// Jenkinsfile — Kaniko build + K8s deploy // - dev/prod 잡 분리 전제 // - TARGET_ENV 는 Jenkins Job 설정에서 환경변수로 고정 (dev 또는 prod) def L = 'kaniko-and-deploy' def REG = 'harbor.sayinfo.co.kr' def IMAGE = 'sayit-helpdesk/helpdesk-service' def DEPLOY = 'sayit-helpdesk-service' podTemplate( label: L, yaml: """ apiVersion: v1 kind: Pod spec: serviceAccountName: default securityContext: fsGroup: 1001 fsGroupChangePolicy: OnRootMismatch hostAliases: - ip: "192.168.0.210" hostnames: - "harbor.sayinfo.co.kr" - "nexus.sayinfo.co.kr" containers: - name: maven image: maven:3.9.9-eclipse-temurin-8 command: ["/bin/sh","-lc"] args: ["sleep 99d"] tty: true volumeMounts: - name: workspace-volume mountPath: /home/jenkins/agent - name: maven-cache mountPath: /root/.m2 - name: kaniko image: gcr.io/kaniko-project/executor:debug command: ["/busybox/sh","-c"] args: ["sleep 99d"] tty: true volumeMounts: - name: kaniko-auth mountPath: /kaniko/.docker - name: workspace-volume mountPath: /home/jenkins/agent - name: kubectl image: bitnamilegacy/kubectl:latest command: ["/bin/sh","-lc"] args: ["sleep 99d"] securityContext: runAsUser: 0 runAsGroup: 0 tty: true volumeMounts: - name: workspace-volume mountPath: /home/jenkins/agent volumes: - name: kaniko-auth projected: sources: - secret: name: regcred-sayit-helpdesk items: - key: .dockerconfigjson path: config.json - name: workspace-volume emptyDir: {} - name: maven-cache persistentVolumeClaim: claimName: maven-repo-pvc """ ) { node(L) { // Jenkins Job 설정에서 TARGET_ENV 를 dev 또는 prod 로 고정해서 넘김 // (없으면 기본 dev로 간주) def TARGET_ENV = env.TARGET_ENV ?: 'dev' def MVN_PROFILE = (TARGET_ENV == 'dev') ? 'dev' : 'prod' def APP_NS = (TARGET_ENV == 'dev') ? 'sayit-helpdesk-dev' : 'sayit-helpdesk' def OTEL_ENV = (TARGET_ENV == 'dev') ? 'dev' : 'prod' def OTEL_SERVICE_NAME = (TARGET_ENV == 'dev') ? 'sayit-helpdesk-dev' : 'sayit-helpdesk' def IMAGE_TAG = "${TARGET_ENV}-${env.BUILD_NUMBER}" // dev-123 / prod-123 def LATEST_TAG = "latest-${TARGET_ENV}" // latest-dev / latest-prod timestamps { stage("Info") { echo "TARGET_ENV = ${TARGET_ENV}" echo "MVN_PROFILE = ${MVN_PROFILE}" echo "APP_NS = ${APP_NS}" echo "OTEL_ENV = ${OTEL_ENV}" echo "OTEL_SERVICE_NAME = ${OTEL_SERVICE_NAME}" echo "IMAGE_TAG = ${IMAGE_TAG}" echo "LATEST_TAG = ${LATEST_TAG}" } stage('Checkout') { checkout scm } stage("Maven Build (${MVN_PROFILE})") { container('maven') { sh """ set -eux nslookup nexus.sayinfo.co.kr || true cd "\${WORKSPACE}" mvn -B -q -e -T 1C -s .mvn/settings.xml clean package -DskipTests -P${MVN_PROFILE} """ } } stage('Preflight (Kaniko)') { container('kaniko') { sh """ set -eux cd "\${WORKSPACE}" test -f /kaniko/.docker/config.json nslookup harbor.sayinfo.co.kr || true grep harbor /etc/hosts || true """ } } stage("Build & Push (Kaniko, tag=${IMAGE_TAG}, latest=${LATEST_TAG})") { container('kaniko') { sh """ set -eux cd "\${WORKSPACE}" /kaniko/executor \\ --context=. \\ --dockerfile=Dockerfile \\ --destination=${REG}/${IMAGE}:${IMAGE_TAG} \\ --destination=${REG}/${IMAGE}:${LATEST_TAG} \\ --build-arg OTEL_ENV=${OTEL_ENV} \\ --build-arg OTEL_SERVICE_NAME=${OTEL_SERVICE_NAME} \\ --snapshot-mode=redo \\ --skip-tls-verify \\ --cache=true \\ --cache-repo=${REG}/sayit-helpdesk/build-cache """ } } stage("Deploy to Kubernetes (${APP_NS})") { container('kubectl') { sh """ set -eux kubectl -n ${APP_NS} set image deploy/${DEPLOY} ${DEPLOY}=${REG}/${IMAGE}:${IMAGE_TAG} kubectl -n ${APP_NS} rollout status deploy/${DEPLOY} --timeout=300s kubectl -n ${APP_NS} get deploy ${DEPLOY} -o wide kubectl -n ${APP_NS} get pods -l app=${DEPLOY} -o wide kubectl -n ${APP_NS} get pod -l app=${DEPLOY} -o jsonpath='{.items[*].spec.containers[*].image}'; echo """ } } } } }