diff --git a/047-v3-pipeline-dsl/proposal.md b/047-v3-pipeline-dsl/proposal.md new file mode 100644 index 0000000000000000000000000000000000000000..aaecf7265985ca4bbf4ddf20f34d1220450de23e --- /dev/null +++ b/047-v3-pipeline-dsl/proposal.md @@ -0,0 +1,252 @@ +# 概述 + +* 统一规范v3「流水线定义」DSL语法。 + +# 问题描述 + +* 结合已提出了一些rfc以及简化v3流水线dsl,整理新版DSL语法。 + +# 约束条件 + +无 + +# 解决方案 + +* 以下为新版「流水线定义」DSL语法。 + +```yaml +# 建木v3流水线版本为3 +version: 3 + +name: xxxxxx +description: xxxxxx + +triggers: + # cron + - ref: cron1 + name: cron-1 + type: cron + schedule: 0 0 9 * * ? + # timer + - ref: timer1 + name: timer-1 + type: timer + start-at: 08:00:00 + repeat: true + interval: 1d + # inner + - ref: inner1 + name: inner-1 + type: inner + params: + - ref: username + name: git路径 + type: STRING + required: true + only: trigger.username === "张三" + # general webhook + - ref: webhook1 + name: webhook-1 + type: webhook + params: + - ref: gitee_ref + name: gitee_ref + type: STRING + expr: body.json.ref + required: true + auth: + token: trigger.gitee_token + expr: ((gitee.webhook_token)) + only: trigger.gitee_event === "Tag Push Hook" + # custom webhook + - ref: webhook2 + name: webhook-2 + webhook: xxx@xxx + events: + - ref: push_event + name: Push事件 + rules: + # 可选参数唯一标识 + - param-ref: xxx + operator: include | exclude | equal | neq | reg_exp + expr: xxx + # 规则集运算符 + rules-operator: and | or + - ref: pr_event + name: PR事件 + rules: + - param-ref: xxx + operator: include | exclude | equal | neq | reg_exp + expr: xxx + rules-operator: and | or + +global: + # v3.x版本迭代,tag取值为表达式, + # 相关RFC:037-project-tag-for-matching-worker + tag: "worker1" + ext.xxx + # 定义缓存 + # 相关RFC:034-workflow&pipeline-cache + caches: + # 缓存标识 + - maven + # 是否并发,默认为true + concurrent: true + # 全局参数 + params: + - ref: image_name + name: 镜像名称 + type: STRING + expr: '"jianmudev/jianmu-ci-server"' + - ref: maven_public_url + name: maven私库地址 + type: STRING + expr: ext.maven_public_url + required: true + # 后置处理 + # 相关RFC:033-workflow&pipeline-post + posts: + - ref: trigger-inner + name: 内部触发 + trigger: inner2 + when: git_clone.git_branch === "master" + inputs: + - ref: git_path + expr: shell.size + # 默认值:false,表示不脱敏 + hidden: true | false + - ref: feishu + name: 飞书通知 + task: feishu_notice_interactive@1.0.4 + inputs: + - ref: bot_webhook_url + expr: ((feishu.webhook_url)) + - ref: msg_title + expr: '"建木Deno表达式引擎Docker镜像构建完成"' + - ref: msg_text + expr: `标签:${git_clone.git_tag}\n\n镜像:${global.image_name}:${git_clone.git_tag}` + +# 阶段编排 +stages: + - ref: stage_1 + name: 阶段-1 + # 是否串行,默认为true,表示串行,false表示并行 + serial: true | false + # 节点编排 + nodes: + - ref: git_clone + name: 克隆仓库 + # 任务节点 + task: git_clone@1.2.3 + # 相关RFC:032-node-timeout + timeout: 10m 20s + # 失败策略 + # 相关RFC:035-meticulous-on-failure + on-failure: + default: suspend + timeout: retry + max: 2 + inputs: + - ref: remote_url + expr: '"https://gitee.com/jianmu-dev/jianmu-ci-server.git"' + - ref: ref + expr: trigger.gitee_ref + - ref: shell + name: 查看仓库目录 + # 容器内置节点(shell节点) + image: alpine:3.13.6 + envs: + - ref: GIT_PATH + expr: git_clone.git_path + # 默认值:false,表示不脱敏 + hidden: true | false + scripts: + - cd $GIT_PATH + - export size=`du -sh | awk '{print $1}'` + exports: + - ref: size + name: 仓库大小 + type: STRING + required: true + - ref: stage_2 + name: 阶段-2 + nodes: + - ref: approval + name: 审批 + # 审批网管 + # 相关RFC:029-approval-gateway + gateway: approval + inputs: + - ref: username + name: DockerHub用户名 + type: STRING + default: jianmudev + - ref: password + name: DockerHub密码 + type: SECRET + required: true + - ref: maven_jib_build + name: maven_jib构建镜像 + task: maven_build@1.3.1-jdk11 + caches: + # global段定义的缓存标识 + - ref: maven + path: /.m2 + inputs: + - ref: mvn_action + expr: '"install -Dmaven.test.skip=true"' + - ref: workspace + expr: git_clone.git_path + - ref: image_name + expr: global.image_name + - ref: image_tag + expr: git_clone.git_branch + - ref: maven_public_url + expr: global.maven_public_url + - ref: dockerhub_username + expr: approval.username + - ref: dockerhub_password + expr: approval.password + - ref: stage_3 + name: 阶段-3 + nodes: + - ref: send_message + task: feishu_notice_interactive@1.0.4 + inputs: + - ref: bot_webhook_url + expr: ((feishu.webhook_url)) + - ref: msg_title + expr: 建木Deno表达式引擎Docker镜像构建完成 + - ref: msg_text + expr: `标签:${git_clone.git_tag}\n\n镜像:${global.image_name}:${git_clone.git_tag}` + - ref: trigger-inner2 + name: 内部触发 + # 触发器内置节点 + # 相关RFC:030-trigger-node + trigger: inner3 + when: git_clone.git_branch === "master" + inputs: + - ref: git_path + expr: shell.size +``` + +# 待讨论问题 + +0. stage是否需要ref +1. 任务节点输入参数表达式计算结果类型不为对应类型时,是否隐式转换 +2. shell节点环境变量表达式计算结果类型不为字符串时,是否隐式转换为字符串 +3. 对密钥参数,hidden起到什么作用,会有什么影响 +4. 怎么在下游节点中引用审批网关参数,目前没有明确支持动态密钥机制 + +# 已解决问题 + +0. stage需要ref +1. 任务节点输入参数表达式计算结果类型不为对应类型时,直接报错,不隐式转换 +2. shell节点环境变量表达式计算结果类型不为字符串时,隐式转换为字符串 +3. 对密钥参数,hidden不起作用 +4. 审批网关不支持密钥类型 + +# 后果 + +无 + +