name: CI # Required Secrets: # - DJANGO_SECRET_KEY: Django Secret Key # - token: Gitea API token for creating releases # - ALIST_PUBLIC_URL: Public URL for AList download (e.g., http://alist.example.com/d/ci) # - WEBDAV_URL: WebDAV upload URL (e.g., http://alist.example.com/dav/ci/) # - WEBDAV_USER: WebDAV username # - WEBDAV_PASSWORD: WebDAV password on: push: branches: - Django workflow_dispatch: inputs: version: description: 版本号(如 0.2.2),为空则自动生成 required: false concurrency: group: ci-${{ github.ref }} cancel-in-progress: true jobs: docker-ci: if: github.event_name == 'workflow_dispatch' || (github.event_name == 'push' && contains(github.event.head_commit.message, '[ci]')) runs-on: ubuntu-latest container: image: catthehacker/ubuntu:act-latest timeout-minutes: 40 env: DJANGO_SECRET_KEY: ${{ secrets.DJANGO_SECRET_KEY }} DJANGO_DEBUG: "False" DJANGO_ALLOWED_HOSTS: "127.0.0.1,localhost" IMAGE_NAME: achievement_inputing_ci ARTIFACT_DIR: artifacts # 请在 Secrets 中配置 ALIST_PUBLIC_URL,例如 http://139.224.69.213:8080/d/ci DOWNLOAD_BASE: ${{ secrets.ALIST_PUBLIC_URL }} GITEA_SERVER: ${{ github.server_url }} GITEA_REPO: ${{ github.repository }} RELEASE_TOKEN: ${{ secrets.token }} steps: - name: Ensure source present env: SERVER: ${{ github.server_url }} REPO: ${{ github.repository }} REF: ${{ github.ref }} SHA: ${{ github.sha }} TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | if [ -f "$GITHUB_WORKSPACE/Dockerfile" ]; then exit 0; fi mkdir -p "$GITHUB_WORKSPACE" cd "$GITHUB_WORKSPACE" git init . if [ -z "$TOKEN" ]; then git fetch --depth=1 "$SERVER/$REPO.git" "$REF" else git -c http.extraHeader="Authorization: Bearer $TOKEN" fetch --depth=1 "$SERVER/$REPO.git" "$REF" fi git checkout FETCH_HEAD - name: Derive version run: | msg="${{ github.event.head_commit.message }}" ver_input="${{ github.event.inputs.version }}" ver="" if [ -n "$ver_input" ]; then ver="$ver_input" else ver=$(echo "$msg" | grep -Eo "\[[0-9]+(\.[0-9]+){1,}\]" | head -n1 | tr -d '[]') fi if [ -z "$ver" ]; then ver="$(date +%Y%m%d%H%M)-${GITHUB_SHA:0:7}" fi echo "VERSION=$ver" >> $GITHUB_ENV - name: Build application image run: | docker build -t "$IMAGE_NAME:$VERSION" -f "$GITHUB_WORKSPACE/Dockerfile" "$GITHUB_WORKSPACE" - name: Output image info run: | docker image inspect "$IMAGE_NAME:$VERSION" --format '{{.Id}} {{.Size}}' - name: Export image tar run: | ART="achievement_inputing_ci_${VERSION}.tar" docker save -o "$GITHUB_WORKSPACE/$ART" "$IMAGE_NAME:$VERSION" echo "$ART" > "$GITHUB_WORKSPACE/.artifact_name" - name: Publish artifact locally run: | ART=$(cat "$GITHUB_WORKSPACE/.artifact_name") mkdir -p "$GITHUB_WORKSPACE/$ARTIFACT_DIR" mv "$GITHUB_WORKSPACE/$ART" "$GITHUB_WORKSPACE/$ARTIFACT_DIR/" echo "artifact: $GITHUB_WORKSPACE/$ARTIFACT_DIR/$ART" - name: Publish to WebDAV env: WEBDAV_URL: ${{ secrets.WEBDAV_URL }} WEBDAV_USER: ${{ secrets.WEBDAV_USER }} WEBDAV_PASSWORD: ${{ secrets.WEBDAV_PASSWORD }} run: | set -e ART=$(cat "$GITHUB_WORKSPACE/.artifact_name") FILE_PATH="$GITHUB_WORKSPACE/$ARTIFACT_DIR/$ART" # 检查必要的 secrets 是否存在 if [ -z "$WEBDAV_URL" ]; then echo "Error: WEBDAV_URL secret is not set." exit 1 fi # 确保 URL 以 / 结尾 case "$WEBDAV_URL" in */) ;; *) WEBDAV_URL="${WEBDAV_URL}/" ;; esac echo "Uploading $ART to $WEBDAV_URL..." curl -f -u "$WEBDAV_USER:$WEBDAV_PASSWORD" -T "$FILE_PATH" "${WEBDAV_URL}${ART}" echo "Upload success." - name: Create release with download link if: env.RELEASE_TOKEN != '' run: | ART=$(cat "$GITHUB_WORKSPACE/.artifact_name") BRANCH=${GITHUB_REF#refs/heads/} TAG="$VERSION" NAME="$VERSION" BASE="${DOWNLOAD_BASE%/}" DL="$BASE/$ART" echo "download: $DL" JSON=$(printf '{"tag_name":"%s","target_commitish":"%s","name":"%s","body":"%s"}' "$TAG" "$BRANCH" "$NAME" "$DL") curl -sS -X POST "$GITEA_SERVER/api/v1/repos/$GITEA_REPO/releases" -H "Content-Type: application/json" -H "Authorization: token $RELEASE_TOKEN" -d "$JSON"