一个靠谱的GIT分支模型(GIT Flow)

作者:Vincent Driessen

原文连接: http://nvie.com/posts/a-successful-git-branching-model/



译者注:这是一套靠谱的git分支指导。充分的适配于团队的日常开发、新功能开发、紧急bug修复,通过该模型可建立一套行之有效的上线发布流程。本模型后来作为 GIT Flow 的标准被推行。


In this post I present the development model that I’ve introduced for some of my projects (both at work and private) about a year ago, and which has turned out to be very successful. I’ve been meaning to write about it for a while now, but I’ve never really found the time to do so thoroughly, until now. I won’t talk about any of the projects’ details, merely about the branching strategy and release management.


It focuses around Git as the tool for the versioning of all of our source code.


Why git?


For a thorough discussion on the pros and cons of Git compared to centralized source code control systems, see the web. There are plenty of flame wars going on there. As a developer, I prefer Git above all other tools around today. Git really changed the way developers think of merging and branching. From the classic CVS/Subversion world I came from, merging/branching has always been considered a bit scary (“beware of merge conflicts, they bite you!”) and something you only do every once in a while.

经过一些讨论和对比,我们最终选用GIT作为我们的版本管理工具,详情参考文章: GitSvnComparison 。GIT有非常多的亮点,作为一个开发人员,GIT是我最喜欢的版本管理工具,没有之一。 GIT改变了开发人员对代码分支和合并的思维方式。在经典的CVS/SVN的世界中,分支和合并被认为是危险的(小心合并冲突,他真的会咬你!),我们经常不得不考虑在很长一段时间,绝对必要时才去进行一次合并操作。

But with Git, these actions are extremely cheap and simple, and they are considered one of the core parts of your daily workflow, really. For example, in CVS/Subversion books, branching and merging is first discussed in the later chapters (for advanced users), while in every Git book, it’s already covered in chapter 3 (basics).


As a consequence of its simplicity and repetitive nature, branching and merging are no longer something to be afraid of. Version control tools are supposed to assist in branching/merging more than anything else.


Enough about the tools, let’s head onto the development model. The model that I’m going to present here is essentially no more than a set of procedures that every team member has to follow in order to come to a managed software development process.


Decentralized but centralized


The repository setup that we use and that works well with this branching model, is that with a central “truth” repo. Note that this repo is only considered to be the central one (since Git is a DVCS, there is no such thing as a central repo at a technical level). We will refer to this repo as origin, since this name is familiar to all Git users.



Each developer pulls and pushes to origin. But besides the centralized push-pull relationships, each developer may also pull changes from other peers to form sub teams. For example, this might be useful to work together with two or more developers on a big new feature, before pushing the work in progress to origin prematurely. In the figure above, there are subteams of Alice and Bob, Alice and David, and Clair and David.


Technically, this means nothing more than that Alice has defined a Git remote, named bob, pointing to Bob’s repository, and vice versa.


The main branches


At the core, the development model is greatly inspired by existing models out there. The central repo holds two main branches with an infinite lifetime:

  • master
  • develop


  • master 主分支
  • develop 开发分支

The master branch at origin should be familiar to every Git user. Parallel to the master branch, another branch exists called develop.


We consider origin/master to be the main branch where the source code of HEAD always reflects a production-ready state.


We consider origin/develop to be the main branch where the source code of HEAD always reflects a state with the latest delivered development changes for the next release. Some would call this the “integration branch”. This is where any automatic nightly builds are built from.


When the source code in the develop branch reaches a stable point and is ready to be released, all of the changes should be merged back into master somehow and then tagged with a release number. How this is done in detail will be discussed further on.


Therefore, each time when changes are merged back into master, this is a new production release by definition. We tend to be very strict at this, so that theoretically, we could use a Git hook script to automatically build and roll-out our software to our production servers everytime there was a commit on master.


Supporting branches


Next to the main branches master and develop, our development model uses a variety of supporting branches to aid parallel development between team members, ease tracking of features, prepare for production releases and to assist in quickly fixing live production problems. Unlike the main branches, these branches always have a limited life time, since they will be removed eventually.


The different types of branches we may use are:

  • Feature branches
  • Release branches
  • Hotfix branches


  • 新功能分支
  • 发布分支
  • BUG修复分支

Each of these branches have a specific purpose and are bound to strict rules as to which branches may be their originating branch and which branches must be their merge targets. We will walk through them in a minute.


By no means are these branches “special” from a technical perspective. The branch types are categorized by how we use them. They are of course plain old Git branches.


Feature branches


May branch off from:
Must merge back into:
Branch naming convention:
anything except master, develop, release-*, or hotfix-*
任何名字,但不要使用 master, develop, release-* 或 hotfix-*

Feature branches (or sometimes called topic branches) are used to develop new features for the upcoming or a distant future release. When starting development of a feature, the target release in which this feature will be incorporated may well be unknown at that point. The essence of a feature branch is that it exists as long as the feature is in development, but will eventually be merged back into develop (to definitely add the new feature to the upcoming release) or discarded (in case of a disappointing experiment).


Feature branches typically exist in developer repos only, not in origin.


Creating a feature branch


When starting work on a new feature, branch off from the develop branch.


$ git checkout -b myfeature develop
Switched to a new branch "myfeature"

Incorporating a finished feature on develop


Finished features may be merged into the develop branch to definitely add them to the upcoming release:


$ git checkout develop
Switched to branch 'develop'
$ git merge --no-ff myfeature
Updating ea1b82a..05e9557
(Summary of changes)
$ git branch -d myfeature
Deleted branch myfeature (was 05e9557).
$ git push origin develop

The --no-ff flag causes the merge to always create a new commit object, even if the merge could be performed with a fast-forward. This avoids losing information about the historical existence of a feature branch and groups together all commits that together added the feature. Compare:

--no-ff 标记强制创建一个新的提交,禁止合并操作使用『快速前进(fast-forward)』方式进行。这样可以避免在合并时丢失了新功能分支脚力和消亡过程。标记功能的比较图示如下:

In the latter case, it is impossible to see from the Git history which of the commit objects together have implemented a feature—you would have to manually read all the log messages. Reverting a whole feature (i.e. a group of commits), is a true headache in the latter situation, whereas it is easily done if the--no-ff flag was used.


Yes, it will create a few more (empty) commit objects, but the gain is much bigger than the cost.


Release branches


May branch off from:
Must merge back into:
develop and master
Branch naming convention:
develop 和 master

Release branches support preparation of a new production release. They allow for last-minute dotting of i’s and crossing t’s. Furthermore, they allow for minor bug fixes and preparing meta-data for a release (version number, build dates, etc.). By doing all of this work on a release branch, the develop branch is cleared to receive features for the next big release.


The key moment to branch off a new release branch from develop is when develop (almost) reflects the desired state of the new release. At least all features that are targeted for the release-to-be-built must be merged in to develop at this point in time. All features targeted at future releases may not—they must wait until after the release branch is branched off.


It is exactly at the start of a release branch that the upcoming release gets assigned a version number—not any earlier. Up until that moment, the develop branch reflected changes for the “next release”, but it is unclear whether that “next release” will eventually become 0.3 or 1.0, until the release branch is started. That decision is made on the start of the release branch and is carried out by the project’s rules on version number bumping.


Creating a release branch


Release branches are created from the develop branch. For example, say version 1.1.5 is the current production release and we have a big release coming up. The state of develop is ready for the “next release” and we have decided that this will become version 1.2 (rather than 1.1.6 or 2.0). So we branch off and give the release branch a name reflecting the new version number:

发布分支从develop分支创建。举例来说,假设我们现在已经发布的版本为1.1.5 。开发人员已经基本完成了代码开发工作。经过评估,我们认为这次改动较大,决定将其作为版本1.2(不是1.1.6,也不是2.0)进行发布,然后创建这个新的发布分支:

$ git checkout -b release-1.2 develop
Switched to a new branch "release-1.2"
$ ./bump-version.sh 1.2
Files modified successfully, version bumped to 1.2.
$ git commit -a -m "Bumped version number to 1.2"
[release-1.2 74d9424] Bumped version number to 1.2
1 files changed, 1 insertions(+), 1 deletions(-)

After creating a new branch and switching to it, we bump the version number. Here, bump-version.sh is a fictional shell script that changes some files in the working copy to reflect the new version. (This can of course be a manual change—the point being that some files change.) Then, the bumped version number is committed.


This new branch may exist there for a while, until the release may be rolled out definitely. During that time, bug fixes may be applied in this branch (rather than on the develop branch). Adding large new features here is strictly prohibited. They must be merged into develop, and therefore, wait for the next big release.

这个分支将存在一段时间,直到这次发布完成。在此期间,可能发生一些bug修复(这些修改不在develop分支进行)。 不允许提交大功能的改进代码,它们必须被合并提交到develop,然后等待下一个发布工作。

Finishing a release branch


When the state of the release branch is ready to become a real release, some actions need to be carried out. First, the release branch is merged into master (since every commit on master is a new release by definition, remember). Next, that commit on master must be tagged for easy future reference to this historical version. Finally, the changes made on the release branch need to be merged back into develop, so that future releases also contain these bug fixes.


The first two steps in Git:


$ git checkout master
Switched to branch 'master'
$ git merge --no-ff release-1.2
Merge made by recursive.
(Summary of changes)
$ git tag -a 1.2

The release is now done, and tagged for future reference.


Edit: You might as well want to use the -s or -u <key> flags to sign your tag cryptographically.

提醒:在tag操作中,你可能需要增加-s-u <key> 参数,用来对tag代表的代码进行签名,防止纂改。

To keep the changes made in the release branch, we need to merge those back into develop, though. In Git:


$ git checkout develop
Switched to branch 'develop'
$ git merge --no-ff release-1.2
Merge made by recursive.
(Summary of changes)

This step may well lead to a merge conflict (probably even, since we have changed the version number). If so, fix it and commit.


Now we are really done and the release branch may be removed, since we don’t need it anymore:


$ git branch -d release-1.2
Deleted branch release-1.2 (was ff452fe).

Hotfix branches


May branch off from:
Must merge back into:
develop and master
Branch naming convention:
develop 和 master

Hotfix branches are very much like release branches in that they are also meant to prepare for a new production release, albeit unplanned. They arise from the necessity to act immediately upon an undesired state of a live production version. When a critical bug in a production version must be resolved immediately, a hotfix branch may be branched off from the corresponding tag on the master branch that marks the production version.


The essence is that work of team members (on the develop branch) can continue, while another person is preparing a quick production fix.


Creating the hotfix branch


Hotfix branches are created from the master branch. For example, say version 1.2 is the current production release running live and causing troubles due to a severe bug. But changes on develop are yet unstable. We may then branch off a hotfix branch and start fixing the problem:


$ git checkout -b hotfix-1.2.1 master
Switched to a new branch "hotfix-1.2.1"
$ ./bump-version.sh 1.2.1
Files modified successfully, version bumped to 1.2.1.
$ git commit -a -m "Bumped version number to 1.2.1"
[hotfix-1.2.1 41e61bb] Bumped version number to 1.2.1
1 files changed, 1 insertions(+), 1 deletions(-)

Don’t forget to bump the version number after branching off!


Then, fix the bug and commit the fix in one or more separate commits.


$ git commit -m "Fixed severe production problem"
[hotfix-1.2.1 abbe5d6] Fixed severe production problem
5 files changed, 32 insertions(+), 17 deletions(-)

Finishing a hotfix branch


When finished, the bugfix needs to be merged back into master, but also needs to be merged back into develop, in order to safeguard that the bugfix is included in the next release as well. This is completely similar to how release branches are finished.


First, update master and tag the release.


$ git checkout master
Switched to branch 'master'
$ git merge --no-ff hotfix-1.2.1
Merge made by recursive.
(Summary of changes)
$ git tag -a 1.2.1

Edit: You might as well want to use the -s or -u <key> flags to sign your tag cryptographically.

提醒:在tag操作中,你可能需要增加-s-u <key> 参数,用来对tag代表的代码进行签名,防止纂改。

Next, include the bugfix in develop, too:


$ git checkout develop
Switched to branch 'develop'
$ git merge --no-ff hotfix-1.2.1
Merge made by recursive.
(Summary of changes)

The one exception to the rule here is that, when a release branch currently exists, the hotfix changes need to be merged into that release branch, instead of develop. Back-merging the bugfix into the release branch will eventually result in the bugfix being merged into develop too, when the release branch is finished. (If work in develop immediately requires this bugfix and cannot wait for the release branch to be finished, you may safely merge the bugfix into develop now already as well.)


Finally, remove the temporary branch:


$ git branch -d hotfix-1.2.1
Deleted branch hotfix-1.2.1 (was abbe5d6).



While there is nothing really shocking new to this branching model, the “big picture” figure that this post began with has turned out to be tremendously useful in our projects. It forms an elegant mental model that is easy to comprehend and allows team members to develop a shared understanding of the branching and releasing processes.


A high-quality PDF version of the figure is provided here. Go ahead and hang it on the wall for quick reference at any time.








Jenkins工作流是V2版本中推出的全新概念,使用Groovy编写。Groovy语法可以参考网址:Groovy syntax。如果你会编写Groovy是好的,但并不是绝对必须的。如果你有一些其他的语言编程经验,那么翻阅一下Groovy Syntax,参考现有的groovy说明,就能很快建立一个工作流。

工作流主要包括阶段(stage)、工作节点(node)、 工作步骤(step)概念。下一章我们会重点介绍。








  1. 工作流,工作流是以插件的的方式加载到Jenkins中的,包括核心库和众多的工具库;
  2. SCM类,用于git,subversion的代码迁出,github插件提供对gtihub的访问权限;
  3. 权限管理:一般使用Role Strategy。对用户分角色、分项目进行精细化管理;
  4. 编译工具类,包括Maven、Ant、Gradle、xcode等







建立了一个Bash脚本,用于启停进程。启停前后,均会对进程关联进程进行检查,确保进程被完全关闭,也确保进程被正确启动。 对于顽固进程特别有效! 功能:

  • 服务安全启动
  • 服务安全关闭
  • 监控服务状态
  • 自动重启服务。 当服务意外蹦了的时候,自动重启之
  • 以及Supervisord提供的管理服务的WEB工具

更多介绍和使用说明,参考 Wiki


本脚本为纯Bash, 尽量较少运维依赖。 Git clone后即可使用。 服务启动依赖于Supervisor。 Supervisord是用Python实现的一款非常实用的进程管理工具,类似于monit。 Supervisord会能将你的程序转化为Daemon服务。

Supervisord 安装

supervisord可使用Linux系统原生的包管理工具安装,也可以使用easy_install, pip进行安装。 详细参考 http://supervisord.org/installing.html 简单介绍一下centos easy_install的方法:

 yum install python-setuptools
 easy_install -U supervisor
 echo_supervisord_conf > /etc/supervisord.conf

Supervisor 配置


files = /etc/supervisor.d/*.ini

建立/etc/supervisor.d/目录,以servicename.ini命名,建立需要管理的多项任务。 示例任务见 examples 下文件。 配置文件修改和任务新增后,别忘了重启supervisor服务。通过命令可查看各任务状态:supervisorctl status

Steve 配置

###set the port here. You have to check the port manually.
###set the pname here. I will check the processname which contains this.
###sleep N second for next checking
### How many times need to check
### use kill in N times checking
### use kill -9 in N times checking
### type may be jar, tomcat, weblogic
### file is no useful

配置为键值对,以=分割。 以#,[开头的配置行被直接忽略, 没有=号的也被忽略。 =号两边不要放空格, 行首行尾不要放空格。

  • supervisor_name (option) 如果没有填写,则和service名称相同。
  • use_port (option) 进程使用端口。 进程启停时,将检查端口占用情况。
  • use_pname (option) 进程名。 进程启停时,将通过ps进行检查。 应该选用能显示能唯一代表进程的名字,如文件名.jar等。 不要使用java等进程名,以防误判误伤。
  • sleep_time (option) Default: 5。检查后等待sleep_time秒后,进行下一次检查。
  • retry_time (option) Default: 5。检查失败后的重试次数
  • forcekill (option) 在第N次检查后,如果服务仍未停止,则使用kill -TERM杀掉进程。 检查包括port, pname检查。 N从0开始
  • forcekill9 (option) 在第N次检查后,如果服务仍未停止,则使用kill -KILLkill -9))杀掉进程。 检查包括port, pname检查。 N从0开始。 如果forcekill, forcekill9无此选项,或大约retry_time, 则不会使用kill灭进程。 forcekill9 数字应该大于 forcekill



./steve.sh -k restart -s tomcat


  • -s Server name 服务名称。将读取文件夹下对应的配置文件,执行steve
  • -k Action. start, stop, restart, debug 操作明。 对服务进行启动、停止、重启、或显示测试信息
  • -h|-? Show this message 帮助
  • -V Steve Version 显示Steve版本
  • -v Verbose 显示调试信息
  • -f Force run 强制运行,即使在检查中发生错误。 尽量别用。

Steve Processes


            |               |
+Stop+------>   Check Port  |
            |               |
                     |                     +---------------------+
                     |                     |                     |
                     |                     |                     |
           +---------v--------+            |                     +<-------------------------------------+
           |                  |            |                     |                                      |
           |  Check PID file  |            |                     |                                      |
           |                  |            |                     |                                      |
           +---------+--------+            |                     |                                      |
                     |                     |             +-------v-------+     +---------------------+  |
                     |                     |             |               |     |                     |  |
                     |           +---------+----------+  |   CheckPort   o-----+  kill +Signal       |  |
          +----------v-------+   |                    |  |               |     |         When Needed |  |
          |                  |   |    Stop Service    |  +--------+------+     +-----+---+-----------+  |
          |  Check Process   |   |                    |           |                  |   |              |
          |       Name       |   +--------^-----------+           |                  |   |              |
          +--------+---------+            |                       |                  |   |              |
                   |                      |             +---------v--------+         |   |              |
                   |                      |             |                  |         |   |              |
                   |                      |             |  Check PID file  o---------+   |              |
                   |                      |             |                  |             |              |
                   |                      |             +---------+--------+             |              |
                   |                      |                       |                      |              |
                   +----------------------+                       |                      |              |
                                                                  |                      |              |
                                                       +----------v-------+              |              |
                                                       |                  |              |              |
                                                       |  Check Process   o--------------+              |
                                                       |       file       |                             |
                                                       +----------+-------+                             |
                                                                  |          Retry when                 |
                                                                  |          check failed               |
                                                       |                       |
                                                       |      Stop Result      |
                                                       |                       |


             |               |
-Start------->   CheckPort   |
             |               |
                      |                     +----------- ----------+
                      |                     |                      |
                      |                     |                      |
            +---------v--------+            |                      | <----------------+
            |                  |            |                      |                  |
            |  Check PID file  |            |                      |                  |
            |                  |            |                      |                  |
            +---------+--------+            |                      |                  |
                      |                     |              +-------v-------+          |
                      |                     |              |               |          |
                      |           +---------+----------+   |   CheckPort   |          |
           +----------v-------+   |                    |   |               |          |
           |                  |   |                    |   +--------+------+          |
           |  Check Process   |   |   Start Ser^ice    |            |                 |
           |    file          |   |                    |            |                 |
           +--------+---------+   +--------+-----------+            |                 |
                    |                      ^              +---------v--------+        |
                    |                      |              |                  |        |
                    |                      |              |  Check PID file  |        |
                    |                      |              |                  |        |
                    |                      |              +---------+--------+        |
                    |                      |                        |                 |
                    +----------------------+                        |                 |
                    |                                               |                 |
                    |                                    +----------v-------+         |
          +---------v---------------------+              |                  |         |
          |                               |              |  Check Process   |         |
          |         Exit                  |              |    file          |         |
          |   When the process is running |              +----------+-------+         |
          |                               |                         |                 |
          +-------------------------------+                         |   Retry when    |
                                                                    |  check failed   |
                                                         |                       |
                                                         |                       |
                                                         |     Show  Result      |
                                                         |                       |


STOP && Start


源码代码库: https://github.com/gikoluo/Steve




  1. 分析业务,将强关联业务放入到一组。常用分组方式有按业务分组、按开发团队分组。
  2. 分析业务,获得该业务组下包含的所有服务。
  3. 获得业务服务属性,包括源代码SCM路径、编译方法、目标文件、部署方式、服务启停、配置文件等。
  4. 分析完成后,可获得一个物理架构图


  1. 使用SCM用户登录Jenkins。
  2. 点击左侧『新建』(New Item),在『 项目名称』(Enter an item name)中填入项目代称。必须英文名,便于源代码管理和项目管理等。
  3. 项目类型中选择『文件夹』(Folder), 点击OK保存。系统将自动跳转至文件夹的信息完善页面

  4. 在『显示名称』(Display Name)中,填入项目中文名。 点击Save,保存。系统将自动跳转至文件夹查看页面。

  5. 点击左上角『新建』(New Item),建立builds子文件夹,『显示名称』留空,点击OK保存。

  6. 在builds文件夹的查看页面,点击左上角『新建』,建立编译工程。『 项目名称』中填入任务的英文代称,一般可使用SCM中的目录命名。

  7. 如果项目编译为Maven项目,在『复制项目』Copy From填入/openpay/builds/opm。从以往的已经完成的配置中复制配置过来, 以便减少配置的复杂性和统一配置。 然后点击保存,自动进入任务信息完善页面。

  8. 在『源码管理』 中,修改SCM设置,填入SVM类型和代码路径。修改『构建后操作』/『用于存档的文件』的文件路径 。

  9. 根据需要可修改其他的设置, 如构建设置的邮件通知等。然后保存。完成编译任务的建立

  10. 回到项目文件夹,左上角点击『新建』,准备建立发布任务
  11. 在『 项目名称』中填入: $SERVICE_publisher 。$SERVICE为第6步使用的英文代称。

  12. 当项目的编译方法为Jar时,可在『复制项目』填入 /dspay/api_publisher,以便减少配置工作量。点击OK,进入任务信息完善页面。

  13. 在『高级项目选项』(Advanced Project Options)中点击『高级』展开选项, 在『显示名称』填入中文名称,如『点刷支付 API(BIZ) 发布』。

  14. 在 Properties Content 中设置以下值。

    PROJECT_NAME=dspay #为项目名称。
    SERVICE_NAME=api   #为服务名称>
    BUILD_JOB=${PROJECT_NAME}/builds/api_all   #为编译工作。
    TARGET_FILE=ds-biz-1.0.tar.gz              #为编译工作内的用于存档的文件的目标文件。
    PLAYBOOK=${PROJECT_NAME}/${SERVICE_NAME}   #为上线的playbook脚本,存储在rhasta项目中。一般不改。 Playbook的新增和维护工作由运维部负责。
  15. 点击保存。然后测试build job 和publish job。



  1. 使用admin用户登录Jenkins
  2. 通过系统管理 =》管理和分配角色 =》 管理角色, 进入项目角色管理页面 http://jenkins:8080/role-strategy/manage-roles。
  3. 在 『项目角色』(Project roles) –『添加角色』(Role to add) 填入项目代称, 在 Pattern 填入  ^项目代称.*。 这里的项目代称与『Jenkins任务建立』流程的第6步的代称一致。
  4. 点击保存,完成项目角色的创建。
  5. 通过系统管理 =》管理和分配角色 =》 分配角色,进入角色分配页面,在『项目角色』(Project roles)表中,将刚建立的项目角色分配给需要的用户。
  6. 如果用户不存在,先参考『自动化部署用户及权限(实践篇)』创建用户,并在 『项目角色』中通过『添加用户组』(User/group to add)将用户增加到项目角色表。
  7. 最终点击保存,使权限配置生效。



  1. 开发者发起任务,一般开发者指QA, 也包括test,scm人员
  2. Jenkins根据任务配置,调用构建工作,Builder编译节点将进行检出代码、执行构建工作。
  3. 同时,Builder节点也进行一些静态的代码检查,包括单元测试、代码风格检查等。
  4. 构建及静态检查通过后,将获得存档目标文件,返回给Jenkins。
  5. Jenkins将文件发送至Ansible服务器
  6. Ansible服务器通过部署脚本、根据环境配置,对测试环境进行部署工作
  7. 测试人员针对测试环境进行功能测试等各类测试,并反馈测试结果。
  8. 根据测试环境的测试结果,重复5,6,7过程,完成准生产环境、生产环境的部署工作。


  1. jenkins本身的配置、项目及任务都应该被代码管理,保障JOBS和Jenkins配置的更新历史。因此可将Jenkins Home提交到git,并定期登录到Jenkins服务器执行 git commit 和 git push工作

  2. 这一过程也可通过Jenkins Plugin:SCM Sync Configuration Plugin 自动完成




  • 业务代码。

为业务开发人员编写的代码, 存储在代码控制系统(SCM)中,包括git或svn。

  • 配置


  • 目标文件


  • 服务


  • 过程和流程管理




  1. 签出代码,将指定的业务代码签出
  2. 编译代码,得到准备上线的目标文件。
  3. 对代码进行自动化测试,包括静态代码检查活可运行的单元测试等
  4. 将目标文件发布至测试环境,同时上线的还有针对测试环境的配置文件。
  5. 启动或重新启动服务,使新的目标文件生效。
  6. 重复第4、5步骤,将目标文件和配置发布至准生产环境、生产环境,并使服务生效
  7. 对于准生产环境、生产环境的上线,增加测试审批流程。




  1. 通过Jenkins插件管理,安装Role Strategy Plugin,然后重启生效。
  2. 进入系统管理 =》全局安全配置, 将访问控制修改为『Unix用户/组数据库』, 授权策略修改为 『Role-Based Stategy』。
  3. 『Unix用户/组数据库』需要将jenkins服务的运行者修改为root组。
    sudo usermod -a -G root jenkins
    sudo chmod g+r /etc/shadow
  4. 保存全局安全配置页面, 重启Jenkins服务。
  5. 进入系统管理 =》管理和分配角色 =》 管理角色, 在『全局角色』中建立角色表,如表:
    Role Overall Credentials Agent Job Run View SCM Lockable Resources
    Administer ConfigureUpdateCenter Read RunScripts UploadPlugins Create Delete ManageDomains Update View Build Configure Connect Create Delete Disconnect Build Cancel Configure Create Delete Discover Move Read Workspace Delete Replay Update Configure Create Delete Read Tag Reserve Unlock
    admin Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y
    authenticated Y
    dev Y Y Y Y
    qa Y Y Y Y Y Y
    sa Y Y Y Y Y Y Y Y Y
    scm Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y
  6. 登录到Jenkins的Linux/Unix系统,增加角色

for g in dev qa sa scm admin; do
sudo groupadd $g


  1. 发现用户。Jenkins会自动导入SCM中的用户,列表在Jenkins用户列表http://jenkins:8080/asynchPeople/页面。
  2. 如无法在jenkins用户列表中找到用户,如测试人员,SA人员等,则可通过http://jenkins:8080/securityRealm/ 页面新建用户。
  3. 通过Shell登录到Jenkins服务器,建立Unix系统用户、密码、分配组
    USERNAME=用户名 #用户名与jenkins系统中找到或建立的用户名相同。
    GROUP=组 #dev qa sa scm admin其中之一
    sudo adduser -r -s /bin/false $USERNAME
    sudo usermod -a -G $GROUP $USERNAME
    sudo passwd $USERNAME  #然后输入密码。
  4. 如果用户有多个组,则可多次运行 usermod 指令。
  5. 角色管理页面和Unix组添加是重复步骤,需保持缺一不可。
  6. 更多的用户操作,如删除用户,修改组等方法可以使用userdel,/etc/group等。详细参考Linux系统手册,
  7. 缺点:为了Jenkins的系统安全,用户的Shell使用/bin/false,因此用户不能登录、无法修改密码,密码修改操作需由Jenkins 系统管理员进行。



Jenkins可使用多种方式对用户授权进行管理。在实际应用中,一般大型团队可建立LDAP服务器,小型团队可使用Unix用户/ 组。

Jenkins专有用户数据库 Jenkins的内置验证,适用于没有用户数据库小范围的设定。不支持组概念。
LDAP 轻量目录访问协议验证,需要在外部建立LDAP服务器
Servlet容器代理 使用Servlet容器认证用户,遵循Servlet规范。旧版本遗留功能。
Unix用户/组数据库 将授权验证委托给Jenkins的操作系统。

表1: Jenkins安全域管理


Jenkins内置的授权策略为任何用户可以做任何事、登录用户可以做任何事、或遗留模式。内置模式无法满足多角色操作的需求,因此我们引入插件 Role Strategy Plugin,来实现用户ACL管理策略。RSP可建立的策略包括:

  • 建立角色,如系统管理员,项目管理员,匿名用户等。并在全局范围内赋予工作台、从节点、项目、运行、视图或版本控制权限。
  • 建立项目角色,对指定的项目赋予管理和运行权限
  • 建立从节点角色,管理节点相关权限
Overall  全局, 系统级别的定义组
  Administer 管理员,分配后具备Jenkins所有操作权限
  Read 系统访问,该权限包括大部分Jenkins页面的只读权限
  RunScripts 运行脚本,在Jenkins系统中运行脚本,包括Groovy脚本或可交互的Groovy命令行,不包括任务。
Credentials   凭证
   Create、Update、View、Delete 分别为创建、更新、访问、删除凭证
  ManageDomains 凭证域管理
Agent   节点
  Create、Configure、Delete 创建、修改、删除节点
Connect、Disconnect 连接、断开连接操作
 Job  任务
  Create、Configure、Delete、Read 创建、修改、删除、查看任务
  Discover 发现。当勾选后,无Read权限的用户访问任务URL时,将被提示重新登录。若为不勾选,则会出现404.
  Build、Cancel 启动一个构建、中断正在运行的构建
  Workspace 工作区的源代码访问权限
Run  构建
  Update、Delete 更新或删除一个构建
View  视图
  Create Configure、Delete、Read 创建、修改、删除、查看视图




角色  职责
  • 对关联项目具有只读权限,可进行编译工作和发布至测试环境工作。
  • 不可发布准生产(UAT)环境、生产(Prod)环境
  • 具有dev的所有权限
  • 发布代码至UAT、PROD环境
  • 对已发布版本标记Tag功能。
  •  建立项目、配置Jenkins项目权限
  • 不受限于项目配置分配
  • 由于Jenkins项目需要,scm也一般也具备dev的编译和发布至测试环境工作
  • 具有认证帐号的管理权限,如svn的帐号密码,git的访问私钥、ssh密钥等
  • 无项目管理权限
  • 具有全部功能权限
  • 用户管理、项目组管理及用户权限分配
  • 用于其他系统排错及异常处理工作
  • 一般不使用admin账户进行日常发布工作



注: Role Strategy Plugin: https://wiki.jenkins-ci.org/display/JENKINS/Role+Strategy+Plugin






  •  修改了哪个文件
  • 增加了那几行
  • test, uat, prod环境分别是什么


答:1. 基础系统自动化,构建setup.yml,进行系统配置及基础服务安装,如时间同步脚本、语言设置、supervisor服务管理工具等,JDK安装等。
2. 项目基础环境安装,运行项目内的的全部任务,加上—tags=setup,完成项目依赖的环境安装,如项目目录、日志目录、容器等初始化过程。
3. 构建Jenkins任务,推送项目文件。