zhengchen.tao
4bdd2c7195
原 vars.CUSTOM_DEPLOY_SCRIPTS 来自 deploy.yml 上游模板设计,本意是 "通用 hook,让一份 deploy.yml 复用到不同项目"。本仓库只有一个项目 一种部署场景,这层抽象纯属累赘: - 改部署逻辑得去 Gitea UI 点 Variables,没法 PR review - git log 看不到部署逻辑改动 - 脚本到底跑啥得对照 yml + Variable 两处 直接把 docker compose pull/up 内联进 deploy.yml,单一事实源在 git。 支持私有 / 公开两种 nas-infra: - secrets.NAS_INFRA_TOKEN 设了 → 用 token clone(私有适用) - 没设 → 裸 URL clone(公开适用) CLAUDE.md 同步更新 deploy.yml 的描述。
67 lines
2.5 KiB
YAML
67 lines
2.5 KiB
YAML
name: Deploy Docker Image
|
||
|
||
on:
|
||
# 自动触发:build-image workflow 成功完成后跑
|
||
workflow_run:
|
||
workflows: ["Build Docker Image"]
|
||
types: [completed]
|
||
branches: [custom]
|
||
# 手动触发:保留作为应急通道(重新部署当前镜像 / 跑临时脚本)
|
||
workflow_dispatch:
|
||
|
||
jobs:
|
||
deploy:
|
||
runs-on: ubuntu-latest
|
||
# 只在 build 成功后跑;手动触发时 workflow_run 字段不存在,
|
||
# 第一个条件保证手动跑也能继续
|
||
if: ${{ github.event_name == 'workflow_dispatch' || github.event.workflow_run.conclusion == 'success' }}
|
||
steps:
|
||
- name: Pull and restart ezbookkeeping
|
||
# 部署逻辑直接内联在这。runner 容器挂了 host docker.sock,
|
||
# 所以这里 docker 命令直接操作的是宿主机 docker daemon,
|
||
# 容器层面相当于 "ssh 到 NAS 跑 docker compose"。
|
||
#
|
||
# NAS_INFRA_TOKEN secret 仅在 nas-infra 是私有仓库时需要;
|
||
# 公开仓库不设这个 secret 也能拉。
|
||
env:
|
||
NAS_INFRA_TOKEN: ${{ secrets.NAS_INFRA_TOKEN }}
|
||
run: |
|
||
set -e
|
||
|
||
TMPDIR=$(mktemp -d)
|
||
trap 'rm -rf "$TMPDIR"' EXIT
|
||
|
||
# 决定 clone URL:有 token 用 token(私有),没有用裸 URL(公开)
|
||
if [ -n "$NAS_INFRA_TOKEN" ]; then
|
||
CLONE_URL="https://x-access-token:${NAS_INFRA_TOKEN}@git.zhengchentao.win/dev/nas-infra.git"
|
||
else
|
||
CLONE_URL="https://git.zhengchentao.win/dev/nas-infra.git"
|
||
fi
|
||
|
||
git clone --depth 1 "$CLONE_URL" "$TMPDIR/nas-infra"
|
||
cd "$TMPDIR/nas-infra/ezbookkeeping"
|
||
|
||
docker compose pull
|
||
docker compose up -d
|
||
|
||
# 简单 health:列容器状态 + 输出最近日志
|
||
sleep 3
|
||
docker compose ps
|
||
docker compose logs --tail=30 ezbookkeeping
|
||
|
||
- name: Deploy summary
|
||
if: always()
|
||
run: |
|
||
{
|
||
echo "## Deploy Summary"
|
||
echo ""
|
||
echo "| 项 | 值 |"
|
||
echo "|---|---|"
|
||
echo "| 触发方式 | \`${{ github.event_name }}\` |"
|
||
if [ "${{ github.event_name }}" = "workflow_run" ]; then
|
||
echo "| 触发自 | \`${{ github.event.workflow_run.name }}\` run #${{ github.event.workflow_run.run_number }} |"
|
||
echo "| 上游 build 结果 | \`${{ github.event.workflow_run.conclusion }}\` |"
|
||
echo "| 上游 build commit | \`${{ github.event.workflow_run.head_sha }}\` |"
|
||
fi
|
||
} >> "$GITHUB_STEP_SUMMARY"
|