This commit is contained in:
@@ -9,57 +9,62 @@ jobs:
|
||||
build-and-deploy:
|
||||
runs-on: xw-runner
|
||||
steps:
|
||||
- name: Checkout code (git clone)
|
||||
# 1. 检出代码
|
||||
# 使用官方 actions/checkout,比手写 git 命令更简洁
|
||||
# 注意:如果 Runner 无法访问外网 GitHub,需要在 Gitea 管理后台配置 Actions 镜像或使用本地 clone 逻辑
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v3
|
||||
|
||||
# 2. 登录镜像仓库 (如果有配置)
|
||||
- name: Login to Docker Registry
|
||||
if: ${{ secrets.REGISTRY_URL != '' }}
|
||||
env:
|
||||
CLONE_URL: ${{ gitea.repository.clone_url }}
|
||||
SHA: ${{ gitea.sha }}
|
||||
CLONE_TOKEN: ${{ secrets.CLONE_TOKEN }}
|
||||
REGISTRY_URL: ${{ secrets.REGISTRY_URL }}
|
||||
REGISTRY_USERNAME: ${{ secrets.REGISTRY_USERNAME }}
|
||||
REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }}
|
||||
run: |
|
||||
set -euo pipefail
|
||||
rm -rf repo
|
||||
mkdir -p repo
|
||||
cd repo
|
||||
echo "$REGISTRY_PASSWORD" | docker login "$REGISTRY_URL" -u "$REGISTRY_USERNAME" --password-stdin
|
||||
|
||||
if [ -n "${CLONE_TOKEN:-}" ]; then
|
||||
# Some tokens may contain characters like '#', which would break sed if unescaped.
|
||||
SAFE_TOKEN="$(printf '%s' "${CLONE_TOKEN}" | sed -e 's/[&|\\]/\\&/g')"
|
||||
AUTH_URL="$(printf '%s' "${CLONE_URL}" | sed -E "s|^https?://|https://${SAFE_TOKEN}@|")"
|
||||
git clone --no-tags --depth 1 "${AUTH_URL}" .
|
||||
else
|
||||
git clone --no-tags --depth 1 "${CLONE_URL}" .
|
||||
fi
|
||||
|
||||
git fetch --no-tags --depth 1 origin "${SHA}"
|
||||
git checkout -q "${SHA}"
|
||||
|
||||
- name: Determine image tag
|
||||
id: vars
|
||||
working-directory: repo
|
||||
# 3. 构建并推送镜像
|
||||
# 利用 Multi-stage Dockerfile,无需在宿主机安装 Maven
|
||||
- name: Build and Push
|
||||
id: build
|
||||
env:
|
||||
REGISTRY_URL: ${{ secrets.REGISTRY_URL }}
|
||||
# 默认为 jt808-server,如果 secret 未配置
|
||||
IMAGE_NAME: ${{ secrets.IMAGE_NAME || 'jt808-server' }}
|
||||
run: |
|
||||
REGISTRY_URL='${{ secrets.REGISTRY_URL }}'
|
||||
IMAGE_NAME='${{ secrets.IMAGE_NAME }}'
|
||||
SHA=$(git rev-parse --short HEAD)
|
||||
echo "IMAGE_TAG=${REGISTRY_URL}/${IMAGE_NAME}:${SHA}" >> "$GITHUB_OUTPUT"
|
||||
SHORT_SHA=$(git rev-parse --short HEAD)
|
||||
# 组装完整镜像名: registry.example.com/project/jt808-server:a1b2c3d
|
||||
FULL_IMAGE_NAME="${REGISTRY_URL}/${IMAGE_NAME}:${SHORT_SHA}"
|
||||
|
||||
echo "Building $FULL_IMAGE_NAME..."
|
||||
docker build -t "$FULL_IMAGE_NAME" .
|
||||
|
||||
echo "Pushing $FULL_IMAGE_NAME..."
|
||||
docker push "$FULL_IMAGE_NAME"
|
||||
|
||||
# 输出变量供后续步骤使用
|
||||
echo "image=$FULL_IMAGE_NAME" >> $GITHUB_OUTPUT
|
||||
|
||||
- name: Build Jar (in Maven container)
|
||||
working-directory: repo
|
||||
# 4. 部署 (同机部署模式)
|
||||
# 直接在 Runner 所在机器重启容器
|
||||
- name: Deploy
|
||||
env:
|
||||
CONTAINER_NAME: jt808-server
|
||||
run: |
|
||||
docker run --rm \
|
||||
-v "$PWD":/workspace \
|
||||
-w /workspace \
|
||||
maven:3.9.9-eclipse-temurin-17 \
|
||||
mvn -B clean package -DskipTests
|
||||
|
||||
- name: Build and push Docker image
|
||||
working-directory: repo
|
||||
run: |
|
||||
docker build --pull -t "${{ steps.vars.outputs.IMAGE_TAG }}" .
|
||||
docker push "${{ steps.vars.outputs.IMAGE_TAG }}"
|
||||
|
||||
- name: Deploy (same host)
|
||||
run: |
|
||||
docker pull "${{ steps.vars.outputs.IMAGE_TAG }}" || true
|
||||
docker stop jt808-server || true
|
||||
docker rm jt808-server || true
|
||||
docker run -d --name jt808-server -p 8080:8080 -p 20048:20048 "${{ steps.vars.outputs.IMAGE_TAG }}"
|
||||
|
||||
IMAGE="${{ steps.build.outputs.image }}"
|
||||
|
||||
echo "Deploying $IMAGE..."
|
||||
|
||||
# 停止并删除旧容器 (忽略不存在的错误)
|
||||
docker stop $CONTAINER_NAME || true
|
||||
docker rm $CONTAINER_NAME || true
|
||||
|
||||
# 启动新容器
|
||||
docker run -d \
|
||||
--name $CONTAINER_NAME \
|
||||
--restart always \
|
||||
-p 8080:8080 \
|
||||
-p 20048:20048 \
|
||||
"$IMAGE"
|
||||
|
||||
Reference in New Issue
Block a user