name: site-dist-deploy on: push: branches: - main - develop pull_request: branches: - main - develop env: VITE_APP_BASE_URL: https://h.hifast.biz SSH_HOST: ${{ vars.PRO_SSH_HOST }} SSH_PORT: ${{ vars.PRO_SSH_PORT }} SSH_USER: ${{ vars.PRO_SSH_USER }} SSH_PASSWORD: ${{ vars.PRO_SSH_PASSWORD }} DEPLOY_PATH: /var/www/down jobs: build-and-deploy: runs-on: landing-hero-web01 steps: - name: Manual checkout (no Node required) run: | set -e if git rev-parse --is-inside-work-tree >/dev/null 2>&1; then git fetch --all --tags git checkout "${{ github.ref_name }}" git reset --hard "origin/${{ github.ref_name }}" else REPO_URL="${{ github.server_url }}/${{ github.repository }}" echo "Cloning $REPO_URL" git clone --depth=1 --branch "${{ github.ref_name }}" "$REPO_URL" . git fetch --tags fi - name: Build dist with Unified Script env: VITE_APP_BASE_URL: "https://h.hifast.biz" run: | chmod +x scripts/ci-build.sh ./scripts/ci-build.sh - name: Prepare target directory uses: appleboy/ssh-action@v1.0.3 with: host: ${{ env.SSH_HOST }} username: ${{ env.SSH_USER }} password: ${{ env.SSH_PASSWORD }} port: ${{ env.SSH_PORT }} timeout: 300s script: | mkdir -p ${{ env.DEPLOY_PATH }} rm -rf ${{ env.DEPLOY_PATH }}/* mkdir -p /tmp/ci-upload - name: Check Artifacts run: | echo "Current directory: $(pwd)" echo "Listing all files in workspace:" find . -maxdepth 2 -not -path '*/.*' if [ -f "site_dist.tgz" ]; then echo "✅ File exists: site_dist.tgz" ls -lh site_dist.tgz echo "File path: $(readlink -f site_dist.tgz)" else echo "❌ File NOT found: site_dist.tgz" exit 1 fi - name: Deploy to Host (Native SSH/SCP) run: | echo "Installing SSH tools..." if command -v apk &> /dev/null; then echo "Detected Alpine Linux. Installing sshpass openssh-client via apk..." apk add --no-cache sshpass openssh-client elif command -v apt-get &> /dev/null; then echo "Detected Debian/Ubuntu. Installing sshpass openssh-client via apt..." apt-get update -y && apt-get install -y sshpass openssh-client elif command -v yum &> /dev/null; then echo "Detected RHEL/CentOS. Installing sshpass openssh-clients via yum..." yum install -y sshpass openssh-clients elif command -v dnf &> /dev/null; then echo "Detected Fedora/RHEL8+. Installing sshpass openssh-clients via dnf..." dnf install -y sshpass openssh-clients elif command -v zypper &> /dev/null; then echo "Detected OpenSUSE. Installing sshpass openssh via zypper..." zypper install -y sshpass openssh else echo "Error: No known package manager found. Cannot install sshpass." exit 1 fi echo "Uploading artifact..." # 使用 sshpass 传递密码 (更安全的方式是使用 key,但此处沿用 password) export SSHPASS="${{ env.SSH_PASSWORD }}" # 1. 检查连接并创建目录 sshpass -e ssh -o StrictHostKeyChecking=no -p ${{ env.SSH_PORT }} ${{ env.SSH_USER }}@${{ env.SSH_HOST }} "mkdir -p /tmp/ci-upload" # 2. SCP 上传 (直接使用当前目录下的 site_dist.tgz,规避跨容器挂载问题) if [ ! -f "site_dist.tgz" ]; then echo "❌ Error: site_dist.tgz not found in current directory!" exit 1 fi sshpass -e scp -o StrictHostKeyChecking=no -P ${{ env.SSH_PORT }} site_dist.tgz ${{ env.SSH_USER }}@${{ env.SSH_HOST }}:/tmp/ci-upload/site_dist.tgz # 3. 解压并重启 Nginx echo "Deploying on remote host..." sshpass -e ssh -o StrictHostKeyChecking=no -p ${{ env.SSH_PORT }} ${{ env.SSH_USER }}@${{ env.SSH_HOST }} " echo 'Extracting to /var/www/down...' mkdir -p /var/www/down # 解压覆盖 tar -xzf /tmp/ci-upload/site_dist.tgz -C /var/www/down echo 'Reloading Nginx...' # 尝试多种 reload 方式 nginx -s reload || systemctl reload nginx || echo 'Warning: Nginx reload returned non-zero' echo 'Cleanup...' rm -f /tmp/ci-upload/site_dist.tgz " echo "✅ Deployment complete!"