name: CI on: push: branches: - Django workflow_dispatch: inputs: version: description: 版本号(如 0.2.2),为空则自动生成 required: false concurrency: group: ci-${{ github.ref }} cancel-in-progress: true jobs: docker-ci: if: github.event_name == 'workflow_dispatch' || (github.event_name == 'push' && contains(github.event.head_commit.message, '[ci]')) runs-on: ubuntu-latest timeout-minutes: 40 env: DJANGO_SECRET_KEY: ${{ secrets.DJANGO_SECRET_KEY }} DJANGO_DEBUG: "False" DJANGO_ALLOWED_HOSTS: "127.0.0.1,localhost" IMAGE_NAME: achievement_inputing_ci ARTIFACT_DIR: artifacts SERVER_DEST_DIR: /srv/ci DOWNLOAD_BASE: http://139.224.69.213:8080 GITEA_SERVER: ${{ github.server_url }} GITEA_REPO: ${{ github.repository }} RELEASE_TOKEN: ${{ secrets.token }} steps: - name: Ensure source present env: SERVER: ${{ github.server_url }} REPO: ${{ github.repository }} REF: ${{ github.ref }} SHA: ${{ github.sha }} TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | if [ -f "$GITHUB_WORKSPACE/Dockerfile" ]; then exit 0; fi mkdir -p "$GITHUB_WORKSPACE" cd "$GITHUB_WORKSPACE" git init . if [ -z "$TOKEN" ]; then git fetch --depth=1 "$SERVER/$REPO.git" "$REF" else git -c http.extraHeader="Authorization: Bearer $TOKEN" fetch --depth=1 "$SERVER/$REPO.git" "$REF" fi git checkout FETCH_HEAD - name: Derive version run: | msg="${{ github.event.head_commit.message }}" ver_input="${{ github.event.inputs.version }}" ver="" if [ -n "$ver_input" ]; then ver="$ver_input" else ver=$(echo "$msg" | grep -Eo "\[[0-9]+(\.[0-9]+){1,}\]" | head -n1 | tr -d '[]') fi if [ -z "$ver" ]; then ver="$(date +%Y%m%d%H%M)-${GITHUB_SHA:0:7}" fi echo "VERSION=$ver" >> $GITHUB_ENV - name: Build application image run: | docker build -t "$IMAGE_NAME:$VERSION" -f "$GITHUB_WORKSPACE/Dockerfile" "$GITHUB_WORKSPACE" - name: Output image info run: | docker image inspect "$IMAGE_NAME:$VERSION" --format '{{.Id}} {{.Size}}' - name: Export image tar run: | ART="achievement_inputing_ci_${VERSION}.tar" docker save -o "$GITHUB_WORKSPACE/$ART" "$IMAGE_NAME:$VERSION" echo "$ART" > "$GITHUB_WORKSPACE/.artifact_name" - name: Publish artifact locally run: | ART=$(cat "$GITHUB_WORKSPACE/.artifact_name") mkdir -p "$GITHUB_WORKSPACE/$ARTIFACT_DIR" mv "$GITHUB_WORKSPACE/$ART" "$GITHUB_WORKSPACE/$ARTIFACT_DIR/" echo "artifact: $GITHUB_WORKSPACE/$ARTIFACT_DIR/$ART" - name: Publish to /srv/ci run: | set -e ART=$(cat "$GITHUB_WORKSPACE/.artifact_name") cat "$GITHUB_WORKSPACE/$ARTIFACT_DIR/$ART" | docker run --rm -i -v "$SERVER_DEST_DIR:/srvci" "$IMAGE_NAME:$VERSION" sh -c "cat > /srvci/$ART && ls -l /srvci" echo "published: $SERVER_DEST_DIR/$ART" - name: Create release with download link if: env.RELEASE_TOKEN != '' run: | ART=$(cat "$GITHUB_WORKSPACE/.artifact_name") BRANCH=${GITHUB_REF#refs/heads/} TAG="$VERSION" NAME="$VERSION" BASE="${DOWNLOAD_BASE%/}" BASE="${BASE%/ci}" DL="$BASE/$ART" echo "download: $DL" JSON=$(printf '{"tag_name":"%s","target_commitish":"%s","name":"%s","body":"%s"}' "$TAG" "$BRANCH" "$NAME" "$DL") curl -sS -X POST "$GITEA_SERVER/api/v1/repos/$GITEA_REPO/releases" -H "Content-Type: application/json" -H "Authorization: token $RELEASE_TOKEN" -d "$JSON"