devops自动部署失败

hcw52592

Jenkinsfile如下：

stage(‘deploy to dev’) {

  agent none

  steps {

    container('maven') {

      withCredentials([kubeconfigContent(credentialsId : 'kubeconfig' ,variable : 'deploy.yaml' ,)]) {

        sh 'envsubst < deploy.yaml | kubectl apply -f -'

      }

    }

deploy.yaml:

kind: Deployment

apiVersion: apps/v1

metadata:

name: ttc-dev-v1

namespace: ttc-dev

labels:

app: ttc-dev

version: v1

annotations:

deployment.kubernetes.io/revision: '1'

kubesphere.io/creator: admin

spec:

replicas: 1

selector:

matchLabels:

  app: ttc-dev

  version: v1

template:

metadata:

  creationTimestamp: null

  labels:

    app: ttc-dev

    version: v1

spec:

  volumes:

    - name: host-time

      hostPath:

        path: /etc/localtime

        type: ''

  containers:

    - name: container-xmbuab

      image: 'registry.cn-hangzhou.aliyuncs.com/houchengwei/ttc-dev:SNAPSHOT-$BUILD_NUMBER'

      ports:

        - name: http-9999

          containerPort: 9999

          protocol: TCP

      resources:

        limits:

          cpu: '1'

          memory: 512Mi

      volumeMounts:

        - name: host-time

          readOnly: true

          mountPath: /etc/localtime

      terminationMessagePath: /dev/termination-log

      terminationMessagePolicy: File

      imagePullPolicy: IfNotPresent

  restartPolicy: Always

  terminationGracePeriodSeconds: 30

  dnsPolicy: ClusterFirst

  serviceAccountName: default

  serviceAccount: default

  securityContext: {}

  imagePullSecrets:

    - name: ali-docker-hub

  schedulerName: default-scheduler

strategy:

type: RollingUpdate

rollingUpdate:

  maxUnavailable: 25%

  maxSurge: 25%

revisionHistoryLimit: 10

progressDeadlineSeconds: 600

---

kind: Service

apiVersion: v1

metadata:

name: ttc-dev

namespace: ttc-dev

labels:

app: ttc-dev

version: v1

annotations:

kubesphere.io/creator: admin

kubesphere.io/serviceType: statelessservice

spec:

ports:

- name: http-9999

  protocol: TCP

  port: 9999

  targetPort: 9999

  nodePort: 30878

selector:

app: ttc-dev

clusterIP: 10.233.25.139

clusterIPs:

- 10.233.25.139

type: NodePort

sessionAffinity: None

externalTrafficPolicy: Cluster

ipFamilies:

- IPv4

ipFamilyPolicy: SingleStack

报错如下：

+ envsubst + kubectl apply -f - Error from server (Forbidden): error when retrieving current configuration of: Resource: “apps/v1, Resource=deployments”, GroupVersionKind: “apps/v1, Kind=Deployment” Name: “ttc-dev-v1”, Namespace: “ttc-dev” from server for: “STDIN”: deployments.apps “ttc-dev-v1” is forbidden: User “system:serviceaccount:kubesphere-devops-worker:default” cannot get resource “deployments” in API group “apps” in the namespace “ttc-dev” Error from server (Forbidden): error when retrieving current configuration of: Resource: “/v1, Resource=services”, GroupVersionKind: “/v1, Kind=Service” Name: “ttc-dev”, Namespace: “ttc-dev” from server for: “STDIN”: services “ttc-dev” is forbidden: User “system:serviceaccount:kubesphere-devops-worker:default” cannot get resource “services” in API group "" in the namespace “ttc-dev” script returned exit code 1

johnniang

请参考：https://kubesphere.com.cn/forum/d/6500-kubeconfigfile-name-too-long/12