From ffbd7cf0169cc750e8c9138ee3fed694efe3d18e Mon Sep 17 00:00:00 2001 From: zyc <1439655764@qq.com> Date: Sat, 4 Apr 2026 13:52:43 +0800 Subject: [PATCH] =?UTF-8?q?add=20prod=20=E9=95=9C=E5=83=8F=E4=BB=93?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .gitea/workflows/deploy.yaml | 33 +++++++++++++++++++++++---------- k8s/backend-deployment.yaml | 2 ++ k8s/celery-deployment.yaml | 2 +- k8s/web-deployment.yaml | 2 ++ 4 files changed, 28 insertions(+), 11 deletions(-) diff --git a/.gitea/workflows/deploy.yaml b/.gitea/workflows/deploy.yaml index aec00f2..c0fd025 100644 --- a/.gitea/workflows/deploy.yaml +++ b/.gitea/workflows/deploy.yaml @@ -21,6 +21,9 @@ jobs: if [[ "${{ github.ref_name }}" == "master" ]]; then echo "IMAGE_TAG=prod-${BUILD_DATE}-${SHORT_SHA}" >> $GITHUB_ENV + echo "CR_SERVER_ACTIVE=gitea-prod-cn-shanghai.cr.volces.com" >> $GITHUB_ENV + echo "CR_USERNAME_ACTIVE=seaislee@76339115" >> $GITHUB_ENV + echo "CR_PASSWORD_ACTIVE=${{ secrets.CR_PROD_PASSWORD }}" >> $GITHUB_ENV echo "CR_ORG=prod" >> $GITHUB_ENV echo "DEPLOY_ENV=production" >> $GITHUB_ENV echo "DOMAIN_API=airflow-studio-api.airlabs.art" >> $GITHUB_ENV @@ -28,6 +31,9 @@ jobs: echo "REDIS_URL=redis://zyc:Zyc188208@redis-shzlf5t46gjvow7ua.redis.ivolces.com:6379/0" >> $GITHUB_ENV elif [[ "${{ github.ref_name }}" == "dev" ]]; then echo "IMAGE_TAG=dev-${BUILD_DATE}-${SHORT_SHA}" >> $GITHUB_ENV + echo "CR_SERVER_ACTIVE=${{ secrets.CR_SERVER }}" >> $GITHUB_ENV + echo "CR_USERNAME_ACTIVE=${{ secrets.CR_USERNAME }}" >> $GITHUB_ENV + echo "CR_PASSWORD_ACTIVE=${{ secrets.CR_PASSWORD }}" >> $GITHUB_ENV echo "CR_ORG=dev" >> $GITHUB_ENV echo "DEPLOY_ENV=development" >> $GITHUB_ENV echo "DOMAIN_API=airflow-studio-api.test.airlabs.art" >> $GITHUB_ENV @@ -37,29 +43,29 @@ jobs: - name: Login to Volcano Engine CR run: | - echo "${{ secrets.CR_PASSWORD }}" | docker login --username "${{ secrets.CR_USERNAME }}" --password-stdin ${{ secrets.CR_SERVER }} + echo "${{ env.CR_PASSWORD_ACTIVE }}" | docker login --username "${{ env.CR_USERNAME_ACTIVE }}" --password-stdin ${{ env.CR_SERVER_ACTIVE }} - name: Build and Push Backend id: build_backend run: | set -o pipefail DOCKER_BUILDKIT=0 docker build \ - --tag ${{ secrets.CR_SERVER }}/${{ env.CR_ORG }}/video-backend:${{ env.IMAGE_TAG }} \ - --tag ${{ secrets.CR_SERVER }}/${{ env.CR_ORG }}/video-backend:latest \ + --tag ${{ env.CR_SERVER_ACTIVE }}/${{ env.CR_ORG }}/video-backend:${{ env.IMAGE_TAG }} \ + --tag ${{ env.CR_SERVER_ACTIVE }}/${{ env.CR_ORG }}/video-backend:latest \ ./backend 2>&1 | tee /tmp/build.log - docker push ${{ secrets.CR_SERVER }}/${{ env.CR_ORG }}/video-backend:${{ env.IMAGE_TAG }} - docker push ${{ secrets.CR_SERVER }}/${{ env.CR_ORG }}/video-backend:latest + docker push ${{ env.CR_SERVER_ACTIVE }}/${{ env.CR_ORG }}/video-backend:${{ env.IMAGE_TAG }} + docker push ${{ env.CR_SERVER_ACTIVE }}/${{ env.CR_ORG }}/video-backend:latest - name: Build and Push Web id: build_web run: | set -o pipefail DOCKER_BUILDKIT=0 docker build \ - --tag ${{ secrets.CR_SERVER }}/${{ env.CR_ORG }}/video-web:${{ env.IMAGE_TAG }} \ - --tag ${{ secrets.CR_SERVER }}/${{ env.CR_ORG }}/video-web:latest \ + --tag ${{ env.CR_SERVER_ACTIVE }}/${{ env.CR_ORG }}/video-web:${{ env.IMAGE_TAG }} \ + --tag ${{ env.CR_SERVER_ACTIVE }}/${{ env.CR_ORG }}/video-web:latest \ ./web 2>&1 | tee -a /tmp/build.log - docker push ${{ secrets.CR_SERVER }}/${{ env.CR_ORG }}/video-web:${{ env.IMAGE_TAG }} - docker push ${{ secrets.CR_SERVER }}/${{ env.CR_ORG }}/video-web:latest + docker push ${{ env.CR_SERVER_ACTIVE }}/${{ env.CR_ORG }}/video-web:${{ env.IMAGE_TAG }} + docker push ${{ env.CR_SERVER_ACTIVE }}/${{ env.CR_ORG }}/video-web:latest - name: Setup Kubectl run: kubectl version --client @@ -78,7 +84,7 @@ jobs: id: deploy run: | echo "Environment: ${{ env.DEPLOY_ENV }}" - CR_IMAGE="${{ secrets.CR_SERVER }}/${{ env.CR_ORG }}" + CR_IMAGE="${{ env.CR_SERVER_ACTIVE }}/${{ env.CR_ORG }}" # Replace image placeholders sed -i "s|\${CI_REGISTRY_IMAGE}/video-backend:latest|${CR_IMAGE}/video-backend:${{ env.IMAGE_TAG }}|g" k8s/backend-deployment.yaml @@ -102,6 +108,13 @@ jobs: sed -i "s|redis://zyc:Zyc188208@redis-shzlsczo52dft8mia.redis.ivolces.com:6379/0|${{ env.REDIS_URL }}|g" k8s/backend-deployment.yaml sed -i "s|redis://zyc:Zyc188208@redis-shzlsczo52dft8mia.redis.ivolces.com:6379/0|${{ env.REDIS_URL }}|g" k8s/celery-deployment.yaml + # Create/update image pull secret for CR + kubectl create secret docker-registry cr-pull-secret \ + --docker-server="${{ env.CR_SERVER_ACTIVE }}" \ + --docker-username="${{ env.CR_USERNAME_ACTIVE }}" \ + --docker-password="${{ env.CR_PASSWORD_ACTIVE }}" \ + --dry-run=client -o yaml | kubectl apply -f - + # Create/update secrets (业务密钥,DB 已写在 yaml 里) kubectl create secret generic video-backend-secrets \ --from-literal=ARK_API_KEY='${{ secrets.ARK_API_KEY }}' \ diff --git a/k8s/backend-deployment.yaml b/k8s/backend-deployment.yaml index 2e64eba..f3b8227 100644 --- a/k8s/backend-deployment.yaml +++ b/k8s/backend-deployment.yaml @@ -14,6 +14,8 @@ spec: labels: app: video-backend spec: + imagePullSecrets: + - name: cr-pull-secret containers: - name: video-backend image: ${CI_REGISTRY_IMAGE}/video-backend:latest diff --git a/k8s/celery-deployment.yaml b/k8s/celery-deployment.yaml index d3a593b..ee672a9 100644 --- a/k8s/celery-deployment.yaml +++ b/k8s/celery-deployment.yaml @@ -15,7 +15,7 @@ spec: app: celery-worker spec: imagePullSecrets: - - name: swr-secret + - name: cr-pull-secret containers: - name: celery-worker image: ${CI_REGISTRY_IMAGE}/video-backend:latest diff --git a/k8s/web-deployment.yaml b/k8s/web-deployment.yaml index 121435b..9ca6dde 100644 --- a/k8s/web-deployment.yaml +++ b/k8s/web-deployment.yaml @@ -14,6 +14,8 @@ spec: labels: app: video-web spec: + imagePullSecrets: + - name: cr-pull-secret containers: - name: video-web image: ${CI_REGISTRY_IMAGE}/video-web:latest