refactor: 优化CI/CD流程镜像,避免安装环境
- deploy-production: 使用 alpine/git 镜像,移除 apk add - archive-to-main: 使用 alpine/git 镜像,移除 apk add - notify-wechat: 使用 python:3.11-slim 镜像,使用 Python 发送通知 - 将 curl 健康检查改为 wget,alpine/git 自带 wget - 所有步骤均使用精简镜像,无需安装额外工具
This commit is contained in:
张翔
+96
-42
@@ -38,8 +38,6 @@
|
|||||||
variables:
|
variables:
|
||||||
- &node_image node:20-alpine
|
- &node_image node:20-alpine
|
||||||
- &docker_image docker:24-cli
|
- &docker_image docker:24-cli
|
||||||
- &npm_cache /root/.npm
|
|
||||||
- &node_modules_cache /woodpecker/src/node_modules
|
|
||||||
|
|
||||||
# ============================================
|
# ============================================
|
||||||
# 阶段1: 代码质量检查
|
# 阶段1: 代码质量检查
|
||||||
@@ -260,7 +258,7 @@ steps:
|
|||||||
# 阶段5: 部署到生产环境 (release分支)
|
# 阶段5: 部署到生产环境 (release分支)
|
||||||
# ============================================
|
# ============================================
|
||||||
deploy-production:
|
deploy-production:
|
||||||
image: alpine:latest
|
image: alpine/git:latest
|
||||||
environment:
|
environment:
|
||||||
DEPLOY_ENV: production
|
DEPLOY_ENV: production
|
||||||
SSH_PRIVATE_KEY:
|
SSH_PRIVATE_KEY:
|
||||||
@@ -269,7 +267,6 @@ steps:
|
|||||||
from_secret: registry_password
|
from_secret: registry_password
|
||||||
commands:
|
commands:
|
||||||
- echo "Deploying to production environment..."
|
- echo "Deploying to production environment..."
|
||||||
- apk add --no-cache openssh-client curl
|
|
||||||
- mkdir -p ~/.ssh
|
- mkdir -p ~/.ssh
|
||||||
- echo "$SSH_PRIVATE_KEY" > ~/.ssh/id_rsa
|
- echo "$SSH_PRIVATE_KEY" > ~/.ssh/id_rsa
|
||||||
- chmod 600 ~/.ssh/id_rsa
|
- chmod 600 ~/.ssh/id_rsa
|
||||||
@@ -320,7 +317,7 @@ steps:
|
|||||||
|
|
||||||
echo "=== Step 7: Health check ==="
|
echo "=== Step 7: Health check ==="
|
||||||
for i in {1..30}; do
|
for i in {1..30}; do
|
||||||
if curl -f https://novalon.cn/api/health; then
|
if wget -q --spider https://novalon.cn/api/health; then
|
||||||
echo "✅ Health check passed!"
|
echo "✅ Health check passed!"
|
||||||
|
|
||||||
echo "=== Step 8: Cleanup old images ==="
|
echo "=== Step 8: Cleanup old images ==="
|
||||||
@@ -339,7 +336,7 @@ steps:
|
|||||||
sleep 10
|
sleep 10
|
||||||
|
|
||||||
# 验证回滚
|
# 验证回滚
|
||||||
if curl -f https://novalon.cn/api/health; then
|
if wget -q --spider https://novalon.cn/api/health; then
|
||||||
echo "✅ Rollback succeeded, but deployment failed"
|
echo "✅ Rollback succeeded, but deployment failed"
|
||||||
else
|
else
|
||||||
echo "❌ Rollback also failed!"
|
echo "❌ Rollback also failed!"
|
||||||
@@ -358,13 +355,12 @@ steps:
|
|||||||
# 阶段6: 归档到main分支 (release分支)
|
# 阶段6: 归档到main分支 (release分支)
|
||||||
# ============================================
|
# ============================================
|
||||||
archive-to-main:
|
archive-to-main:
|
||||||
image: alpine:latest
|
image: alpine/git:latest
|
||||||
environment:
|
environment:
|
||||||
SSH_PRIVATE_KEY:
|
SSH_PRIVATE_KEY:
|
||||||
from_secret: ssh_private_key
|
from_secret: ssh_private_key
|
||||||
commands:
|
commands:
|
||||||
- echo "Archiving to main branch..."
|
- echo "Archiving to main branch..."
|
||||||
- apk add --no-cache git openssh-client
|
|
||||||
- mkdir -p ~/.ssh
|
- mkdir -p ~/.ssh
|
||||||
- echo "$SSH_PRIVATE_KEY" > ~/.ssh/id_rsa
|
- echo "$SSH_PRIVATE_KEY" > ~/.ssh/id_rsa
|
||||||
- chmod 600 ~/.ssh/id_rsa
|
- chmod 600 ~/.ssh/id_rsa
|
||||||
@@ -414,32 +410,61 @@ steps:
|
|||||||
# 阶段7: 企业微信通知
|
# 阶段7: 企业微信通知
|
||||||
# ============================================
|
# ============================================
|
||||||
notify-wechat-success:
|
notify-wechat-success:
|
||||||
image: alpine:latest
|
image: python:3.11-slim
|
||||||
environment:
|
environment:
|
||||||
WECHAT_WEBHOOK:
|
WECHAT_WEBHOOK:
|
||||||
from_secret: wechat_webhook
|
from_secret: wechat_webhook
|
||||||
commands:
|
commands:
|
||||||
- apk add --no-cache curl jq
|
- python3 -c "
|
||||||
- |
|
import os
|
||||||
BRANCH="${CI_COMMIT_BRANCH:-unknown}"
|
import json
|
||||||
COMMIT="${CI_COMMIT_SHA:0:7:-unknown}"
|
import urllib.request
|
||||||
MESSAGE="${CI_COMMIT_MESSAGE:-no message}"
|
from datetime import datetime
|
||||||
AUTHOR="${CI_COMMIT_AUTHOR:-unknown}"
|
|
||||||
PIPELINE_NUMBER="${CI_PIPELINE_NUMBER:-0}"
|
|
||||||
REPO_ID="${CI_REPO_ID:-1}"
|
|
||||||
PIPELINE_URL="https://ci.f.novalon.cn/repos/${REPO_ID}/pipeline/${PIPELINE_NUMBER}"
|
|
||||||
|
|
||||||
TIMESTAMP=$(date "+%Y-%m-%d %H:%M:%S")
|
branch = os.environ.get('CI_COMMIT_BRANCH', 'unknown')
|
||||||
|
commit = os.environ.get('CI_COMMIT_SHA', 'unknown')[:7]
|
||||||
|
message = os.environ.get('CI_COMMIT_MESSAGE', 'no message').replace('\n', ' ').replace('\"', \"'\")
|
||||||
|
author = os.environ.get('CI_COMMIT_AUTHOR', 'unknown')
|
||||||
|
pipeline_number = os.environ.get('CI_PIPELINE_NUMBER', '0')
|
||||||
|
repo_id = os.environ.get('CI_REPO_ID', '1')
|
||||||
|
pipeline_url = f'https://ci.f.novalon.cn/repos/{repo_id}/pipeline/{pipeline_number}'
|
||||||
|
timestamp = datetime.now().strftime('%Y-%m-%d %H:%M:%S')
|
||||||
|
|
||||||
MESSAGE_CLEAN=$(echo "$MESSAGE" | tr '\n' ' ' | tr '"' "'")
|
content = f'''## 🚀 Novalon Website 部署通知
|
||||||
|
|
||||||
|
> **构建状态**: <font color=\"info\">成功</font>
|
||||||
|
|
||||||
|
**项目信息**
|
||||||
|
> 分支: \`{branch}\`
|
||||||
|
> 提交: \`{commit}\`
|
||||||
|
> 作者: {author}
|
||||||
|
|
||||||
|
**提交信息**
|
||||||
|
> {message}
|
||||||
|
|
||||||
|
**操作**
|
||||||
|
> [查看构建详情]({pipeline_url})
|
||||||
|
|
||||||
|
---
|
||||||
|
> 时间: {timestamp}
|
||||||
|
> Pipeline #{pipeline_number}'''
|
||||||
|
|
||||||
CONTENT="## 🚀 Novalon Website 部署通知\n\n> **构建状态**: <font color=\"info\">成功</font>\n\n**项目信息**\n> 分支: \`${BRANCH}\`\n> 提交: \`${COMMIT}\`\n> 作者: ${AUTHOR}\n\n**提交信息**\n> ${MESSAGE_CLEAN}\n\n**操作**\n> [查看构建详情](${PIPELINE_URL})\n\n---\n> 时间: ${TIMESTAMP}\n> Pipeline #${PIPELINE_NUMBER}"
|
data = {
|
||||||
|
'msgtype': 'markdown',
|
||||||
|
'markdown': {
|
||||||
|
'content': content
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
JSON_DATA=$(echo "{}" | jq --arg content "$CONTENT" '.msgtype = "markdown" | .markdown.content = $content')
|
req = urllib.request.Request(
|
||||||
|
os.environ['WECHAT_WEBHOOK'],
|
||||||
|
data=json.dumps(data).encode('utf-8'),
|
||||||
|
headers={'Content-Type': 'application/json'}
|
||||||
|
)
|
||||||
|
|
||||||
curl -X POST "$WECHAT_WEBHOOK" \
|
with urllib.request.urlopen(req) as response:
|
||||||
-H 'Content-Type: application/json' \
|
print(response.read().decode('utf-8'))
|
||||||
-d "$JSON_DATA"
|
"
|
||||||
when:
|
when:
|
||||||
event:
|
event:
|
||||||
- push
|
- push
|
||||||
@@ -450,32 +475,61 @@ steps:
|
|||||||
- success
|
- success
|
||||||
|
|
||||||
notify-wechat-failure:
|
notify-wechat-failure:
|
||||||
image: alpine:latest
|
image: python:3.11-slim
|
||||||
environment:
|
environment:
|
||||||
WECHAT_WEBHOOK:
|
WECHAT_WEBHOOK:
|
||||||
from_secret: wechat_webhook
|
from_secret: wechat_webhook
|
||||||
commands:
|
commands:
|
||||||
- apk add --no-cache curl jq
|
- python3 -c "
|
||||||
- |
|
import os
|
||||||
BRANCH="${CI_COMMIT_BRANCH:-unknown}"
|
import json
|
||||||
COMMIT="${CI_COMMIT_SHA:0:7:-unknown}"
|
import urllib.request
|
||||||
MESSAGE="${CI_COMMIT_MESSAGE:-no message}"
|
from datetime import datetime
|
||||||
AUTHOR="${CI_COMMIT_AUTHOR:-unknown}"
|
|
||||||
PIPELINE_NUMBER="${CI_PIPELINE_NUMBER:-0}"
|
|
||||||
REPO_ID="${CI_REPO_ID:-1}"
|
|
||||||
PIPELINE_URL="https://ci.f.novalon.cn/repos/${REPO_ID}/pipeline/${PIPELINE_NUMBER}"
|
|
||||||
|
|
||||||
TIMESTAMP=$(date "+%Y-%m-%d %H:%M:%S")
|
branch = os.environ.get('CI_COMMIT_BRANCH', 'unknown')
|
||||||
|
commit = os.environ.get('CI_COMMIT_SHA', 'unknown')[:7]
|
||||||
|
message = os.environ.get('CI_COMMIT_MESSAGE', 'no message').replace('\n', ' ').replace('\"', \"'\")
|
||||||
|
author = os.environ.get('CI_COMMIT_AUTHOR', 'unknown')
|
||||||
|
pipeline_number = os.environ.get('CI_PIPELINE_NUMBER', '0')
|
||||||
|
repo_id = os.environ.get('CI_REPO_ID', '1')
|
||||||
|
pipeline_url = f'https://ci.f.novalon.cn/repos/{repo_id}/pipeline/{pipeline_number}'
|
||||||
|
timestamp = datetime.now().strftime('%Y-%m-%d %H:%M:%S')
|
||||||
|
|
||||||
MESSAGE_CLEAN=$(echo "$MESSAGE" | tr '\n' ' ' | tr '"' "'")
|
content = f'''## 🚀 Novalon Website 部署通知
|
||||||
|
|
||||||
|
> **构建状态**: <font color=\"warning\">失败</font>
|
||||||
|
|
||||||
|
**项目信息**
|
||||||
|
> 分支: \`{branch}\`
|
||||||
|
> 提交: \`{commit}\`
|
||||||
|
> 作者: {author}
|
||||||
|
|
||||||
|
**提交信息**
|
||||||
|
> {message}
|
||||||
|
|
||||||
|
**操作**
|
||||||
|
> [查看构建详情]({pipeline_url})
|
||||||
|
|
||||||
|
---
|
||||||
|
> 时间: {timestamp}
|
||||||
|
> Pipeline #{pipeline_number}'''
|
||||||
|
|
||||||
CONTENT="## 🚀 Novalon Website 部署通知\n\n> **构建状态**: <font color=\"warning\">失败</font>\n\n**项目信息**\n> 分支: \`${BRANCH}\`\n> 提交: \`${COMMIT}\`\n> 作者: ${AUTHOR}\n\n**提交信息**\n> ${MESSAGE_CLEAN}\n\n**操作**\n> [查看构建详情](${PIPELINE_URL})\n\n---\n> 时间: ${TIMESTAMP}\n> Pipeline #${PIPELINE_NUMBER}"
|
data = {
|
||||||
|
'msgtype': 'markdown',
|
||||||
|
'markdown': {
|
||||||
|
'content': content
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
JSON_DATA=$(echo "{}" | jq --arg content "$CONTENT" '.msgtype = "markdown" | .markdown.content = $content')
|
req = urllib.request.Request(
|
||||||
|
os.environ['WECHAT_WEBHOOK'],
|
||||||
|
data=json.dumps(data).encode('utf-8'),
|
||||||
|
headers={'Content-Type': 'application/json'}
|
||||||
|
)
|
||||||
|
|
||||||
curl -X POST "$WECHAT_WEBHOOK" \
|
with urllib.request.urlopen(req) as response:
|
||||||
-H 'Content-Type: application/json' \
|
print(response.read().decode('utf-8'))
|
||||||
-d "$JSON_DATA"
|
"
|
||||||
when:
|
when:
|
||||||
event:
|
event:
|
||||||
- push
|
- push
|
||||||
|
|||||||
Reference in New Issue
Block a user