fix: 修复工作流 YAML 语法错误
All checks were successful
itom-platform auto build image / build (push) Successful in 2m40s
All checks were successful
itom-platform auto build image / build (push) Successful in 2m40s
This commit is contained in:
kim
@@ -1,4 +1,5 @@
|
|||||||
name: itom-platform auto build image
|
name: itom-platform auto build image
|
||||||
|
# itom-platform:auto-ci-managed
|
||||||
|
|
||||||
on:
|
on:
|
||||||
push:
|
push:
|
||||||
@@ -11,7 +12,6 @@ permissions:
|
|||||||
packages: write
|
packages: write
|
||||||
|
|
||||||
env:
|
env:
|
||||||
# CI 触发模式:优先仓库变量,其次 Secrets(默认 dispatch)
|
|
||||||
CI_TRIGGER_MODE_VAR: ${{ vars.CI_TRIGGER_MODE }}
|
CI_TRIGGER_MODE_VAR: ${{ vars.CI_TRIGGER_MODE }}
|
||||||
CI_TRIGGER_MODE_SECRET: ${{ secrets.CI_TRIGGER_MODE }}
|
CI_TRIGGER_MODE_SECRET: ${{ secrets.CI_TRIGGER_MODE }}
|
||||||
|
|
||||||
@@ -20,23 +20,23 @@ jobs:
|
|||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
|
|
||||||
env:
|
env:
|
||||||
# 使用 Docker Hub 作为镜像仓库
|
|
||||||
REGISTRY: docker.io
|
REGISTRY: docker.io
|
||||||
# Docker Hub 个人命名空间(需与 DOCKER_USERNAME 一致)
|
|
||||||
IMAGE: docker.io/kim6789/chat-deploy
|
IMAGE: docker.io/kim6789/chat-deploy
|
||||||
# Docker Hub 凭证来自仓库 Secrets
|
|
||||||
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
|
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
|
||||||
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
|
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
|
||||||
|
|
||||||
steps:
|
steps:
|
||||||
- name: Check trigger mode
|
- name: Check trigger mode
|
||||||
shell: sh
|
shell: sh
|
||||||
run: |
|
run: |
|
||||||
set -eu
|
set -eu
|
||||||
MODE="${CI_TRIGGER_MODE_VAR:-${CI_TRIGGER_MODE_SECRET:-dispatch}}"
|
MODE="${CI_TRIGGER_MODE_VAR:-${CI_TRIGGER_MODE_SECRET:-dispatch}}"
|
||||||
|
MODE=$(echo "$MODE" | tr 'A-Z' 'a-z')
|
||||||
EVENT="${GITHUB_EVENT_NAME:-${GITEA_EVENT_NAME:-}}"
|
EVENT="${GITHUB_EVENT_NAME:-${GITEA_EVENT_NAME:-}}"
|
||||||
|
EVENT=$(echo "$EVENT" | tr 'A-Z' 'a-z')
|
||||||
ALLOW="false"
|
ALLOW="false"
|
||||||
case "$EVENT" in
|
case "$EVENT" in
|
||||||
workflow_dispatch)
|
workflow_dispatch|manual)
|
||||||
if [ "$MODE" = "dispatch" ] || [ "$MODE" = "both" ]; then
|
if [ "$MODE" = "dispatch" ] || [ "$MODE" = "both" ]; then
|
||||||
ALLOW="true"
|
ALLOW="true"
|
||||||
fi
|
fi
|
||||||
@@ -46,6 +46,11 @@ jobs:
|
|||||||
ALLOW="true"
|
ALLOW="true"
|
||||||
fi
|
fi
|
||||||
;;
|
;;
|
||||||
|
*)
|
||||||
|
if [ "$MODE" = "dispatch" ] || [ "$MODE" = "both" ]; then
|
||||||
|
ALLOW="true"
|
||||||
|
fi
|
||||||
|
;;
|
||||||
esac
|
esac
|
||||||
echo "CI_TRIGGER_MODE=$MODE" >> "$GITHUB_ENV"
|
echo "CI_TRIGGER_MODE=$MODE" >> "$GITHUB_ENV"
|
||||||
echo "CI_TRIGGER_ALLOWED=$ALLOW" >> "$GITHUB_ENV"
|
echo "CI_TRIGGER_ALLOWED=$ALLOW" >> "$GITHUB_ENV"
|
||||||
@@ -59,7 +64,7 @@ jobs:
|
|||||||
run: |
|
run: |
|
||||||
set -eu
|
set -eu
|
||||||
if ! command -v git >/dev/null 2>&1; then
|
if ! command -v git >/dev/null 2>&1; then
|
||||||
apk add --no-cache git openssh-client ca-certificates
|
apk add --no-cache git openssh-client ca-certificates || apt-get update && apt-get install -y git
|
||||||
fi
|
fi
|
||||||
|
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
@@ -68,8 +73,6 @@ jobs:
|
|||||||
env:
|
env:
|
||||||
GIT_USER: ${{ secrets.GIT_USER }}
|
GIT_USER: ${{ secrets.GIT_USER }}
|
||||||
GIT_TOKEN: ${{ secrets.GIT_TOKEN }}
|
GIT_TOKEN: ${{ secrets.GIT_TOKEN }}
|
||||||
REGISTRY_USER: ${{ secrets.REGISTRY_USER }}
|
|
||||||
REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }}
|
|
||||||
run: |
|
run: |
|
||||||
set -eu
|
set -eu
|
||||||
WORKDIR="${GITHUB_WORKSPACE:-/workspace}"
|
WORKDIR="${GITHUB_WORKSPACE:-/workspace}"
|
||||||
@@ -86,23 +89,13 @@ jobs:
|
|||||||
USER="$GIT_USER"
|
USER="$GIT_USER"
|
||||||
TOKEN="$GIT_TOKEN"
|
TOKEN="$GIT_TOKEN"
|
||||||
elif [ -n "${GITEA_TOKEN:-}" ]; then
|
elif [ -n "${GITEA_TOKEN:-}" ]; then
|
||||||
USER="${GITEA_ACTOR:-${FORGEJO_ACTOR:-${GITHUB_ACTOR:-}}}"
|
USER="${GITEA_ACTOR:-${GITHUB_ACTOR:-}}"
|
||||||
TOKEN="$GITEA_TOKEN"
|
TOKEN="$GITEA_TOKEN"
|
||||||
elif [ -n "${FORGEJO_TOKEN:-}" ]; then
|
|
||||||
USER="${FORGEJO_ACTOR:-${GITHUB_ACTOR:-}}"
|
|
||||||
TOKEN="$FORGEJO_TOKEN"
|
|
||||||
elif [ -n "${GITHUB_TOKEN:-}" ]; then
|
elif [ -n "${GITHUB_TOKEN:-}" ]; then
|
||||||
USER="${GITHUB_ACTOR:-}"
|
USER="${GITHUB_ACTOR:-}"
|
||||||
TOKEN="$GITHUB_TOKEN"
|
TOKEN="$GITHUB_TOKEN"
|
||||||
elif [ -n "${REGISTRY_USER:-}" ] && [ -n "${REGISTRY_PASSWORD:-}" ]; then
|
|
||||||
USER="$REGISTRY_USER"
|
|
||||||
TOKEN="$REGISTRY_PASSWORD"
|
|
||||||
fi
|
fi
|
||||||
if [ -n "$TOKEN" ]; then
|
if [ -n "$TOKEN" ] && [ -n "$USER" ]; then
|
||||||
if [ -z "$USER" ]; then
|
|
||||||
echo "ERROR: missing git username for token auth."
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
AUTH_HOST="${SERVER#https://}"
|
AUTH_HOST="${SERVER#https://}"
|
||||||
AUTH_HOST="${AUTH_HOST#http://}"
|
AUTH_HOST="${AUTH_HOST#http://}"
|
||||||
git clone "https://${USER}:${TOKEN}@${AUTH_HOST}/${REPO}.git" "$WORKDIR"
|
git clone "https://${USER}:${TOKEN}@${AUTH_HOST}/${REPO}.git" "$WORKDIR"
|
||||||
@@ -122,11 +115,11 @@ jobs:
|
|||||||
set -eu
|
set -eu
|
||||||
BRANCH="${GITHUB_REF_NAME:-${GITEA_REF_NAME:-}}"
|
BRANCH="${GITHUB_REF_NAME:-${GITEA_REF_NAME:-}}"
|
||||||
if [ -z "$BRANCH" ]; then
|
if [ -z "$BRANCH" ]; then
|
||||||
BRANCH="$(echo "${GITHUB_REF:-${GITEA_REF:-}}" | sed 's#.*/##')"
|
BRANCH=$(echo "${GITHUB_REF:-${GITEA_REF:-}}" | sed 's#.*/##')
|
||||||
fi
|
fi
|
||||||
BRANCH="$(echo "$BRANCH" | tr '/' '-')"
|
BRANCH=$(echo "$BRANCH" | tr '/' '-')
|
||||||
SHA="${GITHUB_SHA:-${GITEA_SHA:-}}"
|
SHA="${GITHUB_SHA:-${GITEA_SHA:-}}"
|
||||||
SHA_SHORT="$(printf '%s' "$SHA" | cut -c1-7)"
|
SHA_SHORT=$(echo "$SHA" | cut -c1-7)
|
||||||
echo "BRANCH=$BRANCH" >> "$GITHUB_ENV"
|
echo "BRANCH=$BRANCH" >> "$GITHUB_ENV"
|
||||||
echo "SHA_SHORT=$SHA_SHORT" >> "$GITHUB_ENV"
|
echo "SHA_SHORT=$SHA_SHORT" >> "$GITHUB_ENV"
|
||||||
|
|
||||||
@@ -138,7 +131,7 @@ jobs:
|
|||||||
DOCKERFILE_PATH="${DOCKERFILE_PATH:-}"
|
DOCKERFILE_PATH="${DOCKERFILE_PATH:-}"
|
||||||
BUILD_CONTEXT="${BUILD_CONTEXT:-.}"
|
BUILD_CONTEXT="${BUILD_CONTEXT:-.}"
|
||||||
if [ -z "$DOCKERFILE_PATH" ]; then
|
if [ -z "$DOCKERFILE_PATH" ]; then
|
||||||
for candidate in Dockerfile docker/Dockerfile .docker/Dockerfile build/Dockerfile api/Dockerfile api/docker/Dockerfile; do
|
for candidate in Dockerfile docker/Dockerfile .docker/Dockerfile build/Dockerfile; do
|
||||||
if [ -f "$candidate" ]; then
|
if [ -f "$candidate" ]; then
|
||||||
DOCKERFILE_PATH="$candidate"
|
DOCKERFILE_PATH="$candidate"
|
||||||
break
|
break
|
||||||
@@ -146,13 +139,12 @@ jobs:
|
|||||||
done
|
done
|
||||||
fi
|
fi
|
||||||
if [ -z "$DOCKERFILE_PATH" ]; then
|
if [ -z "$DOCKERFILE_PATH" ]; then
|
||||||
echo "ERROR: Dockerfile not found. Set DOCKERFILE_PATH or add Dockerfile."
|
echo "ERROR: Dockerfile not found."
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
echo "DOCKERFILE_PATH=$DOCKERFILE_PATH" >> "$GITHUB_ENV"
|
echo "DOCKERFILE_PATH=$DOCKERFILE_PATH" >> "$GITHUB_ENV"
|
||||||
echo "BUILD_CONTEXT=$BUILD_CONTEXT" >> "$GITHUB_ENV"
|
echo "BUILD_CONTEXT=$BUILD_CONTEXT" >> "$GITHUB_ENV"
|
||||||
|
|
||||||
|
|
||||||
- name: Login registry
|
- name: Login registry
|
||||||
if: ${{ env.CI_TRIGGER_ALLOWED == 'true' }}
|
if: ${{ env.CI_TRIGGER_ALLOWED == 'true' }}
|
||||||
shell: sh
|
shell: sh
|
||||||
@@ -161,9 +153,8 @@ jobs:
|
|||||||
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
|
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
|
||||||
run: |
|
run: |
|
||||||
set -eu
|
set -eu
|
||||||
# 使用 Docker Hub 凭证登录
|
|
||||||
if [ -z "${DOCKER_USERNAME:-}" ] || [ -z "${DOCKER_PASSWORD:-}" ]; then
|
if [ -z "${DOCKER_USERNAME:-}" ] || [ -z "${DOCKER_PASSWORD:-}" ]; then
|
||||||
echo "ERROR: 缺少 Docker Hub 凭证(DOCKER_USERNAME/DOCKER_PASSWORD)。"
|
echo "ERROR: Missing Docker Hub credentials."
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
echo "$DOCKER_PASSWORD" | docker login "$REGISTRY" -u "$DOCKER_USERNAME" --password-stdin
|
echo "$DOCKER_PASSWORD" | docker login "$REGISTRY" -u "$DOCKER_USERNAME" --password-stdin
|
||||||
@@ -176,54 +167,14 @@ jobs:
|
|||||||
cd "${GITHUB_WORKSPACE:-/workspace}"
|
cd "${GITHUB_WORKSPACE:-/workspace}"
|
||||||
IMAGE_BRANCH_TAG="$IMAGE:${BRANCH}"
|
IMAGE_BRANCH_TAG="$IMAGE:${BRANCH}"
|
||||||
IMAGE_SHA_TAG="$IMAGE:sha-${SHA_SHORT}"
|
IMAGE_SHA_TAG="$IMAGE:sha-${SHA_SHORT}"
|
||||||
|
|
||||||
|
echo "Building image..."
|
||||||
docker build -t "$IMAGE_BRANCH_TAG" -t "$IMAGE_SHA_TAG" -f "$DOCKERFILE_PATH" "$BUILD_CONTEXT"
|
docker build -t "$IMAGE_BRANCH_TAG" -t "$IMAGE_SHA_TAG" -f "$DOCKERFILE_PATH" "$BUILD_CONTEXT"
|
||||||
|
|
||||||
log_image() {
|
echo "Pushing $IMAGE_BRANCH_TAG..."
|
||||||
local tag="$1"
|
docker push "$IMAGE_BRANCH_TAG"
|
||||||
echo "== Image info: $tag =="
|
|
||||||
docker image inspect --format 'Image ID: {{.Id}} Size: {{.Size}}' "$tag" || true
|
|
||||||
}
|
|
||||||
|
|
||||||
log_layers() {
|
echo "Pushing $IMAGE_SHA_TAG..."
|
||||||
local tag="$1"
|
docker push "$IMAGE_SHA_TAG"
|
||||||
echo "== RootFS layers (base -> top): $tag =="
|
|
||||||
docker image inspect --format '{{range $i, $layer := .RootFS.Layers}}{{println $i $layer}}{{end}}' "$tag" || true
|
|
||||||
}
|
|
||||||
|
|
||||||
log_history() {
|
echo "Build and push completed successfully."
|
||||||
local tag="$1"
|
|
||||||
echo "== Image history (top -> base): $tag =="
|
|
||||||
docker history --no-trunc "$tag" | head -n 80 || true
|
|
||||||
echo "== (history truncated to 80 lines) =="
|
|
||||||
}
|
|
||||||
|
|
||||||
log_image "$IMAGE_BRANCH_TAG"
|
|
||||||
log_layers "$IMAGE_BRANCH_TAG"
|
|
||||||
log_history "$IMAGE_BRANCH_TAG"
|
|
||||||
|
|
||||||
push_with_diag() {
|
|
||||||
local tag="$1"
|
|
||||||
local safe_tag
|
|
||||||
safe_tag=$(echo "$tag" | tr '/:' '__')
|
|
||||||
local log_file="/tmp/docker-push-${safe_tag}.log"
|
|
||||||
echo "== docker push $tag =="
|
|
||||||
if docker push "$tag" >"$log_file" 2>&1; then
|
|
||||||
tail -n 5 "$log_file" || true
|
|
||||||
return 0
|
|
||||||
fi
|
|
||||||
log_image "$tag"
|
|
||||||
log_layers "$tag"
|
|
||||||
log_history "$tag"
|
|
||||||
echo "== Docker system info =="
|
|
||||||
docker info || true
|
|
||||||
echo "== Disk usage (df -h) =="
|
|
||||||
df -h || true
|
|
||||||
echo "== Docker disk usage =="
|
|
||||||
docker system df -v | head -n 200 || true
|
|
||||||
echo "== Push failed (tail) for $tag =="
|
|
||||||
tail -n 200 "$log_file" || true
|
|
||||||
exit 1
|
|
||||||
}
|
|
||||||
|
|
||||||
push_with_diag "$IMAGE_BRANCH_TAG"
|
|
||||||
push_with_diag "$IMAGE_SHA_TAG"
|
|
||||||
|
|||||||
Reference in New Issue
Block a user