From 94f31ad6991dd0f61932b880850ddd09546982bf Mon Sep 17 00:00:00 2001 From: pmc <740076875@qq.com> Date: Mon, 18 May 2026 14:36:48 +0800 Subject: [PATCH] =?UTF-8?q?chore(infra):=20k8s=20yaml=20=E4=B8=8E=20deploy?= =?UTF-8?q?.yaml=20sed=20=E6=BA=90=E4=B8=B2=E5=90=8C=E6=AD=A5=E4=B8=BA?= =?UTF-8?q?=E7=81=AB=E5=B1=B1=20Redis?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - k8s/backend-deployment-prod.yaml L44/L46 字面值直接写火山 URL+密码 - deploy.yaml L131/L132 sed 源串同步更新(功能变为同值替换,保留 sed 以备 env 差异化注入) - 静态读 yaml 即真实部署状态,消除 yaml 与线上不一致的认知陷阱 - 代价:未来再切 Redis 需同步改 4 处;详见 qy_lty/docs/修改记录.md 2026-05-18 第三条 Co-Authored-By: Claude Opus 4.7 --- .gitea/workflows/deploy.yaml | 6 +++--- k8s/backend-deployment-prod.yaml | 6 +++--- qy_lty/docs/修改记录.md | 21 +++++++++++++++++++++ 3 files changed, 27 insertions(+), 6 deletions(-) diff --git a/.gitea/workflows/deploy.yaml b/.gitea/workflows/deploy.yaml index 123eb03..e2a71c5 100644 --- a/.gitea/workflows/deploy.yaml +++ b/.gitea/workflows/deploy.yaml @@ -127,9 +127,9 @@ jobs: # Replace DB host by environment sed -i "s|pgm-7xv4811oj11j86htzo.pg.rds.aliyuncs.com|${{ env.DB_HOST }}|g" k8s/backend-deployment-prod.yaml - # Replace Redis by environment - sed -i "s|redis://r-7xvat0vez5clwbzk5vpd.redis.rds.aliyuncs.com:6379/0|${{ env.REDIS_LOCATION }}|g" k8s/backend-deployment-prod.yaml - sed -i "s|vAhRnAA6VMco|${{ env.REDIS_PASSWORD }}|g" k8s/backend-deployment-prod.yaml + # Replace Redis by environment(sed 源串需与 k8s yaml 中 REDIS_LOCATION/PASSWORD 的字面值一致) + sed -i "s|redis://zyc:Zyc188208@redis-shzlsczo52dft8mia.redis.volces.com:6379/3|${{ env.REDIS_LOCATION }}|g" k8s/backend-deployment-prod.yaml + sed -i "s|Zyc188208|${{ env.REDIS_PASSWORD }}|g" k8s/backend-deployment-prod.yaml # All kubectl operations with retry for attempt in 1 2 3; do diff --git a/k8s/backend-deployment-prod.yaml b/k8s/backend-deployment-prod.yaml index 18aeef9..753c356 100644 --- a/k8s/backend-deployment-prod.yaml +++ b/k8s/backend-deployment-prod.yaml @@ -39,11 +39,11 @@ spec: - name: POSTGRESQL_DATABASE_PORT value: "5432" - # Redis + # Redis(火山引擎;CI 部署时 deploy.yaml 的 sed 会再次替换为 env 值,源串需同步) - name: REDIS_LOCATION - value: "redis://r-7xvat0vez5clwbzk5vpd.redis.rds.aliyuncs.com:6379/0" + value: "redis://zyc:Zyc188208@redis-shzlsczo52dft8mia.redis.volces.com:6379/3" - name: REDIS_PASSWORD - value: "vAhRnAA6VMco" + value: "Zyc188208" # Aliyun SMS - name: ALIYUN_SMS_ACCESS_KEY_ID diff --git a/qy_lty/docs/修改记录.md b/qy_lty/docs/修改记录.md index 05ce1c0..afb818d 100644 --- a/qy_lty/docs/修改记录.md +++ b/qy_lty/docs/修改记录.md @@ -23,6 +23,27 @@ +### [2026-05-18] k8s yaml 与 deploy.yaml sed 源串同步为火山 Redis(消除"yaml 与实际部署不一致") + +承接同日 CI deploy.yaml 切换条目,原 k8s/backend-deployment-prod.yaml 里 REDIS_LOCATION/REDIS_PASSWORD 仍是阿里云旧值(作为 sed 的"被替换源占位"),导致直接读 yaml 容易误以为线上跑的是阿里云。本次把 k8s yaml 字面值与 deploy.yaml sed 源串**同步**切到火山,使 yaml 静态读起来即真实部署状态。 + +- **文件路径**: + - `k8s/backend-deployment-prod.yaml`(**修改** — L44 REDIS_LOCATION 改火山完整 URL;L46 REDIS_PASSWORD 改 `Zyc188208`;注释补充提示) + - `.gitea/workflows/deploy.yaml`(**修改** — L131 sed 源串改火山 URL;L132 sed 源串改 `Zyc188208`,与 k8s yaml 字面值保持一致才能被 sed 匹配) +- **修改类型**: 配置同步 +- **修改内容**: + 1. k8s yaml 直接以火山 URL/密码为字面值 + 2. deploy.yaml sed 源串同步更新;功能上 sed 变为"同值替换"(无副作用),但保留 sed 行以便未来仍可通过 env 注入差异化值 +- **修改原因**: + - 静态读 yaml 与运行时实际部署不一致,是排障与代码审查时的常见坑 + - 用户明确选择"最直观"路径(牺牲未来切 Redis 的同步成本,换日常可读性) +- **代价**: + - 未来再切 Redis 时需同步改 **4 处**:k8s yaml ×2、deploy.yaml env ×4 (prod+dev 各 2 行)、deploy.yaml sed 源串 ×2 + - 火山 Redis 密码 `Zyc188208` 现在在 git 里出现 3 个位置(k8s yaml、deploy.yaml env、deploy.yaml sed 源),泄密面扩大但本质同旧条目(已与用户确认接受) +- **验证**: 待下次 CI 触发后线上 pod 启动日志 `Cache Status: OK` + +--- + ### [2026-05-18] CI/CD deploy.yaml Redis 同步切换为火山实例 承接同日上一条 [.env / settings.py Redis 切换](#2026-05-18-redis-切换为火山引擎实例--修复-channel_layers-不支持-acl-username) 完成线下 dev 环境后,需要让 CI 部署到 k3s 时也用同一套火山 Redis,否则 dev/prod 部署到线上后仍连旧阿里云实例(10054)。