更新生产环境配置

Jenkinsfile

@@ -4,39 +4,29 @@ pipeline {
     parameters {
         choice(name: 'env', choices: ['dev', 'test', 'prod'], description: '部署环境（dev/test/prod）')
         string(name: 'NAMESPACE', defaultValue: 'hfln-dev', description: 'Kubernetes 命名空间')
+        string(name: 'DOMAIN', defaultValue: '', description: 'Ingress 域名（留空则不创建 Ingress）')
     }
 
     environment {
-        PROJECT_NAME    = 'portal-service'
-        MODULE_NAME     = 'portal-service-server'
-        MAVEN_HOME      = '/usr/local/apache-maven-3.9.9/bin'
-        HARBOR_HOST     = '8.130.28.21:81'
-        KUBECONFIG_PATH = '/root/.kube/config'
+        PROJECT_NAME       = 'portal-service'
+        MODULE_NAME        = 'portal-service-server'
+        MAVEN_HOME         = '/usr/local/apache-maven-3.9.9'
+        HARBOR_HOST        = '8.130.28.21:81'
+        KUBECONFIG_PATH    = '/root/.kube/config'
+        NODE1_IP           = '172.27.73.147'
+        NODE2_IP           = '172.27.73.146'
+        HARBOR_USER        = 'admin'
+        HARBOR_PASSWORD    = 'Hfln@1024'
+        SPRING_PROFILES_ACTIVE = "${params.env}"
     }
 
     stages {
-        stage('🧬 设置环境变量') {
-            steps {
-                script {
-                    if (params.env == 'prod') {
-                        env.HARBOR_PROJECT = 'prod'
-                    } else if (params.env == 'test') {
-                        env.HARBOR_PROJECT = 'test'
-                    } else {
-                        env.HARBOR_PROJECT = 'dev'
-                    }
-
-                    echo ">>> 使用环境：${params.env}，HARBOR 项目：${env.HARBOR_PROJECT}，K8S 命名空间：${params.NAMESPACE}"
-                }
-            }
-        }
-
         stage('🧬 拉取 Git 代码') {
             steps {
                 script {
-                    echo ">>> 拉取代码中..."
+                    echo ">>> 正在拉取 Git 代码..."
                     checkout scm
-                    echo ">>> 代码拉取完成 ✅"
+                    echo ">>> 拉取完成 ✅"
                 }
             }
         }
@@ -44,26 +34,38 @@ pipeline {
         stage('📦 Maven 构建项目') {
             steps {
                 script {
-                    echo ">>> 开始构建模块：${MODULE_NAME}"
-                    sh "${MAVEN_HOME}/mvn clean package -DskipTests -pl ${MODULE_NAME} -am"
+                    echo ">>> 开始构建模块 ${MODULE_NAME}"
+                    sh "${MAVEN_HOME}/bin/mvn clean package -DskipTests -pl ${MODULE_NAME} -am"
                     echo ">>> 构建完成 ✅"
                 }
             }
         }
 
-        stage('🐳 构建 & 推送 Docker 镜像') {
+        stage('🐳 构建并推送 Docker 镜像') {
             steps {
                 script {
-                    def imageTag = "${HARBOR_HOST}/${env.HARBOR_PROJECT}/${PROJECT_NAME}:${BUILD_NUMBER}"
+                    def imageTag = "${HARBOR_HOST}/${params.env}/${PROJECT_NAME}:${BUILD_NUMBER}"
                     echo ">>> 构建 Docker 镜像: ${imageTag}"
-
                     sh """
-                        docker login -u admin -p Hfln@1024 ${HARBOR_HOST}
-                        docker build --build-arg spring_profiles_active=${params.env} -t ${imageTag} .
+                        docker login -u ${HARBOR_USER} -p ${HARBOR_PASSWORD} ${HARBOR_HOST}
+                        docker build --build-arg env=${params.env} -t ${imageTag} .
                         docker push ${imageTag}
                         docker rmi ${imageTag}
                     """
-                    echo ">>> Docker 镜像构建并推送完成 ✅"
+                    echo ">>> 镜像推送完成 ✅"
+                }
+            }
+        }
+
+        stage('🔍 测试节点能否拉取镜像') {
+            steps {
+                script {
+                    def imageTag = "${HARBOR_HOST}/${params.env}/${PROJECT_NAME}:${BUILD_NUMBER}"
+                    echo ">>> 测试节点能否拉取镜像..."
+                    sh """
+                        ssh root@${NODE1_IP} docker login -u ${HARBOR_USER} -p ${HARBOR_PASSWORD} ${HARBOR_HOST} && docker pull ${imageTag} || echo '[❌ 节点 node1 拉取失败]'
+                        ssh root@${NODE2_IP} docker login -u ${HARBOR_USER} -p ${HARBOR_PASSWORD} ${HARBOR_HOST} && docker pull ${imageTag} || echo '[❌ 节点 node2 拉取失败]'
+                    """
                 }
             }
         }
@@ -71,15 +73,81 @@ pipeline {
         stage('🚀 部署到 Kubernetes') {
             steps {
                 script {
-                    def imageTag = "${HARBOR_HOST}/${env.HARBOR_PROJECT}/${PROJECT_NAME}:${BUILD_NUMBER}"
+                    def imageTag = "${HARBOR_HOST}/${params.env}/${PROJECT_NAME}:${BUILD_NUMBER}"
+                    def domain = params.DOMAIN.trim()
+                    def ingressBlock = domain ? """
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: ${PROJECT_NAME}
+  annotations:
+    nginx.ingress.kubernetes.io/rewrite-target: /
+spec:
+  rules:
+  - host: ${domain}
+    http:
+      paths:
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: ${PROJECT_NAME}
+            port:
+              number: 80
+""" : ""
 
-                    echo ">>> 正在部署：${PROJECT_NAME} 到命名空间：${params.NAMESPACE}"
+                    echo ">>> 开始部署至 Kubernetes 命名空间：${params.NAMESPACE}"
 
                     sh """
                         export KUBECONFIG=${KUBECONFIG_PATH}
-                        kubectl set image deployment/${PROJECT_NAME} ${PROJECT_NAME}=${imageTag} -n ${params.NAMESPACE}
+                        kubectl get ns ${params.NAMESPACE} || kubectl create ns ${params.NAMESPACE}
+
+                        kubectl apply -n ${params.NAMESPACE} -f - <<EOF
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: ${PROJECT_NAME}
+spec:
+  replicas: 2
+  selector:
+    matchLabels:
+      app: ${PROJECT_NAME}
+  template:
+    metadata:
+      labels:
+        app: ${PROJECT_NAME}
+    spec:
+      containers:
+      - name: ${PROJECT_NAME}
+        image: ${imageTag}
+        ports:
+        - containerPort: 8091
+        env:
+        - name: SPRING_PROFILES_ACTIVE
+          value: "${params.env}"
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: ${PROJECT_NAME}
+spec:
+  type: NodePort
+  selector:
+    app: ${PROJECT_NAME}
+  ports:
+  - port: 80
+    targetPort: 8091
+    nodePort: 30085
+${ingressBlock}
+EOF
                     """
-                    echo ">>> 部署完成 ✅"
+
+                    if (domain) {
+                        echo ">>> ✅ 部署完成，访问地址：http://${domain}/"
+                    } else {
+                        echo ">>> ✅ 部署完成，访问地址：http://${NODE1_IP}:30085/"
+                    }
                 }
             }
         }
@@ -88,34 +156,25 @@ pipeline {
     post {
         success {
             echo "✅ 构建 & 部署成功 🎉"
-
             script {
-                echo "🧹 开始清理旧镜像（只保留最新 3 个）"
+                echo "🧹 清理本地旧镜像（保留最近 3 个）"
                 sh """
-                    docker images --format "{{.Repository}}:{{.Tag}}" | \
-                    grep "${HARBOR_HOST}/${env.HARBOR_PROJECT}/${PROJECT_NAME}:" | \
-                    sed 's/.*://g' | sort -rn | tail -n +4 | while read oldTag; do
-                        image="${HARBOR_HOST}/${env.HARBOR_PROJECT}/${PROJECT_NAME}:\${oldTag}"
-                        echo ">>> 检查镜像是否正在使用：\$image"
-                        CONTAINER=\$(docker ps -a --filter ancestor=\$image --format "{{.ID}}")
-                        if [ -z "\$CONTAINER" ]; then
-                            echo "✅ 删除镜像：\$image"
-                            docker rmi \$image
-                        else
-                            echo "⚠️ 镜像 \$image 正在被容器使用，跳过删除。"
-                        fi
-                    done
+                    docker images --format '{{.Repository}}:{{.Tag}} {{.CreatedAt}}' | \
+                    grep '${HARBOR_HOST}/${params.env}/${PROJECT_NAME}:' | \
+                    sort -rk2 | \
+                    tail -n +4 | \
+                    awk '{print \$1}' | \
+                    xargs -r docker rmi || true
                 """
-                echo "🧹 旧镜像清理完成 ✅"
             }
         }
 
         failure {
-            echo "❌ 构建或部署失败，请检查日志！"
+            echo "❌ 构建或部署失败，请检查日志。"
         }
 
         always {
-            echo "🧼 清理工作区..."
+            echo "🧼 清理 Jenkins 工作目录..."
             cleanWs()
         }
     }

portal-service-server/src/main/resources/bootstrap-prod.yml

@@ -2,40 +2,33 @@ spring:
   cloud:
     nacos:
       discovery:
-        server-addr: node02:8848
+        server-addr: 47.121.135.46:8848
         group: DEFAULT_GROUP
-        namespace: public
+        namespace: dev
       config:
-        server-addr: ${spring.cloud.nacos.discovery.server-addr}
-        group: ${spring.cloud.nacos.discovery.group}
-        namespace: ${spring.cloud.nacos.discovery.namespace}
+        server-addr: 47.121.135.46:8848
+        group: DEFAULT_GROUP
+        namespace: dev
         file-extension: yaml
   redis:
-    # 地址
-    host: node03
-    # 端口
+    host: 47.121.135.46
     port: 6379
-    # 数据库索引
     database: 5
-    # 密码
-    password: 123456
-    # 连接超时时间
-    timeout: 10s
+    timeout: 30s
+    connect-timeout: 10s
     lettuce:
       pool:
-        # 连接池中的最小空闲连接
-        min-idle: 0
-        # 连接池中的最大空闲连接
-        max-idle: 8
-        # 连接池的最大数据库连接数
-        max-active: 8
-        # #连接池最大阻塞等待时间（使用负值表示没有限制）
-        max-wait: -1ms
+        min-idle: 10
+        max-idle: 20
+        max-active: 50
+        max-wait: 5000ms
+      shutdown-timeout: 100ms
+    password: Hfln@1024
   datasource:
     driver-class-name: com.mysql.cj.jdbc.Driver
-    url: jdbc:mysql://node05:3306/tenant?useUnicode=true&characterEncoding=utf8&zeroDateTimeBehavior=convertToNull&useSSL=true&serverTimezone=Asia/Shanghai
+    url: jdbc:mysql://47.121.135.46:3306/lnxx_dev?useUnicode=true&characterEncoding=utf8&zeroDateTimeBehavior=convertToNull&useSSL=true&serverTimezone=Asia/Shanghai
     username: root
-    password: Wideth@123
+    password: Hfln@1024
     druid:
       initial-size: 5
       min-idle: 10
@@ -49,14 +42,31 @@ lnxx:
   knife4j:
     doc:
       basePackage: com.hfln.portal.application.controller
-      title: TENANTRY-SERVICE-SERVER
+      title: PORTAL-SERVICE-SERVER
       description: 业务服务
+  # 微信小程序
   wechat:
+    appid: wx60b2cd643b46d5eb
+    secret: a7c1e377869fffb6fcbacca979d77617
+    #微信公众号
+    office:
+      account:
+        appId: wx9b479fa3c2af4f21
+        secret: 426effb7b58f9ba7c5f6dd1062db0074
+        templateId: -wNA7XW0_4hscmIUK-hmolNpccd-zMlyGnKUvpGdfZQ
     bind:
       callbackUrl: https://jkld.radar-power.cn
-wechat:
-  appid: wx1a783618d97d999d
-  secret: db43538fbd86e946c9798fed18a91df1
+  # 短信验证码相关
+  sms:
+    tencent:
+      secretId: AKID40jFYdUCqMqFUXO2SecOvKYYKsGRP9rT
+      secretKey: Y3RcbMtO0V0bI2gzFShpocHjy1qSq0xf
+      loginId: 2368397
+      registerId: 2368393
+      notifyId: 2368474
+      region: ap-guangzhou
+      sdkAppId: 1400966707
+      signName: 合肥雷能信息
 
 sa-token:
   # token 名称（同时也是 cookie 名称）
@@ -77,3 +87,28 @@ sa-token:
   wx:
     timeout: 2592000
     active-timeout: -1
+
+# mqtt相关
+mqtt:
+  enabled: true
+  broker: tcp://47.121.135.46:1883
+  client-id: ${spring.application.name}-${random.uuid}
+  username: admin
+  password: public
+  timeout: 30
+  keepalive: 60
+  clean-session: true
+  automatic-reconnect: true
+
+# oss 存储
+oss:
+  accessKey:
+    id: LTAI5t9ZjmmHVs7nseZx3xWT
+    secret: TbmTSDP9ztXrLa4gXBhAmjerQcKGj7
+  endpoint: https://oss-cn-shanghai.aliyuncs.com
+  bucket: lnxx.oss-cn-shanghai.aliyuncs.com
+  region: cn-shanghai
+  expire:
+    seconds: 3600
+  download-url-pre: https://hflnxx.oss-cn-shanghai.aliyuncs.com/
+  ota-download-url-pre: http://hflnxx.oss-cn-shanghai.aliyuncs.com/

portal-service-server/src/main/resources/bootstrap.yml

@@ -5,7 +5,7 @@ spring:
     pathmatch:
       matching-strategy: ANT_PATH_MATCHER
   profiles:
-    active: local
+    active: prod
   application:
     name: portal-service-server