张翔
42d0acfa6c
Problem: - Turbopack file tracing caused by process.cwd() in upload.ts - Google fonts download failures in CI network environment - Module resolution errors for @vercel/turbopack-next Solutions: - Add turbopackIgnore comment to process.cwd() call - Temporarily disable Google fonts to avoid network dependencies - Use system fonts as fallback for CI builds - Switch to node:20-alpine for faster SSH installation - Add SSH debugging information This should resolve the 493 build errors and enable successful CI deployment.
239 lines
6.9 KiB
YAML
239 lines
6.9 KiB
YAML
variables:
|
|
- &node_image node:20-alpine
|
|
|
|
steps:
|
|
install-deps:
|
|
image: *node_image
|
|
environment:
|
|
NODE_ENV: development
|
|
commands:
|
|
- npm ci --cache /tmp/npm-cache --prefer-offline
|
|
volumes:
|
|
- /tmp/npm-cache:/root/.npm
|
|
- /tmp/node-modules-cache:/woodpecker/src/node_modules
|
|
when:
|
|
event:
|
|
- push
|
|
- pull_request
|
|
|
|
lint:
|
|
image: *node_image
|
|
environment:
|
|
NODE_ENV: development
|
|
depends_on:
|
|
- install-deps
|
|
commands:
|
|
- npm run lint
|
|
volumes:
|
|
- /tmp/npm-cache:/root/.npm
|
|
- /tmp/node-modules-cache:/woodpecker/src/node_modules
|
|
when:
|
|
event:
|
|
- push
|
|
- pull_request
|
|
|
|
type-check:
|
|
image: *node_image
|
|
environment:
|
|
NODE_ENV: development
|
|
depends_on:
|
|
- install-deps
|
|
commands:
|
|
- npm run type-check
|
|
volumes:
|
|
- /tmp/npm-cache:/root/.npm
|
|
- /tmp/node-modules-cache:/woodpecker/src/node_modules
|
|
when:
|
|
event:
|
|
- push
|
|
- pull_request
|
|
|
|
security-scan:
|
|
image: *node_image
|
|
environment:
|
|
NODE_ENV: production
|
|
HUSKY: 0
|
|
depends_on:
|
|
- install-deps
|
|
commands:
|
|
- npm audit --audit-level=high --omit=dev
|
|
volumes:
|
|
- /tmp/npm-cache:/root/.npm
|
|
- /tmp/node-modules-cache:/woodpecker/src/node_modules
|
|
when:
|
|
event:
|
|
- push
|
|
- pull_request
|
|
|
|
unit-tests:
|
|
image: *node_image
|
|
environment:
|
|
NODE_ENV: test
|
|
CI: true
|
|
depends_on:
|
|
- lint
|
|
- type-check
|
|
commands:
|
|
- npm run test:unit -- --coverage --coverageReporters=text-summary --forceExit 2>&1 | tee test-results.txt || true
|
|
- echo "Unit tests completed."
|
|
failure: ignore
|
|
volumes:
|
|
- /tmp/npm-cache:/root/.npm
|
|
- /tmp/node-modules-cache:/woodpecker/src/node_modules
|
|
when:
|
|
event:
|
|
- push
|
|
- pull_request
|
|
branch:
|
|
- dev
|
|
|
|
e2e-tests:
|
|
image: mcr.microsoft.com/playwright:v1.48.0-jammy
|
|
environment:
|
|
NODE_ENV: test
|
|
CI: true
|
|
BASE_URL: http://localhost:3000
|
|
TEST_TIER: standard
|
|
depends_on:
|
|
- unit-tests
|
|
commands:
|
|
- npm run build
|
|
- npx playwright install chromium --with-deps
|
|
- npm run test:e2e
|
|
failure: ignore
|
|
volumes:
|
|
- /tmp/npm-cache:/root/.npm
|
|
- /tmp/node-modules-cache:/woodpecker/src/node_modules
|
|
- /tmp/playwright-cache:/root/.cache/ms-playwright
|
|
when:
|
|
event:
|
|
- push
|
|
branch:
|
|
- dev
|
|
|
|
build-and-deploy:
|
|
image: *node_image
|
|
environment:
|
|
NODE_ENV: production
|
|
NEXT_TELEMETRY_DISABLED: 1
|
|
SSH_PRIVATE_KEY:
|
|
from_secret: ssh_private_key
|
|
depends_on:
|
|
- install-deps
|
|
- lint
|
|
- type-check
|
|
commands:
|
|
- echo "Checking SSH client availability"
|
|
- which ssh && echo "SSH client found" || echo "Installing SSH client"
|
|
- apk add --no-cache openssh-client rsync
|
|
- echo "Building production artifacts"
|
|
- npm run build
|
|
- echo "Build completed"
|
|
- ls -la dist/
|
|
- echo "Deploying to production"
|
|
- mkdir -p ~/.ssh
|
|
- echo "SSH key length: $(echo $SSH_PRIVATE_KEY | wc -c)"
|
|
- echo "First 50 chars of SSH key: $(echo $SSH_PRIVATE_KEY | cut -c1-50)"
|
|
- echo "$SSH_PRIVATE_KEY" > ~/.ssh/id_rsa
|
|
- chmod 600 ~/.ssh/id_rsa
|
|
- echo "SSH key file created, checking permissions:"
|
|
- ls -la ~/.ssh/
|
|
- echo "Testing SSH connection..."
|
|
- ssh -o StrictHostKeyChecking=no root@139.155.109.62 "echo 'Server connection OK'"
|
|
- ssh -o StrictHostKeyChecking=no root@139.155.109.62 "df -h | grep -E '/$|/home'"
|
|
- echo "Syncing build artifacts to production server"
|
|
- rsync -avz --delete -e "ssh -o StrictHostKeyChecking=no" dist/ root@139.155.109.62:/home/novalon/docker-app/novalon-website/dist/
|
|
- rsync -avz -e "ssh -o StrictHostKeyChecking=no" public/ root@139.155.109.62:/home/novalon/docker-app/novalon-website/public/
|
|
- rsync -avz -e "ssh -o StrictHostKeyChecking=no" package.json package-lock.json root@139.155.109.62:/home/novalon/docker-app/novalon-website/
|
|
- rsync -avz -e "ssh -o StrictHostKeyChecking=no" Dockerfile.prod docker-compose.server.yml root@139.155.109.62:/home/novalon/docker-app/novalon-website/
|
|
- rsync -avz -e "ssh -o StrictHostKeyChecking=no" scripts/deploy-production.sh root@139.155.109.62:/home/novalon/docker-app/novalon-website/scripts/
|
|
- rsync -avz -e "ssh -o StrictHostKeyChecking=no" .env.production root@139.155.109.62:/home/novalon/docker-app/novalon-website/ 2>/dev/null || echo "No .env.production file"
|
|
- ssh -o StrictHostKeyChecking=no root@139.155.109.62 "cd /home/novalon/docker-app/novalon-website && [ -f docker-compose.server.yml ] && mv docker-compose.server.yml docker-compose.yml; chmod +x scripts/deploy-production.sh && ./scripts/deploy-production.sh"
|
|
- echo "Production deployment completed"
|
|
volumes:
|
|
- /tmp/npm-cache:/root/.npm
|
|
- /tmp/node-modules-cache:/woodpecker/src/node_modules
|
|
when:
|
|
event:
|
|
- push
|
|
branch:
|
|
- release
|
|
- release/**
|
|
|
|
archive-to-main:
|
|
image: alpine/git:latest
|
|
environment:
|
|
SSH_PRIVATE_KEY:
|
|
from_secret: ssh_private_key
|
|
depends_on:
|
|
- build-and-deploy
|
|
commands:
|
|
- echo "Archiving to main branch"
|
|
- mkdir -p ~/.ssh
|
|
- echo "$SSH_PRIVATE_KEY" > ~/.ssh/id_rsa
|
|
- chmod 600 ~/.ssh/id_rsa
|
|
- ssh-keyscan -H git.f.novalon.cn >> ~/.ssh/known_hosts
|
|
- git config --global user.email "ci@novalon.cn"
|
|
- git config --global user.name "Woodpecker CI"
|
|
- git remote set-url origin git@git.f.novalon.cn:novalon/novalon-website.git
|
|
- git fetch origin
|
|
- CURRENT_BRANCH="${CI_COMMIT_BRANCH}"
|
|
- echo "Current branch is $CURRENT_BRANCH"
|
|
- git checkout main
|
|
- git pull origin main
|
|
- 'git merge "$CURRENT_BRANCH" --no-ff -m "archive $CURRENT_BRANCH"'
|
|
- VERSION_TAG="v$(date +%Y.%m.%d)-${CI_COMMIT_SHA:0:7}"
|
|
- 'git tag -a "$VERSION_TAG" -m "Release from $CURRENT_BRANCH"'
|
|
- git push origin main && git push origin --tags
|
|
- echo "Archive succeeded with version $VERSION_TAG"
|
|
when:
|
|
event:
|
|
- push
|
|
branch:
|
|
- release
|
|
- release/**
|
|
|
|
notify-wechat-success:
|
|
image: curlimages/curl:latest
|
|
environment:
|
|
WECHAT_WEBHOOK:
|
|
from_secret: wechat_webhook
|
|
depends_on:
|
|
- archive-to-main
|
|
commands:
|
|
- sh scripts/notify-wechat.sh success
|
|
when:
|
|
event:
|
|
- push
|
|
branch:
|
|
- release
|
|
- release/**
|
|
|
|
notify-wechat-failure:
|
|
image: curlimages/curl:latest
|
|
environment:
|
|
WECHAT_WEBHOOK:
|
|
from_secret: wechat_webhook
|
|
depends_on:
|
|
- build-and-deploy
|
|
commands:
|
|
- sh scripts/notify-wechat.sh failure
|
|
when:
|
|
event:
|
|
- push
|
|
branch:
|
|
- release
|
|
- release/**
|
|
|
|
workspace:
|
|
base: /woodpecker
|
|
path: src
|
|
|
|
clone:
|
|
git:
|
|
image: woodpeckerci/plugin-git
|
|
settings:
|
|
depth: 1
|
|
partial: false
|
|
lfs: false
|