iriver/photography
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

解决部署工作流程合并冲突:采用更健壮的Docker构建和推送流程
Some checks failed
部署后端服务 / 🚀 构建并部署 (push) Failing after 18s
Details

Browse Source
This commit is contained in:
iriver
2025-07-15 20:03:05 +08:00
parent 76ab7c4c45 93cc1c427d
commit 827758c448
3 changed files with 201 additions and 174 deletions
Download Patch File Download Diff File Expand all files Collapse all files

228
.gitea/workflows/deploy-backend.yml
View File

@ -48,12 +48,33 @@ jobs:
# 验证配置
docker info | grep -A 5 "Registry Mirrors" || true
- name: 🔑 登录到镜像仓库
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: 🔑 登录到镜像仓库(使用阿里云访问令牌)
run: |
echo "🔑 使用阿里云访问令牌登录..."
# 创建 Docker 配置文件
mkdir -p ~/.docker
cat > ~/.docker/config.json << EOF
{
"auths": {
"${{ env.REGISTRY }}": {
"auth": "$(echo -n '${{ secrets.DOCKER_USERNAME }}:${{ secrets.DOCKER_PASSWORD }}' | base64 -w 0)"
}
}
}
EOF
# 验证登录状态
echo "🔍 验证登录状态..."
if docker pull ${{ env.REGISTRY }}/library/hello-world:latest 2>/dev/null; then
echo "✅ 镜像仓库认证成功"
else
echo "❌ 镜像仓库认证失败,尝试基础认证..."
# 使用基础认证
echo "${{ secrets.DOCKER_PASSWORD }}" | docker login ${{ env.REGISTRY }} --username "${{ secrets.DOCKER_USERNAME }}" --password-stdin || {
echo "❌ 所有认证方式都失败"
exit 1
}
fi
- name: 📝 提取元数据
id: meta
@ -66,28 +87,74 @@ jobs:
type=sha,prefix={{branch}}-
type=raw,value=latest,enable={{is_default_branch}}
- name: 🔐 验证 Docker 认证
- name: 🏗️ 构建镜像(使用正确格式)
run: |
echo "验证 Docker 认证状态..."
docker info | grep -A 10 "Registry:" || true
echo "测试镜像仓库连接..."
docker pull ${{ env.REGISTRY }}/hello-world:latest || echo "拉取测试镜像失败(正常)"
echo "🔨 开始构建 Docker 镜像..."
cd ./backend
# 设置正确的镜像标签格式
IMAGE_TAG="${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.sha }}"
IMAGE_TAG_LATEST="${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest"
echo "🏷️ 镜像标签:"
echo " - $IMAGE_TAG"
echo " - $IMAGE_TAG_LATEST"
# 构建镜像
docker build -t $IMAGE_TAG -t $IMAGE_TAG_LATEST .
# 验证镜像
echo "🔍 验证镜像构建..."
docker images | grep photography-backend
echo "✅ 镜像构建完成"
- name: 🏗️ 构建并推送镜像
uses: docker/build-push-action@v5
with:
context: ./backend
file: ./backend/Dockerfile
platforms: linux/amd64
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max
provenance: false
sbom: false
env:
BUILDKIT_PROGRESS: plain
- name: 📤 推送镜像(使用正确路径)
run: |
IMAGE_TAG="${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.sha }}"
IMAGE_TAG_LATEST="${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest"
echo "📤 开始推送镜像..."
echo "📋 目标仓库: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}"
# 重试机制
max_attempts=3
attempt=1
while [ $attempt -le $max_attempts ]; do
echo "📤 推送尝试 $attempt/$max_attempts..."
echo "🚀 推送命令: docker push $IMAGE_TAG"
if docker push $IMAGE_TAG; then
echo "✅ 版本标签推送成功"
echo "🚀 推送 latest 标签: docker push $IMAGE_TAG_LATEST"
if docker push $IMAGE_TAG_LATEST; then
echo "✅ latest 标签推送成功"
break
else
echo "⚠️ latest 标签推送失败,但版本标签已成功"
break
fi
else
echo "❌ 推送失败,等待重试..."
if [ $attempt -lt $max_attempts ]; then
echo "⏳ 等待15秒后重试..."
sleep 15
fi
fi
attempt=$((attempt + 1))
done
if [ $attempt -gt $max_attempts ]; then
echo "❌ 所有推送尝试都失败"
echo "📋 请检查以下配置:"
echo " - 仓库地址: ${{ env.REGISTRY }}"
echo " - 镜像名称: ${{ env.IMAGE_NAME }}"
echo " - 认证信息: ${{ secrets.DOCKER_USERNAME }}"
exit 1
fi
- name: 📦 同步配置文件
run: |
@ -121,6 +188,28 @@ jobs:
# 切换到后端项目目录
cd /data/docker/photography/backend
# 检查 Docker 服务状态
echo "🐳 检查 Docker 服务状态..."
if ! docker info >/dev/null 2>&1; then
echo "❌ Docker 服务未运行或权限不足,尝试使用 sudo..."
echo '${{ secrets.TYY_PWD }}' | sudo -S systemctl start docker
sleep 5
fi
# 验证 Docker 权限
echo "🔍 验证 Docker 权限..."
docker --version || {
echo "❌ Docker 命令不可用"
exit 1
}
# 登录阿里云镜像仓库
echo "🔑 登录阿里云镜像仓库..."
echo "${{ secrets.DOCKER_PASSWORD }}" | docker login ${{ env.REGISTRY }} --username "${{ secrets.DOCKER_USERNAME }}" --password-stdin || {
echo "❌ Docker 登录失败,检查认证信息..."
exit 1
}
# 备份当前运行的容器 (如果存在)
if docker ps -q -f name=photography-api; then
echo "📦 备份当前后端容器..."
@ -129,19 +218,26 @@ jobs:
# 停止现有服务
echo "🛑 停止现有服务..."
docker-compose down api || true
docker compose down api || {
echo "⚠️ 停止服务时遇到问题,继续执行..."
docker stop photography-api || true
docker rm photography-api || true
}
# 拉取最新镜像
echo "📥 拉取最新镜像..."
docker-compose pull api
docker pull ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.sha }} || {
echo "❌ 镜像拉取失败,检查网络连接..."
exit 1
}
# 数据库迁移需要手动执行
echo "⚠️ 数据库迁移需要手动执行,请在部署后运行:"
echo " docker-compose exec api ./main migrate"
echo " docker compose exec api ./main migrate"
# 启动后端服务
echo "🚀 启动后端服务..."
docker-compose up -d api
docker compose up -d api
# 等待服务启动
echo "⏳ 等待服务启动..."
@ -160,7 +256,7 @@ jobs:
# 检查服务状态
echo "📊 检查服务状态..."
docker-compose ps
docker compose ps
# 清理旧镜像 (保留最近3个)
echo "🧹 清理旧镜像..."
@ -171,7 +267,7 @@ jobs:
echo "🎉 后端部署完成!"
echo "📋 请记住手动运行数据库迁移:"
echo " docker-compose exec api ./main migrate"
echo " docker compose exec api ./main migrate"
- name: 📧 发送部署通知
if: always()
@ -189,50 +285,50 @@ jobs:
${{ job.status == 'success' && '✅ 部署成功' || '❌ 部署失败' }}
${{ job.status == 'success' && '⚠️ 请记住手动运行数据库迁移: docker-compose exec api ./main migrate' || '' }}
${{ job.status == 'success' && '⚠️ 请记住手动运行数据库迁移: docker compose exec api ./main migrate' || '' }}
🌐 API: https://api.photography.iriver.top/health
📊 监控: https://admin.photography.iriver.top
rollback:
name: 🔄 回滚部署
runs-on: ubuntu-latest
if: failure() && github.ref == 'refs/heads/main'
needs: build-and-deploy
# rollback:
# name: 🔄 回滚部署
# runs-on: ubuntu-latest
# if: failure() && github.ref == 'refs/heads/main'
# needs: build-and-deploy
steps:
- name: 🔄 执行回滚
uses: appleboy/ssh-action@v1.0.0
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.TYY_USER }}
password: ${{ secrets.TYY_PWD }}
port: ${{ secrets.PORT }}
script: |
cd /data/docker/photography/backend
# steps:
# - name: 🔄 执行回滚
# uses: appleboy/ssh-action@v1.0.0
# with:
# host: ${{ secrets.HOST }}
# username: ${{ secrets.TYY_USER }}
# password: ${{ secrets.TYY_PWD }}
# port: ${{ secrets.PORT }}
# script: |
# cd /data/docker/photography/backend
echo "🔄 开始回滚后端服务..."
# echo "🔄 开始回滚后端服务..."
# 查找最新的备份容器
BACKUP_IMAGE=$(docker images photography_backend_backup_* --format "table {{.Repository}}:{{.Tag}}\t{{.CreatedAt}}" | tail -n +2 | sort -k2 -r | head -n 1 | awk '{print $1}')
# # 查找最新的备份容器
# BACKUP_IMAGE=$(docker images photography_backend_backup_* --format "table {{.Repository}}:{{.Tag}}\t{{.CreatedAt}}" | tail -n +2 | sort -k2 -r | head -n 1 | awk '{print $1}')
if [ -n "$BACKUP_IMAGE" ]; then
echo "📦 找到备份镜像: $BACKUP_IMAGE"
# if [ -n "$BACKUP_IMAGE" ]; then
# echo "📦 找到备份镜像: $BACKUP_IMAGE"
# 停止当前服务
docker-compose down backend
# # 停止当前服务
# docker compose down api
# 标记备份镜像为最新
docker tag $BACKUP_IMAGE photography_backend:rollback
# # 标记备份镜像为最新
# docker tag $BACKUP_IMAGE photography_backend:rollback
# 修改 docker-compose 使用回滚镜像
sed -i 's|build: .*|image: photography_backend:rollback|g' docker-compose.yml
# # 修改 docker compose 使用回滚镜像
# sed -i 's|build: .*|image: photography_backend:rollback|g' docker-compose.yml
# 启动回滚版本
docker-compose up -d backend
# # 启动回滚版本
# docker compose up -d api
echo "✅ 回滚完成"
else
echo "❌ 未找到备份镜像,无法回滚"
exit 1
fi
# echo "✅ 回滚完成"
# else
# echo "❌ 未找到备份镜像,无法回滚"
# exit 1
# fi