2 kuukautta sitten · 03d2b78a9e
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -7,17 +7,19 @@ pipeline {
 
				     }
			
 
				 
			
 
				     environment {
			
 
				-        PROJECT_NAME       = 'portal-service-frontend'
			
 
				-        BUILD_DIR          = 'dist'
			
 
				-        NODE_ENV           = 'production'
			
 
				-        HARBOR_HOST        = '8.130.28.21:81'
			
 
				-        KUBECONFIG_PATH    = '/root/.kube/config'
			
 
				-        NODE1_IP           = '172.27.73.147'
			
 
				-        NODE2_IP           = '172.27.73.146'
			
 
				-        HARBOR_USER        = 'admin'
			
 
				-        HARBOR_PASS        = 'Hfln@1024'
			
 
				+        PROJECT_NAME        = 'portal-service-frontend'
			
 
				+        BUILD_DIR           = 'dist'
			
 
				+        NODE_ENV            = 'production'
			
 
				+        HARBOR_HOST         = '8.130.28.21:81'
			
 
				+        KUBECONFIG_PATH     = '/root/.kube/config'
			
 
				+        NODE1_IP            = '172.27.73.147'
			
 
				+        NODE2_IP            = '172.27.73.146'
			
 
				+        HARBOR_USER         = 'admin'
			
 
				+        HARBOR_PASS         = 'Hfln@1024'
			
 
				         HARBOR_RETENTION_ID = '1'
			
 
				-        DOMAIN             = 'radar-power.asia'
			
 
				+        DOMAIN              = 'radar-power.asia'
			
 
				+        TLS_CERT_PATH       = '/data/cert/radar-power.asia.pem'
			
 
				+        TLS_KEY_PATH        = '/data/cert/radar-power.asia.key'
			
 
				     }
			
 
				 
			
 
				     stages {
			
@@ -76,9 +78,24 @@ pipeline {
 
				             }
			
 
				         }
			
 
				 
			
 
				-        stage('📦 部署到 Kubernetes（带 Ingress）') {
			
 
				+        stage('📦 部署到 Kubernetes（Ingress + ClusterIP）') {
			
 
				             steps {
			
 
				                 script {
			
 
				+                    // 自动创建 portal-tls secret
			
 
				+                    sh """
			
 
				+                        export KUBECONFIG=${env.KUBECONFIG_PATH}
			
 
				+                        if ! kubectl get secret portal-tls -n ${params.NAMESPACE} >/dev/null 2>&1; then
			
 
				+                            echo ">>> 未检测到 portal-tls，正在创建..."
			
 
				+                            kubectl create secret tls portal-tls \\
			
 
				+                                --cert=${env.TLS_CERT_PATH} \\
			
 
				+                                --key=${env.TLS_KEY_PATH} \\
			
 
				+                                -n ${params.NAMESPACE}
			
 
				+                            echo "✅ portal-tls 创建完成"
			
 
				+                        else
			
 
				+                            echo "✅ portal-tls 已存在，跳过创建"
			
 
				+                        fi
			
 
				+                    """
			
 
				+
			
 
				                     def ingressBlock = """---
			
 
				 apiVersion: networking.k8s.io/v1
			
 
				 kind: Ingress
			
@@ -135,13 +152,12 @@ metadata:
 
				   name: ${env.PROJECT_NAME}
			
 
				   namespace: ${params.NAMESPACE}
			
 
				 spec:
			
 
				-  type: NodePort
			
 
				+  type: ClusterIP
			
 
				   selector:
			
 
				     app: ${env.PROJECT_NAME}
			
 
				   ports:
			
 
				   - port: 80
			
 
				     targetPort: 80
			
 
				-    nodePort: 30088
			
 
				 ${ingressBlock}
			
 
				 """
			
 
				 
			
@@ -153,7 +169,7 @@ ${ingressBlock}
 
				                         kubectl rollout status deployment/${env.PROJECT_NAME} -n ${params.NAMESPACE} --timeout=120s || echo '[rollout timeout or incomplete]'
			
 
				                     """
			
 
				 
			
 
				-                    echo ">>> ✅ 部署完成，访问地址：https://${env.DOMAIN}/ （请确保 DNS 已指向 Ingress 公网 IP 且 secret portal-tls 已创建）"
			
 
				+                    echo ">>> ✅ 部署完成，访问地址：https://${env.DOMAIN}/"
			
 
				                 }
			
 
				             }
			
 
				         }