Skip to content

Commit

Permalink
Merge branch 'master' into issue_7971
Browse files Browse the repository at this point in the history
  • Loading branch information
@yongyiduan
yongyiduan authored Feb 2, 2023
2 parents f4eb5fb + d05056b commit b545229
Show file tree
Hide file tree
Showing 590 changed files with 24,069 additions and 6,492 deletions.
18 changes: 9 additions & 9 deletions .github/workflows/release.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ on:
jobs:
frontend:
name: Build frontend
runs-on: ubuntu-latest
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v2
- name: Set up Node.js
Expand All @@ -34,7 +34,7 @@ jobs:

agent:
name: Build agent on ${{ matrix.os }}
runs-on: ubuntu-latest
runs-on: ubuntu-20.04
steps:
- uses: actions/setup-go@v2
with:
Expand All @@ -50,7 +50,7 @@ jobs:
backend:
needs: [frontend, agent]
name: Build backend and release
runs-on: ubuntu-latest
runs-on: ubuntu-20.04
services:
mysql:
image: mysql:8.0
Expand Down Expand Up @@ -114,7 +114,7 @@ jobs:
cloudNative:
needs: [frontend, agent]
name: Build image and helm chart
runs-on: ubuntu-latest
runs-on: ubuntu-20.04
services:
mysql:
image: mysql:8.0
Expand All @@ -141,7 +141,7 @@ jobs:
- name: Gradle Build Backend Service -- CLOUD NATIVE
working-directory: src/backend/ci
run: |
./gradlew clean test build -x test :core:worker:worker-agent:shadowJar -Ddevops.assemblyMode=K8S \
./gradlew clean test build -x test :core:worker:worker-agent:shadowJar -Ddevops.assemblyMode=KUBERNETES \
-DmysqlURL=127.0.0.1:${{ job.services.mysql.ports['3306'] }} -DmysqlUser=root -DmysqlPasswd=root --no-daemon
- name: Get Agent - CLOUD NATIVE
uses: actions/download-artifact@v1
Expand Down Expand Up @@ -171,7 +171,7 @@ jobs:
- name: Setup Python -- CLOUD NATIVE
uses: actions/setup-python@v4
with:
python-version: "3.6.8"
python-version: "3.7.15"
- name: Generate Helm Chart -- CLOUD NATIVE
working-directory: helm-charts/core/ci
run: |
Expand All @@ -196,7 +196,7 @@ jobs:

codecc:
name: Build CodeCC
runs-on: ubuntu-latest
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v2
- name: Set up JDK 1.8
Expand Down Expand Up @@ -236,7 +236,7 @@ jobs:

bkrepo:
name: Build BkRepo
runs-on: ubuntu-latest
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v2
- name: Set up JDK 1.8
Expand All @@ -257,7 +257,7 @@ jobs:

releaseAll:
name: Release All
runs-on: ubuntu-latest
runs-on: ubuntu-20.04
if: ${{ always() }}
needs: [backend, cloudNative, codecc, bkrepo]
steps:
Expand Down
3 changes: 2 additions & 1 deletion helm-charts/core/ci/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,8 @@ $ helm install bkci .

上述命令将使用默认配置在Kubernetes集群中部署bkci, 并输出访问指引。

部署默认k8s构建机参考[kubernetes-manager部署文档.md](./kubernetes-manager部署文档.md)

## 卸载Chart
使用以下命令卸载`bkci`:

Expand Down Expand Up @@ -380,4 +382,3 @@ $ helm install bkci . -f values
# 查看默认配置
$ helm show values .
```

15 changes: 5 additions & 10 deletions helm-charts/core/ci/build/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -71,14 +71,6 @@ multiCluster:
# 兜底策略, 为空则不用兜底
defaultNamespace: ""

# 构建机资源配置变量
buildResource:
publicDocker:
enabled: false
k8sBuild:
enabled: true
defaultValue: KUBERNETES

# 内部数据源配置
mysql:
image:
Expand Down Expand Up @@ -472,7 +464,7 @@ dispatch:

# dispatchDocker Deployment
dispatchDocker:
enabled: false
enabled: true
replicas: 1
podLabels: {}
resources:
Expand Down Expand Up @@ -776,7 +768,10 @@ notify:

# openapi Deployment
openapi:
enabled: true
enabled: false
secret:
enabled: false
content: ""
replicas: 1
podLabels: {}
resources:
Expand Down
11 changes: 10 additions & 1 deletion helm-charts/core/ci/build_chart.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,6 +51,14 @@
'bkCiStreamGitUrl': 'www.github.com',
'bkCiClusterTag': 'devops',
'bkCiRepositoryGithubServer':'repository',
'bkCiDockerRoutingType':'KUBERNETES',
'bkCiDockerJobQuotaEnable':'false',
'bkCiBcsCpu':'8.0',
'bkCiBcsMemory':'16048',
'bkCiKubernetesCpu':'8',
'bkCiKubernetesMemory':'16048',
'bkCiKubernetesHost': 'http://kubernetes-manager',
'bkCiKubernetesToken': 'landun'
}

if os.path.isfile(default_value_json):
Expand Down Expand Up @@ -79,7 +87,8 @@
'__BK_CI_INFLUXDB_ADDR__': 'http://{{ include "bkci.influxdbHost" . }}:{{ include "bkci.influxdbPort" . }}',
'__BK_CI_VERSION__': '{{ .Chart.AppVersion }}',
'__BK_CI_DISPATCH_KUBERNETES_NS__': '{{ .Release.Namespace }}',
'__BK_CI_CONSUL_DISCOVERY_TAG__': '{{ .Release.Namespace }}'
'__BK_CI_CONSUL_DISCOVERY_TAG__': '{{ .Release.Namespace }}',
'__BK_CI_PRIVATE_URL__': '{{ if empty .Values.config.bkCiPrivateUrl }}{{ .Release.Name }}-bk-ci-gateway{{ else }}{{ .Values.config.bkCiPrivateUrl }}{{ end }}'
}

# 读取变量映射
Expand Down
41 changes: 41 additions & 0 deletions helm-charts/core/ci/kubernetes-manager部署文档.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
# kubernetes-manager
src/backend/dispatch-k8s-manager
## 开发须知

1. 修改resource下的config文件时需要同步修改 manifests中的configmap,保持一致。
2. 修改接口后,需要运行 ./swagger/init-swager.sh 重新初始化swagger文档。

## 使用须知

kubernetes-manager可以使用二进制方式启动,也可以使用容器方式(更加推荐作为容器启动)。

### 以容器方式启动

1. 打包镜像。通过修改 makefile 中的 LOCAL_REGISTR与LOCAL_IMAGE,修改默认镜像参数后 make -f ./Makefile image.xxx 打包自己需要的架构。或者直接使用docker文件夹下Dockerfile参考makefile中命令自行打包。打包后即可作为docker容器使用(需配合现有的redis和mysql)。

2. 打包chart。通过修改manifests/chart 的Chart.yaml 信息,通过 helm package打包即可。启动时通过阅读并修改values中的内容定制自己需要的启动配置即可(chart包中默认携带mysql以及redis,不需要可以关闭)。

3. 补充说明:
- **如何链接不同的kubernetes集群**通过修改 values中的 useKubeConfig 参数即可开启使用指定的kubeconfig,同时修改 chart/template/kubernetes-manager-configmap.yaml 中 kubeConfig.yaml 即可。
- **登录调试相关** 因为登录调试需要将https链接转为wss与kuberntes通信,所以需要 **指定需要登录调试集群的kubeconfig**,指定方式参考 **如何链接不同的kubernetes集群**
- **realResource优化** 优化使用了kubernetes-scheduler-pluign和prometheus的特性,所以需要配置 prometheus同时需要安装 [ci-dispatch-k8s-manager-plugin](https://github.com/TencentBlueKing/ci-dispatch-k8s-manager-plugin) 插件。

#### kubernetes-manager和bk-ci同k8s集群同namespace部署
配置bk-ci helm values
'bkCiKubernetesHost': "http://kubernetes-manager" // 默认kubernetes-manager的service类型为 NodePort
'bkCiKubernetesToken': "landun" // 同kubernetesManager.apiserver.auth.apiToken.value配置
#### kubernetes-manager和bk-ci同集群不同namespace部署
配置bk-ci helm values
'bkCiKubernetesHost': "http://kubernetes-manager.{{ .Release.Name }}" // 默认kubernetes-manager的service类型为 NodePort
'bkCiKubernetesToken': "landun" // 同kubernetesManager.apiserver.auth.apiToken.value配置
#### kubernetes-manager和bk-ci不同集群部署
配置bk-ci helm values
'bkCiKubernetesHost': "http://node:port" // // 默认kubernetes-manager的service类型为 NodePort
'bkCiKubernetesToken': "landun" // 同kubernetesManager.apiserver.auth.apiToken.value配置

### 以二进制的方式启动

1. 打包二进制。参考makefile中的 build.xxx 和 release.xxx 同时修改makefile中 CONFIG_DIR,OUT_DIR来存放配置文件和目录文件(配置文件格式可参考 resources 目录)。

2. 补充说明:
- 二进制格式启动类似直接镜像启动,可以相互参考。同时二进制格式启动一样不具备mysql和redis,需要自行准备。
26 changes: 26 additions & 0 deletions helm-charts/core/ci/templates/gateway/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -81,8 +81,34 @@ spec:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
lifecycle:
preStop:
exec:
command:
- sh
- '-c'
- sleep 10s && /usr/local/openresty/nginx/sbin/nginx -s quit
livenessProbe:
exec:
command:
- /bin/sh
- -c
- "[ -f /usr/local/openresty/nginx/run/nginx.pid ] && ps -A | grep nginx"
initialDelaySeconds: 10
periodSeconds: 10
failureThreshold: 3
successThreshold: 1
readinessProbe:
httpGet:
path: /nginx_status
port: 80
initialDelaySeconds: 10
periodSeconds: 10
failureThreshold: 3
successThreshold: 1
envFrom:
- configMapRef:
name: {{ include "bkci.names.fullname" . }}-gateway
workingDir: /usr/local/openresty/nginx/
terminationGracePeriodSeconds: 40
{{- end -}}
2 changes: 1 addition & 1 deletion helm-charts/core/ci/templates/init/init.sql.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,6 @@ spec:
- |
for SQL in *.sql; do mysql -u{{- include "bkci.mysqlUsername" . }} -p{{- include "bkci.mysqlPassword" . }} -h{{ $mysqlData._0 }} -P{{ $mysqlData._1 }}< $SQL; done ;
echo 'DELETE FROM devops_ci_store.T_CONTAINER WHERE ID = "d51a712508c011e99792fa163e50f2b5";'|mysql -u{{- include "bkci.mysqlUsername" . }} -p{{- include "bkci.mysqlPassword" . }} -h{{ $mysqlData._0 }} -P{{ $mysqlData._1 }}
echo 'update devops_ci_store.T_BUSINESS_CONFIG set CONFIG_VALUE="{{ .Values.buildResource.defaultValue }}" WHERE BUSINESS_VALUE="LINUX" AND FEATURE="defaultBuildType";'|mysql -u{{- include "bkci.mysqlUsername" . }} -p{{- include "bkci.mysqlPassword" . }} -h{{ $mysqlData._0 }} -P{{ $mysqlData._1 }}
echo 'update devops_ci_store.T_BUSINESS_CONFIG set CONFIG_VALUE="DOCKER" WHERE BUSINESS_VALUE="LINUX" AND FEATURE="defaultBuildType";'|mysql -u{{- include "bkci.mysqlUsername" . }} -p{{- include "bkci.mysqlPassword" . }} -h{{ $mysqlData._0 }} -P{{ $mysqlData._1 }}
restartPolicy: OnFailure
{{- end -}}
10 changes: 10 additions & 0 deletions helm-charts/core/ci/templates/openapi/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -113,6 +113,11 @@ spec:
- mountPath: /data/workspace/openapi/jvm
name: log-volume
subPathExpr: bkci/jvm/$(POD_NAME)
{{ if .Values.openapi.secret.enabled }}
- mountPath: {{ .Values.config.bkCiOpenapiApiPubOuter | splitList "/" | initial | join "/" }}
name: bk-key-volume
readOnly: true
{{ end }}
lifecycle:
preStop:
exec:
Expand All @@ -124,4 +129,9 @@ spec:
- hostPath:
path: /data
name: log-volume
{{ if .Values.openapi.secret.enabled }}
- name: bk-key-volume
secret:
secretName: openapi-bk-key
{{ end }}
{{- end -}}
9 changes: 9 additions & 0 deletions helm-charts/core/ci/templates/openapi/secret.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
{{ if and .Values.openapi.enabled .Values.openapi.secret.enabled }}
kind: Secret
apiVersion: v1
metadata:
name: openapi-bk-key
data:
{{ .Values.config.bkCiOpenapiApiPubOuter | splitList "/" | last }}: {{ .Values.openapi.secret.content }}
type: Opaque
{{ end }}
4 changes: 0 additions & 4 deletions helm-charts/core/ci/templates/store/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -75,10 +75,6 @@ spec:
value: {{ .Chart.Name }}
- name: MULTI_CLUSTER
value: {{ .Values.multiCluster.enabled | quote }}
- name: ENABLE_PUBLIC_DOCKER
value: {{ .Values.buildResource.publicDocker.enabled | quote }}
- name: ENABLE_K8S_BUILD
value: {{ .Values.buildResource.k8sBuild.enabled | quote }}
- name: DEFAULT_NAMESPACE
value: {{ .Values.multiCluster.defaultNamespace }}
- name: POD_NAME
Expand Down
12 changes: 12 additions & 0 deletions scripts/bkenv.properties
View file
Original file line number Diff line number Diff line change
Expand Up @@ -195,6 +195,8 @@ BK_CI_AGENTLESS_IMAGE_REGISTRY_URL=
BK_CI_AGENTLESS_IMAGE_REGISTRY_USER=
# BK_CI_DOCKER_ROUTING_TYPE默认为VM. 按需修改. 默认容器调度类型:VM, KUBERNETES, BCS.
BK_CI_DOCKER_ROUTING_TYPE=VM
# BK_CI_DOCKER_JOB_QUOTA_ENABLE默认为false. 按需修改. 是否开启job限额.
BK_CI_DOCKER_JOB_QUOTA_ENABLE=false
# BK_CI_CODEOA_API_KEY无默认值. 废弃. 待清理配置文件及相关代码.
BK_CI_CODEOA_API_KEY=
# BK_CI_CODEOA_API_URL无默认值. 废弃. 待清理配置文件及相关代码.
Expand Down Expand Up @@ -291,6 +293,14 @@ BK_CI_WECHATWORK_TOKEN=
BK_CI_WECHATWORK_AESKEY=
# 企业微信api配置 api域名
BK_CI_WECHATWORK_URL=
# BK_CI_OPENAPI_API_BLUEKING_ENABLE 用于是否开启blueking api filter
BK_CI_OPENAPI_API_BLUEKING_ENABLE=false
# BK_CI_OPENAPI_API_PUB_OUTER 用于blueking api filter jwt鉴权,内容为pub文件完整路径
BK_CI_OPENAPI_API_PUB_OUTER=
# BK_CI_OPENAPI_API_AUTH 用于blueking api filter 区分鉴权模式
BK_CI_OPENAPI_API_AUTH=true
# BK_CI_OPENAPI_VERIFY_PROJECT 在 blueking api filter 中使用,是否开启projectId强校验。
BK_CI_OPENAPI_VERIFY_PROJECT=false

##########
# 4-微服务依赖
Expand Down Expand Up @@ -387,6 +397,8 @@ BK_CI_TURBO_REDIS_PASSWORD=$BK_CI_REDIS_PASSWORD
BK_CI_TURBO_REDIS_PORT=$BK_CI_REDIS_PORT
# BK_REPO_GATEWAY_IP无默认值,按需修改,如部署了蓝鲸制品库bkrepo,并且需要集成到CI,需要配置bkrepo网关的IP地址
BK_REPO_GATEWAY_IP=
# BK_REPO_DOCKER_REGISTRY无默认值,按需修改
BK_REPO_DOCKER_REGISTRY=
# BK_CI_API_TOKEN_ENABLED默认为false
BK_CI_API_TOKEN_ENABLED=false
# BK_CI_API_TOKEN_SECRET无默认值,按需修改
Expand Down
16 changes: 8 additions & 8 deletions src/agent/Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,21 +21,21 @@ windows: build_windows

macos_no_cgo: build_macos_no_cgo build_macos_arm64_no_cgo

build_linux: test
build_linux: test clean
mkdir -p $(BINDIR)
GO111MODULE=on CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build ${BUILD_FLAGS} -o $(BINDIR)/devopsDaemon_linux $(CMDDIR)/daemon/main.go
GO111MODULE=on CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build ${BUILD_FLAGS} -o $(BINDIR)/devopsAgent_linux $(CMDDIR)/agent/main.go
GO111MODULE=on CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build ${BUILD_FLAGS} -o $(BINDIR)/upgrader_linux $(CMDDIR)/upgrader/main.go
GO111MODULE=on CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build ${BUILD_FLAGS} -o $(BINDIR)/installer_linux $(CMDDIR)/installer/main.go
ls -la $(BINDIR)
build_linux_arm64: test
build_linux_arm64: test clean
mkdir -p $(BINDIR)
GO111MODULE=on CGO_ENABLED=0 GOOS=linux GOARCH=arm64 go build ${BUILD_FLAGS} -o $(BINDIR)/devopsDaemon_linux_arm64 $(CMDDIR)/daemon/main.go
GO111MODULE=on CGO_ENABLED=0 GOOS=linux GOARCH=arm64 go build ${BUILD_FLAGS} -o $(BINDIR)/devopsAgent_linux_arm64 $(CMDDIR)/agent/main.go
GO111MODULE=on CGO_ENABLED=0 GOOS=linux GOARCH=arm64 go build ${BUILD_FLAGS} -o $(BINDIR)/upgrader_linux_arm64 $(CMDDIR)/upgrader/main.go
GO111MODULE=on CGO_ENABLED=0 GOOS=linux GOARCH=arm64 go build ${BUILD_FLAGS} -o $(BINDIR)/installer_linux_arm64 $(CMDDIR)/installer/main.go
ls -la $(BINDIR)
build_linux_mips64: test
build_linux_mips64: test clean
mkdir -p $(BINDIR)
GO111MODULE=on CGO_ENABLED=0 GOOS=linux GOARCH=mips64 go build ${BUILD_FLAGS} -o $(BINDIR)/devopsDaemon_linux_mips64 $(CMDDIR)/daemon/main.go
GO111MODULE=on CGO_ENABLED=0 GOOS=linux GOARCH=mips64 go build ${BUILD_FLAGS} -o $(BINDIR)/devopsAgent_linux_mips64 $(CMDDIR)/agent/main.go
Expand All @@ -44,14 +44,14 @@ build_linux_mips64: test
ls -la $(BINDIR)

# Telegraf 的 cpu和diskio 插件采集使用的 shirou 包需要开启cgo才可以在darwin情况下采集成功
build_macos: test
build_macos: test clean
mkdir -p $(BINDIR)
GO111MODULE=on CGO_ENABLED=1 GOOS=darwin GOARCH=amd64 go build ${BUILD_FLAGS} -o $(BINDIR)/devopsDaemon_macos $(CMDDIR)/daemon/main.go
GO111MODULE=on CGO_ENABLED=1 GOOS=darwin GOARCH=amd64 go build ${BUILD_FLAGS} -o $(BINDIR)/devopsAgent_macos $(CMDDIR)/agent/main.go
GO111MODULE=on CGO_ENABLED=1 GOOS=darwin GOARCH=amd64 go build ${BUILD_FLAGS} -o $(BINDIR)/upgrader_macos $(CMDDIR)/upgrader/main.go
GO111MODULE=on CGO_ENABLED=1 GOOS=darwin GOARCH=amd64 go build ${BUILD_FLAGS} -o $(BINDIR)/installer_macos $(CMDDIR)/installer/main.go
ls -la $(BINDIR)
build_macos_arm64: test
build_macos_arm64: test clean
mkdir -p $(BINDIR)
GO111MODULE=on CGO_ENABLED=1 GOOS=darwin GOARCH=arm64 go build ${BUILD_FLAGS} -o $(BINDIR)/devopsDaemon_macos_arm64 $(CMDDIR)/daemon/main.go
GO111MODULE=on CGO_ENABLED=1 GOOS=darwin GOARCH=arm64 go build ${BUILD_FLAGS} -o $(BINDIR)/devopsAgent_macos_arm64 $(CMDDIR)/agent/main.go
Expand All @@ -60,22 +60,22 @@ build_macos_arm64: test
ls -la $(BINDIR)

# 方便统一交叉编译,这里会提供不开启cgo的macos编译,但是其监控的 cpu和diskio 会没有数据
build_macos_no_cgo: test
build_macos_no_cgo: test clean
mkdir -p $(BINDIR)
GO111MODULE=on CGO_ENABLED=0 GOOS=darwin GOARCH=amd64 go build ${BUILD_FLAGS} -o $(BINDIR)/devopsDaemon_macos $(CMDDIR)/daemon/main.go
GO111MODULE=on CGO_ENABLED=0 GOOS=darwin GOARCH=amd64 go build ${BUILD_FLAGS} -o $(BINDIR)/devopsAgent_macos $(CMDDIR)/agent/main.go
GO111MODULE=on CGO_ENABLED=0 GOOS=darwin GOARCH=amd64 go build ${BUILD_FLAGS} -o $(BINDIR)/upgrader_macos $(CMDDIR)/upgrader/main.go
GO111MODULE=on CGO_ENABLED=0 GOOS=darwin GOARCH=amd64 go build ${BUILD_FLAGS} -o $(BINDIR)/installer_macos $(CMDDIR)/installer/main.go
ls -la $(BINDIR)
build_macos_arm64_no_cgo: test
build_macos_arm64_no_cgo: test clean
mkdir -p $(BINDIR)
GO111MODULE=on CGO_ENABLED=0 GOOS=darwin GOARCH=arm64 go build ${BUILD_FLAGS} -o $(BINDIR)/devopsDaemon_macos_arm64 $(CMDDIR)/daemon/main.go
GO111MODULE=on CGO_ENABLED=0 GOOS=darwin GOARCH=arm64 go build ${BUILD_FLAGS} -o $(BINDIR)/devopsAgent_macos_arm64 $(CMDDIR)/agent/main.go
GO111MODULE=on CGO_ENABLED=0 GOOS=darwin GOARCH=arm64 go build ${BUILD_FLAGS} -o $(BINDIR)/upgrader_macos_arm64 $(CMDDIR)/upgrader/main.go
GO111MODULE=on CGO_ENABLED=0 GOOS=darwin GOARCH=arm64 go build ${BUILD_FLAGS} -o $(BINDIR)/installer_macos_arm64 $(CMDDIR)/installer/main.go
ls -la $(BINDIR)

build_windows: test
build_windows: test clean
mkdir -p $(BINDIR)
GO111MODULE=on CGO_ENABLED=0 GOOS=windows GOARCH=386 go build ${BUILD_FLAGS} -o $(BINDIR)/devopsDaemon.exe $(CMDDIR)/daemon/main_win.go
GO111MODULE=on CGO_ENABLED=0 GOOS=windows GOARCH=386 go build ${BUILD_FLAGS} -o $(BINDIR)/devopsAgent.exe $(CMDDIR)/agent/main.go
Expand Down
Loading

0 comments on commit b545229

Please sign in to comment.