130 lines
4.8 KiB
YAML
130 lines
4.8 KiB
YAML
name: CI
|
||
|
||
# Required Secrets:
|
||
# - DJANGO_SECRET_KEY: Django Secret Key
|
||
# - token: Gitea API token for creating releases
|
||
# - ALIST_PUBLIC_URL: Public URL for AList download (e.g., http://alist.example.com/d/ci)
|
||
# - WEBDAV_URL: WebDAV upload URL (e.g., http://alist.example.com/dav/ci/)
|
||
# - WEBDAV_USER: WebDAV username
|
||
# - WEBDAV_PASSWORD: WebDAV password
|
||
|
||
on:
|
||
push:
|
||
branches:
|
||
- Django
|
||
workflow_dispatch:
|
||
inputs:
|
||
version:
|
||
description: 版本号(如 0.2.2),为空则自动生成
|
||
required: false
|
||
|
||
concurrency:
|
||
group: ci-${{ github.ref }}
|
||
cancel-in-progress: true
|
||
|
||
jobs:
|
||
docker-ci:
|
||
if: github.event_name == 'workflow_dispatch' || (github.event_name == 'push' && contains(github.event.head_commit.message, '[ci]'))
|
||
runs-on: ubuntu-latest
|
||
container:
|
||
image: catthehacker/ubuntu:act-latest
|
||
timeout-minutes: 40
|
||
env:
|
||
DJANGO_SECRET_KEY: ${{ secrets.DJANGO_SECRET_KEY }}
|
||
DJANGO_DEBUG: "False"
|
||
DJANGO_ALLOWED_HOSTS: "127.0.0.1,localhost"
|
||
IMAGE_NAME: achievement_inputing_ci
|
||
ARTIFACT_DIR: artifacts
|
||
# 请在 Secrets 中配置 ALIST_PUBLIC_URL,例如 http://139.224.69.213:8080/d/ci
|
||
DOWNLOAD_BASE: ${{ secrets.ALIST_PUBLIC_URL }}
|
||
GITEA_SERVER: ${{ github.server_url }}
|
||
GITEA_REPO: ${{ github.repository }}
|
||
RELEASE_TOKEN: ${{ secrets.token }}
|
||
steps:
|
||
- name: Ensure source present
|
||
env:
|
||
SERVER: ${{ github.server_url }}
|
||
REPO: ${{ github.repository }}
|
||
REF: ${{ github.ref }}
|
||
SHA: ${{ github.sha }}
|
||
TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||
run: |
|
||
if [ -f "$GITHUB_WORKSPACE/Dockerfile" ]; then exit 0; fi
|
||
mkdir -p "$GITHUB_WORKSPACE"
|
||
cd "$GITHUB_WORKSPACE"
|
||
git init .
|
||
if [ -z "$TOKEN" ]; then
|
||
git fetch --depth=1 "$SERVER/$REPO.git" "$REF"
|
||
else
|
||
git -c http.extraHeader="Authorization: Bearer $TOKEN" fetch --depth=1 "$SERVER/$REPO.git" "$REF"
|
||
fi
|
||
git checkout FETCH_HEAD
|
||
- name: Derive version
|
||
run: |
|
||
msg="${{ github.event.head_commit.message }}"
|
||
ver_input="${{ github.event.inputs.version }}"
|
||
ver=""
|
||
if [ -n "$ver_input" ]; then
|
||
ver="$ver_input"
|
||
else
|
||
ver=$(echo "$msg" | grep -Eo "\[[0-9]+(\.[0-9]+){1,}\]" | head -n1 | tr -d '[]')
|
||
fi
|
||
if [ -z "$ver" ]; then
|
||
ver="$(date +%Y%m%d%H%M)-${GITHUB_SHA:0:7}"
|
||
fi
|
||
echo "VERSION=$ver" >> $GITHUB_ENV
|
||
- name: Build application image
|
||
run: |
|
||
docker build -t "$IMAGE_NAME:$VERSION" -f "$GITHUB_WORKSPACE/Dockerfile" "$GITHUB_WORKSPACE"
|
||
- name: Output image info
|
||
run: |
|
||
docker image inspect "$IMAGE_NAME:$VERSION" --format '{{.Id}} {{.Size}}'
|
||
- name: Export image tar
|
||
run: |
|
||
ART="achievement_inputing_ci_${VERSION}.tar"
|
||
docker save -o "$GITHUB_WORKSPACE/$ART" "$IMAGE_NAME:$VERSION"
|
||
echo "$ART" > "$GITHUB_WORKSPACE/.artifact_name"
|
||
- name: Publish artifact locally
|
||
run: |
|
||
ART=$(cat "$GITHUB_WORKSPACE/.artifact_name")
|
||
mkdir -p "$GITHUB_WORKSPACE/$ARTIFACT_DIR"
|
||
mv "$GITHUB_WORKSPACE/$ART" "$GITHUB_WORKSPACE/$ARTIFACT_DIR/"
|
||
echo "artifact: $GITHUB_WORKSPACE/$ARTIFACT_DIR/$ART"
|
||
- name: Publish to WebDAV
|
||
env:
|
||
WEBDAV_URL: ${{ secrets.WEBDAV_URL }}
|
||
WEBDAV_USER: ${{ secrets.WEBDAV_USER }}
|
||
WEBDAV_PASSWORD: ${{ secrets.WEBDAV_PASSWORD }}
|
||
run: |
|
||
set -e
|
||
ART=$(cat "$GITHUB_WORKSPACE/.artifact_name")
|
||
FILE_PATH="$GITHUB_WORKSPACE/$ARTIFACT_DIR/$ART"
|
||
|
||
# 检查必要的 secrets 是否存在
|
||
if [ -z "$WEBDAV_URL" ]; then
|
||
echo "Error: WEBDAV_URL secret is not set."
|
||
exit 1
|
||
fi
|
||
|
||
# 确保 URL 以 / 结尾
|
||
case "$WEBDAV_URL" in
|
||
*/) ;;
|
||
*) WEBDAV_URL="${WEBDAV_URL}/" ;;
|
||
esac
|
||
|
||
echo "Uploading $ART to $WEBDAV_URL..."
|
||
curl -f -u "$WEBDAV_USER:$WEBDAV_PASSWORD" -T "$FILE_PATH" "${WEBDAV_URL}${ART}"
|
||
echo "Upload success."
|
||
- name: Create release with download link
|
||
if: env.RELEASE_TOKEN != ''
|
||
run: |
|
||
ART=$(cat "$GITHUB_WORKSPACE/.artifact_name")
|
||
BRANCH=${GITHUB_REF#refs/heads/}
|
||
TAG="$VERSION"
|
||
NAME="$VERSION"
|
||
BASE="${DOWNLOAD_BASE%/}"
|
||
DL="$BASE/$ART"
|
||
echo "download: $DL"
|
||
JSON=$(printf '{"tag_name":"%s","target_commitish":"%s","name":"%s","body":"%s"}' "$TAG" "$BRANCH" "$NAME" "$DL")
|
||
curl -sS -X POST "$GITEA_SERVER/api/v1/repos/$GITEA_REPO/releases" -H "Content-Type: application/json" -H "Authorization: token $RELEASE_TOKEN" -d "$JSON"
|