name: CI on: push: branches: - Django workflow_dispatch: inputs: version: description: 版本号(如 0.2.2),为空则自动生成 required: false concurrency: group: ci-${{ github.ref }} cancel-in-progress: true jobs: docker-ci: if: github.event_name == 'workflow_dispatch' || (github.event_name == 'push' && contains(github.event.head_commit.message, '[ci]')) runs-on: ubuntu-latest timeout-minutes: 40 env: DJANGO_SECRET_KEY: ${{ secrets.DJANGO_SECRET_KEY }} DJANGO_DEBUG: "False" DJANGO_ALLOWED_HOSTS: "127.0.0.1,localhost" IMAGE_NAME: achievement_inputing_ci ALIST_URL: https://alist.spdis.top ALIST_USER: ${{ secrets.ALIST_USER }} ALIST_PASSWORD: ${{ secrets.ALIST_PASSWORD }} GITEA_SERVER: ${{ github.server_url }} GITEA_REPO: ${{ github.repository }} GITEA_TOKEN: ${{ secrets.GITEA_TOKEN }} steps: - name: Ensure source present env: SERVER: ${{ github.server_url }} REPO: ${{ github.repository }} REF: ${{ github.ref }} SHA: ${{ github.sha }} TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | if [ -f "$GITHUB_WORKSPACE/Dockerfile" ]; then exit 0; fi mkdir -p "$GITHUB_WORKSPACE" cd "$GITHUB_WORKSPACE" git init . if [ -z "$TOKEN" ]; then git fetch --depth=1 "$SERVER/$REPO.git" "$REF" else git -c http.extraHeader="Authorization: Bearer $TOKEN" fetch --depth=1 "$SERVER/$REPO.git" "$REF" fi git checkout FETCH_HEAD - name: Derive version run: | msg="${{ github.event.head_commit.message }}" ver_input="${{ github.event.inputs.version }}" ver="" if [ -n "$ver_input" ]; then ver="$ver_input" else ver=$(echo "$msg" | grep -Eo "\[[0-9]+(\.[0-9]+){1,}\]" | head -n1 | tr -d '[]') fi if [ -z "$ver" ]; then ver="$(date +%Y%m%d%H%M)-${GITHUB_SHA:0:7}" fi echo "VERSION=$ver" >> $GITHUB_ENV - name: Build application image run: | docker build -t "$IMAGE_NAME:$VERSION" -f "$GITHUB_WORKSPACE/Dockerfile" "$GITHUB_WORKSPACE" - name: Output image info run: | docker image inspect "$IMAGE_NAME:$VERSION" --format '{{.Id}} {{.Size}}' - name: Export image tar run: | ART="achievement_inputing_ci_${VERSION}.tar" docker save -o "$GITHUB_WORKSPACE/$ART" "$IMAGE_NAME:$VERSION" echo "$ART" > "$GITHUB_WORKSPACE/.artifact_name" - name: Upload to Alist run: | ART=$(cat "$GITHUB_WORKSPACE/.artifact_name") BASE="${ALIST_URL%/}" LOGIN_RESP=$(curl -sS -X POST "$BASE/api/auth/login" -H "Content-Type: application/json" -d "{\"username\":\"$ALIST_USER\",\"password\":\"$ALIST_PASSWORD\"}") export LOGIN_RESP TOKEN=$(python3 - << 'PY' import os, json s=os.environ.get('LOGIN_RESP','') try: j=json.loads(s) d=j.get('data') or {} print(d.get('token') or d.get('auth') or d.get('Authorization') or '') except Exception: print('') PY ) if [ -n "$TOKEN" ]; then curl -sS -X POST "$BASE/api/fs/mkdir" -H "Authorization: $TOKEN" -H "Content-Type: application/json" -d "{\"path\":\"/ci\"}" >/dev/null 2>&1 || true UPLOAD_STATUS=$(curl -sS -w "%{http_code}" -o /dev/null -X PUT "$BASE/api/fs/form" -H "Authorization: $TOKEN" -F "path=/ci" -F "file=@$GITHUB_WORKSPACE/$ART;type=application/x-tar") if [ "$UPLOAD_STATUS" -ge 400 ]; then UPLOAD_STATUS=$(curl -sS -w "%{http_code}" -o /dev/null -X PUT "$BASE/api/fs/form" -H "Authorization: Bearer $TOKEN" -F "path=/ci" -F "file=@$GITHUB_WORKSPACE/$ART;type=application/x-tar") fi else UPLOAD_STATUS=999 fi if [ "$UPLOAD_STATUS" -ge 400 ]; then curl -s -u "$ALIST_USER:$ALIST_PASSWORD" -X MKCOL "$BASE/dav/ci" || true UPLOAD_STATUS=$(curl -sS -w "%{http_code}" -o /dev/null -u "$ALIST_USER:$ALIST_PASSWORD" -T "$GITHUB_WORKSPACE/$ART" "$BASE/dav/ci/$ART") fi test "$UPLOAD_STATUS" -lt 400 - name: Create release with download link if: env.GITEA_TOKEN != '' run: | ART=$(cat "$GITHUB_WORKSPACE/.artifact_name") BRANCH=${GITHUB_REF#refs/heads/} TAG="$VERSION" NAME="$VERSION" DL="${ALIST_URL%/}/ci/$ART" JSON=$(printf '{"tag_name":"%s","target_commitish":"%s","name":"%s","body":"%s"}' "$TAG" "$BRANCH" "$NAME" "$DL") curl -sS -X POST "$GITEA_SERVER/api/v1/repos/$GITEA_REPO/releases" -H "Content-Type: application/json" -H "Authorization: token $GITEA_TOKEN" -d "$JSON"