課題
Jenkinsfileを記述したら、実行時に構文エラーが判明し、記述を修正するというプロセスを繰り返してしまっている。事前に構文をチェックすることはできないのか。
解決策
Jenkins CLIを利用して構文をチェックすることができる(Command-line Pipeline Linter)。Jenkins CLIは主に以下のインタフェースで提供される。
今回はSSHのインタフェースを利用した方法について説明する。事前にJenkinsで以下のような設定が必要なので対応しておくこと。
- SSH server プラグイン(SSH server)の導入
- アクセスユーザの作成と鍵登録
以下のコマンドでJenkins CLIの一覧が出てくれば正常に準備ができている状態である。
$ ssh <user name>@<ip address> -p <port> help
add-job-to-view
Adds jobs to view.
build
Builds a job, and optionally waits until its completion.
cancel-quiet-down
Cancel the effect of the "quiet-down" command.
(以下略)
一覧のうち以下のコマンドを利用する。
declarative-linter
Validate a Jenkinsfile containing a Declarative Pipeline
はじめに、構文が正しいJenkinsfileをチェックにかけてみる。
$ cat Jenkinsfile
pipeline {
agent any
stages {
stage("Test") {
steps {
script {
echo 'Hello'
}
}
}
}
}
結果は以下の通り。
$ ssh <user name>@<ip address> -p <port> declarative-linter < Jenkinsfile Jenkinsfile successfully validated.
次に、わざと構文を間違えたJenkinsfileをチェックにかけてみる。
$ cat Jenkinsfile
pipeline {
stages {
stage("Test") {
steps {
script {
echo 'Hello'
}
}
}
}
}
間違いが正しく指摘された。
$ ssh <user name>@<ip address> -p <port> declarative-linter < Jenkinsfile
Errors encountered validating Jenkinsfile:
WorkflowScript: 1: Missing required section "agent" @ line 1, column 1.
pipeline {
^
参考にCLIの一覧をすべて記載しておく。
add-job-to-view
Adds jobs to view.
build
Builds a job, and optionally waits until its completion.
cancel-quiet-down
Cancel the effect of the "quiet-down" command.
clear-queue
Clears the build queue.
connect-node
Reconnect to a node(s)
console
Retrieves console output of a build.
copy-job
Copies a job.
create-credentials-by-xml
Create Credential by XML
create-credentials-domain-by-xml
Create Credentials Domain by XML
create-job
Creates a new job by reading stdin as a configuration XML file.
create-node
Creates a new node by reading stdin as a XML configuration.
create-view
Creates a new view by reading stdin as a XML configuration.
declarative-linter
Validate a Jenkinsfile containing a Declarative Pipeline
delete-builds
Deletes build record(s).
delete-credentials
Delete a Credential
delete-credentials-domain
Delete a Credentials Domain
delete-job
Deletes job(s).
delete-node
Deletes node(s)
delete-view
Deletes view(s).
disable-job
Disables a job.
disable-plugin
Disable one or more installed plugins.
disconnect-node
Disconnects from a node.
enable-job
Enables a job.
enable-plugin
Enables one or more installed plugins transitively.
get-credentials-as-xml
Get a Credentials as XML (secrets redacted)
get-credentials-domain-as-xml
Get a Credentials Domain as XML
get-gradle
List available gradle installations
get-job
Dumps the job definition XML to stdout.
get-node
Dumps the node definition XML to stdout.
get-view
Dumps the view definition XML to stdout.
groovy
Executes the specified Groovy script.
groovysh
Runs an interactive groovy shell.
help
Lists all the available commands or a detailed description of single command.
import-credentials-as-xml
Import credentials as XML. The output of "list-credentials-as-xml" can be used as input here as is, the only needed change is to set the actual Secrets which are redacted in the output.
install-plugin
Installs a plugin either from a file, an URL, or from update center.
keep-build
Mark the build to keep the build forever.
list-changes
Dumps the changelog for the specified build(s).
list-credentials
Lists the Credentials in a specific Store
list-credentials-as-xml
Export credentials as XML. The output of this command can be used as input for "import-credentials-as-xml" as is, the only needed change is to set the actual Secrets which are redacted in the output.
list-credentials-context-resolvers
List Credentials Context Resolvers
list-credentials-providers
List Credentials Providers
list-jobs
Lists all jobs in a specific view or item group.
list-plugins
Outputs a list of installed plugins.
mail
Reads stdin and sends that out as an e-mail.
offline-node
Stop using a node for performing builds temporarily, until the next "online-node" command.
online-node
Resume using a node for performing builds, to cancel out the earlier "offline-node" command.
quiet-down
Quiet down Jenkins, in preparation for a restart. Don’t start any builds.
reload-configuration
Discard all the loaded data in memory and reload everything from file system. Useful when you modified config files directly on disk.
reload-job
Reload job(s)
remove-job-from-view
Removes jobs from view.
replay-pipeline
Replay a Pipeline build with edited script taken from standard input
restart
Restart Jenkins.
restart-from-stage
Restart a completed Declarative Pipeline build from a given stage.
safe-restart
Safe Restart Jenkins. Don’t start any builds.
safe-shutdown
Puts Jenkins into the quiet mode, wait for existing builds to be completed, and then shut down Jenkins.
session-id
Outputs the session ID, which changes every time Jenkins restarts.
set-build-description
Sets the description of a build.
set-build-display-name
Sets the displayName of a build.
shutdown
Immediately shuts down Jenkins server.
stop-builds
Stop all running builds for job(s)
update-credentials-by-xml
Update Credentials by XML
update-credentials-domain-by-xml
Update Credentials Domain by XML
update-job
Updates the job definition XML from stdin. The opposite of the get-job command.
update-node
Updates the node definition XML from stdin. The opposite of the get-node command.
update-view
Updates the view definition XML from stdin. The opposite of the get-view command.
version
Outputs the current version.
wait-node-offline
Wait for a node to become offline.
wait-node-online
Wait for a node to become online.
who-am-i
Reports your credential and permissions.
所感
わざわざこのような設定・操作をしないとlinterにかけられないのが億劫であるがチェックできないよりはマシではある。有名なエディタにはJenkinsfileのためのlinterのプラグインも用意されている可能性があるので(とくにVSCodeとか)そちらも併せて確認したい。
