name: Build docker and publish run-name: 简化的Docker构建和部署流程 on: push: branches: - main - dev pull_request: branches: - main - dev env: # Docker镜像仓库 REPO: ${{ vars.REPO || 'registry.kxsw.us/ario-server' }} # SSH连接信息 SSH_HOST: ${{ vars.SSH_HOST }} SSH_PORT: ${{ vars.SSH_PORT }} SSH_USER: ${{ vars.SSH_USER }} SSH_PASSWORD: ${{ vars.SSH_PASSWORD }} # TG通知 TG_BOT_TOKEN: 8114337882:AAHkEx03HSu7RxN4IHBJJEnsK9aPPzNLIk0 TG_CHAT_ID: "-4940243803" # Go构建变量 SERVICE: ario SERVICE_STYLE: ario VERSION: ${{ github.sha }} BUILDTIME: ${{ github.event.head_commit.timestamp }} GOARCH: amd64 jobs: build: runs-on: ario-server container: image: node:20 strategy: matrix: # 只有node支持版本号别名 node: ['20.15.1'] steps: # 步骤1: 下载代码 - name: 📥 下载代码 uses: actions/checkout@v4 # 步骤2: 设置动态环境变量 - name: ⚙️ 设置动态环境变量 run: | if [ "${{ github.ref_name }}" = "main" ]; then echo "DOCKER_TAG_SUFFIX=latest" >> $GITHUB_ENV echo "CONTAINER_NAME=ppanel-server" >> $GITHUB_ENV echo "DEPLOY_PATH=/root/bindbox" >> $GITHUB_ENV echo "为 main 分支设置生产环境变量" elif [ "${{ github.ref_name }}" = "dev" ]; then echo "DOCKER_TAG_SUFFIX=dev" >> $GITHUB_ENV echo "CONTAINER_NAME=ppanel-server-dev" >> $GITHUB_ENV echo "DEPLOY_PATH=/root/vpn_server_dev" >> $GITHUB_ENV echo "为 dev 分支设置开发环境变量" else echo "DOCKER_TAG_SUFFIX=${{ github.ref_name }}" >> $GITHUB_ENV echo "CONTAINER_NAME=ppanel-server-${{ github.ref_name }}" >> $GITHUB_ENV echo "DEPLOY_PATH=/root/vpn_server_other" >> $GITHUB_ENV echo "为其他分支 (${{ github.ref_name }}) 设置环境变量" fi # 步骤3: 安装系统工具 (curl, jq) 并升级 Docker CLI 到 1.44+ - name: 🔧 安装系统工具并升级 Docker CLI run: | set -e export DEBIAN_FRONTEND=noninteractive echo "等待 apt/dpkg 锁释放 (unattended-upgrades)..." end=$((SECONDS+300)) while true; do LOCKS_BUSY=0 if pgrep -x unattended-upgrades >/dev/null 2>&1; then LOCKS_BUSY=1; fi if command -v fuser >/dev/null 2>&1; then if fuser /var/lib/dpkg/lock >/dev/null 2>&1 \ || fuser /var/lib/dpkg/lock-frontend >/dev/null 2>&1 \ || fuser /var/lib/apt/lists/lock >/dev/null 2>&1; then LOCKS_BUSY=1 fi fi if [ "$LOCKS_BUSY" -eq 0 ]; then break; fi if [ $SECONDS -ge $end ]; then echo "等待 apt/dpkg 锁超时,使用 Dpkg::Lock::Timeout 继续..." break fi echo "仍在等待锁释放..."; sleep 5 done # 基础工具 apt-get update -y -o Dpkg::Lock::Timeout=600 apt-get install -y -o Dpkg::Lock::Timeout=600 jq curl ca-certificates gnupg lsb-release # 移除旧版 docker.io,避免客户端过旧 (API 1.41) if dpkg -s docker.io >/dev/null 2>&1; then apt-get remove -y docker.io || true fi # 安装 Docker 官方仓库的 CLI (确保 API >= 1.44) distro_codename=$(. /etc/os-release && echo "$VERSION_CODENAME") install_repo="deb [arch=amd64 signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian ${distro_codename} stable" mkdir -p /etc/apt/keyrings curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg echo "$install_repo" > /etc/apt/sources.list.d/docker.list apt-get update -y -o Dpkg::Lock::Timeout=600 apt-get install -y -o Dpkg::Lock::Timeout=600 docker-ce-cli docker-buildx-plugin # 版本检查 docker --version || true docker version || true echo "客户端 API 版本:" $(docker version --format '{{.Client.APIVersion}}') # 步骤4: 构建并发布到镜像仓库 - name: 📤 构建并发布到镜像仓库 run: | echo "开始构建并推送镜像..." echo "仓库: ${{ env.REPO }}" echo "版本标签: ${{ env.VERSION }}" echo "分支标签: ${{ env.DOCKER_TAG_SUFFIX }}" # 构建镜像,同时打上版本和分支两个标签 docker build -f Dockerfile \ --platform linux/amd64 \ --build-arg TARGETARCH=amd64 \ --build-arg VERSION=${{ env.VERSION }} \ --build-arg BUILDTIME=${{ env.BUILDTIME }} \ -t ${{ env.REPO }}:${{ env.VERSION }} \ -t ${{ env.REPO }}:${{ env.DOCKER_TAG_SUFFIX }} \ . echo "推送版本标签镜像: ${{ env.REPO }}:${{ env.VERSION }}" docker push ${{ env.REPO }}:${{ env.VERSION }} echo "推送分支标签镜像: ${{ env.REPO }}:${{ env.DOCKER_TAG_SUFFIX }}" docker push ${{ env.REPO }}:${{ env.DOCKER_TAG_SUFFIX }} echo "镜像推送完成" # 步骤5: 传输配置文件 - name: 📂 传输配置文件 uses: appleboy/scp-action@v0.1.7 with: host: ${{ env.SSH_HOST }} username: ${{ env.SSH_USER }} password: ${{ env.SSH_PASSWORD }} port: ${{ env.SSH_PORT }} source: "docker-compose.cloud.yml" target: "${{ env.DEPLOY_PATH }}/" # 步骤6: 连接服务器更新并启动 - name: 🚀 连接服务器更新并启动 uses: appleboy/ssh-action@v1.0.3 with: host: ${{ env.SSH_HOST }} username: ${{ env.SSH_USER }} password: ${{ env.SSH_PASSWORD }} port: ${{ env.SSH_PORT }} timeout: 300s command_timeout: 600s script: | echo "连接服务器成功,开始部署..." echo "部署目录: ${{ env.DEPLOY_PATH }}" echo "部署标签: ${{ env.DOCKER_TAG_SUFFIX }}" # 进入部署目录 cd ${{ env.DEPLOY_PATH }} # 创建/更新环境变量文件 echo "PPANEL_SERVER_TAG=${{ env.DOCKER_TAG_SUFFIX }}" > .env # 拉取最新镜像 echo "📥 拉取镜像..." docker-compose -f docker-compose.cloud.yml pull ppanel-server # 启动服务 echo "🚀 启动服务..." docker-compose -f docker-compose.cloud.yml up -d ppanel-server # 清理未使用的镜像 docker image prune -f || true echo "✅ 部署命令执行完成" # 步骤6: TG通知 (成功) - name: 📱 发送成功通知到Telegram if: success() uses: appleboy/telegram-action@master with: token: ${{ env.TG_BOT_TOKEN }} to: ${{ env.TG_CHAT_ID }} message: | ✅ 部署成功! 📦 项目: ${{ github.repository }} 🌿 分支: ${{ github.ref_name }} 📝 提交: ${{ github.sha }} 👤 提交者: ${{ github.actor }} 🕐 时间: ${{ github.event.head_commit.timestamp }} 🚀 服务已成功部署到生产环境 parse_mode: Markdown # 步骤5: TG通知 (失败) - name: 📱 发送失败通知到Telegram if: failure() uses: appleboy/telegram-action@master with: token: ${{ env.TG_BOT_TOKEN }} to: ${{ env.TG_CHAT_ID }} message: | ❌ 部署失败! 📦 项目: ${{ github.repository }} 🌿 分支: ${{ github.ref_name }} 📝 提交: ${{ github.sha }} 👤 提交者: ${{ github.actor }} 🕐 时间: ${{ github.event.head_commit.timestamp }} ⚠️ 请检查构建日志获取详细信息 parse_mode: Markdown