--
//warning
[.admon.warning,cols="a"]
|===
|警告
|Warning
|
修改电子邮件服务器配置后,**devops-jenkins** 部署 (Deployment) 会重新启动。因此DevOps 系统将在几分钟内不可用,请在适当的时候修改这些配置。
After modifying the email server configuration, the **devops-jenkins** deployment will restart. Therefore, the DevOps system will be unavailable for a few minutes. Please modify these configurations at an appropriate time.
|===
[%header,cols="1a,3a"]
|===
|环境变量名称 |描述信息
|Environment Variable Name |Description
|EMAIL_SMTP_HOST
|SMTP 服务器地址
|SMTP server address.
|EMAIL_SMTP_PORT
|SMTP 服务器端口25
|SMTP server port (e.g., 25).
|EMAIL_FROM_ADDR
|电子邮件发件人地址
|Email sender address.
|EMAIL_FROM_NAME
|电子邮件发件人姓名
|Email sender name.
|EMAIL_FROM_PASS
|电子邮件发件人密码
|Email sender password.
|EMAIL_USE_SSL
|是否启用 SSL 配置
|Whether to enable SSL configuration.
|===
--
--

79
content/en/docs/v4.1/11-use-extensions/01-devops/03-how-to-use/02-pipelines/10-choose-jenkins-agent.adoc
View File

@ -1,19 +1,17 @@
---
title: "选择 Jenkins Agent"
keywords: "Kubernetes, {ks_product}, DevOps 项目, 使用 DevOps, 流水线"
description: "介绍如何选择 Jenkins Agent。"
title: "Choose Jenkins Agent"
keywords: "Kubernetes, {ks_product-en}, DevOps project, use DevOps, pipeline"
description: "Introduce how to select Jenkins Agent."
weight: 10
---
The **agent** section specifies where the entire pipeline or a specific stage will be executed in the Jenkins environment, depending on where the `agent` section is placed. This section must be defined at the top level inside the **pipeline** block, but stage-level usage is optional. For more information, see link:https://www.jenkins.io/zh/doc/book/pipeline/syntax/#代理[Jenkins Documentation].
**agent** 部分指定整个流水线或特定阶段 (Stage) 将在 Jenkins 环境中执行的位置,具体取决于该 **agent** 部分的放置位置。该部分必须在 **pipeline** 块的顶层进行定义,但是阶段级别的使用是可选的。有关更多信息,请参阅 link:https://www.jenkins.io/zh/doc/book/pipeline/syntax/#代理[Jenkins 官方文档]。
== Built-in podTemplate
podTemplate is a Pod template used to create Agents. You can define podTemplates to be used in the Kubernetes plugin.
== 内置 podTemplate
podTemplate 是一种 Pod 模板,用于创建 Agent。您可以定义在 Kubernetes 插件中使用的 podTemplate。
在流水线运行期间,每个 Jenkins Agent Pod 必须具有一个名为 **jnlp** 的容器,以便实现 Jenkins Controller 与 Jenkins Agent 之间的通信。此外,您可以在 podTemplate 中添加容器,以满足个性化需求。可选择使用自定义的 Pod YAML 来灵活控制运行时环境Runtime并通过 **container** 命令来切换容器。以下是相关示例。
During the pipeline run, each Jenkins Agent Pod must have a container named **jnlp** to facilitate communication between the Jenkins Controller and the Jenkins Agent. Additionally, you can add containers in the podTemplate to meet personalized needs. You can use a custom Pod YAML to flexibly control the runtime environment and switch containers using the **container** command. The following is an example.
[,json]
----
@ -47,9 +45,9 @@ spec:
}
----
在目前版本中,{ks_product_right}内置了 4 种类型的 podTemplate**base**、**nodejs**、**maven** 和 **go**,并且在 Pod 中提供隔离的 Docker 环境。
In the current version, KubeSphere comes with 4 types of podTemplates: **base**, **nodejs**, **maven**, and **go**, and provides an isolated Docker environment in the Pod.
您可以通过指定 Agent 的标签来使用内置 podTemplate。例如要使用 nodejs 的 podTemplate在创建流水线时指定标签为 **nodejs** 即可,具体参阅以下示例。
You can use the built-in podTemplate by specifying the label of the Agent. For example, to use the nodejs podTemplate, specify the label as **nodejs** when creating the pipeline, as shown in the following example.
[,json]
----
@ -76,21 +74,20 @@ pipeline {
}
----
* podTemplate base
+
--
[%header,cols="1a,4a"]
|===
|名称 |类型/版本
|Name |Type/Version
|Jenkins Agent 标签
|Jenkins Agent Label
|base
|容器名称
|Container Name
|base
|操作系统
|Operating System
|centos-7
|Docker
@ -100,10 +97,10 @@ pipeline {
|2.11.0
|Kubectl
|稳定版
|Stable version
|内置工具
|unzip、which、make、wget、zip、bzip2、git
|Built-in Tools
|unzip, which, make, wget, zip, bzip2, git
|===
--
@ -112,15 +109,15 @@ pipeline {
--
[%header,cols="1a,4a"]
|===
|名称 |类型/版本
|Name |Type/Version
|Jenkins Agent 标签
|Jenkins Agent Label
|nodejs
|容器名称
|Container Name
|nodejs
|操作系统
|Operating System
|centos-7
|Node
@ -136,10 +133,10 @@ pipeline {
|2.11.0
|Kubectl
|稳定版
|Stable version
|内置工具
|unzip、which、make、wget、zip、bzip2、git
|Built-in Tools
|unzip, which, make, wget, zip, bzip2, git
|===
--
@ -148,15 +145,15 @@ pipeline {
--
[%header,cols="1a,4a"]
|===
|名称|类型/版本
|Name |Type/Version
|Jenkins Agent 标签
|Jenkins Agent Label
|maven
|容器名称
|Container Name
|maven
|操作系统
|Operating System
|centos-7
|Jdk
@ -172,10 +169,10 @@ pipeline {
|2.11.0
|Kubectl
|稳定版
|Stable version
|内置工具
|unzip、which、make、wget、zip、bzip2、git
|Built-in Tools
|unzip, which, make, wget, zip, bzip2, git
|===
--
@ -184,15 +181,15 @@ pipeline {
--
[%header,cols="1a,4a"]
|===
|名称|类型/版本
|Name |Type/Version
|Jenkins Agent 标签
|Jenkins Agent Label
|go
|容器名称
|Container Name
|go
|操作系统
|Operating System
|centos-7
|Go
@ -211,9 +208,9 @@ pipeline {
|2.11.0
|Kubectl
|稳定版
|Stable version
|内置工具
|unzip、which、make、wget、zip、bzip2、git
|Built-in Tools
|unzip, which, make, wget, zip, bzip2, git
|===
--
--

50
content/en/docs/v4.1/11-use-extensions/01-devops/03-how-to-use/02-pipelines/11-customize-jenkins-agent.adoc
View File

@ -1,67 +1,63 @@
---
title: "自定义 Jenkins Agent"
keywords: "Kubernetes, {ks_product}, DevOps 项目, 使用 DevOps, 流水线"
description: "介绍如何自定义 Jenkins Agent。"
title: "Customize Jenkins Agent"
keywords: "Kubernetes, {ks_product-en}, DevOps project, use DevOps, pipeline"
description: "Introduce how to customize Jenkins Agent."
weight: 11
---
To use a Jenkins Agent that runs a specific environment (e.g., JDK 11), you can customize the Jenkins Agent on KubeSphere.
若要使用运行特定环境(例如 JDK 11的 Jenkins Agent可以在{ks_product_both}上自定义 Jenkins Agent。
本文档描述如何在{ks_product_both}上自定义 Jenkins Agent。
This document describes how to customize the Jenkins Agent on KubeSphere.
== Prerequisites
{ks_product_right}平台需要安装并启用 **DevOps** 扩展组件。
**DevOps** must have been installed and enabled.
== Customize Jenkins Agent
== 自定义 Jenkins Agent
. Log in to the {ks_product-en} web console as the **admin** user.
. 以 **admin** 用户登录{ks_product_left} Web 控制台。
. Click **Cluster Management** and enter a cluster.
. 点击**集群管理**,进入一个集群。
. In the left navigation pane, select **Configuration** > **ConfigMaps**.
. 在左侧导航栏选择**配置**下的**配置字典**。
. On the **ConfigMaps** page, enter **jenkins-casc-config** in the search box and press **Enter**.
. 在**配置字典**页面的搜索框中输入 **jenkins-casc-config** 并按**回车键**。
. Click **jenkins-casc-config** to enter its detail page, click **More**, and select **Edit YAML**.
. 点击 **jenkins-casc-config** 进入其详情页面,点击**更多操作**,选择**编辑 YAML**。
. 在弹出的对话框中,搜寻至 **data:jenkins_user.yaml:jenkins:clouds:kubernetes:templates** 下方并输入以下代码,点击**确定**。
. In the dialog that appears, search for **data:jenkins_user.yaml:jenkins:clouds:kubernetes:templates** and enter the following code below it, then click **OK**.
+
--
[,yaml]
----
- name: "maven-jdk11" # 自定义 Jenkins Agent 的名称。
label: "maven jdk11" # 自定义 Jenkins Agent 的标签。若要指定多个标签,请用空格来分隔标签。
inheritFrom: "maven" # 自定义 Jenkins Agent 所继承的现有容器组模板的名称。
- name: "maven-jdk11" # Customize the name of the Jenkins Agent.
label: "maven jdk11" # Customize the label of the Jenkins Agent. If you want to specify multiple labels, separate them with spaces.
inheritFrom: "maven" # The name of the existing Pod template from which the custom Jenkins Agent inherits.
containers:
- name: "maven" # 自定义 Jenkins Agent 所继承的现有容器组模板中指定的容器名称。
image: "kubespheredev/builder-maven:v3.2.0jdk11" # 此镜像只用于测试。请使用您自己的镜像。
- name: "maven" # The container name specified in the existing Pod template from which the custom Jenkins Agent inherits.
image: "kubespheredev/builder-maven:v3.2.0jdk11" # This image is for testing purposes only. Please use your own image.
----
//note
[.admon.note,cols="a"]
|===
|说明
|Note
|
请确保遵守 YAML 文件中的缩进。
Ensure that the indentation in the YAML file is correct.
|===
--
. 等待 1 ~ 2 分钟,会自动重新加载新的配置。
. Wait for 1 to 2 minutes for the new configuration to reload automatically.
. 要使用自定义的 Jenkins Agent请参考下方的示例 Jenkinsfile在创建流水线时指定自定义 Jenkins Agent 对应的标签和容器名。
. To use the customized Jenkins Agent, refer to the example Jenkinsfile below, specifying the label and container name corresponding to the customized Jenkins Agent when creating the pipeline.
+
--
[,json]
----
pipeline {
agent {
node {
@ -82,4 +78,4 @@ pipeline {
}
}
----
--
--

2
content/en/docs/v4.1/11-use-extensions/01-devops/03-how-to-use/02-pipelines/_index.adoc
View File

@ -1,6 +1,6 @@
---
title: "Pipelines"
keywords: "Kubernetes, {ks_product}, DevOps projects, Using DevOps, Pipelines"
keywords: "Kubernetes, {ks_product-en}, DevOps projects, Using DevOps, Pipelines"
description: "This section introduces how to use pipelines."
weight: 02
layout: "second"

214
content/en/docs/v4.1/11-use-extensions/01-devops/03-how-to-use/03-use-gitops-for-continous-deployment.adoc
View File

@ -1,255 +1,223 @@
---
title: "使用 GitOps 实现应用持续部署"
keywords: "Kubernetes, {ks_product}, DevOps 项目, 使用 DevOps"
description: "介绍如何创建持续部署以实现应用的部署。"
title: "Use GitOps to Achieve Continuous Deployment of Applications"
keywords: "Kubernetes, {ks_product-en}, DevOps project, use DevOps"
description: "Introduce how to create continuous deployment to achieve application deployment."
weight: 03
---
KubeSphere introduces a philosophy for implementing continuous deployment of cloud-native applications GitOps. The core idea of GitOps is to have a Git repository where the declarative infrastructure and applications of the application system are stored and version-controlled. GitOps combined with Kubernetes can use an automated delivery pipeline to apply changes to any number of specified clusters, thus solving the consistency problem of cross-cloud deployment.
{ks_product_right}引入了一种为云原生应用实现持续部署的理念 GitOps。GitOps 的核心思想是拥有一个 Git 仓库,并将应用系统的申明式基础架构和应用程序存放在 Git 仓库中进行版本控制。GitOps 结合 Kubernetes 能够利用自动交付流水线将更改应用到指定的任意多个集群中,从而解决跨云部署的一致性问题。
本文档演示如何创建持续部署以实现应用的部署。
This document walks you through the process of deploying an application using a continuous deployment.
== Prerequisites
* **DevOps** must have been installed and enabled.
* 已有一个企业空间、一个 DevOps 项目和一个用户 (例如 **project-regular**),并已邀请该用户至 DevOps 项目且授予 **operator** 角色。请参阅link:../05-devops-settings/02-role-and-member-management[角色和成员管理]。
* A workspace, a DevOps project, and a user (e.g. **project-regular**) have been created, and the user has been invited to the DevOps project with the **operator** role. See link:../05-devops-settings/02-role-and-member-management[Role and Member Management].
== Import a Code Repository
== 导入代码仓库
. Log in to the {ks_product-en} web console as the **project-regular** user.
. 以 **project-regular** 用户登录{ks_product_both} Web 控制台。
. Click **Workspace Management** and enter your DevOps project.
. 点击**企业空间管理**并进入您的 DevOps 项目。
. In the left navigation pane, click **Code Repositories**.
. 在左侧导航栏,点击**代码仓库**。
. On the right side of the code repositories page, click **Add**.
. 在右侧的代码仓库页面,点击**添加**。
. In the **Import Code Repository** dialog, enter a code repository name, such as **open-podcasts**, and click **Select a code repository**. You can also set an alias and add a description for the code repository.
. 在**导入代码仓库**对话框,输入代码仓库名称,如 **open-podcasts**,点击选择代码仓库。您也可以为代码仓库设置别名和添加描述信息。
. 在**选择代码仓库**对话框,点击 **Git**,在**代码仓库地址**区域,输入代码仓库地址,如 link:https://github.com/kubesphere-sigs/open-podcasts[],点击**确定**。
. In the **Select Code Repository** dialog, click **Git**, enter the repository address in the **Code Repository URL** area, such as link:https://github.com/kubesphere-sigs/open-podcasts[], and click **OK**.
+
--
//note
[.admon.note,cols="a"]
|===
|说明
|Note
|
此处导入的是公共仓库因此不需要创建凭证。如果您添加的是私有仓库则需要创建凭证。有关如何添加凭证的更多信息请参阅link:../05-devops-settings/01-credential-management/[凭证管理]。
The repository imported here is a public repository, so no credentials are needed. If you are adding a private repository, you need to create credentials. For more information on how to add credentials, see link:../05-devops-settings/01-credential-management/[Credential Management].
|===
--
== Create Continuous Deployment
== 创建持续部署
. In the left navigation pane, click **Continuous Deployments**.
. 在左侧导航栏,点击**持续部署**。
. On the right side of the **Continuous Deployments** page, click **Create**.
. 在右侧的**持续部署**页面,点击**创建**。
. On the **Basic Information** tab, enter a continuous deployment name, such as **open-podcasts**. In the **Deployment Location** area, select the cluster and project for continuous deployment. Click **Next**.
. 在**基本信息**页签,输入持续部署名称,如 **open-podcasts**。在**部署位置**区域,选择持续部署的部署集群和项目。点击**下一步**。
. 在**代码仓库设置**页签,选择上一步创建的代码仓库,设置代码仓库的分支或标签以及 Kustomization 清单文件路径。点击**下一步**。
. On the **Code Repository Settings** tab, select the code repository created in the previous step, set the branch or tag of the code repository, and the path of the `Kustomization` manifest file. Click **Next**.
+
--
[%header, cols="1a,3a"]
|===
|参数 |描述
|Parameter |Description
|修订版本
|Git 仓库中的 commit ID、分支或标签。例如**master**, **v1.2.0**, **0a1b2c3** 或 **HEAD**。
|Revision
|The commit ID, branch, or tag of the Git repository. For example, **master**, **v1.2.0**, **0a1b2c3**, or **HEAD**.
|清单文件路径
|设置清单文件路径。例如,**config/default**。
|Manifest File Path
|Set the path of the manifest file. For example, **config/default**.
|===
--
. 在**同步策略**区域,根据需要选择**自动同步**或**手动同步**。
. On the **Sync Settings** tab, in the **Sync Strategy** area, select **Auto Sync** or **Manual Sync** as needed.
+
--
* **自动同步**:在检测到 Git 仓库中的清单与部署资源的实时状态之间存在差异时,根据设置的同步选项,自动触发应用程序同步。具体参数如下表所示。
* **Auto Sync**: Automatically trigger application synchronization when a difference is detected between the manifest in the Git repository and the real-time state of the deployment resources, according to the sync options. The specific parameters are shown in the table below.
+
====
[%header, cols="1a,3a"]
|===
|参数 |描述
|Parameter |Description
|清理资源
|如果勾选,自动同步时会删除 Git 仓库中不存在的资源。不勾选时,自动同步触发时不会删除集群中的资源。
|Prune resources
|If selected, resources that do not exist in Git will be deleted during automatic sync. If not selected, resources in the cluster will not be deleted when automatic sync is triggered.
|Self-heal
|If selected, when there is a deviation between the defined state in Git and the deployed resources, the defined state in Git will be enforced. If not selected, automatic sync will not be triggered when changes are made to the deployed resources.
|自恢复
|如果勾选,当检测到 Git 仓库中定义的状态与部署资源中有偏差时,将强制应用 Git 仓库中的定义。不勾选时,对部署资源做更改时不会触发自动同步。
|===
====
* **手动同步**:根据设置的同步选项,手动触发应用程序同步。
// 具体参数如下表所示。
// +
// ====
// [%header, cols="1a,3a"]
// |===
// |参数 |描述
// |清理资源
// |如果勾选,同步会删除 Git 仓库中不存在的资源。不勾选时,同步不会删除集群中的资源,而是会显示 **out-of-sync**。
// |模拟运行
// |模拟同步,不影响最终部署资源。
// |仅执行 Apply
// |如果勾选,同步应用资源时会跳过 **pre/post** 钩子,仅执行 **kubectl apply**。
// |强制 Apply
// |如果勾选,同步时会执行 **kubectl apply --force**。
// |===
// ====
* **Manual Sync**: Manually trigger application synchronization according to the sync options.
--
. 在**同步设置**区域,根据需要设置同步相关参数。
. In the **Sync Settings** area, set the sync options as needed.
+
--
[%header, cols="1a,3a"]
|===
|参数 |描述
|Parameter |Description
|跳过规范校验
|跳过 **kubectl** 验证。执行 **kubectl apply** 时,增加 **--validate=false** 标识。
|Skip schema validation
|Skip **kubectl** validation. When executing **kubectl apply**, add the **--validate=false** flag.
|自动创建项目
|在项目不存在的情况下自动为应用程序资源创建项目。
|Auto create project
|Automatically create a project for application resources if the project does not exist.
|最后清理
|同步操作时,其他资源都完成部署且处于健康状态后,再清理资源。
|Prune last
|Clean up resources after all other resources have been deployed and are in a healthy state.
|选择性同步
|仅同步 **out-of-sync** 状态的资源。
|Apply out of sync only
|Only sync resources in the **out-of-sync** state.
|===
--
. 在**依赖清理策略**区域,根据需要选择依赖清理策略。
. In the **Prune Propagation Policy** area, select the dependency cleanup policy as needed.
+
--
[%header, cols="1a,3a"]
|===
|参数 |描述
|Parameter |Description
|foreground
|先删除依赖资源,再删除主资源。
|Delete dependent resources first, then delete the main resource.
|background
|先删除主资源,再删除依赖资源。
|Delete the main resource first, then delete the dependent resources.
|orphan
|删除主资源,留下依赖资源成为孤儿。
|Delete the main resource, leaving the dependent resource as an orphan.
|===
--
. 在**替换资源**区域,选择是否需要替换已存在的资源。
. In the **Replace Resource** area, select whether existing resources need to be replaced.
+
--
//note
[.admon.note,cols="a"]
|===
|说明
|Note
|
如果勾选,将执行 **kubectl replace/create** 命令同步资源。不勾选时,使用 **kubectl apply** 命令同步资源。
If checked, the **kubectl replace/create** command will be executed to sync resources. If unchecked, the **kubectl apply** command will be used to sync resources.
|===
--
. 点击**创建**。资源创建完成后将显示在持续部署列表中。
. Click **Create**. The created continuous deployment will be displayed in the list.
== View the Created Continuous Deployment
== 查看已创建的持续部署信息
. 在**持续部署**页面上查看到已创建的持续部署信息。具体参数如下表所示。
. On the **Continuous Deployments** page, view the created continuous deployment information. The parameters are shown in the table below.
+
--
[%header,cols="1a,4a"]
|===
|参数 |描述
|Parameter |Description
|名称
|持续部署的名称。
|Name
|The name of the continuous deployment.
|健康状态
|持续部署的健康状态。主要包含以下几种状态:
|Health Status
|The health status of the continuous deployment, which includes:
* **健康**:资源健康。
* **已降级**:资源已经被降级。
* **进行中**:资源正在同步。默认返回该状态。
* **暂停**:资源已经被暂停并等待恢复。
* **未知**:资源健康状态未知。
* **丢失**:资源已缺失。
* **Healthy**: The resources are healthy.
* **Degraded**: The resources have been degraded.
* **Progressing**: The resources are being synchronized. This state is returned by default.
* **Suspended**: The resources have been paused and are waiting to be resumed.
* **Unknown**: The health status of the resources is unknown.
* **Missing**: The resources are missing.
|同步状态
|持续部署的同步状态。主要包含以下几种状态:
|Sync Status
|The sync status of the continuous deployment, which includes:
* **已同步**:资源同步已完成。
* **未同步**:资源的实际运行状态和期望状态不一致。
* **未知**:资源同步状态未知。
* **Synced**: The resource sync has been completed.
* **Out of Sync**: The actual running status of the resources is inconsistent with the expected status.
* **Unknown**: The sync status of the resources is unknown.
|部署位置
|资源部署的集群和项目。
|Deployment Location
|The cluster and project where the resources are deployed.
|更新时间
|资源更新的时间。
|Update Time
|The time when the resources are updated.
|===
--
. 点击持续部署右侧的image:/images/ks-qkcp/zh/icons/more.svg[more,18,18],您可以执行以下操作:
. Click image:/images/ks-qkcp/zh/icons/more.svg[more,18,18] on the right side of the continuous deployment, and you can perform the following operations:
+
--
* **编辑信息**:编辑别名和描述信息。
* **Edit Information**: Edit the alias and description of the continuous deployment.
* **编辑 YAML**:编辑持续部署的 YAML 文件。
* **Edit YAML**: Edit the YAML file of the continuous deployment.
* **同步**:触发资源同步。
* **Sync**: Trigger resource synchronization.
* **删除**:删除持续部署。
* **Delete**: Delete the continuous deployment.
//warning
[.admon.warning,cols="a"]
|===
|警告
|Warning
|
删除持续部署的同时会删掉和该持续部署关联的资源。请谨慎操作。
Deleting the continuous deployment will also delete the resources associated with it. Please proceed with caution.
|===
--
. 点击已创建的持续部署进入详情页面,查看同步状态和同步结果。
. Click the created continuous deployment to enter the detail page and view the sync status and results.
== Access the Created Application
== 访问已创建的应用
. Enter the project to which the continuous deployment belongs, and in the left navigation pane, click **Application Workloads** > **Services**.
. 进入持续部署所属的项目,在左侧导航栏,点击**应用负载** > **服务**。
. On the **Services** page, find the deployed application and click image:/images/ks-qkcp/zh/icons/more.svg[more,18,18] on the right side, then select **Edit External Access**.
. 在右侧的**服务**区域找到已部署的应用并点击右侧image:/images/ks-qkcp/zh/icons/more.svg[more,18,18],选择**编辑外部访问**。
. Select **NodePort** in the **Access Mode**, and click **OK**.
. 在**访问模式**中选择 **NodePort**,点击**确定**。
. 在服务列表页面的**外部访问**列,查看暴露的端口,通过 {Node IP}:{NodePort} 访问此应用。
. On the service list page, view the exposed port in the **External Access** column, and access the application through {Node IP}:{NodePort}.
+
--
//note
[.admon.note,cols="a"]
|===
|说明
|Note
|
在访问服务之前,请确保安全组中的端口已打开。
Before accessing the service, please ensure that the port is open in the security group.
|===
--
--

80
content/en/docs/v4.1/11-use-extensions/01-devops/03-how-to-use/04-import-code-repositories.adoc
View File

@ -1,100 +1,96 @@
---
title: "导入代码仓库"
keywords: "Kubernetes, {ks_product}, DevOps 项目, 使用 DevOps"
description: "介绍如何导入代码仓库。"
title: "Import Code Repositories"
keywords: "Kubernetes, {ks_product-en}, DevOps project, use DevOps"
description: "Introduce how to import code repositories."
weight: 04
---
{ks_product_right}支持导入 GitHub、GitLab、Bitbucket 或其它基于 Git 的代码仓库,如 Gitee。下面以 Github 仓库为例,展示如何导入代码仓库。
KubeSphere supports importing GitHub, GitLab, Bitbucket, or other Git-based code repositories, such as Gitee. Below is an example of how to import a GitHub repository.
== Prerequisites
* **DevOps** must have been installed and enabled.
* 已有一个企业空间、一个 DevOps 项目和一个用户 (例如 **project-regular**),并已邀请该用户至 DevOps 项目且授予 **operator** 角色。请参阅link:../05-devops-settings/02-role-and-member-management[角色和成员管理]。
* A workspace, a DevOps project, and a user (e.g. **project-regular**) have been created, and the user has been invited to the DevOps project with the **operator** role. See link:../05-devops-settings/02-role-and-member-management[Role and Member Management].
== Steps
. 以 **project-regular** 用户登录{ks_product_both} Web 控制台。
. Log in to the {ks_product-en} web console as the **project-regular** user.
. 点击**企业空间管理**并进入您的 DevOps 项目。
. Click **Workspace Management** and enter your DevOps project.
. 在左侧导航栏,点击**代码仓库**。
. In the left navigation pane, click **Code Repositories**.
. 在右侧的代码仓库页面,点击**添加**。
. On the right side of the page, click **Add**.
. 在**导入代码仓库**对话框,输入代码仓库名称,点击选择代码仓库。您也可以为代码仓库设置别名和添加描述信息。
. In the **Import Code Repository** dialog, enter a code repository name, and click **Select a code repository**. You can also set an alias and add a description for the code repository.
+
--
下表列举了支持导入的代码仓库和参数设置项。以下步骤以 GitHub 为例。
The table below lists the supported code repositories and parameter settings. The following steps use GitHub as an example.
[%header,cols="1a,4a"]
|===
|参数 |描述
|Parameter |Description
|GitHub
|**凭证**:选择访问代码仓库的凭证。
|**Credential**: Select the credential for accessing the code repository.
|GitLab
|
* **GitLab 服务器地址**:选择 GitLab 服务器地址,默认值为 link:https://gitlab.com[]。
* **项目组/所有者**:输入 GitLab 账号。
* **凭证**:选择访问代码仓库的凭证。
* **代码仓库**:选择代码仓库。
* **GitLab Server Address**: Select the GitLab server address, the default value is link:https://gitlab.com[].
* **Project Group/Owner**: Enter the GitLab account.
* **Credential**: Select the credential for accessing the code repository.
* **Code Repository**: Select the code repository.
|Bitbucket
|
* **Bitbucket 服务器地址**:设置 Bitbucket 服务器地址。
* **凭证**:选择访问代码仓库的凭证。
* **Bitbucket Server Address**: Set the Bitbucket server address.
* **Credential**: Select the credential for accessing the code repository.
|Git
|
* **代码仓库地址**:输入代码仓库地址,如 link:https://gitee.com[]。
* **凭证**:选择访问代码仓库的凭证。
* **Code Repository URL**: Enter the code repository address, such as link:https://gitee.com[].
* **Credential**: Select the credential for accessing the code repository.
|===
//note
[.admon.note,cols="a"]
|===
|说明
|Note
|
如需使用 GitLab 私有仓库请参阅link:../02-pipelines/04-gitlab-multibranch-pipeline/[使用 GitLab 创建多分支流水线]。
For using GitLab private repositories, see link:../02-pipelines/04-gitlab-multibranch-pipeline/[Create a Multi-branch Pipeline with GitLab].
|===
--
. 在**凭证**区域,点击**创建凭证**。在弹出的**创建凭证**对话框,设置以下参数,点击**确定**。
. In the **Credential** area, click **Create Credential**. In the **Create Credential** dialog that appears, set the following parameters and click **OK**.
+
--
* **名称**:输入凭证名称,如 **github-id**。
* **类型**:取值包括**用户名和密码**、**SSH 密钥**和**访问令牌**。在 DevOps 项目中,建议使用**用户名和密码**。
// * **类型**:取值包括**用户名和密码**、**SSH 密钥**、**访问令牌**和 **kubeconfig**。在 DevOps 项目中,建议使用**用户名和密码**。
* **用户名**:此处默认用户名为 **admin**。
* **密码/令牌**:输入您的 GitHub 令牌。
* **描述**:添加描述信息。
* **Name**: Enter a credential name, such as **github-id**.
* **Type**: The values include **Username and password**, **SSH key**, **Access token**, and **kubeconfig**. In DevOps projects, it is recommended to use **Username and password**.
* **Username**: The default username here is **admin**.
* **Password/Token**: Enter your GitHub token.
* **Description**: Add a description.
//note
[.admon.note,cols="a"]
|===
|说明
|Note
|
更多关于如何添加凭证的信息请参阅link:../05-devops-settings/01-credential-management/[凭证管理]。
For more information on how to add credentials, see link:../05-devops-settings/01-credential-management/[Credential Management].
|===
--
. 在**凭证**下拉列表中,选择创建的凭证,点击**确定**。
. 在弹出的 GitHub 仓库中,选择代码仓库,点击**确定**。
. In the **Credential** dropdown list, select the created credential and click **OK**.
. In the pop-up GitHub repository, select the code repository and click **OK**.
. 点击代码仓库右侧的image:/images/ks-qkcp/zh/icons/more.svg[more,18,18],可以执行以下操作:
. Click image:/images/ks-qkcp/zh/icons/more.svg[more,18,18] on the right side of the code repository, and you can perform the following operations:
+
--
* **编辑**:修改代码仓库别名和描述信息,以及重新选择代码仓库。
* **编辑 YAML**:编辑代码仓库 YAML 文件。
* **删除**:删除代码仓库。
--
* **Edit**: Modify the alias and description of the code repository, and reselect the code repository.
* **Edit YAML**: Edit the YAML file of the code repository.
* **Delete**: Delete the code repository.
--

165
content/en/docs/v4.1/11-use-extensions/01-devops/03-how-to-use/05-devops-settings/01-credential-management.adoc
View File

@ -1,184 +1,173 @@
---
title: "凭证管理"
keywords: "Kubernetes, {ks_product}, DevOps 项目, 使用 DevOps"
description: "介绍如何管理 DevOps 凭证。"
title: "Credential Management"
keywords: "Kubernetes, {ks_product-en}, DevOps project, use DevOps"
description: "Introduce how to manage DevOps credentials."
weight: 01
---
Credentials are objects that contain sensitive information, such as usernames and passwords, SSH keys, and tokens. When the DevOps pipeline runs, it interacts with objects in the external environment to perform a series of tasks, including pulling code, pushing and pulling images, and running scripts. During this process, corresponding credentials are required, and these credentials will not appear in plain text in the pipeline.
凭证是包含敏感信息的对象例如用户名和密码、SSH 密钥和令牌 (Token)。当{ks_product_left} DevOps 流水线运行时,会与外部环境中的对象进行交互,以执行一系列任务,包括拉取代码、推送和拉取镜像以及运行脚本等。此过程中需要提供相应的凭证,而这些凭证不会明文出现在流水线中。
DevOps project users with the necessary permissions can configure credentials for Jenkins pipelines. After users add or configure these credentials in the DevOps project, they can use these credentials in the DevOps project to interact with third-party applications.
具有必要权限的 DevOps 项目用户可以为 Jenkins 流水线配置凭证。用户在 DevOps 项目中添加或配置这些凭证后,便可以在 DevOps 项目中使用这些凭证与第三方应用程序进行交互。
Currently, you can create the following types of credentials in a DevOps project:
目前,您可以在 DevOps 项目中创建以下类型的凭证:
* **Username and password**: A username and password, which can be handled as separate components or as a colon-separated string (in the format **username:password**), such as GitHub and GitLab accounts.
* **用户名和密码**:用户名和密码,可以作为单独的组件处理,或者作为用冒号分隔的字符串(格式为 **username:password**)处理,例如 GitHub 和 GitLab 账户。
* **SSH key**: A username with a private key, an SSH public/private key pair.
* **SSH 密钥**带有私钥的用户名SSH 公钥/私钥对。
* **Access token**: A token with access permissions.
* **访问令牌**:具有访问权限的令牌。
* **kubeconfig**:用于配置跨集群认证。
本文档演示如何在 DevOps 项目中创建和管理凭证。有关如何使用凭证的更多信息请参阅link:../../02-pipelines/02-create-a-pipeline-using-jenkinsfile/[使用 Jenkinsfile 创建流水线]和link:../../02-pipelines/01-create-a-pipeline-using-graphical-editing-panel/[使用图形编辑面板创建流水线]。
* **kubeconfig**: Used to configure cross-cluster authentication.
This document demonstrates how to create and manage credentials in a DevOps project. For more information on how to use credentials, see link:../../02-pipelines/02-create-a-pipeline-using-jenkinsfile/[Create a Pipeline Using a Jenkinsfile] and link:../../02-pipelines/01-create-a-pipeline-using-graphical-editing-panel/[Create a Pipeline Using Graphical Editing Panels].
== Prerequisites
* **DevOps** must have been installed and enabled.
* 已有一个企业空间、一个 DevOps 项目和一个用户 (例如 **project-regular**),并已邀请该用户至 DevOps 项目且授予 **operator** 角色。请参阅link:../02-role-and-member-management[角色和成员管理]。
* A workspace, a DevOps project, and a user (e.g. **project-regular**) have been created, and the user has been invited to the DevOps project with the **operator** role. See link:../02-role-and-member-management[Role and Member Management].
== Create Credentials
== 创建凭证
. Log in to the {ks_product-en} web console as the **project-regular** user.
. 以 **project-regular** 用户登录{ks_product_both} Web 控制台。
. Click **Workspace Management** and enter your DevOps project.
. 点击**企业空间管理**并进入您的 DevOps 项目。
. In the left navigation pane, select **DevOps Project Settings > Credentials**.
. 在左侧导航栏,选择 **DevOps 项目设置 > 凭证**。
. On the **Credentials** page, click **Create**.
. 在右侧的**凭证**区域,点击**创建**。
. 在弹出的**创建凭证**对话框,输入凭证名称,并选择凭证类型。不同的凭证类型需要设置的参数不同,具体请参考以下内容。
. In the **Create Credential** dialog that appears, enter a credential name and select a credential type. Different credential types require different parameters to be set. Please refer to the following content for details.
+
====
* 创建用户名和密码凭证
* Create a username and password credential
+
--
以创建 GitHub 用户凭证为例,您需要设置以下参数:
Taking creating a GitHub user credential as an example, you need to set the following parameters:
[%header,cols="1a,2a"]
|===
|参数|描述
|Parameter|Description
|名称
|设置凭证名称,如 **github-id**。
|Name
|Set the credential name, such as **github-id**.
|Type
|Select **Username and password**.
|类型
|选择**用户名和密码**。
|Username
|Enter your GitHub username.
|Password/Token
|Enter your GitHub token.
|用户名
|输入您的 GitHub 用户名。
|密码/令牌
|输入您的 GitHub 令牌。
|描述
|凭证的简介。
|Description
|An introduction to the credential.
|===
//note
[.admon.note,cols="a"]
|===
|说明
|Note
|
* 自 2021 年 8 月起GitHub 要求使用基于令牌的身份验证,此处需要输入令牌,而非 GitHub 密码。有关如何生成令牌请参阅link:https://docs.github.com/cn/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token[创建个人访问令牌]。
* 如果您的账户或密码中包含任何特殊字符,例如 **@** 和 **$**,可能会因为无法识别而在流水线运行时导致错误。在这种情况下,您需要先在一些第三方网站(例如 link:https://www.urlencoder.org/[urlencoder])上对账户或密码进行编码,然后将输出结果复制粘贴作为您的凭证信息。
* Since August 2021, GitHub requires token-based authentication. Here you need to enter the token instead of the GitHub password. For information on how to generate a token, see link:https://docs.github.com/cn/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token[Create a Personal Access Token].
* If your account or password contains special characters such as **@** and **$**, errors may occur during pipeline runs due to unrecognized characters. In such cases, encode your account or password on a third-party website (e.g., link:https://www.urlencoder.org[urlencoder]) and then copy and paste the encoded result as your credential information.
|===
--
* 创建 SSH 密钥凭证
* Create an SSH key credential
+
--
[%header,cols="1a,2a"]
|===
|参数|描述
|Parameter|Description
|名称
|设置凭证名称。
|Name
|Set the credential name.
|Type
|Select **SSH key**.
|类型
|选择**SSH 密钥**。
|Username
|Enter your username.
|Private Key
|Enter your SSH key.
|用户名
|输入您的用户名。
|Passphrase
|Enter the passphrase. It is recommended to set this parameter for better account security.
|私钥
|输入您的 SSH 密钥。
|密码短语
|输入密码短语。为了更好保护您的账户安全,建议设置该参数。
|描述
|凭证的简介。
|Description
|An introduction to the credential.
|===
--
* 创建访问令牌凭证
* Create an access token credential
+
--
[%header,cols="1a,2a"]
|===
|参数|描述
|Parameter|Description
|名称
|设置凭证名称。
|Name
|Set the credential name.
|类型
|选择**访问令牌**。
|Type
|Select **Access token**.
|令牌
|输入您的令牌。
|Token
|Enter your token.
|描述
|凭证的简介。
|Description
|An introduction to the credential.
|===
--
* 创建 kubeconfig 凭证
* Create a kubeconfig credential
+
--
[%header,cols="1a,2a"]
|===
|参数|描述
|Parameter|Description
|名称
|设置凭证名称,例如 **demo-kubeconfig**。
|Name
|Set the credential name, such as **demo-kubeconfig**.
|类型
|选择 **kubeconfig**。
|Type
|Select **kubeconfig**.
|内容
|系统自动获取当前 Kubernetes 集群的 kubeconfig 文件内容,并自动填充该字段,您无须做任何更改。但是访问其他集群时,您可能需要更改 kubeconfig。
|Content
|The system automatically obtains the kubeconfig file content of the current Kubernetes cluster and automatically fills in this field. You do not need to make any changes. However, when accessing other clusters, you may need to change the kubeconfig.
|描述
|凭证的简介。
|Description
|An introduction to the credential.
|===
//note
[.admon.note,cols="a"]
|===
|说明
|Note
|
用于配置集群访问的文件称为 kubeconfig 文件。这是引用配置文件的通用方法。有关更多信息,请参阅 link:https://kubernetes.io/zh/docs/concepts/configuration/organize-cluster-access-kubeconfig/[Kubernetes 官方文档]。
The file used to configure cluster access is called a kubeconfig file. This is a generic way to reference the configuration file. For more information, see link:https://kubernetes.io/zh/docs/concepts/configuration/organize-cluster-access-kubeconfig/[Kubernetes Documentation].
|===
--
====
== View and Manage Credentials
== 查看和管理凭证
. Click the created credential to enter its detail page and view the credential details and all events related to this credential.
. 点击已创建的凭证,进入其详情页面,查看凭证详情和与此凭证相关的所有事件。
. 点击**编辑**修改凭证信息,点击**删除**删除凭证。
//note
. Click **Edit** to modify the credential information, and click **Delete** to delete the credential.
+
[.admon.note,cols="a"]
|===
|说明
|Note
|
编辑凭证时,{ks_product_right}不会显示现有用户名或密码信息。如果输入新的用户名和密码,则前一个将被覆盖。
|===
When editing credentials, KubeSphere does not display the existing username or password information. If you enter a new username and password, the previous one will be overwritten.
|===

84
content/en/docs/v4.1/11-use-extensions/01-devops/03-how-to-use/05-devops-settings/02-role-and-member-management.adoc
View File

@ -1,118 +1,112 @@
---
title: "角色和成员管理"
keywords: "Kubernetes, {ks_product}, DevOps 项目, 使用 DevOps"
description: "介绍如何在 DevOps 项目中管理角色和成员。"
title: "Role and Member Management"
keywords: "Kubernetes, {ks_product-en}, DevOps project, use DevOps"
description: "Introduce how to manage roles and members in a DevOps project."
weight: 02
---
This document demonstrates how to manage roles and members in a DevOps project.
本文档演示如何在 DevOps 项目中管理角色和成员。
在 DevOps 项目范围内,您可以向角色授予以下资源的权限:
* DevOps 项目设置
* 流水线
* 凭证
* 持续部署
* 代码仓库
* 访问控制
Within the scope of a DevOps project, you can grant permissions for the following resources to roles:
* DevOps project settings
* Pipelines
* Credentials
* Continuous deployments
* Code repositories
* Access control
== Prerequisites
* 已创建一个 DevOps 项目,例如 **demo-devops**。
* A DevOps project has been created, for example, **demo-devops**.
* 已有一个在 DevOps 项目级别具有 **admin** 角色的用户(例如 **devops-admin**)。
* A user (e.g. **devops-admin**) with the **admin** role in the DevOps project.
== Preset Roles
== 内置角色
在 **DevOps 项目角色**中,有三个可用的内置角色,如下所示。创建 DevOps 项目时,会自动创建内置角色,并且无法编辑或删除这些角色。
In **DevOps Project Roles**, there are three preset roles as follows. Preset roles are automatically created when a DevOps project is created and cannot be edited or deleted.
[%header,cols="1a,4a"]
|===
|内置角色|描述信息
|Preset Role |Description
|viewer
|DevOps 项目观察者,查看 DevOps 项目中的所有资源。
|DevOps project viewer, view all resources in the DevOps project.
|operator
|DevOps 项目普通成员,管理 DevOps 凭证和流水线以及查看 DevOps 项目中的成员和角色。
|DevOps project regular member, manage DevOps credentials and pipelines, and view members and roles in the DevOps project.
|admin
|DevOps 项目管理员,管理 DevOps 项目中的所有资源。
|DevOps project administrator, manage all resources in the DevOps project.
|===
== Create a DevOps Project Role
== 创建 DevOps 项目角色
. Log in to the {ks_product-en} web console as the **devops-admin** user.
. 以 **devops-admin** 用户登录 {ks_product_both} Web 控制台。
. 前往 **DevOps 项目**页面点击一个 DevOps 项目(例如 **demo-devops**)。
. Go to the **DevOps Projects** page and click a DevOps project (e.g. **demo-devops**).
+
--
//note
[.admon.note,cols="a"]
|===
|说明
|Note
|
本文档使用 **devops-admin** 账户作为示例。只要账户被授予的角色包含 DevOps 项目级别**访问控制**中的**成员查看**、**角色管理**和**角色查看**的权限,此账户便可以创建 DevOps 项目角色。
This document uses the **devops-admin** account as an example. As long as the role granted to the account includes the **Role Management** permission in the DevOps project, this account can create DevOps project roles.
|===
--
. 选择 **DevOps 项目设置**中的 **DevOps 项目角色**,点击**创建**。
. Select **DevOps Project Settings** > **DevOps Project Roles** and click **Create**.
. 设置**名称**。在本示例中,将创建一个名为 **pipeline-creator** 的角色。点击**编辑权限**继续。
. Set the **Name**. In this example, a role named **pipeline-creator** will be created. Click **Edit Permissions** to continue.
. 在**流水线**页签,选择您希望授予该角色的权限。例如,为此角色选择**流水线管理**和**流水线查看**。点击**确定**完成操作。
. On the **Pipeline** tab, select the permissions you want to grant to this role. For example, select **Pipeline Management** and **Pipeline Viewing** for this role. Click **OK** to complete the operation.
+
--
//note
[.admon.note,cols="a"]
|===
|说明
|Note
|
**依赖于**表示当前授权项依赖所列出的授权项,勾选该权限后系统会自动选上所有依赖权限。
**Depends on** means the current authorization item depends on the listed authorization items. After checking the permission, the system will automatically select all dependent permissions.
|===
--
. 新创建的角色将显示在 **DevOps 项目角色**列表中。点击右侧的image:/images/ks-qkcp/zh/icons/more.svg[more,18,18]对其进行编辑。
. The newly created role will be displayed in the **DevOps Project Roles** list. Click image:/images/ks-qkcp/zh/icons/more.svg[more,18,18] on the right side to edit it.
+
--
//note
[.admon.note,cols="a"]
|===
|说明
|Note
|
**pipeline-creator** 角色仅被授予**流水线管理**和**流水线查看**权限,可能无法满足您的实际需求。本示例仅用于演示,请根据实际需要创建自定义角色。
The **pipeline-creator** role is only granted **Pipeline Management** and **Pipeline Viewing** permissions, which may not meet your actual needs. This example is for demonstration purposes only. Please create custom roles according to your actual needs.
|===
--
== Invite DevOps Project Members
== 邀请 DevOps 项目成员
. In **DevOps Project Settings**, select **DevOps Project Members** and then click **Invite**.
. 在 **DevOps 项目设置**中选择 **DevOps 项目成员**,然后点击**邀请**。
. 点击image:/images/ks-qkcp/zh/icons/add-dark.svg[add,18,18]邀请账户加入此 DevOps 项目,并向此账户授予 **pipeline-creator** 角色。
. Click image:/images/ks-qkcp/zh/icons/add-dark.svg[add,18,18] to invite an account to join this DevOps project and grant the **pipeline-creator** role to this account.
+
--
//note
[.admon.note,cols="a"]
|===
|说明
|Note
|
必须先邀请用户加入 DevOps 项目所在的企业空间。
You must first invite the user to join the workspace where the DevOps project is located.
|===
--
. 点击**确定**将用户添加到此 DevOps 项目。在 **DevOps 项目成员**页面,将显示新邀请的成员。
. 点击项目成员右侧的image:/images/ks-qkcp/zh/icons/more.svg[more,18,18],修改现有成员的角色或从 DevOps 项目中删除该用户。
. Click **OK** to add the user to this DevOps project. On the **DevOps Project Members** page, the newly invited member will be displayed.
. Click image:/images/ks-qkcp/zh/icons/more.svg[more,18,18] on the right side of the project member to modify the role of the member or remove the user from the DevOps project.

25
content/en/docs/v4.1/11-use-extensions/01-devops/03-how-to-use/05-devops-settings/03-add-cd-allowlist.adoc
View File

@ -1,31 +1,30 @@
---
title: "添加持续部署白名单"
keywords: "Kubernetes, {ks_product}, DevOps 项目, 使用 DevOps"
description: "介绍如何添加持续部署白名单。"
title: "Add Continuous Deployment Whitelist"
keywords: "Kubernetes, {ks_product-en}, DevOps project, use DevOps"
description: "Introduce how to add a continuous deployment whitelist."
weight: 03
---
KubeSphere supports restricting the code repositories and deployment locations for resource continuous deployment by setting a whitelist.
{ks_product_right}支持通过设置白名单,限制资源持续部署的代码仓库和目标位置。
本文档介绍如何添加持续部署白名单。
This document introduces how to add a continuous deployment whitelist.
== Prerequisites
* **DevOps** must have been installed and enabled.
* 已有一个企业空间、一个 DevOps 项目和一个用户 (例如 **project-regular**),并已邀请该用户至 DevOps 项目且授予 **operator** 角色。请参阅link:../02-role-and-member-management[角色和成员管理]。
* A workspace, a DevOps project, and a user (e.g. **project-regular**) have been created, and the user has been invited to the DevOps project with the **operator** role. See link:../02-role-and-member-management[Role and Member Management].
* 已link:../../04-import-code-repositories/[导入代码仓库]。
* You have link:../../04-import-code-repositories/[imported a code repository].
== Steps
. 以 **project-regular** 用户登录{ks_product_both} Web 控制台。
. Log in to the {ks_product-en} web console as the **project-regular** user.
. 点击**企业空间管理**并进入您的 DevOps 项目。
. Click **Workspace Management** and enter your DevOps project.
. 在左侧导航栏,选择 **DevOps 项目设置 > 基本信息**。
. In the left navigation pane, select **DevOps Project Settings** > **Basic Information**.
. 在右侧**基本信息**下的**持续部署白名单**区域,点击**编辑白名单**。
. In the **Continuous Deployment Allowlist** area, click **Edit Allowlist**.
. 在弹出的**编辑白名单**对话框,选择代码仓库、部署集群和项目,点击**确定**。点击**添加**可添加多个代码仓库和部署位置。
. In the **Edit Allowlist** dialog that appears, select the code repository, cluster, and project, and click **OK**. Click **Add** to add multiple code repositories and deployment locations.

39
content/en/docs/v4.1/11-use-extensions/01-devops/03-how-to-use/05-devops-settings/04-set-ci-node.adoc
View File

@ -1,41 +1,36 @@
---
title: "为依赖项缓存设置 CI 节点"
keywords: "Kubernetes, {ks_product}, DevOps 项目, 使用 DevOps"
description: "介绍如何为依赖项缓存设置 CI 节点。"
title: "Set CI Nodes for Dependency Cache"
keywords: "Kubernetes, {ks_product-en}, DevOps project, use DevOps"
description: "Introduce how to set CI nodes for dependency cache."
weight: 04
---
Building applications often requires pulling different dependencies. Issues such as long pulling times and unstable networks may occur during the pulling process, leading to build failures. To provide a more reliable and stable environment, you can configure nodes or node groups specifically for continuous integration (CI) and speed up the build process by using cache.
构建应用程序通常需要拉取不同的依赖项。拉取过程中可能会遇到某些问题,例如拉取时间长、网络不稳定,进而导致构建失败。为了提供更可靠和稳定的环境,可以配置节点或节点组,专门用于持续集成 (CI),并通过使用缓存来加快构建过程。
本文档演示如何设置 CI 节点,以便{ks_product_both}将流水线的任务调度到这些节点。
// 本文档演示如何设置 CI 节点,以便{ks_product_both}将流水线的任务以及 S2I/B2I 构建的任务调度到这些节点。
This document demonstrates how to set CI nodes so that KubeSphere schedules pipeline tasks to these nodes.
== Prerequisites
您需要在{ks_product_both}平台具有**集群管理**权限。
You should have the **Cluster Management** permission on the {ks_product-en} platform.
== 标记 CI 节点
== Label CI Nodes
. 以具有**集群管理**权限的账户登录{ks_product_left} Web 控制台。
. Log in to the {ks_product-en} web console with an account that has the **Cluster Management** permission.
. 点击**集群管理**,进入一个集群。
. Click **Cluster Management** and enter a cluster.
. 在左侧导航栏中选择**节点**下的**集群节点**,查看当前集群中的现有节点。
. In the left navigation pane, select **Nodes** > **Cluster Nodes** to view the existing nodes in the current cluster.
. 从列表中选择一个节点用来运行 CI 任务。点击节点名称转到其详情页面,点击**更多操作** > **编辑标签**。
. Select a node from the list to run CI tasks. Click the node name to go to its detail page, and click **More** > **Edit Labels**.
. 在弹出的对话框中,在键为 **node-role.kubernetes.io/worker** 的后面,输入 **ci** 作为此标签的值,点击**确定**。
. In the dialog that appears, enter **ci** as the value after the key **node-role.kubernetes.io/worker**, and click **OK**.
== Add Taints to CI Nodes
== 给 CI 节点添加污点
Pipelines generally determine whether to schedule tasks to a node based on link:https://kubernetes.io/zh/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity[node affinity]. If you want to dedicate a node to CI tasks, i.e., not allow other workloads to be scheduled to that node, you can add link:https://kubernetes.io/zh/docs/concepts/scheduling-eviction/taint-and-toleration/[taints] to that node.
流水线一般会根据link:https://kubernetes.io/zh/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity[节点亲和性]来确定是否调度任务到某一节点。如果要将节点专用于 CI 任务即不允许将其他工作负载调度到该节点可以在该节点上添加link:https://kubernetes.io/zh/docs/concepts/scheduling-eviction/taint-and-toleration/[污点]。
. Click **More** > **Edit Taints**.
// 流水线和 S2I/B2I 工作流一般会根据link:https://kubernetes.io/zh/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity[节点亲和性]来确定是否调度任务到某一节点。如果要将节点专用于 CI 任务即不允许将其他工作负载调度到该节点可以在该节点上添加link:https://kubernetes.io/zh/docs/concepts/scheduling-eviction/taint-and-toleration/[污点]。
. Click **Add**, enter the key **node.kubernetes.io/ci** without specifying a value. Select **Prevent scheduling**, **Prevent scheduling if possible**, or **Prevent scheduling and evict existing pods** as needed.
. 点击**更多操作** > **编辑污点**。
. 点击**添加**,输入键 **node.kubernetes.io/ci** 而不指定值。根据需要选择**阻止调度**、**尽可能阻止调度**或**阻止调度并驱逐现有容器组** 。
. 点击**确定**。{ks_product_right}将根据您设置的污点调度任务。
. Click **OK**. KubeSphere will schedule tasks based on the taints you set.

9
content/en/docs/v4.1/11-use-extensions/01-devops/03-how-to-use/05-devops-settings/_index.adoc
View File

@ -1,10 +1,9 @@
---
title: "DevOps 项目设置"
keywords: "Kubernetes, {ks_product}, DevOps 项目, 使用 DevOps"
description: "介绍如何管理 DevOps 项目的设置。"
title: "DevOps Project Settings"
keywords: "Kubernetes, {ks_product-en}, DevOps project, use DevOps"
description: "Introduce how to manage DevOps project settings."
weight: 05
layout: "second"
---
本节介绍如何管理 DevOps 项目的设置。
This section introduces how to manage DevOps project settings.

2
content/en/docs/v4.1/11-use-extensions/01-devops/03-how-to-use/_index.adoc
View File

@ -1,6 +1,6 @@
---
title: "How to Use DevOps"
keywords: "Kubernetes, {ks_product}, DevOps Projects, Using DevOps"
keywords: "Kubernetes, {ks_product-en}, DevOps Projects, Using DevOps"
description: "Learn how to use DevOps functionality."
weight: 03
layout: "second"

321
content/en/docs/v4.1/11-use-extensions/01-devops/04-how-to-integrate/01-sonarqube.adoc
View File

@ -1,26 +1,23 @@
---
title: "将 SonarQube 集成到流水线"
keywords: "Kubernetes, {ks_product}, DevOps 项目"
description: "介绍如何将 SonarQube 集成到流水线。"
title: "Integrate SonarQube into Pipelines"
keywords: "Kubernetes, {ks_product-en}, DevOps project"
description: "Introduction on how to integrate SonarQube into pipelines."
weight: 01
---
link:https://www.sonarqube.org/[SonarQube] is a mainstream tool for continuous inspection of code quality, which can be used for static and dynamic analysis of code repositories. After SonarQube is integrated into pipelines, common code issues detected in running pipelines, such as bugs, will be displayed directly on the dashboard.
link:https://www.sonarqube.org/[SonarQube] 是一种主流的代码质量持续检测工具可用于代码库的静态和动态分析。SonarQube 集成到{ks_product_both}流水线后,如果在运行的流水线中检测到问题,将会在仪表板上直接显示常见代码问题。
本文档演示如何将 SonarQube 集成到流水线中。在link:../../03-how-to-use/02-pipelines/02-create-a-pipeline-using-jenkinsfile/[使用 Jenkinsfile 创建流水线]之前,请先阅读本节内容。
This document demonstrates how to integrate SonarQube into pipelines. Before link:../../03-how-to-use/02-pipelines/02-create-a-pipeline-using-jenkinsfile/[creating a pipeline using a Jenkinsfile], please read this document.
== Prerequisites
{ks_product_right}平台需要安装并启用 **DevOps** 扩展组件。
**DevOps** must have been installed and enabled.
== Install SonarQube Server
== 安装 SonarQube 服务器
To integrate SonarQube into your pipeline, you must first install the SonarQube server on your cluster nodes.
要将 SonarQube 集成到您的流水线,必须先安装 SonarQube 服务器。
. 安装 Helm以便使用该工具安装 SonarQube。例如运行以下命令安装 Helm 3
. Install Helm to use it to install SonarQube. For example, run the following command to install Helm 3:
+
--
// Bash
@ -29,7 +26,7 @@ link:https://www.sonarqube.org/[SonarQube] 是一种主流的代码质量持续
curl https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3|bash
----
查看 Helm 版本。
View the Helm version.
// Bash
[,bash]
@ -42,14 +39,14 @@ version.BuildInfo{Version:"v3.4.1", GitCommit:"c4e74854886b2efe3321e185578e6db9b
//note
[.admon.note,cols="a"]
|===
|说明
|Note
|
有关更多信息,请参阅 link:https://helm.sh/zh/docs/intro/install/[Helm 文档]。
For more information, see the link:https://helm.sh/docs/intro/install/[Helm Documentation].
|===
--
. 执行以下命令安装 SonarQube 服务器。
. Run the following command to install the SonarQube server.
+
--
// Bash
@ -64,32 +61,28 @@ kubesphere-devops-system --create-namespace --set service.type=NodePort
// Note
[.admon.note,cols="a"]
|===
|说明
|Note
|
请确保使用 Helm 3 安装 SonarQube 服务器。
Ensure that you use Helm 3 to install the SonarQube server.
|===
--
== Get SonarQube Console Address
== 获取 SonarQube 控制台地址
. 执行以下命令获取 SonarQube NodePort。
. Run the following command to get the SonarQube NodePort.
+
--
// Bash
[,bash]
----
export NODE_PORT=$(kubectl get --namespace kubesphere-devops-system -o jsonpath="{.spec.ports[0].nodePort}" services sonarqube-sonarqube)
export NODE_IP=$(kubectl get nodes --namespace kubesphere-devops-system -o jsonpath="{.items[0].status.addresses[0].address}")
echo http://$NODE_IP:$NODE_PORT
----
--
. 预期输出结果:(您的 NodeIP 和 NodePort 应该不同)
. Expected output: (Your NodeIP and NodePort should be different)
+
--
// Bash
@ -99,274 +92,258 @@ http://10.77.1.201:31377
----
--
== Configure SonarQube Server
== 配置 SonarQube 服务器
=== Step 1: Access SonarQube Console
=== 步骤 1访问 SonarQube 控制台
. 执行以下命令查看 SonarQube 的状态。注意,只有在 SonarQube 启动并运行后才能访问 SonarQube 控制台。
. Run the following command to check the status of SonarQube. Note that you can only access the SonarQube console after SonarQube is running.
+
--
// Bash
[,bash]
----
kubectl get pod -n kubesphere-devops-system
$ kubectl get pod -n kubesphere-devops-system
NAME READY STATUS RESTARTS AGE
devops-jenkins-68b8949bb-7zwg4 1/1 Running 0 84m
sonarqube-postgresql-0 1/1 Running 0 5m31s
sonarqube-sonarqube-bb595d88b-97594 1/1 Running 2 5m31s
----
--
. 在浏览器中访问 SonarQube 控制台 link:http://NodeIP:NodePort[]。
. Access the SonarQube console link:http://NodeIP:NodePort[] in your browser.
. 点击右上角的 **Log in**,然后使用默认账户 **admin/admin** 登录。
. Click **Log in** in the upper-right corner and log in with the default account **admin/admin**.
+
--
//note
[.admon.note,cols="a"]
|===
|说明
|Note
|
取决于实例的部署位置,您可能需要设置必要的端口转发规则,并在您的安全组中放行该端口,以便访问 SonarQube。
Depending on where the instance is deployed, you may need to set the necessary port forwarding rules and allow the port in your security group to access SonarQube.
|===
--
=== 步骤 2创建 SonarQube 管理员令牌 (Token)
=== Step 2: Create SonarQube Admin Token
. 点击右上角字母 **A**,然后从菜单中选择 **My Account** 以转到 **Profile** 页面。
. Click the letter **A** in the upper-right corner, then select **My Account** from the menu to go to the **Profile** page.
+
image:/images/ks-qkcp/en/devops-user-guide/tool-integration/integrate-sonarqube-into-pipelines/sonarqube-config-1.png[]
. 点击 **Security** 并输入令牌名称,例如 **kubesphere**。
. Click **Security** and enter a token name, for example, **kubesphere**.
+
image:/images/ks-qkcp/en/devops-user-guide/tool-integration/integrate-sonarqube-into-pipelines/sonarqube-config-2.png[]
. 点击 **Generate** 并复制此令牌。
. Click **Generate** and copy this token.
+
--
image:/images/ks-qkcp/en/devops-user-guide/tool-integration/integrate-sonarqube-into-pipelines/sonarqube-config-3.png[]
//note
[.admon.note,cols="a"]
|===
|说明
|Note
|
如提示所示,您无法再次查看此令牌,因此请确保复制成功。
As indicated, you cannot view this token again, so make sure you copy it successfully.
|===
--
=== 步骤 3创建 Webhook 服务器
=== Step 3: Create Webhook Server
. 执行以下命令获取 SonarQube Webhook 的地址。
. Run the following command to get the address of the SonarQube Webhook.
+
--
// Bash
[,bash]
----
export NODE_PORT=$(kubectl get --namespace kubesphere-devops-system -o jsonpath="{.spec.ports[0].nodePort}" services devops-jenkins)
export NODE_IP=$(kubectl get nodes --namespace kubesphere-devops-system -o jsonpath="{.items[0].status.addresses[0].address}")
echo http://$NODE_IP:$NODE_PORT/sonarqube-webhook/
----
--
. 预期输出结果:
. Expected output:
+
--
// Bash
[,bash]
----
http://10.77.1.201:30180/sonarqube-webhook/
----
--
. 依次点击 **Administration**、**Configuration** 和 **Webhooks** 创建一个 Webhook。
. Click **Administration**, **Configuration**, and **Webhooks** to create a Webhook.
+
image:/images/ks-qkcp/en/devops-user-guide/tool-integration/integrate-sonarqube-into-pipelines/sonarqube-webhook-1.png[]
. 点击 **Create**。
. Click **Create**.
+
image:/images/ks-qkcp/en/devops-user-guide/tool-integration/integrate-sonarqube-into-pipelines/sonarqube-webhook-2.png[]
. 在弹出的对话框中输入 **Name** 和 **Jenkins Console URL**(即 SonarQube Webhook 地址)。点击 **Create** 完成操作。
. In the dialog box that appears, enter **Name** and **Jenkins Console URL** (i.e., the SonarQube Webhook address). Click **Create** to complete the operation.
+
image:/images/ks-qkcp/en/devops-user-guide/tool-integration/integrate-sonarqube-into-pipelines/webhook-page-info.png[]
=== 步骤 4将 SonarQube 配置添加到 ks-installer
=== Step 4: Add SonarQube Server to Jenkins
. 执行以下命令编辑 **ks-installer**。
. Run the following command to get the address of Jenkins.
+
--
// Bash
[,bash]
----
export NODE_PORT=$(kubectl get --namespace kubesphere-devops-system -o jsonpath="{.spec.ports[0].nodePort}" services devops-jenkins)
export NODE_IP=$(kubectl get nodes --namespace kubesphere-devops-system -o jsonpath="{.items[0].status.addresses[0].address}")
echo http://$NODE_IP:$NODE_PORT
----
kubectl edit cc -n kubesphere-system ks-installer
You will get the following output:
[,bash]
----
http://10.77.1.201:30180
----
--
. 搜寻至 **devops**。添加字段 **sonarqube** 并在其下方指定 **externalSonarUrl** 和 **externalSonarToken**。
. Refer to link:../../03-how-to-use/02-pipelines/07-access-jenkins-console[Access Jenkins dashboard] for configuration.
. Access Jenkins using the address link:http://NodeIP:30180[].
+
--
[,yaml]
The Jenkins dashboard is installed by default when DevOps is installed. Additionally, Jenkins is configured with KubeSphere LDAP, meaning you can log in to Jenkins directly using your KubeSphere account (e.g., `admin/P@88w0rd`). For more information on configuring Jenkins, see link:../../03-how-to-use/02-pipelines/07-jenkins-setting/[Jenkins System Settings].
//note
[.admon.note,cols="a"]
|===
|Note
|
Depending on where the instance is deployed, you may need to set the necessary port forwarding rules and allow port **30180** in your security group to access Jenkins.
|===
--
. Click **Manage Jenkins** in the left navigation pane.
. Scroll down and click **Configure System**.
. Search for **SonarQube servers** and click **Add SonarQube**.
. Enter **Name** and **Server URL** (http://NodeIP:NodePort). Click **Add**, select **Jenkins**, and create credentials with the SonarQube admin token in the dialog box that appears (as shown in the second screenshot below). After creating the credentials, select them from the dropdown list next to **Server authentication token**. Click **Apply** to complete the operation.
+
--
//note
[.admon.note,cols="a"]
|===
|Note
|
If the **Add** button does not work, go to **Manage Jenkins** > **Manage Credentials** and click **Jenkins** under **Stores scoped to Jenkins**. Click **Global credentials (unrestricted)** and then click **Add Credentials** in the left navigation pane. Add credentials with the SonarQube admin token as shown in the second screenshot below. After adding the credentials, select them from the dropdown list next to **Server authentication token**.
|===
image:/images/ks-qkcp/en/devops-user-guide/tool-integration/integrate-sonarqube-into-pipelines/sonarqube-jenkins-settings.png[,100%]
image:/images/ks-qkcp/en/devops-user-guide/tool-integration/integrate-sonarqube-into-pipelines/add-credentials.png[,100%]
--
=== Step 5: Add SonarQube Configuration to DevOps
. Run the following command to edit the ConfigMap `devops-config`.
+
[source,bash]
----
kubectl -n kubesphere-devops-system edit cm devops-config
----
. Add the field `sonarQube` after the `devops` section and specify `host` and `token` under it.
+
[source,yaml]
----
devops:
enabled: true
jenkinsJavaOpts_MaxRAM: 2g
jenkinsJavaOpts_Xms: 512m
jenkinsJavaOpts_Xmx: 512m
jenkinsMemoryLim: 2Gi
jenkinsMemoryReq: 1500Mi
jenkinsVolumeSize: 8Gi
sonarqube: # Add this field manually.
externalSonarUrl: http://10.77.1.201:31377 # The SonarQube IP address.
externalSonarToken: 00ee4c512fc987d3ec3251fdd7493193cdd3b91d # The SonarQube admin token created above.
host: http://devops-jenkins.kubesphere-devops-system
username: admin
maxConnections: 100
namespace: kubesphere-devops-system
workerNamespace: kubesphere-devops-worker
sonarQube:
host: http://10.77.1.201:31377
token: 00ee4c512fc987d3ec3251fdd7493193cdd3b91d
----
--
. 完成操作后保存此文件。
. Save this file.
=== 步骤 5将 SonarQube 服务器添加至 Jenkins
=== Step 6: Add sonarqubeURL to {ks_product-en} Console
. 执行以下命令获取 Jenkins 的地址。
You need to specify **sonarqubeURL** so that you can access SonarQube directly from the {ks_product-en} web console.
. Run the following command:
+
--
// Bash
[,bash]
----
export NODE_PORT=$(kubectl get --namespace kubesphere-devops-system -o jsonpath="{.spec.ports[0].nodePort}" services devops-jenkins)
export NODE_IP=$(kubectl get nodes --namespace kubesphere-devops-system -o jsonpath="{.items[0].status.addresses[0].address}")
echo http://$NODE_IP:$NODE_PORT
kubectl edit cm -n kubesphere-system ks-console-config
----
--
. 获取 Jenkins 的端口号。
+
--
// Bash
[,bash]
----
http://10.77.1.201:30180
----
--
. 使用地址 link:http://NodeIP:30180[] 访问 Jenkins。
+
--
安装 DevOps 时,默认情况下也会安装 Jenkins 仪表板。此外Jenkins 还配置有{ks_product_left} LDAP这意味着您可以直接使用{ks_product_both}账户登录 Jenkins。有关配置 Jenkins 的更多信息,请参阅 link:../../03-how-to-use/02-pipelines/07-jenkins-setting/[Jenkins 系统设置]。
//note
[.admon.note,cols="a"]
|===
|说明
|
取决于实例的部署位置,您可能需要设置必要的端口转发规则,并在您的安全组中放行端口 **30180**,以便访问 Jenkins。
|===
--
. 点击左侧导航栏中的**系统管理**。
. 向下滚动并点击**系统配置**。
. 搜寻到 **SonarQube servers**,然后点击 **Add SonarQube**。
. 输入 **Name** 和 **Server URL** (link:http://NodeIP:NodePort[])。 点击**添加**,选择 **Jenkins**,然后在弹出的对话框中用 SonarQube 管理员令牌创建凭证(如下方第二张截图所示)。创建凭证后,从 **Server authentication token** 旁边的下拉列表中选择该凭证。点击**应用**完成操作。
+
--
image:/images/ks-qkcp/zh/devops-user-guide/tool-integration/integrate-sonarqube-into-pipelines/sonarqube-jenkins-settings.png[,100%]
image:/images/ks-qkcp/zh/devops-user-guide/tool-integration/integrate-sonarqube-into-pipelines/add-credentials.png[,100%]
//note
[.admon.note,cols="a"]
|===
|说明
|
如果点击**添加**按钮无效,前往**系统管理**下的 **Manage Credentials** 并点击 **Stores scoped to Jenkins** 下的 **Jenkins**,再点击**全局凭据 (unrestricted)**,然后点击左侧导航栏的**添加凭据**,参考上方第二张截图用 SonarQube 管理员令牌添加凭证。添加凭证后,从 **Server authentication token** 旁边的下拉列表中选择该凭证。
|===
--
=== 步骤 6将 sonarqubeURL 添加到{ks_product_both}控制台
您需要指定 **sonarqubeURL**,以便可以直接从{ks_product_both} Web 控制台访问 SonarQube。
. 执行以下命令:
+
--
// Bash
[,bash]
----
kubectl editcm -n kubesphere-system ks-console-config
----
--
. 搜寻到 **data:client:enableKubeConfig**,在下方添加 **devops** 字段并指定 **sonarqubeURL**。
. Search for **data:client:enableKubeConfig** and add the **devops** field below it, specifying **sonarqubeURL**.
+
--
[,yaml]
----
client:
enableKubeConfig: true
devops: # 手动添加该字段。
sonarqubeURL: http://10.77.1.201:31377 # SonarQube IP 地址。
devops: # Add this field manually.
sonarqubeURL: http://10.77.1.201:31377 # SonarQube IP address.
----
--
. 保存该文件。
. Save the file.
=== 步骤 7重启服务
=== Step 7: Restart Services
执行以下命令重启服务。
Run the following commands to restart the services.
// Bash
[,bash]
----
kubectl -n kubesphere-devops-system rollout restart deploy devops-apiserver
----
// Bash
[,bash]
----
kubectl -n kubesphere-system rollout restart deploy ks-console
----
== Create a SonarQube Token for the New Project
== 为新项目创建 SonarQube Token
Create a SonarQube token so that the pipeline can communicate with SonarQube when running.
创建一个 SonarQube 令牌,以便流水线在运行时可以与 SonarQube 通信。
. 在 SonarQube 控制台上,点击 **Create new project**。
. On the SonarQube console, click **Create new project**.
+
image:/images/ks-qkcp/zh/devops-user-guide/tool-integration/integrate-sonarqube-into-pipelines/sonarqube-create-project.png[,100%]
image:/images/ks-qkcp/en/devops-user-guide/tool-integration/integrate-sonarqube-into-pipelines/sonarqube-create-project.png[,100%]
. 输入项目密钥,例如 **java-demo**,然后点击 **Set Up**。
. Enter a project key, for example, **java-demo**, and click **Set Up**.
+
image:/images/ks-qkcp/zh/devops-user-guide/tool-integration/integrate-sonarqube-into-pipelines/jenkins-projet-key.png[,100%]
image:/images/ks-qkcp/en/devops-user-guide/tool-integration/integrate-sonarqube-into-pipelines/jenkins-projet-key.png[,100%]
. 输入项目名称,例如 **java-sample**,然后点击 **Generate**。
. Enter a project name, for example, **java-sample**, and click **Generate**.
+
image:/images/ks-qkcp/zh/devops-user-guide/tool-integration/integrate-sonarqube-into-pipelines/generate-a-token.png[,100%]
image:/images/ks-qkcp/en/devops-user-guide/tool-integration/integrate-sonarqube-into-pipelines/generate-a-token.png[,100%]
. 创建令牌后,点击 **Continue**。
. After creating the token, click **Continue**.
+
image:/images/ks-qkcp/zh/devops-user-guide/tool-integration/integrate-sonarqube-into-pipelines/token-created.png[,100%]
image:/images/ks-qkcp/en/devops-user-guide/tool-integration/integrate-sonarqube-into-pipelines/token-created.png[,100%]
. 分别选择 **Java** 和 **Maven**复制下图所示绿色框中的序列号。如果要在流水线中使用则需要在link:../../03-how-to-use/05-devops-settings/01-credential-management/[凭证]中添加此序列号。
. Select **Maven** and copy the sequence number in the green box shown in the figure below. If you want to use it in the pipeline, you need to add this sequence number in link:../../03-how-to-use/05-devops-settings/01-credential-management/[credentials].
+
image:/images/ks-qkcp/zh/devops-user-guide/tool-integration/integrate-sonarqube-into-pipelines/sonarqube-example.png[,100%]
image:/images/ks-qkcp/en/devops-user-guide/tool-integration/integrate-sonarqube-into-pipelines/sonarqube-example.png[,100%]
== 在{ks_product_both}控制台查看结果
== View Results in {ks_product-en} Console
link:../../03-how-to-use/02-pipelines/02-create-a-pipeline-using-jenkinsfile/[使用 Jenkinsfile 创建流水线]或link:../../03-how-to-use/02-pipelines/01-create-a-pipeline-using-graphical-editing-panel/[使用图形编辑面板创建流水线]之后,即可查看代码质量分析的结果。
After link:../../03-how-to-use/02-pipelines/02-create-a-pipeline-using-jenkinsfile/[creating a pipeline using a Jenkinsfile] or link:../../03-how-to-use/02-pipelines/01-create-a-pipeline-using-graphical-editing-panel/[creating a pipeline using graphical editing panels], you can view the results of code quality analysis.

117
content/en/docs/v4.1/11-use-extensions/01-devops/04-how-to-integrate/02-harbor.adoc
View File

@ -1,72 +1,84 @@
---
title: "将 Harbor 集成到流水线"
keywords: "Kubernetes, {ks_product}, DevOps 项目"
description: "介绍如何将 Harbor 集成到流水线。"
title: "Integrate Harbor into Pipelines"
keywords: "Kubernetes, {ks_product-en}, DevOps project"
description: "Introduction on how to integrate Harbor into pipelines."
weight: 02
---
本文档演示如何将 Harbor 集成到{ks_product_both}流水线。
This document demonstrates how to integrate Harbor into KubeSphere pipelines.
== Prerequisites
* **DevOps** must have been installed and enabled.
* 已有一个企业空间、一个 DevOps 项目和一个用户 (例如 **project-regular**),并已邀请该用户至 DevOps 项目且授予 **operator** 角色。
* A workspace, a DevOps project, and a user (e.g. **project-regular**) have been created, and the user has been invited to the DevOps project with the **operator** role.
== 安装 Harbor
== Install Harbor
执行以下命令,使用 Helm 3 安装 Harbor。
Run the following command to install Harbor using Helm 3.
// Bash
[,bash]
----
helm repo add harbor https://helm.goharbor.io
# 如需快速安装,您可以通过 NodePort 暴露 Harbor 并禁用 tls。
# 请将 externalURL 设置为您的一个节点 IP并确保 Jenkins 能够访问它。
helm install harbor-release harbor/harbor --set expose.type=nodePort,externalURL=http://$ip:30002,expose.tls.enabled=false
# For a quick installation, you can expose Harbor through NodePort and disable TLS.
# Set externalURL to one of your node IPs and ensure Jenkins can access it.
helm install harbor-release harbor/harbor --set expose.type=nodePort,externalURL=http://$ip:30002,expose.tls.enabled=false
----
== 获取 Harbor 凭证
== Get Harbor Credentials
. 安装 Harbor 后,访问 **<NodeIP>:30002** 并使用默认账户和密码 (**admin/Harbor12345**) 登录 Web 控制台。
. After installing Harbor, access **<NodeIP>:30002** and log in to the web console using the default account and password (**admin/Harbor12345**).
. 在左侧导航栏中点击**项目**,然后点击**新建项目**。
. Click **Projects** in the left navigation pane, then click **New Project**.
. 在弹出的对话框中,设置项目名称 **ks-devops-harbor** 并点击**确定**。
. In the dialog box that appears, set the project name **ks-devops-harbor** and click **OK**.
. 点击刚刚创建的项目,在**机器人账户**页签下点击**添加机器人账户**。
. Click the project you just created, then click **New Robot Account** under the **Robot Accounts** tab.
. 在弹出的对话框中,为机器人账户设置名称 **robot-test** 并点击**添加**。请确保在**权限**中勾选推送制品的权限选框。
. In the dialog box that appears, set the robot account name **robot-test** and **Expiration Time**. Then check all permissions under **Artifact**. Click **Finish**.
. 在弹出的对话框中,点击**导出到文件中**,保存该令牌。
. In the dialog box that appears, click **Export to file** to save the Harbor token.
== 启用 Insecure Registry
== Enable Insecure Registry
配置 Docker使其忽略您 Harbor 仓库的安全性。
Configure Docker to ignore the security of your Harbor repository.
. 在您的主机上运行 **vim /etc/docker/daemon.json** 命令以编辑 **daemon.json** 文件,输入以下内容并保存更改。
. Run the command **vim /etc/docker/daemon.json** on your cluster node to edit the **daemon.json** file, add the following content, and save the changes.
+
--
[,json]
----
{
"insecure-registries" : ["103.61.38.55:30002"]
}
----
//note
[.admon.note,cols="a"]
|===
|说明
|Note
|
请将 **103.61.38.55:30002** 替换为您自己的 Harbor 仓库地址。对于 Linux**daemon.json** 文件的路径为 **/etc/docker/daemon.json**;对于 Windows该文件的路径为 **C:\ProgramData\docker\config\daemon.json**。
* Replace **103.61.38.55:30002** with your own Harbor repository address.
* For Linux, the path of the **daemon.json** file is **/etc/docker/daemon.json**; for Windows, the path is **C:\ProgramData\docker\config\daemon.json**.
|===
The file content should look like this:
[source,json]
----
{
"log-opts": {
"max-size": "5m",
"max-file": "3"
},
"exec-opts": ["native.cgroupdriver=systemd"],
"insecure-registries": ["103.61.38.55:30002"]
}
----
--
. 运行以下命令重启 Docker使更改生效。
. Run the following commands to restart Docker and apply the changes.
+
--
[,bash]
@ -78,36 +90,37 @@ sudo systemctl restart docker
//note
[.admon.note,cols="a"]
|===
|说明
|Note
|
建议您在隔离的测试环境或者严格控制的离线环境中使用该方案。有关更多信息,请参阅 link:https://docs.docker.com/registry/insecure/#deploy-a-plain-http-registry[Deploy a plain HTTP registry]。完成上述操作后,即可在项目中部署工作负载时使用您 Harbor 仓库中的镜像。您需要为自己的 Harbor 仓库创建一个镜像密钥,然后在**容器镜像**页签下的**容器设置**中,选择您的 Harbor 仓库并输入镜像的绝对路径以搜索您的镜像。
It is recommended to use this solution in an isolated test environment or a strictly controlled offline environment. For more information, see link:https://docs.docker.com/registry/insecure/#deploy-a-plain-http-registry[Deploy a plain HTTP registry].
After completing the above operations, you can use the images in your Harbor repository when deploying workloads in projects. You need to create a secret with the **Image registry information** type for your Harbor repository, then when adding a container for deploying workloads, click **Docker Hub**, select your Harbor repository, and enter the absolute path of the image to search for your image.
|===
--
== 创建凭证
== Create Credentials
. 以 **project-regular** 用户登录{ks_product_both} Web 控制台。
. 点击**企业空间管理**并进入您的 DevOps 项目。
. 在 **DevOps 项目设置**下的**凭证**页面为 Harbor 创建凭证。
. 在**创建凭证**页面,设置凭证 ID (**robot-test**)**类型**选择**用户名和密码****用户名**字段必须和您刚刚下载的 JSON 文件中 **name** 的值相同,并在**密码/令牌**中输入 Harbor 令牌文件中 **token** 的值。
. Log in to the {ks_product_left} web console as the **project-regular** user.
. Click **Workspace Management** and enter your DevOps project.
. On the **Credentials** page under **DevOps Project Settings**, create credentials for Harbor.
. On the **Create Credentials** page, set the name (`robot-test`), select **Username and password** for **Type**, enter the value of **name** from the Harbor token file you just exported for **Username**, and enter the value of **secret** from the Harbor token file for **Password/Token**.
. 点击**确定**以保存。
. Click **OK** to save.
== 创建流水线
== Create a Pipeline
. 转到**流水线**页面,点击**创建**。
. Go to the **Pipelines** page and click **Create**.
. 在**基本信息**页签,输入名称 **demo-pipeline**,然后点击**下一步**。
. On the **Basic Information** tab, enter the name **demo-pipeline** and click **Next**.
. **高级设置**中使用默认值,点击**创建**。
. Use the default values in **Advanced Settings** and click **Create**.
== 编辑 Jenkinsfile
== Edit Jenkinsfile
. 点击该流水线进入其详情页面,然后点击**编辑 Jenkinsfile**。
. Click the pipeline to enter its detail page, then click **Edit Jenkinsfile**.
. 将以下内容复制粘贴至 Jenkinsfile。注意必须将 **REGISTRY**、**HARBOR_NAMESPACE**、**APP_NAME** 和 **HARBOR_CREDENTIAL** 替换为您自己的值。
. Copy and paste the following content into the Jenkinsfile. Note that you must replace **REGISTRY**, **HARBOR_NAMESPACE**, **APP_NAME**, and **HARBOR_CREDENTIAL** with actual values.
+
--
[,json]
@ -121,14 +134,14 @@ pipeline {
}
environment {
// 您 Harbor 仓库的地址。
// Your Harbor repository address.
REGISTRY = '103.61.38.55:30002'
// 项目名称。
// 请确保您的机器人账户具有足够的项目访问权限。
// Project name.
// Ensure your robot account has sufficient project access permissions.
HARBOR_NAMESPACE = 'ks-devops-harbor'
// Docker 镜像名称。
// Docker image name.
APP_NAME = 'docker-example'
// robot-test是您在{ks_product_both} Web 控制台上创建的凭证 ID。
// robot-test is the credential ID you created on the KubeSphere web console.
HARBOR_CREDENTIAL = credentials('robot-test')
}
@ -136,7 +149,7 @@ pipeline {
stage('docker login') {
steps{
container ('maven') {
// 请替换 -u 后面的 Docker Hub 用户名,不要忘记加上 ''。您也可以使用 Docker Hub 令牌。
// Replace the Docker Hub username after -u, do not forget to add ''. You can also use a Docker Hub token.
sh '''echo $HARBOR_CREDENTIAL_PSW|docker login $REGISTRY -u 'robot$robot-test' --password-stdin'''
}
}
@ -159,13 +172,13 @@ pipeline {
//note
[.admon.note,cols="a"]
|===
|说明
|Note
|
您可以通过带有环境变量的 Jenkins 凭证来传送参数至 **docker login -u**。但是,每个 Harbor 机器人账户的用户名都包含一个 **$** 字符当用于环境变量时Jenkins 会将其转换为 **$$**。Harbor v2.2以后可以自定义机器人后缀,避免此类问题)link:https://number1.co.za/rancher-cannot-use-harbor-robot-account-imagepullbackoff-pull-access-denied/[了解更多]。
You can pass parameters to **docker login -u** through Jenkins credentials with environment variables. However, each Harbor robot account username contains a **$** character, which Jenkins converts to **$$** when used in environment variables (Harbor v2.2 and later allows custom robot suffixes to avoid such issues). link:https://number1.co.za/rancher-cannot-use-harbor-robot-account-imagepullbackoff-pull-access-denied/[Learn more].
|===
--
== 运行流水线
== Run the Pipeline
保存 Jenkinsfile 后,{ks_product_right}会自动在图形编辑面板上创建所有阶段和步骤。点击**运行**来运行该流水线。如果一切运行正常Jenkins 将推送镜像至您的 Harbor 仓库。
After saving the Jenkinsfile, KubeSphere will automatically create all stages and steps on the graphical editing panel. Click **Run** to run the pipeline. If everything runs smoothly, Jenkins will push the image to your Harbor repository.

9
content/en/docs/v4.1/11-use-extensions/01-devops/04-how-to-integrate/_index.adoc
View File

@ -1,10 +1,9 @@
---
title: "工具集成"
keywords: "Kubernetes, {ks_product}, DevOps 项目"
description: "介绍如何将第三方工具与流水线集成。"
title: "Tool Integration"
keywords: "Kubernetes, {ks_product-en}, DevOps project"
description: "Introduction on how to integrate third-party tools with pipelines."
weight: 04
layout: "second"
---
本节介绍如何将第三方工具与流水线集成。
This section introduces how to integrate third-party tools with pipelines.

2
content/en/docs/v4.1/11-use-extensions/01-devops/_index.adoc
View File

@ -1,6 +1,6 @@
---
title: "DevOps"
keywords: "Kubernetes, {ks_product}, DevOps"
keywords: "Kubernetes, {ks_product-en}, DevOps"
description: "Managing and operating in DevOps projects, including running pipelines, creating credentials, and integrating tools."
weight: 01
layout: "second"

22
content/zh/docs/v4.1/11-use-extensions/01-devops/03-how-to-use/02-pipelines/01-create-a-pipeline-using-graphical-editing-panel.adoc
View File

@ -58,7 +58,7 @@ DevOps 中的图形编辑面板包含用于 Jenkins link:https://www.jenkins.io/
. 点击**企业空间管理**并进入您的 DevOps 项目,在 **DevOps 项目设置**下的**凭证**页面创建以下凭证。有关如何创建凭证的更多信息请参阅link:../../05-devops-settings/01-credential-management/[凭证管理]。
+
--
//note
[.admon.note,cols="a"]
|===
|说明
@ -148,7 +148,7 @@ DevOps 中的图形编辑面板包含用于 Jenkins link:https://www.jenkins.io/
. 点击**下一步**,然后点击**创建**。
//note
[.admon.note,cols="a"]
|===
|说明
@ -162,7 +162,7 @@ DevOps 中的图形编辑面板包含用于 Jenkins link:https://www.jenkins.io/
图形编辑面板包括两个区域:左侧的**画布**和右侧的**内容**。它会根据您对不同阶段和步骤的配置自动生成一个 Jenkinsfile为开发者提供更加用户友好的操作体验。
//note
[.admon.note,cols="a"]
|===
|说明
@ -175,7 +175,7 @@ DevOps 中的图形编辑面板包含用于 Jenkins link:https://www.jenkins.io/
. 在图形编辑面板上,从**类型**下拉列表中选择 **node**,从 **Label** 下拉列表中选择 **maven**。
+
--
//note
[.admon.note,cols="a"]
|===
|说明
@ -221,7 +221,7 @@ image:/images/ks-qkcp/zh/devops-user-guide/use-devops/create-a-pipeline-using-gr
----
mvn clean test
----
//note
[.admon.note,cols="a"]
|===
|说明
@ -315,7 +315,7 @@ image:/images/ks-qkcp/zh/devops-user-guide/use-devops/create-a-pipeline-using-gr
image:/images/ks-qkcp/zh/devops-user-guide/use-devops/create-a-pipeline-using-graphical-editing-panel/docker_credential.png[,100%]
//note
[.admon.note,cols="a"]
|===
|说明
@ -367,7 +367,7 @@ image:/images/ks-qkcp/zh/devops-user-guide/use-devops/create-a-pipeline-using-gr
// +
// --
// image:/images/ks-qkcp/zh/devops-user-guide/use-devops/create-a-pipeline-using-graphical-editing-panel/input_message.png[,100%]
// //note
//
// [.admon.note,cols="a"]
// |===
// |说明
@ -405,7 +405,7 @@ image:/images/ks-qkcp/zh/devops-user-guide/use-devops/create-a-pipeline-using-gr
// . 如果想在流水线运行成功时接收电子邮件通知,请点击**添加步骤**,选择**邮件**,以添加电子邮件信息。注意,配置电子邮件服务器是可选操作,如果跳过该步骤,依然可以运行流水线。
// +
// --
// //note
//
// [.admon.note,cols="a"]
// |===
// |说明
@ -421,7 +421,7 @@ image:/images/ks-qkcp/zh/devops-user-guide/use-devops/create-a-pipeline-using-gr
// --
// 在用图形编辑面板定义流水线时DevOps 会自动创建相应的 Jenkinsfile。点击**编辑 Jenkinsfile** 查看该 Jenkinsfile。
// //note
//
// [.admon.note,cols="a"]
// |===
// |说明
@ -445,7 +445,7 @@ image:/images/ks-qkcp/zh/devops-user-guide/use-devops/create-a-pipeline-using-gr
. 以 **project-admin** 用户登录{ks_product_left} Web 控制台,点击**企业空间管理**并进入您的 DevOps 项目,点击 **graphical-pipeline** 流水线。在**运行记录**页签下,点击要审核的记录,点击**继续**以批准流水线。
//note
[.admon.note,cols="a"]
|===
|说明
@ -480,7 +480,7 @@ image:/images/ks-qkcp/zh/devops-user-guide/use-devops/create-a-pipeline-using-gr
// . 点击**应用负载**下的**服务**,查看示例服务通过 NodePort 暴露的端口号。使用 **<Node IP>:<NodePort>** 访问该服务。
// +
// --
// //note
//
// [.admon.note,cols="a"]
// |===
// |说明

57
content/zh/docs/v4.1/11-use-extensions/01-devops/03-how-to-use/02-pipelines/02-create-a-pipeline-using-jenkinsfile.adoc
View File

@ -10,7 +10,7 @@ Jenkinsfile 是一个文本文件,包含 Jenkins 流水线的定义,并被
本文档演示如何基于 GitHub 仓库中的 Jenkinsfile 创建流水线。
// 本文档演示如何基于 GitHub 仓库中的 Jenkinsfile 创建流水线,并使用该流水线将示例应用程序分别部署到可从外部访问的开发环境和生产环境。
//note
[.admon.note,cols="a"]
|===
|说明
@ -39,7 +39,7 @@ Jenkinsfile in SCM 需要源代码管理 (SCM) 中有内置 Jenkinsfile换句
本示例流水线包括以下阶段。
//note
[.admon.note,cols="a"]
|===
|说明
@ -70,7 +70,7 @@ Jenkinsfile in SCM 需要源代码管理 (SCM) 中有内置 Jenkinsfile换句
. 点击**企业空间管理**并进入您的 DevOps 项目,在 **DevOps 项目设置**下的**凭证**页面创建以下凭证。有关如何创建凭证的更多信息请参阅link:../../05-devops-settings/01-credential-management/[凭证管理]。
+
--
//note
[.admon.note,cols="a"]
|===
|说明
@ -99,11 +99,11 @@ Jenkinsfile in SCM 需要源代码管理 (SCM) 中有内置 Jenkinsfile换句
. 再为 SonarQube 创建一个凭证 (**sonar-token**),用于上述的阶段 3代码分析。凭证类型选择**访问令牌**,在**令牌**字段输入 SonarQube 令牌请参阅link:../../../04-how-to-integrate/01-sonarqube/#_为新项目创建_sonarqube_token[为新项目创建 SonarQube Token]。点击**确定**完成操作。
. 还需要创建具有如下图所示权限的 GitHub 个人访问令牌 (PAT),然后在 DevOps 项目中,使用生成的令牌创建用于 GitHub 认证的账户凭证(例如**github-token**
. 还需要创建具有如下图所示权限的 GitHub 个人访问令牌 (PAT),然后在 DevOps 项目中,使用生成的令牌创建用于 GitHub 认证的账户凭证(例如 **github-token**),凭证类型为**访问令牌**
+
--
image:/images/ks-qkcp/zh/devops-user-guide/use-devops/create-a-pipeline-using-a-jenkinsfile/github-token-scope.png[,100%]
//note
[.admon.note,cols="a"]
|===
|说明
@ -163,7 +163,7 @@ image:/images/ks-qkcp/zh/devops-user-guide/use-devops/create-a-pipeline-using-a-
|您在{ks_product_both}中为 SonarQube 令牌设置的**名称**,用于代码质量检测。
|===
//note
[.admon.note,cols="a"]
|===
|说明
@ -181,7 +181,7 @@ Jenkinsfile 中 **mvn** 命令的参数 **-o** 表示开启离线模式。本教
// 创建两个项目,例如 **kubesphere-sample-dev** 和 **kubesphere-sample-prod**,分别代表开发环境和生产环境。待流水线成功运行,将在这两个项目中自动创建应用程序的相关部署 (Deployment) 和服务 (Service)。
// //note
//
// [.admon.note,cols="a"]
// |===
// |说明
@ -242,7 +242,7 @@ Jenkinsfile 中 **mvn** 命令的参数 **-o** 表示开启离线模式。本教
* 分支最大数量:分支数量超过最大数量时,删除最旧的分支。
//note
[.admon.note,cols="a"]
|===
|说明
@ -256,6 +256,14 @@ Jenkinsfile 中 **mvn** 命令的参数 **-o** 表示开启离线模式。本教
. 在**策略设置**中DevOps 默认提供四种策略。本示例不会使用**从 Fork 仓库中发现 PR** 这条策略,因此您可以删除该策略。对于其他策略,无需修改设置,直接使用默认值即可。
+
--
[.admon.note,cols="a"]
|===
|说明
|
选择 GitHub 作为代码仓库,才能启用此处的**策略设置**。
|===
Jenkins 流水线运行时,开发者提交的 Pull Request (PR) 也将被视为一个单独的分支。
**发现分支**
@ -269,23 +277,12 @@ Jenkins 流水线运行时,开发者提交的 Pull Request (PR) 也将被视
* **拉取 PR 合并后的代码**PR 合并到目标分支后,基于源代码创建并运行流水线。
* **拉取 PR 提交时的代码**:根据 PR 本身的源代码创建并运行流水线。
* **分别创建两个流水线**:创建两个流水线,一个流水线使用 PR 与目标分支合并后的源代码版本,另一个使用 PR 本身的源代码版本。
//note
[.admon.note,cols="a"]
|===
|说明
|
选择 GitHub 作为代码仓库,才能启用此处的**策略设置**设置。
|===
--
. 向下滚动到**脚本路径**,将其更改为 **Jenkinsfile-online**,这是示例仓库中位于根目录下的 Jenkinsfile 的文件名。该字段指定代码仓库中的 Jenkinsfile 路径。它表示仓库的根目录。如果文件位置变更,则脚本路径也需要更改。
. 在**扫描触发器**中,勾选**定时扫描**并设置时间间隔为 **5 分钟**。点击**创建**完成配置。
//note
+
[.admon.note,cols="a"]
|===
|说明
@ -301,7 +298,7 @@ Jenkins 流水线运行时,开发者提交的 Pull Request (PR) 也将被视
. 流水线创建后,会展示在列表中。点击流水线名称查看其详情页。
+
--
//note
[.admon.note,cols="a"]
|===
|说明
@ -317,7 +314,7 @@ Jenkins 流水线运行时,开发者提交的 Pull Request (PR) 也将被视
. 在**运行记录**页签下,正在扫描多个分支。点击右侧的**运行**,流水线将根据您设置的行为策略来运行。从下拉列表中选择 **v4.1.0-sonarqube** 分支,然后添加标签号,例如 **v0.0.2**。点击**确定**开始运行。
+
--
//note
[.admon.note,cols="a"]
|===
|说明
@ -332,13 +329,13 @@ Jenkins 流水线运行时,开发者提交的 Pull Request (PR) 也将被视
. 稍等片刻,点击运行记录查看详情。
+
--
//note
[.admon.note,cols="a"]
|===
|说明
|
运行失败可能由不同因素所引起。本示例中,在上述步骤中编辑分支的环境变量时,仅更改了 v4.1.0-sonarqube 分支的 Jenkinsfile而 v4.1.0 分支中的这些变量没有修改(使用了错误的 GitHub 和 Docker Hub 账户),从而导致失败。其他原因如网络问题、Jenkinsfile 中的编码不正确等也可能导致运行失败。
运行失败可能由不同因素所引起。本示例中,在上述步骤中编辑分支的环境变量时,仅更改了 v4.1.0-sonarqube 分支的 Jenkinsfile而 v4.1.0 分支中的这些变量没有修改(使用了错误的 GitHub 和 Docker Hub 账户),若选择 v4.1.0 分支,则会运行失败。其他原因如网络问题、Jenkinsfile 中的编码不正确等也可能导致运行失败。
在运行记录详情页的**运行日志**页签下,查看其日志的详细信息,根据日志排除故障和问题。
|===
@ -359,8 +356,7 @@ input(id: 'release-image-with-tag', message: 'release image with tag?', submitte
--
. 以具有流水线审核权限的用户登录{ks_product_left} Web 控制台,点击**企业空间管理**并进入您的 DevOps 项目,点击流水线名称进入详情页。在**运行记录**页签下,点击要审核的记录,点击**继续**以批准流水线。
//note
+
[.admon.note,cols="a"]
|===
|说明
@ -371,13 +367,14 @@ input(id: 'release-image-with-tag', message: 'release image with tag?', submitte
== 步骤 5检查流水线状态
. 在运行记录的**流水线**页签下,查看流水线的运行状态。流水线在刚创建时会初始化几分钟。示例流水线有八个阶段,它们已在 link:https://github.com/kubesphere/devops-maven-sample/blob/sonarqube/Jenkinsfile-online[Jenkinsfile-online] 中单独定义。
. 在运行记录的**流水线**页签下,查看流水线的运行状态。流水线在刚创建时会初始化几分钟。
// 示例流水线有八个阶段,它们已在 link:https://github.com/kubesphere/devops-maven-sample/blob/sonarqube/Jenkinsfile-online[Jenkinsfile-online] 中单独定义。
. 点击**运行日志**页签查看流水线运行日志。点击每个阶段查看其详细日志。点击**查看完整日志**,根据日志排除故障和问题,也可以将日志下载到本地进行进一步分析。
== 步骤 6验证结果
. 流水线成功运行后,点击**代码检查**通过 SonarQube 查看结果。
. 流水线成功运行后,点击**代码检查**通过 SonarQube 查看结果。如果没有事先配置 SonarQube则该部分不可用。
. 按照 Jenkinsfile 中的定义,通过流水线构建的 Docker 镜像也已成功推送到 Docker Hub。在 Docker Hub 中,您会看到带有标签 **v0.0.2** 的镜像,该标签在流水线运行之前已指定。
@ -403,7 +400,7 @@ input(id: 'release-image-with-tag', message: 'release image with tag?', submitte
// |ks-sample
// |===
// //note
//
// [.admon.note,cols="a"]
// |===
// |说明
@ -435,7 +432,7 @@ input(id: 'release-image-with-tag', message: 'release image with tag?', submitte
// ----
// Really appreciate your star, that's the power of our life.
// ----
// //note
//
// [.admon.note,cols="a"]
// |===
// |说明

2
content/zh/docs/v4.1/11-use-extensions/01-devops/03-how-to-use/02-pipelines/03-use-pipeline-templates.adoc
View File

@ -107,7 +107,7 @@ CI & CD 流水线模板包含六个阶段。有关每个阶段的更多信息,
--
[%header,cols="1a,4a"]
|===
|代理类型|说明
|代理类型 |说明
|any
|调用默认的 base pod 模板创建 Jenkins agent 运行流水线。

4
content/zh/docs/v4.1/11-use-extensions/01-devops/03-how-to-use/02-pipelines/04-gitlab-multibranch-pipeline.adoc
View File

@ -124,7 +124,7 @@ link:https://gitlab.com/users/sign_in[GitLab] 是一款基于 web 的 Git 仓库
.. 在**导入代码仓库**对话框,输入代码仓库名称(自定义),点击选择代码仓库。
.. 在 **GitLab** 页签下的 **GitLab 服务器地址**中选择默认选项 link:https://gitlab.com[],在**项目组/所有者**中输入该 GitLab 项目所属组的名称,然后从**代码仓库**的下拉菜单中选择 **devops-maven-sample** 仓库。点击右下角的image:/images/ks-qkcp/zh/icons/check-dark.svg[check,18,18],然后点击**下一步**。
.. 在 **GitLab** 页签下的 **GitLab 服务器地址**中选择默认选项 link:https://gitlab.com[],在**项目组/所有者**中输入该 GitLab 项目所属组的名称,然后从**代码仓库**的下拉菜单中选择 **devops-maven-sample** 仓库。点击右下角的image:/images/ks-qkcp/zh/icons/check-dark.svg[check,18,18],然后点击**确定**。
+
--
//note
@ -137,7 +137,7 @@ link:https://gitlab.com/users/sign_in[GitLab] 是一款基于 web 的 Git 仓库
* 在 GitLab 上前往**用户设置 > 访问令牌**,创建拥有 API 和 read_repository 权限的个人访问令牌。
* link:../../../04-how-to-integrate/01-sonarqube/[登录 Jenkins 面板],前往**系统管理 > Manage Credentials**,使用您的 GitLab 令牌创建 Jenkins 凭证,用于访问 GitLab。然后前往**系统管理 > 系统配置**,在 **GitLab 服务**中添加该凭证。
* link:../07-access-jenkins-console[登录 Jenkins 仪表板],前往**系统管理 > Manage Credentials**,使用您的 GitLab 令牌创建 Jenkins 凭证,用于访问 GitLab。然后前往**系统管理 > 系统配置**,在 **GitLab 服务**中添加该凭证。
* 在 DevOps 项目中,选择 **DevOps 项目设置 > 凭证**,使用您的 GitLab 令牌创建一个凭证。创建流水线时,在 **GitLab** 页签的**凭证**中指定该凭证,以便流水线能够从您的 GitLab 私有仓库中拉取代码。

10
content/zh/docs/v4.1/11-use-extensions/01-devops/03-how-to-use/02-pipelines/05-pipeline-settings.adoc
View File

@ -22,7 +22,7 @@ weight: 05
== 基本信息
在**基本信息**页签,您可以自定义以下信息:
创建流水线时,在**基本信息**页签,您可以自定义以下信息:
* **名称**:流水线的名称,同一个 DevOps 项目内的流水线不能重名。
@ -91,6 +91,14 @@ weight: 05
--
在**策略设置**中DevOps 默认提供四种策略。Jenkins 流水线运行时,开发者提交的 PR (Pull Request) 也将被视为一个单独的分支。
[.admon.note,cols="a"]
|===
|说明
|
选择 GitHub 作为代码仓库,才能启用此处的**策略设置**。
|===
**发现分支**
* **排除已提交 PR 的分支**:已提交 PR 的分支将被排除。

2
content/zh/docs/v4.1/11-use-extensions/01-devops/03-how-to-use/02-pipelines/07-jenkins-setting.adoc
View File

@ -39,8 +39,6 @@ DevOps 系统提供基于 Jenkins 的容器化 CI/CD 功能。Jenkins 作为 CI/
. 等待 1 ~ 2 分钟,会自动重新加载新的配置。
//note
[.admon.note,cols="a"]
|===

1
content/zh/docs/v4.1/11-use-extensions/01-devops/03-how-to-use/02-pipelines/11-customize-jenkins-agent.adoc
View File

@ -61,7 +61,6 @@ weight: 11
[,json]
----
pipeline {
agent {
node {

10
content/zh/docs/v4.1/11-use-extensions/01-devops/03-how-to-use/03-use-gitops-for-continous-deployment.adoc
View File

@ -97,16 +97,16 @@ weight: 03
// |===
// |参数 |描述
// |清理资源
// |如果勾选,同步会删除 Git 仓库中不存在的资源。不勾选时,同步不会删除集群中的资源,而是会显示 **out-of-sync**。
// |清理
// |如果勾选,同步会删除 Git 仓库中不存在的资源。不勾选时,同步不会删除集群中的资源,而是会显示 **out-of-sync**。
// |模拟运行
// |运行
// |模拟同步,不影响最终部署资源。
// |仅执行 Apply
// |仅应用
// |如果勾选,同步应用资源时会跳过 **pre/post** 钩子,仅执行 **kubectl apply**。
// |强制 Apply
// |强制应用
// |如果勾选,同步时会执行 **kubectl apply --force**。
// |===
// ====

3
content/zh/docs/v4.1/11-use-extensions/01-devops/03-how-to-use/04-import-code-repositories.adoc
View File

@ -71,8 +71,7 @@ weight: 04
+
--
* **名称**:输入凭证名称,如 **github-id**。
* **类型**:取值包括**用户名和密码**、**SSH 密钥**和**访问令牌**。在 DevOps 项目中,建议使用**用户名和密码**。
// * **类型**:取值包括**用户名和密码**、**SSH 密钥**、**访问令牌**和 **kubeconfig**。在 DevOps 项目中,建议使用**用户名和密码**。
* **类型**:取值包括**用户名和密码**、**SSH 密钥**、**访问令牌**和 **kubeconfig**。在 DevOps 项目中,建议使用**用户名和密码**。
* **用户名**:此处默认用户名为 **admin**。
* **密码/令牌**:输入您的 GitHub 令牌。
* **描述**:添加描述信息。

4
content/zh/docs/v4.1/11-use-extensions/01-devops/03-how-to-use/05-devops-settings/01-credential-management.adoc
View File

@ -172,13 +172,13 @@ weight: 01
. 点击已创建的凭证,进入其详情页面,查看凭证详情和与此凭证相关的所有事件。
. 点击**编辑**修改凭证信息,点击**删除**删除凭证。
+
//note
[.admon.note,cols="a"]
|===
|说明
|
编辑凭证时,{ks_product_right}不会显示现有用户名或密码信息。如果输入新的用户名和密码,则前一个将被覆盖。
编辑凭证时,KubeSphere 不会显示现有用户名或密码信息。如果输入新的用户名和密码,则前一个将被覆盖。
|===

2
content/zh/docs/v4.1/11-use-extensions/01-devops/03-how-to-use/05-devops-settings/02-role-and-member-management.adoc
View File

@ -57,7 +57,7 @@ weight: 02
|说明
|
本文档使用 **devops-admin** 账户作为示例。只要账户被授予的角色包含 DevOps 项目级别**访问控制**中的**成员查看**、**角色管理**和**角色查看**的权限,此账户便可以创建 DevOps 项目角色。
本文档使用 **devops-admin** 账户作为示例。只要账户被授予的角色包含 DevOps 项目中的**角色管理**权限,此账户便可以创建 DevOps 项目角色。
|===
--

5
content/zh/docs/v4.1/11-use-extensions/01-devops/04-how-to-integrate/01-sonarqube.adoc
View File

@ -110,8 +110,7 @@ http://10.77.1.201:31377
----
$ kubectl get pod -n kubesphere-devops-system
NAME READY STATUS RESTARTS AGE
devops-jenkins-68b8949bb-7zwg4 1/1 Running 0 84m
s2ioperator-0 1/1 Running 1 84m
devops-jenkins-68b8949bb-7zwg4 1/1 Running 0 84m
sonarqube-postgresql-0 1/1 Running 0 5m31s
sonarqube-sonarqube-bb595d88b-97594 1/1 Running 2 5m31s
----
@ -293,7 +292,7 @@ sonarQube:
+
--
// Bash
[,bash]{ks_product_left} Web
[,bash]
----
kubectl edit cm -n kubesphere-system ks-console-config
----

35
content/zh/docs/v4.1/11-use-extensions/01-devops/04-how-to-integrate/02-harbor.adoc
View File

@ -38,9 +38,9 @@ helm install harbor-release harbor/harbor --set expose.type=nodePort,externalURL
. 点击刚刚创建的项目,在**机器人账户**页签下点击**添加机器人账户**。
. 在弹出的对话框中,为机器人账户设置名称 **robot-test** 并点击**添加**。请确保在**权限**中勾选推送制品的权限选框
. 在弹出的对话框中,为机器人账户设置名称 **robot-test** 和**过期时间**。然后在**权限**中勾选制品Artifact的所有权限。点击**完成**
. 在弹出的对话框中,点击**导出到文件中**,保存该令牌。
. 在弹出的对话框中,点击**导出到文件中**,保存该 Harbor 令牌。
== 启用 Insecure Registry
@ -51,9 +51,7 @@ helm install harbor-release harbor/harbor --set expose.type=nodePort,externalURL
--
[,json]
----
{
"insecure-registries" : ["103.61.38.55:30002"]
}
----
//note
@ -62,8 +60,25 @@ helm install harbor-release harbor/harbor --set expose.type=nodePort,externalURL
|说明
|
请将 **103.61.38.55:30002** 替换为您自己的 Harbor 仓库地址。对于 Linux**daemon.json** 文件的路径为 **/etc/docker/daemon.json**;对于 Windows该文件的路径为 **C:\ProgramData\docker\config\daemon.json**。
* 请将 **103.61.38.55:30002** 替换为您自己的 Harbor 仓库地址。
* 对于 Linux**daemon.json** 文件的路径为 **/etc/docker/daemon.json**;对于 Windows该文件的路径为 **C:\ProgramData\docker\config\daemon.json**。
|===
文件内容应如下所示:
[source,json]
----
{
"log-opts": {
"max-size": "5m",
"max-file": "3"
},
"exec-opts": ["native.cgroupdriver=systemd"],
"insecure-registries": ["103.61.38.55:30002"]
}
----
--
. 运行以下命令重启 Docker使更改生效。
@ -81,7 +96,9 @@ sudo systemctl restart docker
|说明
|
建议您在隔离的测试环境或者严格控制的离线环境中使用该方案。有关更多信息,请参阅 link:https://docs.docker.com/registry/insecure/#deploy-a-plain-http-registry[Deploy a plain HTTP registry]。完成上述操作后,即可在项目中部署工作负载时使用您 Harbor 仓库中的镜像。您需要为自己的 Harbor 仓库创建一个镜像密钥,然后在**容器镜像**页签下的**容器设置**中,选择您的 Harbor 仓库并输入镜像的绝对路径以搜索您的镜像。
建议您在隔离的测试环境或者严格控制的离线环境中使用该方案。有关更多信息,请参阅 link:https://docs.docker.com/registry/insecure/#deploy-a-plain-http-registry[Deploy a plain HTTP registry]。
完成上述操作后,即可在项目中部署工作负载时使用您 Harbor 仓库中的镜像。您需要为自己的 Harbor 仓库创建一个镜像密钥,然后在部署工作负载添加容器时,点击**Docker Hub**,选择您的 Harbor 仓库并输入镜像的绝对路径以搜索您的镜像。
|===
--
@ -91,7 +108,7 @@ sudo systemctl restart docker
. 以 **project-regular** 用户登录{ks_product_left} Web 控制台。
. 点击**企业空间管理**并进入您的 DevOps 项目。
. 在 **DevOps 项目设置**下的**凭证**页面为 Harbor 创建凭证。
. 在**创建凭证**页面,设置凭证 ID (**robot-test**)**类型**选择**用户名和密码****用户名**字段必须和您刚刚下载的 JSON 文件中 **name** 的值相同,并在**密码/令牌**中输入 Harbor 令牌文件中 **token** 的值。
. 在**创建凭证**页面,设置名称 (**robot-test**)**类型**选择**用户名和密码**,在**用户名**中输入刚刚导出的 Harbor 令牌文件中 **name** 的值,并在**密码/令牌**中输入 Harbor 令牌文件中 **secret** 的值。
. 点击**确定**以保存。
@ -128,7 +145,7 @@ pipeline {
HARBOR_NAMESPACE = 'ks-devops-harbor'
// Docker 镜像名称。
APP_NAME = 'docker-example'
// robot-test是您在{ks_product_left} Web 控制台上创建的凭证 ID。
// robot-test 是您在 KubeSphere Web 控制台上创建的凭证 ID。
HARBOR_CREDENTIAL = credentials('robot-test')
}
@ -162,7 +179,7 @@ pipeline {
|说明
|
您可以通过带有环境变量的 Jenkins 凭证来传送参数至 **docker login -u**。但是,每个 Harbor 机器人账户的用户名都包含一个 **$** 字符当用于环境变量时Jenkins 会将其转换为 **$$**Harbor v2.2以后可以自定义机器人后缀避免此类问题link:https://number1.co.za/rancher-cannot-use-harbor-robot-account-imagepullbackoff-pull-access-denied/[了解更多]。
您可以通过带有环境变量的 Jenkins 凭证来传送参数至 **docker login -u**。但是,每个 Harbor 机器人账户的用户名都包含一个 **$** 字符当用于环境变量时Jenkins 会将其转换为 **$$**Harbor v2.2 以后可以自定义机器人后缀,避免此类问题)link:https://number1.co.za/rancher-cannot-use-harbor-robot-account-imagepullbackoff-pull-access-denied/[了解更多]。
|===
--

BIN
static/images/ks-qkcp/en/devops-user-guide/tool-integration/integrate-sonarqube-into-pipeline/add-credentials.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 151 KiB

BIN
static/images/ks-qkcp/en/devops-user-guide/tool-integration/integrate-sonarqube-into-pipeline/sonarqube-jenkins-settings.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 313 KiB

BIN
static/images/ks-qkcp/en/devops-user-guide/tool-integration/integrate-sonarqube-into-pipelines/add-credentials.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 163 KiB

0
static/images/ks-qkcp/en/devops-user-guide/tool-integration/integrate-sonarqube-into-pipeline/generate-a-token.png → static/images/ks-qkcp/en/devops-user-guide/tool-integration/integrate-sonarqube-into-pipelines/generate-a-token.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 79 KiB

After

Width:  |  Height:  |  Size: 79 KiB

0
static/images/ks-qkcp/en/devops-user-guide/tool-integration/integrate-sonarqube-into-pipeline/jenkins-projet-key.png → static/images/ks-qkcp/en/devops-user-guide/tool-integration/integrate-sonarqube-into-pipelines/jenkins-projet-key.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 12 KiB

After

Width:  |  Height:  |  Size: 12 KiB

0
static/images/ks-qkcp/en/devops-user-guide/tool-integration/integrate-sonarqube-into-pipeline/sonarqube-config-1.png → static/images/ks-qkcp/en/devops-user-guide/tool-integration/integrate-sonarqube-into-pipelines/sonarqube-config-1.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 52 KiB

After

Width:  |  Height:  |  Size: 52 KiB

0
static/images/ks-qkcp/en/devops-user-guide/tool-integration/integrate-sonarqube-into-pipeline/sonarqube-config-2.png → static/images/ks-qkcp/en/devops-user-guide/tool-integration/integrate-sonarqube-into-pipelines/sonarqube-config-2.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 27 KiB

After

Width:  |  Height:  |  Size: 27 KiB

0
static/images/ks-qkcp/en/devops-user-guide/tool-integration/integrate-sonarqube-into-pipeline/sonarqube-config-3.png → static/images/ks-qkcp/en/devops-user-guide/tool-integration/integrate-sonarqube-into-pipelines/sonarqube-config-3.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 16 KiB

After

Width:  |  Height:  |  Size: 16 KiB

0
static/images/ks-qkcp/en/devops-user-guide/tool-integration/integrate-sonarqube-into-pipeline/sonarqube-create-project.png → static/images/ks-qkcp/en/devops-user-guide/tool-integration/integrate-sonarqube-into-pipelines/sonarqube-create-project.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 27 KiB

After

Width:  |  Height:  |  Size: 27 KiB

0
static/images/ks-qkcp/en/devops-user-guide/tool-integration/integrate-sonarqube-into-pipeline/sonarqube-example.png → static/images/ks-qkcp/en/devops-user-guide/tool-integration/integrate-sonarqube-into-pipelines/sonarqube-example.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 39 KiB

After

Width:  |  Height:  |  Size: 39 KiB

0
static/images/ks-qkcp/en/devops-user-guide/tool-integration/integrate-sonarqube-into-pipeline/sonarqube-install.png → static/images/ks-qkcp/en/devops-user-guide/tool-integration/integrate-sonarqube-into-pipelines/sonarqube-install.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 9.3 KiB

After

Width:  |  Height:  |  Size: 9.3 KiB

BIN
static/images/ks-qkcp/en/devops-user-guide/tool-integration/integrate-sonarqube-into-pipelines/sonarqube-jenkins-settings.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 154 KiB

0
static/images/ks-qkcp/en/devops-user-guide/tool-integration/integrate-sonarqube-into-pipeline/sonarqube-webhook-1.png → static/images/ks-qkcp/en/devops-user-guide/tool-integration/integrate-sonarqube-into-pipelines/sonarqube-webhook-1.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 42 KiB

After

Width:  |  Height:  |  Size: 42 KiB

0
static/images/ks-qkcp/en/devops-user-guide/tool-integration/integrate-sonarqube-into-pipeline/sonarqube-webhook-2.png → static/images/ks-qkcp/en/devops-user-guide/tool-integration/integrate-sonarqube-into-pipelines/sonarqube-webhook-2.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 15 KiB

After

Width:  |  Height:  |  Size: 15 KiB

0
static/images/ks-qkcp/en/devops-user-guide/tool-integration/integrate-sonarqube-into-pipeline/token-created.png → static/images/ks-qkcp/en/devops-user-guide/tool-integration/integrate-sonarqube-into-pipelines/token-created.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 17 KiB

After

Width:  |  Height:  |  Size: 17 KiB

0
static/images/ks-qkcp/en/devops-user-guide/tool-integration/integrate-sonarqube-into-pipeline/webhook-page-info.png → static/images/ks-qkcp/en/devops-user-guide/tool-integration/integrate-sonarqube-into-pipelines/webhook-page-info.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 14 KiB

After

Width:  |  Height:  |  Size: 14 KiB