背景

记录如何在本机 macOS(M1芯片)上安装 Jenkins Docker,并通过 Jenkins 设置 CI/CD,实现一键集成与部署。

1. 配置 Docker Compose 文件

compose 文件添加 jenkins 配置 
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14

version: '3'

services:
  jenkins:
    image: jenkins/jenkins:lts-jdk17
    user: root
    container_name: jenkins
    ports:
      - "8080:8080"
      - "50000:50000"
    volumes:
      - /Users/yutao/Downloads/devtool/jenkins_home:/var/jenkins_home
      - /var/run/docker.sock:/var/run/docker.sock
    restart: always

参数介绍:

volumes 映射宿主机目录到容器中,这里映射的是 Jenkins 配置文件目录。docker.sock 是 Docker 的 socket 文件,用于容器与 Docker 引擎通信。本机 docker.sock 要给 chmod + 666 权限,否则容器没有权限访问。

2. 启动 Jenkins Docker 容器

启动 Jenkins Docker 容器

1

docker compose up -d

查看 jenkins 管理员密码

1

docker exec -it jenkins cat /var/jenkins_home/secrets/initialAdminPassword

3. Jenkins 容器安装JDK、Maven

root 用户进入容器

1
2

# 安装 wget
apt-get update && apt-get install -y wget

1
2

# 安装 curl
apt-get update && apt-get install -y curl
  1. 安装 JDK 21(适配 macOS M1,Arm64 架构)
1
2
3
4
5

# 创建目录
mkdir -p /opt/java
cd /opt/java
wget https://github.com/adoptium/temurin21-binaries/releases/download/jdk-21.0.8%2B9/OpenJDK21U-jdk_aarch64_linux_hotspot_21.0.8_9.tar.gz
tar -xzf OpenJDK21U-jdk_aarch64_linux_hotspot_21.0.8_9.tar.gz
  1. 安装 Maven 3.9.9
1
2
3
4
5

# 创建目录
mkdir -p /opt/maven
cd /opt/maven
wget https://archive.apache.org/dist/maven/maven-3/3.9.9/binaries/apache-maven-3.9.9-bin.tar.gz
tar -xzf apache-maven-3.9.9-bin.tar.gz
创建settings.xml文件 
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44

<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
          xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 
                              http://maven.apache.org/xsd/settings-1.0.0.xsd">
  <localRepository>/var/jenkins_home/.m2/repository</localRepository>

  <interactiveMode>false</interactiveMode>

  <mirrors>
    <!-- 阿里云 Maven 镜像 -->
    <mirror>
      <id>aliyunmaven</id>
      <mirrorOf>central</mirrorOf>
      <name>Aliyun Maven</name>
      <url>https://maven.aliyun.com/repository/public</url>
    </mirror>
  </mirrors>

  <profiles>
    <profile>
      <id>default</id>
      <repositories>
        <repository>
          <id>central</id>
          <url>https://repo.maven.apache.org/maven2</url>
          <releases><enabled>true</enabled></releases>
          <snapshots><enabled>false</enabled></snapshots>
        </repository>
      </repositories>
      <pluginRepositories>
        <pluginRepository>
          <id>central</id>
          <url>https://repo.maven.apache.org/maven2</url>
          <releases><enabled>true</enabled></releases>
          <snapshots><enabled>false</enabled></snapshots>
        </pluginRepository>
      </pluginRepositories>
    </profile>
  </profiles>

  <activeProfiles>
    <activeProfile>default</activeProfile>
  </activeProfiles>
</settings>

1
2

# 验证 setting 文件
mvn help:effective-settings
  1. 配置环境变量

进入jenkins用户

1
2
3
4

echo 'export JAVA_HOME=/opt/jdk/jdk-21.0.8+9' >> ~/.bashrc
echo 'export MAVEN_HOME=/opt/maven/apache-maven-3.9.9' >> ~/.bashrc
echo 'export PATH=$JAVA_HOME/bin:$MAVEN_HOME/bin:$PATH' >> ~/.bashrc
source ~/.bashrc

4. Jenkins 容器安装 docker cli 客户端

root 用户进入容器

1
2
3
4
5
6

# 安装 docker cli
apt-get update
apt-get install -y docker.io
# 验证
docker version
docker ps

1
2
3
4
5

# 安装 docker-compose
curl -SL https://github.com/docker/compose/releases/download/v2.27.0/docker-compose-linux-aarch64 -o /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose
# 验证
docker-compose version

1
2
3
4
5
6

# 验证 /var/run/docker.sock 权限
docker inspect jenkins | grep /var/run/docker.sock
root@eadc8e178a91:/# docker inspect jenkins | grep /var/run/docker.sock
                "/var/run/docker.sock:/var/run/docker.sock:rw"
                "Source": "/var/run/docker.sock",
                "Destination": "/var/run/docker.sock",

5. Jenkins 配置

1. 配置jdk、maven

访问 Jenkins 界面 http://localhost:8080/

  • 系统管理->全局工具配置->默认settings路径:/opt/maven/apache-maven-3.9.9/conf/settings.xml
  • 系统管理->全局工具配置->Maven 安装:别名:maven3.9.9,maven_home:/opt/maven/apache-maven-3.9.9
  • 系统管理->全局工具配置->JDK 安装:别名:jdk21,java_home:/opt/jdk/jdk-21.0.8+9

2. 设置凭据

系统管理->凭据管理->添加凭据->类型:UserName With Password->用户名:代码仓库登录用户->密码:代码仓库登录密码->ID:你想给凭据指定的ID->描述:你想给凭据的描述->创建

上述配置还可以通过命令创建

1

java -jar jenkins-cli.jar -s http://localhost:8080/ -auth admin:11e357d17a489d88f7994cd5ac8565223b groovy = < add_credentials.groovy

add_credentials.groovy 脚本内容

add_credentials.groovy 脚本内容 
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26

import com.cloudbees.plugins.credentials.*
import com.cloudbees.plugins.credentials.domains.*
import com.cloudbees.plugins.credentials.impl.*
import jenkins.model.*

def username = "登录代码的用户名"
def password = "登录代码的密码"  // 你修改这里的密码
def credentialsId = "gitee-credentials"  // 你想给凭据指定的ID
def description = "Gitee private repo login for Jenkins"

// 获取 Jenkins 全局凭据存储
def credentialsStore = Jenkins.instance.getExtensionList('com.cloudbees.plugins.credentials.SystemCredentialsProvider')[0].getStore()

// 创建新的用户名密码凭据
def credentials = new UsernamePasswordCredentialsImpl(
    CredentialsScope.GLOBAL,
    credentialsId,
    description,
    username,
    password
)

// 添加凭据到全局域
credentialsStore.addCredentials(Domain.global(), credentials)

println("Credentials added successfully with ID: ${credentialsId}")

命令介绍: admin:token值,点击用户->Security->API Tokens->Generate,jenkins-cli.jar 从系统管理->命令行接口下载

6. Jenkins 创建工作流

1. 关闭jenkins跨域访问

生成环境不要关闭,测试环境可以关闭

  • 进入Jenkins管理,修改/usr/local/bin/jenkins.sh脚本
    这行exec java -Duser.home="$JENKINS_HOME" ${FUTURE_OPTS} "${java_opts_array[@]}" -jar ${JENKINS_WAR} "${jenkins_opts_array[@]}" "$@"
    改为exec java -Duser.home="$JENKINS_HOME" -Dhudson.security.csrf.GlobalCrumbIssuerConfiguration.DISABLE_CSRF_PROTECTION=true ${FUTURE_OPTS} "${java_opts_array[@]}" -jar ${JENKINS_WAR} "${jenkins_opts_array[@]}" "$@"

2. 创建jenkinsfile脚本

该文件必须在项目根目录下

创建jenkinsfile脚本 
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44

pipeline {
  agent any

  tools {
    jdk 'jdk21'         // 你在 Jenkins -> Global Tool Configuration 中配置的名字
    maven 'maven-3.9.9'     // 同上
  }

  environment {
    IMAGE_TAG = "latest"
  }

  stages {
    stage('Build') {
      steps {
        // 给 mvnw 添加执行权限,防止执行失败(如果用了 mvnw)
        sh 'chmod +x mvnw || true'

        // 构建所有模块
        sh 'mvn clean package -DskipTests'
      }
    }

    stage('Docker Build') {
      steps {
        script {
          def modules = ['auth-service', 'gateway-service', 'task-service', 'user-service']
          for (module in modules) {
            echo "▶ Building Docker image for ${module}"
            sh "docker build -t ${module}:${IMAGE_TAG} ./${module}"
          }
        }
      }
    }

    stage('Deploy') {
      steps {
        dir('docker') {
          sh 'docker-compose up -d'
        }
      }
    }
  }
}

3. 创建工作流

新建任务:输入任务名称->选择流水线类型:多个微服务就选择多分支流水线/单个微服务就选择普通流水线->分支源:输入仓库地址->凭证:下拉选择之前配置的凭证->保存

结语

jenkins 内容挺多,这里只是简单介绍下,具体高级用法、流水线、集群等,日后涉及再完善。