S-VPN/panel-web
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
panel-web/.gitea/workflows/docker.yml
shanshanzhong 394727ccdb
Some checks failed
CI / build (20.15.1) (push) Failing after 21m21s
Details
tg
2025-09-26 02:14:40 -07:00

315 lines
12 KiB
YAML
Raw Blame History

name: CI
on:
push:
branches:
- cicd
pull_request:
branches:
- cicd
env:
DOMAIN_URL: git.kxsw.us #*修改为你12
REPO: ${{ vars.REPO }}
TELEGRAM_BOT_TOKEN: 8114337882:AAHkEx03HSu7RxN4IHBJJEnsK9aPPzNLIk0
TELEGRAM_CHAT_ID: "-4940243803"
DOCKER_REGISTRY: registry.kxsw.us
DOCKER_BUILDKIT: 1
# Host SSH
SSH_HOST: ${{ vars.SSH_HOST }}
SSH_PORT: ${{ vars.SSH_PORT }}
SSH_USER: ${{ vars.SSH_USER }}
SSH_PASSWORD: ${{ vars.SSH_PASSWORD }}
jobs:
build:
runs-on: ppanel-web02
container:
image: node:20
strategy:
matrix:
# 只有node支持版本号别名
node: ['20.15.1']
steps:
- name: Checkout code
uses: https://gitea.cn/actions/checkout@v4
- name: Install system tools (jq, docker, curl)
run: |
set -e
export DEBIAN_FRONTEND=noninteractive
echo "Waiting for apt/dpkg locks (unattended-upgrades) to release..."
# Wait up to 300s for unattended-upgrades/apt/dpkg locks
end=$((SECONDS+300))
while true; do
LOCKS_BUSY=0
# If unattended-upgrades is running, mark busy
if pgrep -x unattended-upgrades >/dev/null 2>&1; then LOCKS_BUSY=1; fi
# If fuser exists, check common lock files
if command -v fuser >/dev/null 2>&1; then
if fuser /var/lib/dpkg/lock >/dev/null 2>&1 \
|| fuser /var/lib/dpkg/lock-frontend >/dev/null 2>&1 \
|| fuser /var/lib/apt/lists/lock >/dev/null 2>&1; then
LOCKS_BUSY=1
fi
fi
# Break if not busy
if [ "$LOCKS_BUSY" -eq 0 ]; then break; fi
# Timeout after ~5 minutes
if [ $SECONDS -ge $end ]; then
echo "Timeout waiting for apt/dpkg locks, proceeding with Dpkg::Lock::Timeout..."
break
fi
echo "Still waiting for locks..."; sleep 5
done
apt-get update -y -o Dpkg::Lock::Timeout=600
apt-get install -y -o Dpkg::Lock::Timeout=600 jq curl ca-certificates docker.io
docker --version
jq --version
curl --version
- name: Install Bun
run: |
curl -fsSL https://bun.sh/install | bash
echo "BUN_INSTALL=/root/.bun" >> $GITHUB_ENV
echo "PATH=/root/.bun/bin:${PATH}" >> $GITHUB_ENV
/root/.bun/bin/bun --version
- name: Configure npm registry (npmmirror) and canvas mirror
run: |
echo "registry=https://registry.npmmirror.com" >> .npmrc
echo "canvas_binary_host_mirror=https://registry.npmmirror.com/-/binary/canvas" >> .npmrc
- name: Install dependencies cache (Bun)
uses: https://gitea.cn/actions/cache@v3
with:
path: /root/.bun
key: bun-${{ runner.os }}-${{ matrix.node }}-${{ hashFiles('bun.lock') }}
restore-keys: |
bun-${{ runner.os }}-${{ matrix.node }}-
- name: Install dependencies cache (node_modules)
uses: https://gitea.cn/actions/cache@v3
with:
path: |
node_modules
apps/admin/node_modules
apps/user/node_modules
packages/ui/node_modules
key: nm-${{ runner.os }}-${{ matrix.node }}-${{ hashFiles('bun.lock') }}
restore-keys: |
nm-${{ runner.os }}-${{ matrix.node }}-
- name: Turborepo cache (.turbo)
uses: https://gitea.cn/actions/cache@v3
with:
path: .turbo
key: turbo-${{ runner.os }}-${{ hashFiles('turbo.json') }}-${{ hashFiles('bun.lock') }}
restore-keys: |
turbo-${{ runner.os }}-
- name: Install dependencies (bun)
run: bun install
- name: Decide build target (admin/user/both)
run: |
set -e
COMMIT_MSG="${{ github.event.head_commit.message }}"
BUILD_TARGET="both"
if echo "$COMMIT_MSG" | grep -qi "\[admin-only\]"; then
BUILD_TARGET="admin"
elif echo "$COMMIT_MSG" | grep -qi "\[user-only\]"; then
BUILD_TARGET="user"
else
if git rev-parse HEAD^ >/dev/null 2>&1; then
RANGE="HEAD^..HEAD"
else
RANGE="$(git rev-list --max-parents=0 HEAD)..HEAD"
fi
CHANGED=$(git diff --name-only $RANGE || true)
ADMIN_MATCH=$(echo "$CHANGED" | grep -E '^(apps/admin/|docker/ppanel-admin-web/)' || true)
USER_MATCH=$(echo "$CHANGED" | grep -E '^(apps/user/|docker/ppanel-user-web/)' || true)
PACKAGE_MATCH=$(echo "$CHANGED" | grep -E '^(packages/|turbo.json|package.json|bun.lock)' || true)
if [ -n "$PACKAGE_MATCH" ]; then
BUILD_TARGET="both"
else
if [ -n "$ADMIN_MATCH" ] && [ -z "$USER_MATCH" ]; then BUILD_TARGET="admin"; fi
if [ -n "$USER_MATCH" ] && [ -z "$ADMIN_MATCH" ]; then BUILD_TARGET="user"; fi
if [ -n "$ADMIN_MATCH" ] && [ -n "$USER_MATCH" ]; then BUILD_TARGET="both"; fi
fi
fi
echo "BUILD_TARGET=$BUILD_TARGET" >> $GITHUB_ENV
echo "Decided BUILD_TARGET=$BUILD_TARGET"
- name: Read version from package.json
run: echo "VERSION=$(jq -r .version package.json)" >> $GITHUB_ENV
- name: Cache Next.js build artifacts (.next/cache)
uses: https://gitea.cn/actions/cache@v3
with:
path: |
apps/admin/.next/cache
apps/user/.next/cache
key: nextcache-${{ runner.os }}-${{ hashFiles('apps/**') }}-${{ hashFiles('packages/**') }}-${{ hashFiles('turbo.json') }}-${{ hashFiles('bun.lock') }}
restore-keys: |
nextcache-${{ runner.os }}-
- name: Build Admin (turbo via bun)
if: env.BUILD_TARGET == 'admin' || env.BUILD_TARGET == 'both'
run: bun run build --filter=ppanel-admin-web
- name: Build User (turbo via bun)
if: env.BUILD_TARGET == 'user' || env.BUILD_TARGET == 'both'
run: bun run build --filter=ppanel-user-web
- name: Build Docker (admin)
if: env.BUILD_TARGET == 'admin' || env.BUILD_TARGET == 'both'
run: docker build -f ./docker/ppanel-admin-web/Dockerfile -t ${{ env.DOCKER_REGISTRY }}/ppanel/ppanel-admin-web:${{ env.VERSION }} .
- name: Build Docker (user)
if: env.BUILD_TARGET == 'user' || env.BUILD_TARGET == 'both'
run: docker build -f ./docker/ppanel-user-web/Dockerfile -t ${{ env.DOCKER_REGISTRY }}/ppanel/ppanel-user-web:${{ env.VERSION }} .
- name: Push Docker Image (admin)
if: env.BUILD_TARGET == 'admin' || env.BUILD_TARGET == 'both'
run: docker push ${{ env.DOCKER_REGISTRY }}/ppanel/ppanel-admin-web:${{ env.VERSION }}
- name: Push Docker Image (user)
if: env.BUILD_TARGET == 'user' || env.BUILD_TARGET == 'both'
run: docker push ${{ env.DOCKER_REGISTRY }}/ppanel/ppanel-user-web:${{ env.VERSION }}
- name: Debug SSH variables
if: env.BUILD_TARGET == 'admin' || env.BUILD_TARGET == 'both'
run: |
echo "SSH_HOST: ${{ env.SSH_HOST }}"
echo "SSH_PORT: ${{ env.SSH_PORT }}"
echo "SSH_USER: ${{ env.SSH_USER }}"
echo "DOCKER_REGISTRY: ${{ env.DOCKER_REGISTRY }}"
echo "VERSION: ${{ env.VERSION }}"
if [ -z "${{ env.SSH_HOST }}" ]; then
echo "ERROR: SSH_HOST is empty!"
exit 1
fi
- name: Deploy Admin via SSH (docker run)
if: env.BUILD_TARGET == 'admin' || env.BUILD_TARGET == 'both'
uses: https://${{ vars.GIT_USERNAME }}:${{ vars.GIT_PASSWORD }}@${{ env.DOMAIN_URL }}/actions/ssh-action@v0.1.10
with:
host: ${{ env.SSH_HOST }}
port: ${{ env.SSH_PORT }}
username: ${{ env.SSH_USER }}
password: ${{ env.SSH_PASSWORD }}
script: |
set -e
REG="${{ env.DOCKER_REGISTRY }}"
VERSION="${{ env.VERSION }}"
echo "Deploying admin: $REG/ppanel/ppanel-admin-web:$VERSION"
# 拉取新镜像
docker pull "$REG/ppanel/ppanel-admin-web:$VERSION" || true
# 优雅停止并移除容器
if docker ps -q -f name=ppanel-admin-web | grep -q .; then
echo "Stopping existing container..."
docker stop ppanel-admin-web || true
sleep 5
fi
# 移除容器(如果存在)
if docker ps -aq -f name=ppanel-admin-web | grep -q .; then
echo "Removing existing container..."
docker rm ppanel-admin-web || true
fi
# 启动新容器
echo "Starting new container..."
docker run -d --name ppanel-admin-web --restart=always -p 3000:3000 -e NEXT_PUBLIC_API_URL="https://api.airoport.co" "$REG/ppanel/ppanel-admin-web:$VERSION"
# 验证容器启动
sleep 3
if docker ps -q -f name=ppanel-admin-web | grep -q .; then
echo "Container started successfully"
else
echo "Failed to start container"
exit 1
fi
- name: Debug SSH variables (User)
if: env.BUILD_TARGET == 'user' || env.BUILD_TARGET == 'both'
run: |
echo "SSH_HOST: ${{ env.SSH_HOST }}"
echo "SSH_PORT: ${{ env.SSH_PORT }}"
echo "SSH_USER: ${{ env.SSH_USER }}"
echo "DOCKER_REGISTRY: ${{ env.DOCKER_REGISTRY }}"
echo "VERSION: ${{ env.VERSION }}"
if [ -z "${{ env.SSH_HOST }}" ]; then
echo "ERROR: SSH_HOST is empty!"
exit 1
fi
- name: Deploy User via SSH (docker run)
if: env.BUILD_TARGET == 'user' || env.BUILD_TARGET == 'both'
uses: https://${{ vars.GIT_USERNAME }}:${{ vars.GIT_PASSWORD }}@${{ env.DOMAIN_URL }}/actions/ssh-action@v0.1.10
with:
host: ${{ env.SSH_HOST }}
port: ${{ env.SSH_PORT }}
username: ${{ env.SSH_USER }}
password: ${{ env.SSH_PASSWORD }}
script: |
set -e
REG="${{ env.DOCKER_REGISTRY }}"
VERSION="${{ env.VERSION }}"
echo "Deploying user: $REG/ppanel/ppanel-user-web:$VERSION"
# 拉取新镜像
docker pull "$REG/ppanel/ppanel-user-web:$VERSION" || true
# 优雅停止并移除容器
if docker ps -q -f name=ppanel-user-web | grep -q .; then
echo "Stopping existing container..."
docker stop ppanel-user-web || true
sleep 5
fi
# 移除容器(如果存在)
if docker ps -aq -f name=ppanel-user-web | grep -q .; then
echo "Removing existing container..."
docker rm ppanel-user-web || true
fi
# 启动新容器
echo "Starting new container..."
docker run -d --name ppanel-user-web --restart=always -p 3001:3000 -e NEXT_PUBLIC_API_URL="https://api.airoport.co" "$REG/ppanel/ppanel-user-web:$VERSION"
# 验证容器启动
sleep 3
if docker ps -q -f name=ppanel-user-web | grep -q .; then
echo "Container started successfully"
else
echo "Failed to start container"
exit 1
fi
- name: Notify success to Telegram
uses: chapvic/telegram-notify@master
if: success()
with:
token: ${{ env.TELEGRAM_BOT_TOKEN }}
chat: ${{ env.TELEGRAM_CHAT_ID }}
status: ${{ job.status }}
title: ✅ 构建成功
message: "${{ gitea.repository }} 构建成功"
footer: "触发者: ${{ gitea.actor }}"
- name: Notify failure to Telegram
uses: chapvic/telegram-notify@master
if: failure()
with:
token: ${{ env.TELEGRAM_BOT_TOKEN }}
chat: ${{ env.TELEGRAM_CHAT_ID }}
status: ${{ job.status }}
title: ❌ 构建失败
message: "${{ gitea.repository }} 构建失败"
footer: "触发者: ${{ gitea.actor }}"
Reference in New Issue View Git Blame Copy Permalink