fix(ci): docker compose --env-file 仅 release/next 启用,prod 完全不动
前一版改动会让 master→prod 部署也走 --env-file .env / Pre-deploy 强制 .env 检查,
若 prod 部署机(172.17.16.14)没准备 .env 会直接 fail,破坏现有 prod 部署。
改动:
- Initialize 阶段按分支设置 COMPOSE_ENV_FILE_ARG:
release/next → '--env-file .env'
master/其他 → ''
- 所有 docker compose 命令用 ${env.COMPOSE_ENV_FILE_ARG} 拼接
- Pre-deploy Check 的 .env 文件存在性校验仅 release/next 触发
行为:
- master → prod 完全沿用历史路径(docker-compose.core.yml 内嵌默认值兜底)
- release/next → release 强制注入 .env(环境隔离 + 凭据脱离 git)
This commit is contained in:
21
Jenkinsfile
vendored
21
Jenkinsfile
vendored
@@ -80,8 +80,11 @@ pipeline {
|
||||
if (env.BRANCH_NAME == 'release/next') {
|
||||
env.DEPLOY_HOST = env.RELEASE_DEPLOY_HOST
|
||||
env.DEPLOY_PATH = env.RELEASE_DEPLOY_PATH
|
||||
// release 环境强制 .env 注入;prod 沿用 docker-compose 内嵌默认值不破坏现有部署
|
||||
env.COMPOSE_ENV_FILE_ARG = '--env-file .env'
|
||||
echo "📦 Deploy target: RELEASE (${env.DEPLOY_HOST})"
|
||||
} else {
|
||||
env.COMPOSE_ENV_FILE_ARG = ''
|
||||
echo "📦 Deploy target: PRODUCTION (${env.DEPLOY_HOST})"
|
||||
}
|
||||
|
||||
@@ -298,8 +301,10 @@ pipeline {
|
||||
checkRemoteDiskOrFail(env.DEPLOY_HOST, 'Deploy')
|
||||
checkRemoteDiskOrFail(env.REGISTRY_HOST, 'Registry')
|
||||
|
||||
// 检查部署机上 .env 文件是否存在(多环境配置隔离,缺失时直接 fail,避免连错 DB)
|
||||
checkRemoteEnvFileOrFail(env.DEPLOY_HOST, env.DEPLOY_PATH)
|
||||
// .env 检查只对 release/next 生效(prod 仍用 docker-compose 内嵌默认值)
|
||||
if (env.BRANCH_NAME == 'release/next') {
|
||||
checkRemoteEnvFileOrFail(env.DEPLOY_HOST, env.DEPLOY_PATH)
|
||||
}
|
||||
|
||||
recordStageMetrics('Pre-deploy Check', stageStartTime)
|
||||
}
|
||||
@@ -733,7 +738,7 @@ def getPreviousImageTag() {
|
||||
script: """
|
||||
ssh ${sshOpts} root@${env.DEPLOY_HOST} '
|
||||
cd ${env.DEPLOY_PATH}
|
||||
docker compose --env-file .env -f docker-compose.core.yml images --format json | \
|
||||
docker compose ${env.COMPOSE_ENV_FILE_ARG} -f docker-compose.core.yml images --format json | \
|
||||
jq -r ".[0].Tag" | head -1
|
||||
' 2>/dev/null || echo "latest"
|
||||
""",
|
||||
@@ -762,7 +767,7 @@ def backupCurrentDeployment(def services) {
|
||||
cp docker-compose.core.yml docker-compose.core.yml.backup-${env.BUILD_NUMBER}
|
||||
|
||||
# 记录当前运行的镜像
|
||||
docker compose --env-file .env -f docker-compose.core.yml images > deployment-state-${env.BUILD_NUMBER}.txt
|
||||
docker compose ${env.COMPOSE_ENV_FILE_ARG} -f docker-compose.core.yml images > deployment-state-${env.BUILD_NUMBER}.txt
|
||||
|
||||
echo "✅ Backup completed: deployment-state-${env.BUILD_NUMBER}.txt"
|
||||
'
|
||||
@@ -799,10 +804,10 @@ def rollbackDeployment(def services) {
|
||||
export IMAGE_TAG=${env.PREVIOUS_IMAGE_TAG}
|
||||
|
||||
# 拉取旧版本镜像
|
||||
docker compose --env-file .env -f docker-compose.core.yml pull ${service}
|
||||
docker compose ${env.COMPOSE_ENV_FILE_ARG} -f docker-compose.core.yml pull ${service}
|
||||
|
||||
# 重启服务
|
||||
docker compose --env-file .env -f docker-compose.core.yml up -d ${service}
|
||||
docker compose ${env.COMPOSE_ENV_FILE_ARG} -f docker-compose.core.yml up -d ${service}
|
||||
|
||||
echo "✅ ${service} rolled back to ${env.PREVIOUS_IMAGE_TAG}"
|
||||
'
|
||||
@@ -937,10 +942,10 @@ def deployService(String service) {
|
||||
cd ${env.DEPLOY_PATH}
|
||||
|
||||
echo "📥 Pulling ${service}..."
|
||||
docker compose --env-file .env -f docker-compose.core.yml pull ${service}
|
||||
docker compose ${env.COMPOSE_ENV_FILE_ARG} -f docker-compose.core.yml pull ${service}
|
||||
|
||||
echo "🔄 Restarting ${service}..."
|
||||
docker compose --env-file .env -f docker-compose.core.yml up -d ${service}
|
||||
docker compose ${env.COMPOSE_ENV_FILE_ARG} -f docker-compose.core.yml up -d ${service}
|
||||
|
||||
echo "⏳ Waiting for container to start..."
|
||||
sleep 5
|
||||
|
||||
Reference in New Issue
Block a user