wechat-bot/.github/workflows/deploy-docker.yml at main · iamobj/wechat-bot · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
name: build docker image and deploy

on:
  push:
    # 以下路径/文件才会触发，关于路径条件官方文档https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#onpushpull_requestpaths
    paths:
      - '.github/**'
      - 'src/**'
      - 'base.Dockerfile'
      - 'Dockerfile'
      - '.dockerignore'

jobs:
  deploy:
    runs-on: ubuntu-latest
    env:
      # docker 私库地址
      DOCKER_REGISTRY_URL: registry.cn-shenzhen.aliyuncs.com
      # 容器名称
      CONTAINER_NAME: wechat-bot
      # docker run 命令的部分参数 远程服务器run已经写了 name 参数和镜像
      DOCKER_RUN_PARAMS: -p 4300:4300 --restart=always -e DATABASE_NAME=${{secrets.DATABASE_NAME}} -e DATABASE_USER_NAME=${{secrets.DATABASE_USER_NAME}} -e DATABASE_USER_PASSWORD=${{secrets.DATABASE_USER_PASSWORD}} -e DATABASE_HOST=${{secrets.DATABASE_HOST}} -e DATABASE_PORT=${{secrets.DATABASE_PORT}}

    steps:
      - name: 检出代码到本地
        uses: actions/checkout@v2

      # 使用 QEMU 模拟器 Buildx 构建跨平台的镜像
      - name: 安装 QEMU
        uses: docker/setup-qemu-action@v1

      - name: 安装 Docker Buildx
        uses: docker/setup-buildx-action@v1

      - name: 登录 docker 镜像私库
        uses: docker/login-action@v1
        with:
          registry: ${{env.DOCKER_REGISTRY_URL}}
          username: ${{secrets.DOCKER_USERNAME}}
          password: ${{secrets.DOCKER_PASSWORD}}

      - name: 获取改变文件
        id: changedFiles
        uses: jitterbit/get-changed-files@v1

      - name: 构建基础镜像并推送
        # base.Dockerfile、package.json 有变化时才构建
        if: contains(steps.changedFiles.outputs.all, 'base.Dockerfile') || contains(steps.changedFiles.outputs.all, 'package.json')
        uses: docker/build-push-action@v2
        with:
          platforms: linux/amd64,linux/arm64
          tags: ${{env.DOCKER_REGISTRY_URL}}/iamc/${{env.CONTAINER_NAME}}:base
          context: .
          file: ./base.Dockerfile
          push: true

      - name: 拉取基础镜像到本地
        run: docker pull ${{env.DOCKER_REGISTRY_URL}}/iamc/${{env.CONTAINER_NAME}}:base

      - name: 动态设置环境变量
        run: |
          fullCommit="${{github.sha}}"
          # 定义变量 以 commit id前7位做版本标识（因为github commit 页面只展示前7位，这里一样方便搜索）
          IMAGE_TAG="${DOCKER_REGISTRY_URL}/iamc/${CONTAINER_NAME}:${fullCommit:0:7}"
          echo $IMAGE_TAG
          # 写入 IMAGE_TAG 到 GITHUB_ENV 环境文件，变成环境变量，后面的流程可以使用 命令语法 https://docs.github.com/cn/actions/reference/workflow-commands-for-github-actions#setting-an-environment-variable
          echo "IMAGE_TAG=$IMAGE_TAG" >> $GITHUB_ENV

      - name: 构建并推送
        uses: docker/build-push-action@v2
        with:
          platforms: linux/amd64,linux/arm64
          tags: ${{env.IMAGE_TAG}}
          push: true

      - name: 通知服务器更新部署
        uses: appleboy/ssh-action@master
        with:
          host: ${{secrets.SERVICE_HOSTS}}
          username: ${{secrets.SERVICE_USERNAME}}
          key: ${{secrets.SERVICE_PRIVATE_KEY}}
          script: |
            wget -N --no-check-certificate "http://assets.e8q.cn/sh/update-docker-deploy.sh"
            chmod +x update-docker-deploy.sh
            ./update-docker-deploy.sh -R ${{env.DOCKER_REGISTRY_URL}} -U ${{secrets.DOCKER_USERNAME}} -P ${{secrets.DOCKER_PASSWORD}} -T ${{env.IMAGE_TAG}} -N "${{env.CONTAINER_NAME}}" -A "${{env.DOCKER_RUN_PARAMS}}"