🧪 Skills
CICD工作流程技能
Provides CI/CD pipeline templates and interactive setup for Java + Vue projects with GitLab CI or Jenkins, supporting linting, testing, building, Dockerizing...
v1.0.0
Description
name: cicd-workflow description: CI/CD workflow skill for Java + Vue projects. Supports GitLab CI and Jenkins pipelines with code linting, unit testing, build packaging, Docker image building, Kubernetes deployment, and notification feedback. Use when: (1) Setting up CI/CD pipelines for Java/Vue projects, (2) Configuring GitLab CI or Jenkins workflows, (3) Building Docker images and deploying to Kubernetes, (4) Implementing automated code quality checks and testing, (5) Setting up deployment notifications.
CI/CD Workflow Skill
Complete CI/CD pipeline templates for Java + Vue full-stack projects, supporting GitLab CI and Jenkins with Kubernetes deployment.
Interactive Configuration (NEW)
This skill supports interactive step-by-step configuration with numbered options.
Configuration Flow
1. Choose Platform (GitLab CI / Jenkins)
↓
2. Choose Project Type (Java / Vue / Java+Vue)
↓
3. Choose Deployment Target (K8s / Docker / SSH)
↓
4. Choose Trigger Method (Manual / Auto / Scheduled)
↓
5. Choose Pipeline Steps (Multi-select)
↓
6. Generate Configuration
Step 1: Platform
| # | Platform | Config File |
|---|---|---|
| 1 | GitLab CI | .gitlab-ci.yml |
| 2 | Jenkins | Jenkinsfile |
Step 2: Project Type
| # | Type | Description |
|---|---|---|
| 1 | Java Backend | Spring Boot project only |
| 2 | Vue Frontend | Vue.js project only |
| 3 | Java + Vue Fullstack | Both backend and frontend |
Step 3: Deployment Target
| # | Target | Description |
|---|---|---|
| 1 | Kubernetes | Deploy to K8s cluster with kubectl |
| 2 | Docker Server | Deploy to Docker host |
| 3 | Traditional Server (SSH) | Deploy via SSH to remote server |
Step 4: Trigger Method
| # | Method | Description |
|---|---|---|
| 1 | Manual | Trigger by "Build Now" button |
| 2 | Push Auto | Trigger on every push |
| 3 | Scheduled | Trigger by cron schedule |
Step 5: Pipeline Steps (Multi-select)
| # | Step | Description |
|---|---|---|
| 1 | Lint | Code quality checks |
| 2 | Test | Unit tests with coverage |
| 3 | Build | Compile and package |
| 4 | Dockerize | Build and push Docker images |
| 5 | Deploy | Deploy to target environment |
| 6 | Notify | Send notifications |
Input Format
Complete in one line:
Platform,Project,Target,Trigger,Steps
Examples:
1,3,1,1,123456= GitLab CI + Java/Vue + K8s + Manual + All steps2,1,3,1,12356= Jenkins + Java + SSH + Manual + No Docker1,2,1,2,123456= GitLab CI + Vue + K8s + Auto trigger + All steps
Or step by step: Reply with one number at a time, the skill will guide you through each step.
Generated Output
When generating CI/CD configuration, this skill produces a complete package including:
For Jenkins
cicd-output/
├── Jenkinsfile.txt # Pipeline configuration (rename to Jenkinsfile when using)
├── setup-guide.md # Complete setup instructions
├── systemd/
│ └── [app-name].service # systemd service file (for SSH deployment)
└── README.md # Quick reference
For GitLab CI
cicd-output/
├── .gitlab-ci.yml.txt # Pipeline configuration (rename to .gitlab-ci.yml when using)
├── setup-guide.md # Complete setup instructions
├── docker-compose.yml # Local development setup
└── README.md # Quick reference
Setup Guide Contents
The automatically generated setup-guide.md includes:
1. Prerequisites
- Required Jenkins/GitLab version
- Required plugins and extensions
- Server/environment requirements
2. Credential Configuration
- Detailed list of required credentials
- Step-by-step credential creation guide
- Security best practices
3. Platform-Specific Setup
- Jenkins: Pipeline job creation, plugin installation
- GitLab CI: Runner setup, variable configuration
4. Deployment Target Setup
- Kubernetes: Cluster access, namespace setup
- Docker: Registry configuration, daemon setup
- SSH: User creation, key exchange, systemd service
5. Troubleshooting
- Common errors and solutions
- Debug tips and log locations
- Verification steps
6. Customization Guide
- How to modify environment variables
- How to add custom stages
- How to adjust resource limits
Pipeline Stages
- Prepare - 环境检查和初始化
- Lint - 代码质量检查 (SpotBugs, PMD, Checkstyle for Java; ESLint, Prettier for Vue)
- Test - 单元测试与覆盖率报告
- Build - 编译打包,同时进行静态资源安全扫描
- Security Scan - Trivy 镜像安全扫描(可选)
- Dockerize - 构建并推送 Docker 镜像
- Deploy - 部署到 Kubernetes 集群
- Notify - 发送部署状态通知
Supported Platforms
- GitLab CI (
.gitlab-ci.yml) - Jenkins (
Jenkinsfile)
Quick Start
GitLab CI
- Copy
assets/gitlab-ci.yml.txtto your project root as.gitlab-ci.yml - Update variables in the file:
DOCKER_REGISTRY- Your Docker registry URLDOCKER_NAMESPACE- Your registry namespaceK8S_NAMESPACE- Kubernetes namespace
- Configure CI/CD variables in GitLab:
CI_REGISTRY_USER/CI_REGISTRY_PASSWORD- Docker registry credentialsKUBE_CONFIG- Base64 encoded kubeconfigWEBHOOK_URL- Notification webhook URL
- Push to trigger pipeline (manual trigger for dockerize and deploy stages)
Jenkins
- Copy
assets/Jenkinsfile.txtto your project root asJenkinsfile - Install recommended plugins:
- Pipeline
- Docker Pipeline
- Kubernetes CLI
- JUnit (for test results)
- JaCoCo (optional, for coverage)
- HTTP Request (for notifications)
- Create Jenkins credentials:
docker-registry-credentials- Docker registry login (username/password)kubeconfig- Kubernetes config file (secret file)webhook-url- Notification webhook URL (secret text)
- Create a new Pipeline job pointing to your repository
- Run manually via "Build Now"
Jenkinsfile Features:
- ✅ Conditional builds based on file changes (
when { changeset }) - ✅ Static resource security scan during build
- ✅ Graceful handling of missing plugins
- ✅ Resource limits for Docker agents
- ✅ Multi-environment deployment support
- ✅ Rich notification cards for Feishu/DingTalk
Project Structure
project-root/
├── backend/ # Java Spring Boot project
│ ├── src/
│ ├── pom.xml
│ └── Dockerfile # Copy from assets/Dockerfile.java.txt
├── frontend/ # Vue.js project
│ ├── src/
│ ├── package.json
│ └── Dockerfile # Copy from assets/Dockerfile.vue.txt
├── .gitlab-ci.yml # Copy from assets/.gitlab-ci.yml.txt
├── Jenkinsfile # Copy from assets/Jenkinsfile.txt
└── k8s/
└── deployment.yml # Kubernetes manifests (from assets/)
Assets Reference
Dockerfiles
assets/Dockerfile.java.txt- Java backend Docker image (multi-stage, Alpine-based)assets/Dockerfile.vue.txt- Vue frontend Docker image (multi-stage, Nginx-based)
Note: Rename .txt files to remove the extension when using in your project.
Dockerfile.java.txt→DockerfileDockerfile.vue.txt→Dockerfile
Security Features
1. Static Resource Security (Vue Projects)
自动排除的文件类型:
.vue- Vue 单文件组件源码*.config.js/ts/mjs/cjs/json- 各种配置文件vite.config.*- Vite 配置webpack.config.*- Webpack 配置babel.config.*- Babel 配置tailwind.config.*- Tailwind 配置postcss.config.*- PostCSS 配置eslint.config.*/.eslintrc.*- ESLint 配置.prettierrc.*- Prettier 配置*.map- Source map 文件
防护层级:
| 层级 | 位置 | 机制 |
|---|---|---|
| 构建时 | Dockerfile | find 命令删除上述文件 |
| 运行时 | Nginx | location 规则返回 404 |
| CI/CD | Jenkinsfile | 构建阶段扫描并删除 |
2. Nginx Security Configuration
# 拒绝访问源码文件
location ~* \.vue$ { return 404; }
# 拒绝访问配置文件
location ~* (config|vite|webpack|babel|tailwind|postcss|eslint|prettier)\.config\.(js|ts|mjs|cjs|json)$ {
return 404;
}
# 拒绝访问 source map
location ~* \.map$ { return 404; }
Kubernetes
assets/k8s-deployment.yml- Complete K8s manifests including:- Deployments with health checks
- Services (ClusterIP)
- Ingress with TLS
- HorizontalPodAutoscaler (HPA)
Nginx Config
assets/nginx.conf.txt- Optimized Nginx configuration for Vue SPA with:- Gzip compression
- Static asset caching
- API proxy to backend
- Health check endpoint
- Security rules (blocks .vue, config files, source maps)
Note: Copy and rename to nginx.conf when using.
Scripts
Notification Script
scripts/notify.sh - Send deployment notifications to:
- 飞书 (Feishu)
- 钉钉 (DingTalk)
- Slack
- 企业微信 (WeChat Work)
Usage:
export WEBHOOK_TYPE=feishu
export WEBHOOK_URL=https://open.feishu.cn/...
export PROJECT_NAME=my-app
export VERSION=1.0.0
./scripts/notify.sh success
Customization Guide
1. Adjust Resource Limits
Edit assets/k8s-deployment.yml:
resources:
requests:
memory: "512Mi" # Adjust based on your app
cpu: "250m"
limits:
memory: "1Gi"
cpu: "1000m"
2. Change Trigger Strategy
GitLab CI - Remove when: manual to auto-trigger:
dockerize-java:
# ...
# when: manual # Remove or comment this line
Jenkins - Add SCM polling:
triggers {
pollSCM('H/5 * * * *') // Check every 5 minutes
}
3. Add Environment Stages
Add staging deployment between build and production:
GitLab CI:
stages:
- lint
- test
- build
- dockerize
- deploy-staging # Add this
- deploy-production # Rename from deploy
- notify
deploy-staging:
stage: deploy-staging
script:
- kubectl set image ... -n staging
environment:
name: staging
when: manual
4. Custom Quality Gates
Add SonarQube analysis:
sonarqube:
stage: test
image: sonarsource/sonar-scanner-cli
script:
- sonar-scanner
-Dsonar.projectKey=$CI_PROJECT_NAME
-Dsonar.sources=.
-Dsonar.host.url=$SONAR_URL
-Dsonar.login=$SONAR_TOKEN
5. Multi-Environment Support
Use GitLab environments or Jenkins branches:
GitLab:
deploy:
script:
- |
if [ "$CI_COMMIT_REF_NAME" == "main" ]; then
kubectl set image ... -n production
else
kubectl set image ... -n staging
fi
Troubleshooting
Static Resource Security Violation
Error: Build fails with "Security violation found: *.vue files in dist"
Cause: Vue build configuration may be including source files
Solution:
- Check
vite.config.js/vue.config.jsfor incorrectpublicDirorassetsInclude - Verify
.gitignoreexcludes source files from build - Manual fix in Dockerfile already handles cleanup:
RUN find /usr/share/nginx/html -type f \
-name "*.vue" -o \
-name "*.config.js" \
-delete
Jenkins Plugin Not Found
Error: No such DSL method 'publishTestResults'
Solution:
- Jenkinsfile now uses standard
junitplugin instead of custom publishers - Install JUnit Plugin from Jenkins plugin manager
- Or disable test publishing by removing the
post { always { junit ... } }blocks
Docker Build Context Issues
Error: unable to prepare context: unable to evaluate symlinks
Solution:
// Use explicit build context
Dockerfile: "-f backend/Dockerfile backend/"
// Not: "-f backend/Dockerfile ."
Kubectl Commands Fail
- Verify
KUBE_CONFIGis base64 encoded correctly - Check cluster name matches the context in kubeconfig
- Ensure service account has deployment permissions
Image Pull Errors
- Verify image tags are pushed correctly
- Check image pull secrets if using private registry
- Verify pod has
imagePullPolicy: Alwaysfor latest tags
Rollout Hangs
- Check pod events:
kubectl describe pod <pod-name> - Verify resource limits are not too low
- Check application logs:
kubectl logs <pod-name>
Security Best Practices
- Never commit credentials - Always use CI/CD variables
- Use specific image tags - Avoid
:latestin production - Enable RBAC - Limit service account permissions
- Scan images - Add Trivy or Clair vulnerability scanning
- Network policies - Restrict pod-to-pod communication
- Resource quotas - Set namespace limits
References
Reviews (0)
Sign in to write a review.
No reviews yet. Be the first to review!
Comments (0)
No comments yet. Be the first to share your thoughts!