topuser
/
nuxt4-demo
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

fix(drone): update deployment configuration for SSH handling and branch trigger 

- Disabled the cloning step to optimize the deployment process.
- Changed the trigger branch from 'deploy-branch' to 'deploy' for better alignment with deployment strategy.
- Refined environment variables to focus on SSH key management, enhancing security during deployment.
- Updated commands to set up SSH configuration, improving connection reliability.

These changes streamline the deployment workflow and enhance security measures in the CI/CD pipeline.
main
npmrun 1 week ago
parent
ecf81e87be
commit
f2f767da78
7 changed files with 152 additions and 63 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 1
      .gitignore
  2. 46
      build-files/.drone.prod.yml
  3. 23
      build-files/.drone.yml
  4. 2
      package.json
  5. 17
      scripts/deploy-gitea.sh
  6. 50
      scripts/deploy-gitee.sh

1
.gitignore
View File

@ -6,6 +6,7 @@
.cache .cache
dist dist
.tmp_dist .tmp_dist
.tmp_build-output.tar.gz
# Node dependencies # Node dependencies
node_modules node_modules

46
build-files/.drone.prod.yml
View File

@ -0,0 +1,46 @@
kind: pipeline
type: exec
name: deploy
clone:
disable: true
trigger:
branch:
- deploy
event:
- push
steps:
- name: deploy
environment:
DEPLOY_SSH_KEY:
from_secret: DEPLOY_SSH_KEY
DATABASE_URL:
from_secret: DATABASE_URL
STATIC_DIR:
from_secret: STATIC_DIR
TMP_DIR:
from_secret: TMP_DIR
NUXT_PUBLIC_SITE_URL:
from_secret: NUXT_PUBLIC_SITE_URL
BOOTSTRAP_ADMIN_USERNAME:
from_secret: BOOTSTRAP_ADMIN_USERNAME
BOOTSTRAP_ADMIN_PASSWORD:
from_secret: BOOTSTRAP_ADMIN_PASSWORD
commands:
- export HOME=/root
- mkdir -p "$HOME/.ssh"
- chmod 700 "$HOME/.ssh"
- 'printf "%s\n" "$DEPLOY_SSH_KEY" > "$HOME/.ssh/id_rsa"'
- chmod 600 "$HOME/.ssh/id_rsa"
- 'ssh-keyscan -H gitee.com > "$HOME/.ssh/known_hosts"'
- chmod 644 "$HOME/.ssh/known_hosts"
- 'export SSH_OPTS="-i $HOME/.ssh/id_rsa -o IdentitiesOnly=yes -o UserKnownHostsFile=$HOME/.ssh/known_hosts -o StrictHostKeyChecking=accept-new -o BatchMode=yes -o ConnectTimeout=10 -o ServerAliveInterval=15 -o ServerAliveCountMax=3"'
- 'ssh $SSH_OPTS -T gitee.com || true'
- 'REPO_DIR="$HOME/projects/nuxt4-demo/nuxt4-demo"; PROD_DIR="$HOME/projects/nuxt4-demo/production-dist"; if [ -d "$REPO_DIR/.git" ]; then GIT_SSH_COMMAND="ssh $SSH_OPTS" git -C "$REPO_DIR" fetch origin deploy && git -C "$REPO_DIR" checkout -B deploy origin/deploy && git -C "$REPO_DIR" reset --hard origin/deploy && git -C "$REPO_DIR" clean -fdx; else rm -rf "$REPO_DIR" && mkdir -p "$(dirname "$REPO_DIR")" && GIT_SSH_COMMAND="ssh $SSH_OPTS" git clone --depth 1 -b deploy "ssh://git@gitee.com:xieyaxin/nuxt4-demo.git" "$REPO_DIR"; fi'
- '[ -f "$REPO_DIR/build-output.tar.gz" ] || { echo "build-output.tar.gz not found in $REPO_DIR"; exit 1; }'
- 'rm -rf "$PROD_DIR" && mkdir -p "$PROD_DIR"'
- 'tar -xzf "$REPO_DIR/build-output.tar.gz" -C "$PROD_DIR"'
- 'bash -lc "cd $HOME/projects/nuxt4-demo/production-dist && pm2 stop nuxt4-demo || true"'
- 'bash -lc "cd $HOME/projects/nuxt4-demo/production-dist && pm2 delete nuxt4-demo || true"'
- 'bash -lc "cd $HOME/projects/nuxt4-demo/production-dist && pm2 start ./run.sh --name nuxt4-demo"'

23
build-files/.drone.yml
View File

@ -6,7 +6,7 @@ clone:
trigger: trigger:
branch: branch:
- deploy-branch - deploy
event: event:
- push - push
@ -15,29 +15,14 @@ steps:
environment: environment:
DEPLOY_SSH_KEY: DEPLOY_SSH_KEY:
from_secret: DEPLOY_SSH_KEY from_secret: DEPLOY_SSH_KEY
DATABASE_URL:
from_secret: DATABASE_URL
STATIC_DIR:
from_secret: STATIC_DIR
TMP_DIR:
from_secret: TMP_DIR
NUXT_PUBLIC_SITE_URL:
from_secret: NUXT_PUBLIC_SITE_URL
BOOTSTRAP_ADMIN_USERNAME:
from_secret: BOOTSTRAP_ADMIN_USERNAME
BOOTSTRAP_ADMIN_PASSWORD:
from_secret: BOOTSTRAP_ADMIN_PASSWORD
commands: commands:
- export HOME=/root - export HOME=/root
- mkdir -p "$HOME/.ssh" - mkdir -p "$HOME/.ssh"
- chmod 700 "$HOME/.ssh" - chmod 700 "$HOME/.ssh"
- 'printf "%s\n" "$DEPLOY_SSH_KEY" > "$HOME/.ssh/id_rsa"' - 'printf "%s\n" "$DEPLOY_SSH_KEY" > "$HOME/.ssh/id_rsa"'
- chmod 600 "$HOME/.ssh/id_rsa" - chmod 600 "$HOME/.ssh/id_rsa"
- 'ssh-keyscan -p 8892 -H git.xieyaxin.top >> "$HOME/.ssh/known_hosts"' - 'ssh-keyscan -H gitee.com > "$HOME/.ssh/known_hosts"'
- chmod 644 "$HOME/.ssh/known_hosts" - chmod 644 "$HOME/.ssh/known_hosts"
- 'export SSH_OPTS="-i $HOME/.ssh/id_rsa -o IdentitiesOnly=yes -o UserKnownHostsFile=$HOME/.ssh/known_hosts -o StrictHostKeyChecking=accept-new -o BatchMode=yes -o ConnectTimeout=10 -o ServerAliveInterval=15 -o ServerAliveCountMax=3"' - 'export SSH_OPTS="-i $HOME/.ssh/id_rsa -o IdentitiesOnly=yes -o UserKnownHostsFile=$HOME/.ssh/known_hosts -o StrictHostKeyChecking=accept-new -o BatchMode=yes -o ConnectTimeout=10 -o ServerAliveInterval=15 -o ServerAliveCountMax=3"'
- 'ssh $SSH_OPTS -T -p 8892 root@git.xieyaxin.top || true' - 'ssh $SSH_OPTS -T gitee.com || true'
- 'REPO_DIR="$HOME/projects/nuxt4-demo/nuxt4-demo"; if [ -d "$REPO_DIR/.git" ]; then GIT_SSH_COMMAND="ssh $SSH_OPTS" git -C "$REPO_DIR" fetch origin deploy-branch && git -C "$REPO_DIR" checkout -B deploy-branch origin/deploy-branch; else rm -rf "$REPO_DIR" && mkdir -p "$(dirname "$REPO_DIR")" && GIT_SSH_COMMAND="ssh $SSH_OPTS" git clone --depth 1 -b deploy-branch "ssh://root@git.xieyaxin.top:8892/topuser/nuxt4-demo.git" "$REPO_DIR"; fi' - 'echo HELLO WORLD'
- 'bash -lc "cd $HOME/projects/nuxt4-demo/nuxt4-demo && pm2 stop nuxt4-demo || true"'
- 'bash -lc "cd $HOME/projects/nuxt4-demo/nuxt4-demo && pm2 delete nuxt4-demo || true"'
- 'bash -lc "cd $HOME/projects/nuxt4-demo/nuxt4-demo && pm2 start ./run.sh --name nuxt4-demo"'

2
package.json
View File

@ -9,7 +9,7 @@
"scripts": { "scripts": {
"build": "bun run sync:vditor && nuxt build && bun run cp:db && bun --elide-lines=0 --filter drizzle-pkg build", "build": "bun run sync:vditor && nuxt build && bun run cp:db && bun --elide-lines=0 --filter drizzle-pkg build",
"dev": "bun run sync:vditor && nuxt dev", "dev": "bun run sync:vditor && nuxt dev",
"deploy": "sh scripts/deploy.sh", "deploy": "sh scripts/deploy-gitee.sh",
"sync:vditor": "sh scripts/sync-vditor-assets.sh", "sync:vditor": "sh scripts/sync-vditor-assets.sh",
"cp:db": "cp build-files/run.sh .output/run.sh && cp build-files/.drone.yml .output/.drone.yml && sh scripts/mv-env.sh && cp -r build-files/migrate/* .output/server/ && cp build-files/seed.js .output/server/seed.js", "cp:db": "cp build-files/run.sh .output/run.sh && cp build-files/.drone.yml .output/.drone.yml && sh scripts/mv-env.sh && cp -r build-files/migrate/* .output/server/ && cp build-files/seed.js .output/server/seed.js",
"migrate:test": "sh scripts/migrate-test.sh", "migrate:test": "sh scripts/migrate-test.sh",

17
scripts/deploy.sh → scripts/deploy-gitea.sh
View File

@ -2,8 +2,10 @@
# 配置区(只改这里) # 配置区(只改这里)
GIT_REPO_URL="ssh://root@git.xieyaxin.top:8892/topuser/nuxt4-demo.git" GIT_REPO_URL="ssh://root@git.xieyaxin.top:8892/topuser/nuxt4-demo.git"
PROD_BRANCH="deploy-branch" # 你要存放产物的分支名(会自动创建) PROD_BRANCH="deploy" # 你要存放产物的分支名(会自动创建)
BUILD_FOLDER=".output" # 打包产物目录 BUILD_FOLDER=".output" # 打包产物目录
ARCHIVE_NAME="build-output.tar.gz"
ARCHIVE_PATH=".tmp_${ARCHIVE_NAME}"
COMMIT_MSG="deploy: build at $(date +'%Y-%m-%d %H:%M:%S')" COMMIT_MSG="deploy: build at $(date +'%Y-%m-%d %H:%M:%S')"
# 1. 先打包 # 1. 先打包
@ -22,13 +24,17 @@ git clone --single-branch --branch $PROD_BRANCH $GIT_REPO_URL .tmp_dist || {
cd .. cd ..
} }
# 3. 删除旧产物,复制新产物 # 3. 压缩构建产物
echo "🗜️ 压缩构建目录..."
tar -czf "$ARCHIVE_PATH" -C "$BUILD_FOLDER" .
# 4. 删除旧产物,复制新产物
echo "♻️ 更新产物文件..." echo "♻️ 更新产物文件..."
rm -rf .tmp_dist/* rm -rf .tmp_dist/*
cp -r $BUILD_FOLDER/.drone.yml .tmp_dist/.drone.yml cp -r $BUILD_FOLDER/.drone.yml .tmp_dist/.drone.yml
cp -r $BUILD_FOLDER/* .tmp_dist/ cp "$ARCHIVE_PATH" ".tmp_dist/$ARCHIVE_NAME"
# 4. 提交并推送 # 5. 提交并推送
cd .tmp_dist cd .tmp_dist
git add -A git add -A
git commit -m "$COMMIT_MSG" git commit -m "$COMMIT_MSG"
@ -36,8 +42,9 @@ git commit -m "$COMMIT_MSG"
echo "🚀 推送到远程分支 $PROD_BRANCH..." echo "🚀 推送到远程分支 $PROD_BRANCH..."
git push origin $PROD_BRANCH git push origin $PROD_BRANCH
# 5. 清理临时文件 # 6. 清理临时文件
cd .. cd ..
rm -rf .tmp_dist rm -rf .tmp_dist
rm -f "$ARCHIVE_PATH"
echo "✅ 发布完成!" echo "✅ 发布完成!"

50
scripts/deploy-gitee.sh
View File

@ -0,0 +1,50 @@
#!/usr/bin/env sh
# 配置区(只改这里)
GIT_REPO_URL="git@gitee.com:xieyaxin/nuxt4-demo.git"
PROD_BRANCH="deploy" # 你要存放产物的分支名(会自动创建)
BUILD_FOLDER=".output" # 打包产物目录
ARCHIVE_NAME="build-output.tar.gz"
ARCHIVE_PATH=".tmp_${ARCHIVE_NAME}"
COMMIT_MSG="deploy: build at $(date +'%Y-%m-%d %H:%M:%S')"
# 1. 先打包
echo "📦 构建项目..."
bun run build
# 2. 克隆远程产物分支到临时目录
echo "⬇️ 拉取产物分支..."
git clone --single-branch --branch $PROD_BRANCH $GIT_REPO_URL .tmp_dist || {
echo "🆕 分支不存在,创建新分支..."
mkdir .tmp_dist
cd .tmp_dist
git init
git checkout -b $PROD_BRANCH
git remote add origin $GIT_REPO_URL
cd ..
}
# 3. 压缩构建产物
echo "🗜️ 压缩构建目录..."
tar -czf "$ARCHIVE_PATH" -C "$BUILD_FOLDER" .
# 4. 删除旧产物,复制新产物
echo "♻️ 更新产物文件..."
rm -rf .tmp_dist/*
cp -r $BUILD_FOLDER/.drone.yml .tmp_dist/.drone.yml
cp "$ARCHIVE_PATH" ".tmp_dist/$ARCHIVE_NAME"
# 5. 提交并推送
cd .tmp_dist
git add -A
git commit -m "$COMMIT_MSG"
echo "🚀 推送到远程分支 $PROD_BRANCH..."
git push origin $PROD_BRANCH
# 6. 清理临时文件
cd ..
rm -rf .tmp_dist
rm -f "$ARCHIVE_PATH"
echo "✅ 发布完成!"
Write Preview
Loading…
Cancel
Save