搭建jenkins

1. 拉取jenkins镜像
   docker pull jenkins
2. 创建jenkins容器
   docker run --name jenkinns -p 8080:8080 -p 50000:50000 -v /data/jenkins/home:/var/jenkins_home -v /data/jenkins/data:/data -d jenkins
3. 找到jenkins初始密码，打开后端页面
   

安装相关插件及配置

1. 安装publish over ssh
   
2. 配置publish over ssh
   
3. 安装插件
   Build Authorization Token Root Plugin ,为了创建用户token
   Role-based Authorization Strategy
4. 创建用户token
   在用户的【设置】页面的【API Token】部分可以添加token
5. 配置jenkins容器的ssh，使之能访问目标服务器

   Host web-uat
   HostName xxx.xxx.xxx.xxx
   User ubuntu
   IdentityFile ~/.ssh/xxx.pem
   ServerAliveInterval=30
   

配置触发器项目

1. 配置令牌远程触发项目构建
   
2. 创建构建步骤，如执行shell， 把jenkins容器内的文件夹拷贝到远程目标服务器，如以下脚本：

```
version=`date +%Y%m%d%H%M`
project_name="my_project"
server_name="front-uat"
scp -r /data/${project_name} ${server_name}:/data/nginx/source_webs/${project_name}/v${version}
ssh ${server_name} "sudo ln fns /data/nginx/source_webs/${project_name}/v${version} /data/nginx/webs/${project_name}"
ssh ${server_name} "sudo chown -R www-data:www-data /data/nginx"
rm -rf /data/${project_name}
```

配置git自动发布项目

1. 在general 选择参数化构建过程，添加字符参数WORKSPACE
2. 创建并配置项目，在源码管理选择git, 填入代码库URL，和分支
   
3. 在构建触发器填入身份验证令牌
   
4. 在构建填入操作，如执行shell

```
cd ${WORKSPACE}
npm install
npm run build
find ${WORKSPACE}/dist -type f | Xargs sed -i -e 's|uat.domain.com|prod.domain.com'
```

5. 增加构建后操作步骤，选择send build artifacts over SSH, 填写shell
   
6. 可以在浏览器输入下面URL触发任务
   http://xxx.xxx.xxx.xxx:8080/buildByToken/build?job=my_project&token=xxxx

jenkins配置vsftp服务

用ftp从本地上传代码到jenkins容器

1. 安装并配置vsftp
   sudo apt-get install vsftpd db5.3-util -y
2. 修改/etc/vsftpd.conf文件

listen=NO
listen_ipv6=YES
anonymous_enable=NO
local_enable=YES
write_enable=YES
dirmessage_enable=YES
use_localtime=YES
xferlog_enable=YES
connect_from_port_20=YES
chroot_local_user=YES
secure_chroot_dir=/var/run/vsftpd/empty
pam_service_name=vsftpd
rsa_cert_file=/etc/ssl/certs/ssl-sert-snakeoil.pem
rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
ssl_enable=No
guest_enable=YES
guest_username=xx
user_config_dir=/etc/vsftp.d/vsftpd_user_conf.d
all_writeable_chroot=YES

3. 修改vsftp配置

sudo mkdir -p /etc/vsftpd.d/vsftpd_user_conf.d
sudo vim /etc/vsftp.d/vsftp-user

填入：

front-end
user@server
test
123456

4. 修改vsftp用户配置

sudo db5.3_load -T -t hash -f vsftp-user vsftp-user.db
sudo vim /etc/vsftp.d/vsftpd_user_conf.d/front-end

填入：

non_world_readable_only=NO
anon_upload_enable=YES
anon_mkdir_write_enable=YES
anon_other_write_enable=YES
local_root=/data/jenkins/data

5. 修改vsftpd

auth required pam_userdb.so db=/etc/vsftpd.d/vsftp-user
account required pam_userdb.so db=/etc/vsftp.d/vsftp-user

6. sudo systemctl restart vstfpd

本地通过shell脚本上传到jenkins容器

1. 本机安装ncftp brew install ncftp
2. 下面的脚本保存到项目同级目录，执行脚本时后面跟项目名称做参数

#!/bin/sh

   files_upload() {
   	if [ -d "build" ];then
   		folder="build"
   	elif [ -d "dist" ];then
   		folder="dist"
   	else
   		read -p "these are no such folder named build or dist. please input the folder name you want to upload: " folder
   	fi
   	ncftpput -u front-end -p user@server -m -R 192.168.3.217 /${environment}/${project} ${folder}/*
   	curl http://192.168.3.217:8080/buildByToken/buildWithParameters\?job\=prod_frontend\&token\=8adf73eee7a68ff00859d79e6de10f85\&environment\=${environment}\&project\=${project}
   }

   static_file_upload() {
       if [ -d "static" ];then
           folder="static"
       else
           read -p "please input the folder name of static files that you want to upload: " folder
       fi
       ncftpput -u front-end -p user@server -m -R 192.168.3.217 /${environment}/${project} ${folder}/*
   	curl http://192.168.3.217:8080/buildByToken/buildWithParameters\?job\=prod_frontend\&token\=8adf73eee7a68ff00859d79e6de10f85\&environment\=${environment}\&project\=${project}
   }

   read -p "please input the environment you want to update {dap | leap | leap4}: " environment

   if [[ "${environment}" == "project_a" ]];then 
   	read -p "which project do you want update {pa1 | pa2 | pa3 | pa4 }: " project
   	files_upload
   elif [[ "${environment}" == "project_b" ]]; then
   	read -p "which project do you want update {pb1 | pb2 | pb3}: " project
   	files_upload
   elif [[ "${environment}" == "project_c" ]]; then
   	read -p "which project do you want update {pc1 | pc2 | static}: " project
       if [[ "${project}" == "static" ]];then
           static_file_upload
       else
           files_upload
       fi
   else
   		echo "make sure your input is right!"
   fi