zhengchen.tao/ezbookkeeping
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

ci: workflow 文件迁到 custom 分支

Browse Source 
之前 workflow 在 ci 分支,导致每次 dispatch 后 Gitea Actions 列表
显示的 commit 都是 ci 分支的 workflow 文件 commit,不是被实际构建
的 custom 代码 commit,UX 上误导性强。

挪到 custom 后:
- runs 列表的 commit 字段直接显示真实代码 commit
- workflow_dispatch UI 自动从默认分支(待手动切到 custom)发现
  workflow
- rebase 上游时 workflow 文件随 custom 一起平移,无额外操作

同步移除上游残留的 docker-release.yml / docker-snapshot.yml:
- 触发依赖 secrets.DOCKER_REPO(未配),sync-upstream 推 main
  /tags 时空跑失败
- ci 上已禁用,但文件留着是噪声,本次清掉

ci 分支 .gitea/workflows/ 暂保留作过渡,待用户在 Gitea UI 把
默认分支切到 custom + 验证 build 跑通后,再单独 cleanup ci。

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
Zhengchen Tao
2026-05-02 18:35:53 +08:00
parent 2e6bb9a262
commit 555ecc1aaf
4 changed files with 132 additions and 127 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.gitea/workflows/build-image.yml
+93
View File
@@ -0,0 +1,93 @@
name: Build Docker Image
on:
workflow_dispatch:
inputs:
branch:
description: '要打包的分支'
required: true
default: 'custom'
tag:
description: '镜像 tag(留空则用 commit short hash'
required: false
default: ''
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Checkout target branch
uses: actions/checkout@v4
with:
ref: ${{ inputs.branch }}
fetch-depth: 0
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
# 钉到 v0.13.2(自带 runc 1.1.x),避免 runc 1.2+ 的 procfs 安全检查
# 在 DSM 老内核(4.4.x)上撞 openat2/fsmount 不存在导致 build 失败
driver-opts: |
image=moby/buildkit:v0.13.2
- name: Login to Gitea Container Registry
uses: docker/login-action@v3
with:
registry: git.zhengchentao.win
username: ${{ gitea.actor }}
password: ${{ secrets.PACKAGES_TOKEN }}
- name: Determine image tag and revision
id: meta
run: |
if [ -n "${{ inputs.tag }}" ]; then
IMAGE_TAG="${{ inputs.tag }}"
else
IMAGE_TAG="$(git rev-parse --short HEAD)"
fi
echo "image_tag=$IMAGE_TAG" >> $GITHUB_OUTPUT
echo "full_sha=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT
echo "==> Image tag: $IMAGE_TAG"
- name: Build and push
uses: docker/build-push-action@v5
with:
context: .
push: true
# 上游 Dockerfile 用 BUILD_PIPELINE 作为 CI 跳过开关:
# 设为 "1" 时 pkg/exchangerates 跳过依赖第三方 API 的活测试
# (加拿大银行/乌兹别克央行 API 国内不稳,跑就超时)
# CHECK_3RD_API 留空 → 三方 API 测试不跑;想跑设 "1"
build-args: |
BUILD_PIPELINE=1
# OCI 标签:
# - source 让 Gitea 收包时自动把镜像关联到对应 repo(不再需要手动去
# "包设置 → 链接到仓库")
# - revision 把构建时的 commit full SHA 烙进镜像 manifest
# docker inspect 能反推回源码版本
labels: |
org.opencontainers.image.source=https://git.zhengchentao.win/dev/ezbookkeeping
org.opencontainers.image.revision=${{ steps.meta.outputs.full_sha }}
tags: |
git.zhengchentao.win/dev/ezbookkeeping:${{ steps.meta.outputs.image_tag }}
git.zhengchentao.win/dev/ezbookkeeping:latest
- name: Build summary
# 写入 GITHUB_STEP_SUMMARY 让 Action 运行页面顶部显示真实构建信息。
# workflow 文件在 ci 分支,UI 顶部显示的 commit 是 ci 的 HEADworkflow
# 触发位置),不是被构建的源代码 commit。这一步显式把"实际构建的源代码
# 信息"放到 summary 区,避免误读。always() 保证 build 失败也输出。
if: always()
run: |
{
echo "## Build Summary"
echo ""
echo "| 项 | 值 |"
echo "|---|---|"
echo "| 源分支 | \`${{ inputs.branch }}\` |"
echo "| 源 commit (full) | \`${{ steps.meta.outputs.full_sha }}\` |"
echo "| 源 commit (short) | \`${{ steps.meta.outputs.image_tag }}\` |"
echo "| 镜像 tag | \`git.zhengchentao.win/dev/ezbookkeeping:${{ steps.meta.outputs.image_tag }}\` + \`:latest\` |"
echo ""
echo "> ⚠️ 本次 workflow run 顶部显示的 commit 是 **ci 分支** 上 workflow 文件的 commitdispatch 触发位置),**不是**被构建的源代码 commit。镜像实际构建自上面表格中的源 commit。"
} >> "$GITHUB_STEP_SUMMARY"
.gitea/workflows/docker-release.yml
-64
View File
@@ -1,64 +0,0 @@
name: Docker Release
on:
push:
tags:
- v*
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v5
- name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
images: |
${{ secrets.DOCKER_REPO }}/mayswind/ezbookkeeping
tags: |
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=raw,value=latest
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Set up the environment
id: setup
run: |
echo "build_unix_time=$(date '+%s')" >> "$GITHUB_OUTPUT"
echo "build_date=$(date '+%Y%m%d')" >> "$GITHUB_OUTPUT"
sed -r -i 's#FROM( --.*)? (.*:.*)?#FROM\1 ${{ secrets.DOCKER_REPO }}/mirrors/\2#g' Dockerfile
cat >> docker/custom-backend-pre-setup.sh <<EOF
#!/bin/sh
${{ vars.CUSTOM_BACKEND_PRE_SETUP }}
EOF
cat >> docker/custom-frontend-pre-setup.sh <<EOF
#!/bin/sh
${{ vars.CUSTOM_FRONTEND_PRE_SETUP }}
EOF
chmod +x docker/custom-backend-pre-setup.sh
chmod +x docker/custom-frontend-pre-setup.sh
- name: Build and push
uses: docker/build-push-action@v6
with:
file: Dockerfile
context: .
platforms: ${{ vars.BUILD_RELEASE_PLATFORMS }}
push: true
build-args: |
RELEASE_BUILD=1
BUILD_PIPELINE=1
BUILD_UNIXTIME=${{ steps.setup.outputs.build_unix_time }}
BUILD_DATE=${{ steps.setup.outputs.build_date }}
CHECK_3RD_API=${{ vars.CHECK_3RD_API }}
SKIP_TESTS=${{ vars.SKIP_TESTS }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
.gitea/workflows/docker-snapshot.yml
-63
View File
@@ -1,63 +0,0 @@
name: Docker Snapshot
on:
push:
branches:
- main
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v5
- name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
images: |
${{ secrets.DOCKER_REPO }}/mayswind/ezbookkeeping
tags: |
type=raw,value=SNAPSHOT-{{date 'YYYYMMDD'}}
type=raw,value=latest-snapshot
type=sha,format=short,prefix=SNAPSHOT-
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Set up the environment
id: setup
run: |
echo "build_unix_time=$(date '+%s')" >> "$GITHUB_OUTPUT"
echo "build_date=$(date '+%Y%m%d')" >> "$GITHUB_OUTPUT"
sed -r -i 's#FROM( --.*)? (.*:.*)?#FROM\1 ${{ secrets.DOCKER_REPO }}/mirrors/\2#g' Dockerfile
cat >> docker/custom-backend-pre-setup.sh <<EOF
#!/bin/sh
${{ vars.CUSTOM_BACKEND_PRE_SETUP }}
EOF
cat >> docker/custom-frontend-pre-setup.sh <<EOF
#!/bin/sh
${{ vars.CUSTOM_FRONTEND_PRE_SETUP }}
EOF
chmod +x docker/custom-backend-pre-setup.sh
chmod +x docker/custom-frontend-pre-setup.sh
- name: Build and push
uses: docker/build-push-action@v6
with:
file: Dockerfile
context: .
platforms: ${{ vars.BUILD_SNAPSHOT_PLATFORMS }}
push: true
build-args: |
BUILD_PIPELINE=1
BUILD_UNIXTIME=${{ steps.setup.outputs.build_unix_time }}
BUILD_DATE=${{ steps.setup.outputs.build_date }}
CHECK_3RD_API=${{ vars.CHECK_3RD_API }}
SKIP_TESTS=${{ vars.SKIP_TESTS }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
.gitea/workflows/sync-upstream.yml
+39
View File
@@ -0,0 +1,39 @@
name: Sync from upstream
on:
workflow_dispatch:
inputs:
tag:
description: '要同步的 release tag(留空则同步到 upstream/main 的最新 tag'
required: false
default: ''
jobs:
sync:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
token: ${{ secrets.SYNC_TOKEN }}
- name: Sync main to release tag
run: |
git config user.name "gitea-actions"
git config user.email "actions@gitea.local"
git remote add upstream https://git.zhengchentao.win/mirror/ezbookkeeping.git
git fetch upstream --tags
if [ -n "${{ inputs.tag }}" ]; then
TARGET="${{ inputs.tag }}"
else
TARGET=$(git tag -l --sort=-v:refname | head -n 1)
fi
echo "==> Syncing main to $TARGET"
git rev-parse "$TARGET" || { echo "❌ Tag $TARGET not found"; exit 1; }
git checkout -B main origin/main
git reset --hard "$TARGET"
git push origin main --force-with-lease
git push origin --tags