iye
cfd44403cb
All checks were successful
Build and Deploy / build-and-deploy (push) Successful in 6m17s
线上 https://cyberstar.airlabs.art 立绘 + 视频全部缺失, 因为部署镜像里 NEXT_PUBLIC_TOS_DOMAIN 是空字符串, 触发 tosUrl() fallback 走相对路径 (/portraits/001.webp 等), 而 public/portraits 已经 .gitignore 不入镜像 → 全 404。 根因: Next.js 把 NEXT_PUBLIC_* 编译进 client bundle, 必须 build 时注入, 运行时通过 envFrom secret 注入无效。 修复: - Dockerfile builder 阶段加 ARG NEXT_PUBLIC_TOS_DOMAIN + ENV, 在 next build 前生效 - .gitea/workflows/deploy.yaml docker build 步骤加 --build-arg NEXT_PUBLIC_TOS_DOMAIN=... 推送后 CI 自动重建镜像, 部署后 HTML 里 src 会变成完整 TOS URL。 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
178 lines
7.2 KiB
YAML
178 lines
7.2 KiB
YAML
name: Build and Deploy
|
||
|
||
on:
|
||
push:
|
||
branches:
|
||
- main
|
||
- airlabs
|
||
|
||
jobs:
|
||
build-and-deploy:
|
||
runs-on: ubuntu-latest
|
||
steps:
|
||
- name: Checkout
|
||
run: |
|
||
git clone --depth=1 --branch=${{ github.ref_name }} https://gitea.airlabs.art/${{ github.repository }}.git .
|
||
|
||
- name: Set environment by branch
|
||
run: |
|
||
SHORT_SHA=$(echo "${{ github.sha }}" | cut -c1-7)
|
||
BUILD_DATE=$(date +%Y%m%d)
|
||
|
||
echo "IMAGE_TAG=internal-${BUILD_DATE}-${SHORT_SHA}" >> $GITHUB_ENV
|
||
echo "CR_SERVER_ACTIVE=${{ secrets.CR_SERVER }}" >> $GITHUB_ENV
|
||
echo "CR_USERNAME_ACTIVE=${{ secrets.CR_USERNAME }}" >> $GITHUB_ENV
|
||
echo "CR_PASSWORD_ACTIVE=${{ secrets.CR_PASSWORD }}" >> $GITHUB_ENV
|
||
echo "CR_ORG=internal" >> $GITHUB_ENV
|
||
echo "DEPLOY_ENV=internal" >> $GITHUB_ENV
|
||
echo "DOMAIN_WEB=cyberstar.airlabs.art" >> $GITHUB_ENV
|
||
|
||
- name: Login to Volcano Engine CR
|
||
run: |
|
||
echo "${{ env.CR_PASSWORD_ACTIVE }}" | docker login --username "${{ env.CR_USERNAME_ACTIVE }}" --password-stdin ${{ env.CR_SERVER_ACTIVE }}
|
||
|
||
- name: Build and Push Web
|
||
id: build_web
|
||
run: |
|
||
set -o pipefail
|
||
for attempt in 1 2 3; do
|
||
echo "Build web attempt $attempt/3..."
|
||
DOCKER_BUILDKIT=0 docker build \
|
||
--build-arg NEXT_PUBLIC_TOS_DOMAIN=https://cyber-star.tos-cn-shanghai.volces.com \
|
||
--tag ${{ env.CR_SERVER_ACTIVE }}/${{ env.CR_ORG }}/cyberstar-web:${{ env.IMAGE_TAG }} \
|
||
--tag ${{ env.CR_SERVER_ACTIVE }}/${{ env.CR_ORG }}/cyberstar-web:latest \
|
||
. 2>&1 | tee /tmp/build.log && break
|
||
echo "Attempt $attempt failed, retrying in 10s..." && sleep 10
|
||
done
|
||
for attempt in 1 2 3; do
|
||
docker push ${{ env.CR_SERVER_ACTIVE }}/${{ env.CR_ORG }}/cyberstar-web:${{ env.IMAGE_TAG }} && \
|
||
docker push ${{ env.CR_SERVER_ACTIVE }}/${{ env.CR_ORG }}/cyberstar-web:latest && break
|
||
echo "Push attempt $attempt failed, retrying in 10s..." && sleep 10
|
||
done
|
||
|
||
- name: Setup Kubectl
|
||
run: |
|
||
if ! command -v kubectl &>/dev/null; then
|
||
for attempt in 1 2 3; do
|
||
curl -LO "https://files.m.daocloud.io/dl.k8s.io/release/v1.28.0/bin/linux/amd64/kubectl" && break
|
||
echo "Download attempt $attempt failed, retrying in 5s..." && sleep 5
|
||
done
|
||
chmod +x kubectl && mv kubectl /usr/bin/kubectl
|
||
fi
|
||
kubectl version --client
|
||
|
||
- name: Set kubeconfig
|
||
run: |
|
||
mkdir -p $HOME/.kube
|
||
printf '%s\n' '${{ secrets.VOLCANO_INTERNAL_KUBE_CONFIG }}' > $HOME/.kube/config
|
||
chmod 600 $HOME/.kube/config
|
||
echo "kubeconfig lines: $(wc -l < $HOME/.kube/config)"
|
||
grep server $HOME/.kube/config || echo "WARNING: no server found in kubeconfig"
|
||
|
||
- name: Deploy to K3s
|
||
id: deploy
|
||
run: |
|
||
echo "Environment: ${{ env.DEPLOY_ENV }}"
|
||
CR_IMAGE="${{ env.CR_SERVER_ACTIVE }}/${{ env.CR_ORG }}"
|
||
|
||
# Replace image placeholder
|
||
sed -i "s|\${CI_REGISTRY_IMAGE}/cyberstar-web:latest|${CR_IMAGE}/cyberstar-web:${{ env.IMAGE_TAG }}|g" k8s/web-deployment.yaml
|
||
|
||
# Replace domain placeholder in ingress
|
||
sed -i "s|cyberstar.airlabs.art|${{ env.DOMAIN_WEB }}|g" k8s/ingress.yaml
|
||
|
||
# Replace AUTH_URL in deployment
|
||
sed -i "s|https://cyberstar.airlabs.art|https://${{ env.DOMAIN_WEB }}|g" k8s/web-deployment.yaml
|
||
|
||
for attempt in 1 2 3; do
|
||
echo "Deploy attempt $attempt/3..."
|
||
{
|
||
# 1) 镜像拉取凭证
|
||
kubectl create secret docker-registry cr-pull-secret \
|
||
--docker-server="${{ env.CR_SERVER_ACTIVE }}" \
|
||
--docker-username="${{ env.CR_USERNAME_ACTIVE }}" \
|
||
--docker-password="${{ env.CR_PASSWORD_ACTIVE }}" \
|
||
--dry-run=client -o yaml | kubectl apply -f -
|
||
|
||
# 2) 应用运行时 Secret(数据库连接串:火山 RDS 内网地址)
|
||
kubectl create secret generic cyberstar-env \
|
||
--from-literal=DATABASE_URL='mysql://zyc:Zyc188208@mysql8351f937d637.rds.ivolces.com:3306/cyberstar?charset=utf8mb4' \
|
||
--dry-run=client -o yaml | kubectl apply -f -
|
||
|
||
# 3) Apply manifests
|
||
kubectl apply -f k8s/web-deployment.yaml
|
||
kubectl apply -f k8s/ingress.yaml
|
||
|
||
kubectl rollout restart deployment/cyberstar-web
|
||
} 2>&1 | tee /tmp/deploy.log && break
|
||
echo "Attempt $attempt failed, retrying in 10s..."
|
||
sleep 10
|
||
done
|
||
|
||
- name: Report failure to Log Center
|
||
if: failure()
|
||
run: |
|
||
BUILD_LOG=""
|
||
DEPLOY_LOG=""
|
||
FAILED_STEP="unknown"
|
||
|
||
if [[ "${{ steps.build_web.outcome }}" == "failure" ]]; then
|
||
FAILED_STEP="build"
|
||
if [ -f /tmp/build.log ]; then
|
||
BUILD_LOG=$(tail -50 /tmp/build.log | sed 's/"/\\"/g' | sed ':a;N;$!ba;s/\n/\\n/g')
|
||
fi
|
||
elif [[ "${{ steps.deploy.outcome }}" == "failure" ]]; then
|
||
FAILED_STEP="deploy"
|
||
if [ -f /tmp/deploy.log ]; then
|
||
DEPLOY_LOG=$(tail -50 /tmp/deploy.log | sed 's/"/\\"/g' | sed ':a;N;$!ba;s/\n/\\n/g')
|
||
fi
|
||
fi
|
||
|
||
ERROR_LOG="${BUILD_LOG}${DEPLOY_LOG}"
|
||
if [ -z "$ERROR_LOG" ]; then
|
||
ERROR_LOG="No captured output. Check Gitea Actions UI for details."
|
||
fi
|
||
|
||
if [[ "$FAILED_STEP" == "deploy" ]]; then
|
||
SOURCE="deployment"
|
||
ERROR_TYPE="DeployError"
|
||
else
|
||
SOURCE="cicd"
|
||
ERROR_TYPE="DockerBuildError"
|
||
fi
|
||
|
||
curl -s -X POST "https://qiyuan-log-center-api.airlabs.art/api/v1/logs/report" \
|
||
-H "Content-Type: application/json" \
|
||
-d "{
|
||
\"project_id\": \"cyberstar\",
|
||
\"environment\": \"${{ env.DEPLOY_ENV }}\",
|
||
\"level\": \"ERROR\",
|
||
\"source\": \"${SOURCE}\",
|
||
\"commit_hash\": \"${{ github.sha }}\",
|
||
\"repo_url\": \"https://gitea.airlabs.art/${{ github.repository }}.git\",
|
||
\"error\": {
|
||
\"type\": \"${ERROR_TYPE}\",
|
||
\"message\": \"[${FAILED_STEP}] Build and Deploy failed on branch ${{ github.ref_name }}\",
|
||
\"stack_trace\": [\"${ERROR_LOG}\"]
|
||
},
|
||
\"context\": {
|
||
\"job_name\": \"build-and-deploy\",
|
||
\"step_name\": \"${FAILED_STEP}\",
|
||
\"workflow\": \"${{ github.workflow }}\",
|
||
\"run_id\": \"${{ github.run_number }}\",
|
||
\"branch\": \"${{ github.ref_name }}\",
|
||
\"actor\": \"${{ github.actor }}\",
|
||
\"commit\": \"${{ github.sha }}\",
|
||
\"run_url\": \"https://gitea.airlabs.art/${{ github.repository }}/actions/runs/${{ github.run_number }}\"
|
||
}
|
||
}" || true
|
||
|
||
- name: Docker Cleanup
|
||
if: always()
|
||
run: |
|
||
docker container prune -f
|
||
docker image prune -f
|
||
docker builder prune -a -f
|
||
echo "Disk usage after cleanup:"
|
||
df -h / | tail -1
|