tone/tonePage
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
375d12ab0f38e0930582c24d1283308e5af5dd90
tonePage/.gitea/workflows/deploy.yml
tone 83bdc924b9
Some checks failed
Deploy to K3s / deploy (push) Failing after 1m49s
Details
chore: 添加数据库迁移
2025-12-27 14:11:23 +08:00

130 lines
4.7 KiB
YAML
Raw Blame History

# .gitea/workflows/deploy.yml
name: Deploy to K3s
on:
push:
branches:
- master
jobs:
deploy:
runs-on: ubuntu-latest
container:
image: localhost:5000/tiny-ci-runner:latest
env:
IMAGE_TAG: ${{ github.sha }}
KUBECONFIG: /tmp/.kube/config
NODE_ENV: production
steps:
- name: Write kubeconfig
run: |
mkdir -p /tmp/.kube
cat << 'EOF' > /tmp/.kube/config
${{ secrets.KUBECONFIG_DATA }}
EOF
chmod 600 /tmp/.kube/config
- name: Verify Kubernetes access
run: |
kubectl cluster-info
kubectl get nodes
- name: Checkout code
run: |
git clone --depth=1 --branch master \
https://git.tonesc.cn/tone/tonePage.git \
/workspace/tone/tonePage
cd /workspace/tone/tonePage
git log -1 --oneline
- name: Build and push backend image
run: |
cd /workspace/tone/tonePage/apps/backend
docker build -t localhost:5000/backend:${IMAGE_TAG} .
docker push localhost:5000/backend:${IMAGE_TAG}
- name: Build and push frontend image
run: |
cd /workspace/tone/tonePage/apps/frontend
docker build \
--build-arg API_BASE="http://backend-service:3001" \
-t localhost:5000/frontend:${IMAGE_TAG} .
docker push localhost:5000/frontend:${IMAGE_TAG}
- name: Run database migrations with temporary container
run: |
echo "Running database migrations using backend image: localhost:5000/backend:${IMAGE_TAG}"
echo "Waiting for PostgreSQL service to be ready..."
kubectl wait --for=condition=ready pod -l app=postgres --timeout=30s
# 获取密码等敏感信息
DB_PASSWORD=$(kubectl get secret backend-secret -o jsonpath='{.data.DATABASE_PASSWORD}' | base64 -d)
ALIYUN_ACCESS_KEY_ID=$(kubectl get secret backend-secret -o jsonpath='{.data.ALIYUN_ACCESS_KEY_ID}' | base64 -d)
ALIYUN_ACCESS_KEY_SECRET=$(kubectl get secret backend-secret -o jsonpath='{.data.ALIYUN_ACCESS_KEY_SECRET}' | base64 -d)
ALIYUN_OSS_STS_ROLE_ARN=$(kubectl get secret backend-secret -o jsonpath='{.data.ALIYUN_OSS_STS_ROLE_ARN}' | base64 -d)
JWT_SECRET=$(kubectl get secret backend-secret -o jsonpath='{.data.JWT_SECRET}' | base64 -d)
WEBAUTHN_RP_ID=$(kubectl get secret backend-secret -o jsonpath='{.data.WEBAUTHN_RP_ID}' | base64 -d)
WEBAUTHN_ORIGIN=$(kubectl get secret backend-secret -o jsonpath='{.data.WEBAUTHN_ORIGIN}' | base64 -d)
WEBAUTHN_RP_NAME=$(kubectl get secret backend-secret -o jsonpath='{.data.WEBAUTHN_RP_NAME}' | base64 -d)
# 检查是否成功获取了密码
if [ -z "$DB_PASSWORD" ]; then
echo "Error: Could not retrieve DATABASE_PASSWORD from backend-secret."
exit 1
fi
docker run --rm \
-e NODE_ENV=production \
-e DATABASE_HOST=postgres-service \
-e DATABASE_PORT=5432 \
-e DATABASE_NAME=tone_page \
-e DATABASE_USERNAME=tone_page \
-e DATABASE_PASSWORD="$DB_PASSWORD" \
-e JWT_SECRET="$JWT_SECRET" \
-e JWT_EXPIRES_IN=1d \
-e ALIYUN_ACCESS_KEY_ID="$ALIYUN_ACCESS_KEY_ID" \
-e ALIYUN_ACCESS_KEY_SECRET="$ALIYUN_ACCESS_KEY_SECRET" \
-e ALIYUN_OSS_STS_ROLE_ARN="$ALIYUN_OSS_STS_ROLE_ARN" \
-e WEBAUTHN_RP_ID="$WEBAUTHN_RP_ID" \
-e WEBAUTHN_ORIGIN="$WEBAUTHN_ORIGIN" \
-e WEBAUTHN_RP_NAME="$WEBAUTHN_RP_NAME" \
localhost:5000/backend:${IMAGE_TAG} \
pnpm run migration:run
# 检查上一步命令是否成功
if [ $? -ne 0 ]; then
echo "Database migration failed!"
exit 1
fi
echo "Database migrations completed successfully."
- name: Deploy to K3s
run: |
cd /workspace/tone/tonePage/apps/deploy
# 基础资源
kubectl apply -f postgres-deployment.yaml
kubectl apply -f backend-deployment.yaml
kubectl apply -f frontend-deployment.yaml
# 更新镜像(触发滚动更新)
kubectl set image deployment/backend \
backend=localhost:5000/backend:${IMAGE_TAG}
kubectl set image deployment/frontend \
frontend=localhost:5000/frontend:${IMAGE_TAG}
# 等待滚动完成
kubectl rollout status deployment/backend --timeout=120s
kubectl rollout status deployment/frontend --timeout=120s
- name: Post-deploy sanity check
run: |
kubectl get pods
kubectl get svc
Reference in New Issue View Git Blame Copy Permalink