csxj2026/junhong_cmp_fiber
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
Files
4f29107fc4ae62419fa9e803f475e2f42d466232
junhong_cmp_fiber/.gitea/workflows/deploy.yaml
huang 4f29107fc4
Some checks failed
构建并部署到测试环境(无 SSH) / build-and-deploy (push) Failing after 4m20s
Details
修复 SSL 证书验证错误:跳过内网自签名证书验证 
问题:git clone 失败,SSL certificate OpenSSL verify result
原因:Gitea 使用自签名证书,git 无法验证
解决:设置 GIT_SSL_NO_VERIFY=1 跳过 SSL 验证

注意:这仅适用于内网环境,生产环境应使用正确的证书
2026-01-20 11:13:48 +08:00

100 lines
3.4 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
name: 构建并部署到测试环境(无 SSH
on:
push:
branches:
- main
- dev
- test
env:
REGISTRY: registry.boss160.cn
API_IMAGE: registry.boss160.cn/junhong/cmp-fiber-api
WORKER_IMAGE: registry.boss160.cn/junhong/cmp-fiber-worker
DEPLOY_DIR: /opt/junhong_cmp
jobs:
build-and-deploy:
runs-on: ubuntu-latest
steps:
- name: 检出代码
run: |
# 添加 Nix 路径到 PATHgit 安装在这里)
export PATH="$HOME/.nix-profile/bin:/usr/local/bin:/usr/bin:/bin:$PATH"
# 跳过 SSL 验证(内网自签名证书)
export GIT_SSL_NO_VERIFY=1
git clone https://git.boss160.cn/csxj2026/junhong_cmp_fiber.git .
git checkout ${{ github.sha }}
- name: 设置镜像标签
id: tag
run: |
if [ "${{ github.ref }}" = "refs/heads/main" ]; then
echo "tag=latest" >> $GITHUB_OUTPUT
elif [ "${{ github.ref }}" = "refs/heads/dev" ]; then
echo "tag=dev" >> $GITHUB_OUTPUT
elif [ "${{ github.ref }}" = "refs/heads/test" ]; then
echo "tag=test" >> $GITHUB_OUTPUT
else
echo "tag=unknown" >> $GITHUB_OUTPUT
fi
- name: 登录 Docker Registry
run: |
echo "${{ secrets.REGISTRY_PASSWORD }}" | docker login "${{ env.REGISTRY }}" --username "${{ secrets.REGISTRY_USERNAME }}" --password-stdin
- name: 构建 API 镜像
run: |
docker build -f Dockerfile.api -t ${{ env.API_IMAGE }}:${{ steps.tag.outputs.tag }} .
docker tag ${{ env.API_IMAGE }}:${{ steps.tag.outputs.tag }} ${{ env.API_IMAGE }}:${{ github.sha }}
- name: 构建 Worker 镜像
run: |
docker build -f Dockerfile.worker -t ${{ env.WORKER_IMAGE }}:${{ steps.tag.outputs.tag }} .
docker tag ${{ env.WORKER_IMAGE }}:${{ steps.tag.outputs.tag }} ${{ env.WORKER_IMAGE }}:${{ github.sha }}
- name: 推送镜像到 Registry
run: |
docker push ${{ env.API_IMAGE }}:${{ steps.tag.outputs.tag }}
docker push ${{ env.API_IMAGE }}:${{ github.sha }}
docker push ${{ env.WORKER_IMAGE }}:${{ steps.tag.outputs.tag }}
docker push ${{ env.WORKER_IMAGE }}:${{ github.sha }}
- name: 部署到本地(仅 main 分支)
if: github.ref == 'refs/heads/main'
run: |
# 确保部署目录存在
mkdir -p ${{ env.DEPLOY_DIR }}/{configs,logs}
# 如果配置文件不存在,从仓库复制
if [ ! -f ${{ env.DEPLOY_DIR }}/docker-compose.prod.yml ]; then
echo "📋 初始化部署目录..."
cp docker-compose.prod.yml ${{ env.DEPLOY_DIR }}/
cp -r configs/* ${{ env.DEPLOY_DIR }}/configs/
fi
cd ${{ env.DEPLOY_DIR }}
echo "📥 拉取最新镜像..."
docker compose pull
echo "🚀 重启服务..."
docker compose up -d
echo "⏳ 等待服务启动..."
sleep 10
echo "✅ 部署完成!"
docker compose ps
- name: 构建结果通知
if: always()
run: |
if [ "${{ job.status }}" = "success" ]; then
echo "✅ 构建成功: ${{ steps.tag.outputs.tag }}"
echo "📦 镜像标签: ${{ github.sha }}"
else
echo "❌ 构建失败"
fi
Reference in New Issue View Git Blame Copy Permalink