name: CI on: push: branches: - cicd pull_request: branches: - cicd env: DOMAIN_URL: git.kxsw.us #*修改为你12 REPO: ${{ vars.REPO }} TELEGRAM_BOT_TOKEN: 8114337882:AAHkEx03HSu7RxN4IHBJJEnsK9aPPzNLIk0 TELEGRAM_CHAT_ID: "-4940243803" DOCKER_REGISTRY: registry.kxsw.us DOCKER_BUILDKIT: 1 # Host SSH SSH_HOST: ${{ vars.SSH_HOST }} SSH_PORT: ${{ vars.SSH_PORT }} SSH_USER: ${{ vars.SSH_USER }} SSH_PASSWORD: ${{ vars.SSH_PASSWORD }} jobs: build: runs-on: ppanel-web02 container: image: node:20 strategy: matrix: # 只有node支持版本号别名 node: ['20.15.1'] steps: - name: Checkout code uses: https://gitea.cn/actions/checkout@v4 - name: Install system tools (jq, docker, curl) run: | set -e export DEBIAN_FRONTEND=noninteractive echo "Waiting for apt/dpkg locks (unattended-upgrades) to release..." # Wait up to 300s for unattended-upgrades/apt/dpkg locks end=$((SECONDS+300)) while true; do LOCKS_BUSY=0 # If unattended-upgrades is running, mark busy if pgrep -x unattended-upgrades >/dev/null 2>&1; then LOCKS_BUSY=1; fi # If fuser exists, check common lock files if command -v fuser >/dev/null 2>&1; then if fuser /var/lib/dpkg/lock >/dev/null 2>&1 \ || fuser /var/lib/dpkg/lock-frontend >/dev/null 2>&1 \ || fuser /var/lib/apt/lists/lock >/dev/null 2>&1; then LOCKS_BUSY=1 fi fi # Break if not busy if [ "$LOCKS_BUSY" -eq 0 ]; then break; fi # Timeout after ~5 minutes if [ $SECONDS -ge $end ]; then echo "Timeout waiting for apt/dpkg locks, proceeding with Dpkg::Lock::Timeout..." break fi echo "Still waiting for locks..."; sleep 5 done apt-get update -y -o Dpkg::Lock::Timeout=600 apt-get install -y -o Dpkg::Lock::Timeout=600 jq curl ca-certificates docker.io docker --version jq --version curl --version - name: Set up Docker Buildx run: | # Check if buildx is available if docker buildx version >/dev/null 2>&1; then echo "Docker Buildx is available" # Create builder if it doesn't exist if ! docker buildx ls | grep -q "builder"; then docker buildx create --name builder --driver docker-container fi # Use the builder docker buildx use builder docker buildx inspect --bootstrap else echo "Docker Buildx not available, using regular docker build" fi - name: Install Bun run: | echo "=== Installing Bun ===" echo "Current working directory: $(pwd)" echo "Current user: $(whoami)" echo "Home directory: $HOME" # 设置Bun安装路径 export BUN_INSTALL="$HOME/.bun" echo "BUN_INSTALL=$BUN_INSTALL" >> $GITHUB_ENV echo "PATH=$BUN_INSTALL/bin:${PATH}" >> $GITHUB_ENV # 检查缓存是否存在 if [ -d "$BUN_INSTALL" ]; then echo "✅ Bun cache found at $BUN_INSTALL" ls -la "$BUN_INSTALL" || true else echo "❌ No Bun cache found, will install fresh" fi # 安装Bun curl -fsSL https://bun.sh/install | bash # 验证安装 "$BUN_INSTALL/bin/bun" --version echo "✅ Bun installed successfully" - name: Configure npm registry (npmmirror) and canvas mirror run: | echo "registry=https://registry.npmmirror.com" >> .npmrc echo "canvas_binary_host_mirror=https://registry.npmmirror.com/-/binary/canvas" >> .npmrc - name: Install dependencies cache (Bun) uses: https://gitea.cn/actions/cache@v3 with: path: ~/.bun key: bun-${{ runner.os }}-${{ matrix.node }}-${{ hashFiles('bun.lock') }} restore-keys: | bun-${{ runner.os }}-${{ matrix.node }}- bun-${{ runner.os }}- - name: Install dependencies cache (node_modules) uses: https://gitea.cn/actions/cache@v3 with: path: | node_modules apps/*/node_modules packages/*/node_modules key: node-modules-${{ runner.os }}-${{ matrix.node }}-${{ hashFiles('bun.lock', 'package.json', 'apps/*/package.json', 'packages/*/package.json') }} restore-keys: | node-modules-${{ runner.os }}-${{ matrix.node }}- node-modules-${{ runner.os }}- - name: Cache status check and setup run: | echo "=== Cache Status Check ===" echo "Checking cache restoration status..." # 检查各种缓存目录 echo "Bun cache: $([ -d ~/.bun ] && echo '✅ Found' || echo '❌ Missing')" echo "node_modules: $([ -d node_modules ] && echo '✅ Found' || echo '❌ Missing')" echo "Turbo cache: $([ -d .turbo ] && echo '✅ Found' || echo '❌ Missing')" # 显示缓存大小 if [ -d ~/.bun ]; then echo "Bun cache size: $(du -sh ~/.bun 2>/dev/null || echo 'unknown')" fi if [ -d node_modules ]; then echo "node_modules size: $(du -sh node_modules 2>/dev/null || echo 'unknown')" fi if [ -d .turbo ]; then echo "Turbo cache size: $(du -sh .turbo 2>/dev/null || echo 'unknown')" fi echo "=== Cache Setup ===" # 确保缓存目录存在且权限正确 mkdir -p ~/.bun ~/.cache .turbo chmod -R 755 ~/.bun ~/.cache .turbo 2>/dev/null || true # 设置Bun环境变量 echo "BUN_INSTALL_CACHE_DIR=$HOME/.cache/bun" >> $GITHUB_ENV echo "BUN_INSTALL_BIN_DIR=$HOME/.bun/bin" >> $GITHUB_ENV echo "✅ Cache directories prepared" - name: Turborepo cache (.turbo) uses: https://gitea.cn/actions/cache@v3 with: path: .turbo key: turbo-${{ runner.os }}-${{ hashFiles('turbo.json') }}-${{ hashFiles('bun.lock') }} restore-keys: | turbo-${{ runner.os }}- - name: Install dependencies (bun) run: | echo "=== Dependency Installation Debug ===" echo "Current directory: $(pwd)" echo "Bun version: $(bun --version)" # 检查node_modules缓存状态 if [ -d "node_modules" ]; then echo "✅ node_modules cache found" echo "node_modules size: $(du -sh node_modules 2>/dev/null || echo 'unknown')" echo "node_modules contents: $(ls -la node_modules | head -10)" else echo "❌ No node_modules cache found" fi # 检查bun.lock文件 if [ -f "bun.lock" ]; then echo "✅ bun.lock found" echo "bun.lock hash: $(sha256sum bun.lock)" else echo "❌ No bun.lock found" fi echo "=== Starting dependency installation ===" time bun install --frozen-lockfile echo "=== Installation completed ===" echo "Final node_modules size: $(du -sh node_modules 2>/dev/null || echo 'unknown')" # 验证缓存效果 echo "=== Cache Effectiveness Check ===" if [ -d "node_modules" ] && [ "$(find node_modules -name '*.js' | wc -l)" -gt 100 ]; then echo "✅ Dependencies installed successfully" echo "Package count: $(ls node_modules | wc -l)" else echo "⚠️ Dependencies may not be fully installed" fi - name: Decide build target (admin/user/both) run: | set -e COMMIT_MSG="${{ github.event.head_commit.message }}" BUILD_TARGET="both" if echo "$COMMIT_MSG" | grep -qi "\[admin-only\]"; then BUILD_TARGET="admin" elif echo "$COMMIT_MSG" | grep -qi "\[user-only\]"; then BUILD_TARGET="user" else if git rev-parse HEAD^ >/dev/null 2>&1; then RANGE="HEAD^..HEAD" else RANGE="$(git rev-list --max-parents=0 HEAD)..HEAD" fi CHANGED=$(git diff --name-only $RANGE || true) ADMIN_MATCH=$(echo "$CHANGED" | grep -E '^(apps/admin/|docker/ppanel-admin-web/)' || true) USER_MATCH=$(echo "$CHANGED" | grep -E '^(apps/user/|docker/ppanel-user-web/)' || true) PACKAGE_MATCH=$(echo "$CHANGED" | grep -E '^(packages/|turbo.json|package.json|bun.lock)' || true) if [ -n "$PACKAGE_MATCH" ]; then BUILD_TARGET="both" else if [ -n "$ADMIN_MATCH" ] && [ -z "$USER_MATCH" ]; then BUILD_TARGET="admin"; fi if [ -n "$USER_MATCH" ] && [ -z "$ADMIN_MATCH" ]; then BUILD_TARGET="user"; fi if [ -n "$ADMIN_MATCH" ] && [ -n "$USER_MATCH" ]; then BUILD_TARGET="both"; fi fi fi echo "BUILD_TARGET=$BUILD_TARGET" >> $GITHUB_ENV echo "Decided BUILD_TARGET=$BUILD_TARGET" - name: Read version from package.json run: echo "VERSION=$(jq -r .version package.json)" >> $GITHUB_ENV - name: Cache Next.js build artifacts (.next/cache) uses: https://gitea.cn/actions/cache@v3 with: path: | apps/admin/.next/cache apps/user/.next/cache key: nextcache-${{ runner.os }}-${{ hashFiles('apps/**/package.json') }}-${{ hashFiles('packages/**/package.json') }}-${{ hashFiles('turbo.json') }}-${{ hashFiles('bun.lock') }} restore-keys: | nextcache-${{ runner.os }}-${{ hashFiles('apps/**/package.json') }}-${{ hashFiles('packages/**/package.json') }}- nextcache-${{ runner.os }}- - name: Cache build outputs uses: https://gitea.cn/actions/cache@v3 with: path: | apps/admin/.next apps/user/.next apps/admin/dist apps/user/dist key: build-${{ runner.os }}-${{ hashFiles('apps/**/*.ts', 'apps/**/*.tsx', 'apps/**/*.js', 'apps/**/*.jsx') }}-${{ hashFiles('packages/**/*.ts', 'packages/**/*.tsx') }}-${{ hashFiles('bun.lock') }} restore-keys: | build-${{ runner.os }}-${{ hashFiles('apps/**/*.ts', 'apps/**/*.tsx', 'apps/**/*.js', 'apps/**/*.jsx') }}- build-${{ runner.os }}- - name: Cache ESLint uses: https://gitea.cn/actions/cache@v3 with: path: | .eslintcache apps/admin/.eslintcache apps/user/.eslintcache key: eslint-${{ runner.os }}-${{ hashFiles('.eslintrc*', 'apps/**/.eslintrc*', 'packages/**/.eslintrc*') }}-${{ hashFiles('bun.lock') }} restore-keys: | eslint-${{ runner.os }}- - name: Cache TypeScript uses: https://gitea.cn/actions/cache@v3 with: path: | .tsbuildinfo apps/admin/.tsbuildinfo apps/user/.tsbuildinfo packages/**/.tsbuildinfo key: typescript-${{ runner.os }}-${{ hashFiles('tsconfig*.json', 'apps/**/tsconfig*.json', 'packages/**/tsconfig*.json') }}-${{ hashFiles('bun.lock') }} restore-keys: | typescript-${{ runner.os }}- - name: Build Admin (turbo via bun) if: env.BUILD_TARGET == 'admin' || env.BUILD_TARGET == 'both' run: bun run build --filter=ppanel-admin-web - name: Build User (turbo via bun) if: env.BUILD_TARGET == 'user' || env.BUILD_TARGET == 'both' run: bun run build --filter=ppanel-user-web - name: Build Docker (admin) if: env.BUILD_TARGET == 'admin' || env.BUILD_TARGET == 'both' run: | if docker buildx version >/dev/null 2>&1; then echo "Using Docker Buildx with cache" docker buildx build \ --platform linux/amd64 \ --cache-from type=registry,ref=${{ env.DOCKER_REGISTRY }}/ppanel/ppanel-admin-web:cache \ --cache-to type=registry,ref=${{ env.DOCKER_REGISTRY }}/ppanel/ppanel-admin-web:cache,mode=max \ -f ./docker/ppanel-admin-web/Dockerfile \ -t ${{ env.DOCKER_REGISTRY }}/ppanel/ppanel-admin-web:${{ env.VERSION }} \ --push . else echo "Using regular Docker build" docker build -f ./docker/ppanel-admin-web/Dockerfile -t ${{ env.DOCKER_REGISTRY }}/ppanel/ppanel-admin-web:${{ env.VERSION }} . docker push ${{ env.DOCKER_REGISTRY }}/ppanel/ppanel-admin-web:${{ env.VERSION }} fi - name: Build Docker (user) if: env.BUILD_TARGET == 'user' || env.BUILD_TARGET == 'both' run: | if docker buildx version >/dev/null 2>&1; then echo "Using Docker Buildx with cache" docker buildx build \ --platform linux/amd64 \ --cache-from type=registry,ref=${{ env.DOCKER_REGISTRY }}/ppanel/ppanel-user-web:cache \ --cache-to type=registry,ref=${{ env.DOCKER_REGISTRY }}/ppanel/ppanel-user-web:cache,mode=max \ -f ./docker/ppanel-user-web/Dockerfile \ -t ${{ env.DOCKER_REGISTRY }}/ppanel/ppanel-user-web:${{ env.VERSION }} \ --push . else echo "Using regular Docker build" docker build -f ./docker/ppanel-user-web/Dockerfile -t ${{ env.DOCKER_REGISTRY }}/ppanel/ppanel-user-web:${{ env.VERSION }} . docker push ${{ env.DOCKER_REGISTRY }}/ppanel/ppanel-user-web:${{ env.VERSION }} fi - name: Debug SSH variables if: env.BUILD_TARGET == 'admin' || env.BUILD_TARGET == 'both' run: | echo "SSH_HOST: ${{ env.SSH_HOST }}" echo "SSH_PORT: ${{ env.SSH_PORT }}" echo "SSH_USER: ${{ env.SSH_USER }}" echo "DOCKER_REGISTRY: ${{ env.DOCKER_REGISTRY }}" echo "VERSION: ${{ env.VERSION }}" if [ -z "${{ env.SSH_HOST }}" ]; then echo "ERROR: SSH_HOST is empty!" exit 1 fi - name: Deploy Admin via SSH (docker run) if: env.BUILD_TARGET == 'admin' || env.BUILD_TARGET == 'both' uses: https://${{ vars.GIT_USERNAME }}:${{ vars.GIT_PASSWORD }}@${{ env.DOMAIN_URL }}/actions/ssh-action@v0.1.10 with: host: ${{ env.SSH_HOST }} port: ${{ env.SSH_PORT }} username: ${{ env.SSH_USER }} password: ${{ env.SSH_PASSWORD }} script: | set -e REG="${{ env.DOCKER_REGISTRY }}" VERSION="${{ env.VERSION }}" echo "Deploying admin: $REG/ppanel/ppanel-admin-web:$VERSION" # 拉取新镜像 docker pull "$REG/ppanel/ppanel-admin-web:$VERSION" || true # 优雅停止并移除容器 if docker ps -q -f name=ppanel-admin-web | grep -q .; then echo "Stopping existing container..." docker stop ppanel-admin-web || true sleep 5 fi # 移除容器(如果存在) if docker ps -aq -f name=ppanel-admin-web | grep -q .; then echo "Removing existing container..." docker rm ppanel-admin-web || true fi # 启动新容器 echo "Starting new container..." docker run -d --name ppanel-admin-web --restart=always -p 3000:3000 -e NEXT_PUBLIC_API_URL="https://api.airoport.co" "$REG/ppanel/ppanel-admin-web:$VERSION" # 验证容器启动 sleep 3 if docker ps -q -f name=ppanel-admin-web | grep -q .; then echo "Container started successfully" else echo "Failed to start container" exit 1 fi - name: Debug SSH variables (User) if: env.BUILD_TARGET == 'user' || env.BUILD_TARGET == 'both' run: | echo "SSH_HOST: ${{ env.SSH_HOST }}" echo "SSH_PORT: ${{ env.SSH_PORT }}" echo "SSH_USER: ${{ env.SSH_USER }}" echo "DOCKER_REGISTRY: ${{ env.DOCKER_REGISTRY }}" echo "VERSION: ${{ env.VERSION }}" if [ -z "${{ env.SSH_HOST }}" ]; then echo "ERROR: SSH_HOST is empty!" exit 1 fi - name: Deploy User via SSH (docker run) if: env.BUILD_TARGET == 'user' || env.BUILD_TARGET == 'both' uses: https://${{ vars.GIT_USERNAME }}:${{ vars.GIT_PASSWORD }}@${{ env.DOMAIN_URL }}/actions/ssh-action@v0.1.10 with: host: ${{ env.SSH_HOST }} port: ${{ env.SSH_PORT }} username: ${{ env.SSH_USER }} password: ${{ env.SSH_PASSWORD }} script: | set -e REG="${{ env.DOCKER_REGISTRY }}" VERSION="${{ env.VERSION }}" echo "Deploying user: $REG/ppanel/ppanel-user-web:$VERSION" # 拉取新镜像 docker pull "$REG/ppanel/ppanel-user-web:$VERSION" || true # 优雅停止并移除容器 if docker ps -q -f name=ppanel-user-web | grep -q .; then echo "Stopping existing container..." docker stop ppanel-user-web || true sleep 5 fi # 移除容器(如果存在) if docker ps -aq -f name=ppanel-user-web | grep -q .; then echo "Removing existing container..." docker rm ppanel-user-web || true fi # 启动新容器 echo "Starting new container..." docker run -d --name ppanel-user-web --restart=always -p 3001:3000 -e NEXT_PUBLIC_API_URL="https://api.airoport.co" "$REG/ppanel/ppanel-user-web:$VERSION" # 验证容器启动 sleep 3 if docker ps -q -f name=ppanel-user-web | grep -q .; then echo "Container started successfully" else echo "Failed to start container" exit 1 fi - name: Notify success to Telegram uses: chapvic/telegram-notify@master if: success() with: token: ${{ env.TELEGRAM_BOT_TOKEN }} chat: ${{ env.TELEGRAM_CHAT_ID }} status: ${{ job.status }} title: ✅ 构建成功 message: 构建成功 footer: "触发者: ${{ gitea.actor }}" - name: Notify failure to Telegram uses: chapvic/telegram-notify@master if: failure() with: token: ${{ env.TELEGRAM_BOT_TOKEN }} chat: ${{ env.TELEGRAM_CHAT_ID }} status: ${{ job.status }} title: ❌ 构建失败 message: 构建失败 footer: "触发者: ${{ gitea.actor }}"