feat(jenkins): support sudo deploy hooks
This commit is contained in:
@@ -5,7 +5,7 @@ set -euo pipefail
|
||||
usage() {
|
||||
cat <<'EOF'
|
||||
用法:
|
||||
./scripts/jenkins-deploy-release.sh --source-dir /path/to/build/123 --deploy-dir /var/lib/jenkins/deploy/Genarrative
|
||||
./scripts/jenkins-deploy-release.sh --source-dir /path/to/build/123 --deploy-dir /var/lib/jenkins/deploy/Genarrative [--hook-with-sudo]
|
||||
|
||||
说明:
|
||||
1. 如果部署目录已有旧版本且存在 stop.sh,则先执行旧版本 stop.sh。
|
||||
@@ -16,6 +16,7 @@ usage() {
|
||||
参数:
|
||||
--source-dir <path> 必填,待部署的发布目录,例如 build/123
|
||||
--deploy-dir <path> 必填,固定部署目录,例如 /var/lib/jenkins/deploy/Genarrative
|
||||
--hook-with-sudo 可选,仅对 start.sh/stop.sh 使用 sudo -n 执行
|
||||
EOF
|
||||
}
|
||||
|
||||
@@ -31,6 +32,7 @@ require_argument() {
|
||||
|
||||
SOURCE_DIR=""
|
||||
DEPLOY_DIR=""
|
||||
HOOK_WITH_SUDO="0"
|
||||
|
||||
while [[ $# -gt 0 ]]; do
|
||||
case "$1" in
|
||||
@@ -46,6 +48,10 @@ while [[ $# -gt 0 ]]; do
|
||||
DEPLOY_DIR="${2:?缺少 --deploy-dir 的值}"
|
||||
shift 2
|
||||
;;
|
||||
--hook-with-sudo)
|
||||
HOOK_WITH_SUDO="1"
|
||||
shift
|
||||
;;
|
||||
*)
|
||||
echo "[jenkins-deploy] 未知参数: $1" >&2
|
||||
usage >&2
|
||||
@@ -57,6 +63,35 @@ done
|
||||
require_argument "${SOURCE_DIR}" "--source-dir"
|
||||
require_argument "${DEPLOY_DIR}" "--deploy-dir"
|
||||
|
||||
run_hook() {
|
||||
local hook_dir="$1"
|
||||
local hook_name="$2"
|
||||
local hook_path="${hook_dir}/${hook_name}"
|
||||
|
||||
if [[ ! -x "${hook_path}" ]]; then
|
||||
echo "[jenkins-deploy] hook 不存在或不可执行: ${hook_path}" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# 仅在启停脚本阶段使用 sudo,文件清理与移动仍保持普通权限,避免放大授权范围。
|
||||
if [[ "${HOOK_WITH_SUDO}" == "1" ]]; then
|
||||
echo "[jenkins-deploy] 使用 sudo 执行 ${hook_name}: ${hook_path}"
|
||||
(
|
||||
cd "${hook_dir}"
|
||||
sudo -n "${hook_path}"
|
||||
) || {
|
||||
echo "[jenkins-deploy] sudo 执行 ${hook_name} 失败,请确认 jenkins 用户已配置免密 sudo 权限。" >&2
|
||||
exit 1
|
||||
}
|
||||
return
|
||||
fi
|
||||
|
||||
(
|
||||
cd "${hook_dir}"
|
||||
"./${hook_name}"
|
||||
)
|
||||
}
|
||||
|
||||
if [[ ! -d "${SOURCE_DIR}" ]]; then
|
||||
echo "[jenkins-deploy] 发布目录不存在: ${SOURCE_DIR}" >&2
|
||||
exit 1
|
||||
@@ -73,10 +108,7 @@ fi
|
||||
|
||||
if [[ -x "${DEPLOY_DIR}/stop.sh" ]]; then
|
||||
echo "[jenkins-deploy] 先停止旧版本: ${DEPLOY_DIR}"
|
||||
(
|
||||
cd "${DEPLOY_DIR}"
|
||||
./stop.sh
|
||||
)
|
||||
run_hook "${DEPLOY_DIR}" "stop.sh"
|
||||
else
|
||||
echo "[jenkins-deploy] 部署目录无可执行 stop.sh,跳过停服"
|
||||
fi
|
||||
@@ -87,12 +119,13 @@ find "${DEPLOY_DIR}" -mindepth 1 -maxdepth 1 -exec rm -rf {} +
|
||||
echo "[jenkins-deploy] 移动发布内容: ${SOURCE_DIR} -> ${DEPLOY_DIR}"
|
||||
find "${SOURCE_DIR}" -mindepth 1 -maxdepth 1 -exec mv {} "${DEPLOY_DIR}/" \;
|
||||
|
||||
chmod +x "${DEPLOY_DIR}/start.sh" "${DEPLOY_DIR}/stop.sh"
|
||||
chmod +x "${DEPLOY_DIR}/start.sh"
|
||||
|
||||
if [[ -f "${DEPLOY_DIR}/stop.sh" ]]; then
|
||||
chmod +x "${DEPLOY_DIR}/stop.sh"
|
||||
fi
|
||||
|
||||
echo "[jenkins-deploy] 启动新版本: ${DEPLOY_DIR}"
|
||||
(
|
||||
cd "${DEPLOY_DIR}"
|
||||
./start.sh
|
||||
)
|
||||
run_hook "${DEPLOY_DIR}" "start.sh"
|
||||
|
||||
echo "[jenkins-deploy] 完成"
|
||||
|
||||
Reference in New Issue
Block a user