103 lines
3.7 KiB
Plaintext
103 lines
3.7 KiB
Plaintext
pipeline {
|
||
agent none
|
||
|
||
options {
|
||
disableConcurrentBuilds()
|
||
timestamps()
|
||
}
|
||
|
||
parameters {
|
||
string(name: 'SOURCE_NODE_NAME', defaultValue: '', description: '上游构建节点名')
|
||
string(name: 'SOURCE_WORKSPACE_ROOT', defaultValue: '', description: '上游源码根目录')
|
||
string(name: 'BUILD_VERSION', defaultValue: '', description: '待部署版本号')
|
||
string(name: 'DEPLOY_DIRECTORY', defaultValue: '/var/lib/jenkins/deploy/Genarrative', description: '固定部署目录')
|
||
string(name: 'EXPECTED_UPSTREAM_JOB', defaultValue: '', description: '允许触发本作业的上游作业名')
|
||
}
|
||
|
||
stages {
|
||
stage('校验触发来源') {
|
||
agent {
|
||
label 'built-in'
|
||
}
|
||
|
||
steps {
|
||
script {
|
||
// Pipeline 的 build 步骤通常会把下游触发原因记录成 BuildUpstreamCause,
|
||
// 直接只查经典 UpstreamCause 会把真实的上游触发误判成“人工执行”。
|
||
def pipelineUpstreamCauses = currentBuild.getBuildCauses('org.jenkinsci.plugins.workflow.support.steps.build.BuildUpstreamCause')
|
||
def classicUpstreamCauses = currentBuild.getBuildCauses('hudson.model.Cause$UpstreamCause')
|
||
def upstreamCause = null
|
||
|
||
if (pipelineUpstreamCauses && !pipelineUpstreamCauses.isEmpty()) {
|
||
upstreamCause = pipelineUpstreamCauses[0]
|
||
} else if (classicUpstreamCauses && !classicUpstreamCauses.isEmpty()) {
|
||
upstreamCause = classicUpstreamCauses[0]
|
||
}
|
||
|
||
if (!upstreamCause) {
|
||
error('部署流水线禁止人工直接执行,只允许由上游构建并部署流水线触发。')
|
||
}
|
||
|
||
def actualUpstreamJob = upstreamCause?.upstreamProject ?: ''
|
||
def expectedUpstreamJob = params.EXPECTED_UPSTREAM_JOB?.trim()
|
||
def allowedUpstreamJob = env.GENARRATIVE_ALLOWED_UPSTREAM_JOB?.trim()
|
||
|
||
if (!params.BUILD_VERSION?.trim()) {
|
||
error('BUILD_VERSION 不能为空。')
|
||
}
|
||
|
||
if (!params.SOURCE_WORKSPACE_ROOT?.trim()) {
|
||
error('SOURCE_WORKSPACE_ROOT 不能为空。')
|
||
}
|
||
|
||
if (!params.SOURCE_NODE_NAME?.trim()) {
|
||
error('SOURCE_NODE_NAME 不能为空。')
|
||
}
|
||
|
||
if (!actualUpstreamJob?.trim()) {
|
||
error('无法从上游触发原因中解析作业名,请检查 Jenkins Pipeline Build Step 插件版本与触发链。')
|
||
}
|
||
|
||
if (expectedUpstreamJob && actualUpstreamJob != expectedUpstreamJob) {
|
||
error("上游作业校验失败,期望 ${expectedUpstreamJob},实际 ${actualUpstreamJob}")
|
||
}
|
||
|
||
if (allowedUpstreamJob && actualUpstreamJob != allowedUpstreamJob) {
|
||
error("环境门禁校验失败,仅允许 ${allowedUpstreamJob} 触发,实际 ${actualUpstreamJob}")
|
||
}
|
||
|
||
env.UPSTREAM_JOB_NAME = actualUpstreamJob
|
||
}
|
||
}
|
||
}
|
||
|
||
stage('部署指定版本') {
|
||
agent {
|
||
label "${params.SOURCE_NODE_NAME}"
|
||
}
|
||
|
||
steps {
|
||
dir("${params.SOURCE_WORKSPACE_ROOT}") {
|
||
sh """
|
||
bash -lc '
|
||
set -euo pipefail
|
||
test -d "build/${params.BUILD_VERSION}"
|
||
chmod +x scripts/jenkins-deploy-release.sh
|
||
# 只部署上游已构建好的版本目录,避免部署阶段再次构建产生漂移。
|
||
./scripts/jenkins-deploy-release.sh \
|
||
--source-dir "build/${params.BUILD_VERSION}" \
|
||
--deploy-dir "${params.DEPLOY_DIRECTORY}"
|
||
'
|
||
"""
|
||
}
|
||
}
|
||
}
|
||
}
|
||
|
||
post {
|
||
success {
|
||
echo "部署完成,版本号: ${params.BUILD_VERSION},上游作业: ${env.UPSTREAM_JOB_NAME}"
|
||
}
|
||
}
|
||
}
|