From dfbc2b144057aa7ec4542c35d9538693227a2622 Mon Sep 17 00:00:00 2001 From: Zhengchen Tao Date: Sat, 2 May 2026 18:35:53 +0800 Subject: [PATCH] =?UTF-8?q?ci:=20workflow=20=E6=96=87=E4=BB=B6=E8=BF=81?= =?UTF-8?q?=E5=88=B0=20custom=20=E5=88=86=E6=94=AF?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 之前 workflow 在 ci 分支,导致每次 dispatch 后 Gitea Actions 列表 显示的 commit 都是 ci 分支的 workflow 文件 commit,不是被实际构建 的 custom 代码 commit,UX 上误导性强。 挪到 custom 后: - runs 列表的 commit 字段直接显示真实代码 commit - workflow_dispatch UI 自动从默认分支(待手动切到 custom)发现 workflow - rebase 上游时 workflow 文件随 custom 一起平移,无额外操作 同步移除上游残留的 docker-release.yml / docker-snapshot.yml: - 触发依赖 secrets.DOCKER_REPO(未配),sync-upstream 推 main /tags 时空跑失败 - ci 上已禁用,但文件留着是噪声,本次清掉 ci 分支 .gitea/workflows/ 暂保留作过渡,待用户在 Gitea UI 把 默认分支切到 custom + 验证 build 跑通后,再单独 cleanup ci。 --- .gitea/workflows/build-image.yml | 93 ++++++++++++++++++++++++++++ .gitea/workflows/docker-release.yml | 64 ------------------- .gitea/workflows/docker-snapshot.yml | 63 ------------------- .gitea/workflows/sync-upstream.yml | 39 ++++++++++++ 4 files changed, 132 insertions(+), 127 deletions(-) create mode 100644 .gitea/workflows/build-image.yml delete mode 100644 .gitea/workflows/docker-release.yml delete mode 100644 .gitea/workflows/docker-snapshot.yml create mode 100644 .gitea/workflows/sync-upstream.yml diff --git a/.gitea/workflows/build-image.yml b/.gitea/workflows/build-image.yml new file mode 100644 index 00000000..665e4827 --- /dev/null +++ b/.gitea/workflows/build-image.yml @@ -0,0 +1,93 @@ +name: Build Docker Image + +on: + workflow_dispatch: + inputs: + branch: + description: '要打包的分支' + required: true + default: 'custom' + tag: + description: '镜像 tag(留空则用 commit short hash)' + required: false + default: '' + +jobs: + build: + runs-on: ubuntu-latest + steps: + - name: Checkout target branch + uses: actions/checkout@v4 + with: + ref: ${{ inputs.branch }} + fetch-depth: 0 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + with: + # 钉到 v0.13.2(自带 runc 1.1.x),避免 runc 1.2+ 的 procfs 安全检查 + # 在 DSM 老内核(4.4.x)上撞 openat2/fsmount 不存在导致 build 失败 + driver-opts: | + image=moby/buildkit:v0.13.2 + + - name: Login to Gitea Container Registry + uses: docker/login-action@v3 + with: + registry: git.zhengchentao.win + username: ${{ gitea.actor }} + password: ${{ secrets.PACKAGES_TOKEN }} + + - name: Determine image tag and revision + id: meta + run: | + if [ -n "${{ inputs.tag }}" ]; then + IMAGE_TAG="${{ inputs.tag }}" + else + IMAGE_TAG="$(git rev-parse --short HEAD)" + fi + echo "image_tag=$IMAGE_TAG" >> $GITHUB_OUTPUT + echo "full_sha=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT + echo "==> Image tag: $IMAGE_TAG" + + - name: Build and push + uses: docker/build-push-action@v5 + with: + context: . + push: true + # 上游 Dockerfile 用 BUILD_PIPELINE 作为 CI 跳过开关: + # 设为 "1" 时 pkg/exchangerates 跳过依赖第三方 API 的活测试 + # (加拿大银行/乌兹别克央行 API 国内不稳,跑就超时) + # CHECK_3RD_API 留空 → 三方 API 测试不跑;想跑设 "1" + build-args: | + BUILD_PIPELINE=1 + # OCI 标签: + # - source 让 Gitea 收包时自动把镜像关联到对应 repo(不再需要手动去 + # "包设置 → 链接到仓库") + # - revision 把构建时的 commit full SHA 烙进镜像 manifest, + # docker inspect 能反推回源码版本 + labels: | + org.opencontainers.image.source=https://git.zhengchentao.win/dev/ezbookkeeping + org.opencontainers.image.revision=${{ steps.meta.outputs.full_sha }} + tags: | + git.zhengchentao.win/dev/ezbookkeeping:${{ steps.meta.outputs.image_tag }} + git.zhengchentao.win/dev/ezbookkeeping:latest + + - name: Build summary + # 写入 GITHUB_STEP_SUMMARY 让 Action 运行页面顶部显示真实构建信息。 + # workflow 文件在 ci 分支,UI 顶部显示的 commit 是 ci 的 HEAD(workflow + # 触发位置),不是被构建的源代码 commit。这一步显式把"实际构建的源代码 + # 信息"放到 summary 区,避免误读。always() 保证 build 失败也输出。 + if: always() + run: | + { + echo "## Build Summary" + echo "" + echo "| 项 | 值 |" + echo "|---|---|" + echo "| 源分支 | \`${{ inputs.branch }}\` |" + echo "| 源 commit (full) | \`${{ steps.meta.outputs.full_sha }}\` |" + echo "| 源 commit (short) | \`${{ steps.meta.outputs.image_tag }}\` |" + echo "| 镜像 tag | \`git.zhengchentao.win/dev/ezbookkeeping:${{ steps.meta.outputs.image_tag }}\` + \`:latest\` |" + echo "" + echo "> ⚠️ 本次 workflow run 顶部显示的 commit 是 **ci 分支** 上 workflow 文件的 commit(dispatch 触发位置),**不是**被构建的源代码 commit。镜像实际构建自上面表格中的源 commit。" + } >> "$GITHUB_STEP_SUMMARY" \ No newline at end of file diff --git a/.gitea/workflows/docker-release.yml b/.gitea/workflows/docker-release.yml deleted file mode 100644 index c09f5b5f..00000000 --- a/.gitea/workflows/docker-release.yml +++ /dev/null @@ -1,64 +0,0 @@ -name: Docker Release - -on: - push: - tags: - - v* - -jobs: - build: - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@v5 - - - name: Docker meta - id: meta - uses: docker/metadata-action@v5 - with: - images: | - ${{ secrets.DOCKER_REPO }}/mayswind/ezbookkeeping - tags: | - type=semver,pattern={{version}} - type=semver,pattern={{major}}.{{minor}} - type=raw,value=latest - - - name: Set up QEMU - uses: docker/setup-qemu-action@v3 - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - - name: Set up the environment - id: setup - run: | - echo "build_unix_time=$(date '+%s')" >> "$GITHUB_OUTPUT" - echo "build_date=$(date '+%Y%m%d')" >> "$GITHUB_OUTPUT" - sed -r -i 's#FROM( --.*)? (.*:.*)?#FROM\1 ${{ secrets.DOCKER_REPO }}/mirrors/\2#g' Dockerfile - cat >> docker/custom-backend-pre-setup.sh <> docker/custom-frontend-pre-setup.sh <> "$GITHUB_OUTPUT" - echo "build_date=$(date '+%Y%m%d')" >> "$GITHUB_OUTPUT" - sed -r -i 's#FROM( --.*)? (.*:.*)?#FROM\1 ${{ secrets.DOCKER_REPO }}/mirrors/\2#g' Dockerfile - cat >> docker/custom-backend-pre-setup.sh <> docker/custom-frontend-pre-setup.sh < Syncing main to $TARGET" + git rev-parse "$TARGET" || { echo "❌ Tag $TARGET not found"; exit 1; } + + git checkout -B main origin/main + git reset --hard "$TARGET" + git push origin main --force-with-lease + git push origin --tags \ No newline at end of file