You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
81 lines
3.0 KiB
81 lines
3.0 KiB
kind: pipeline
|
|
type: exec
|
|
name: deploy
|
|
clone:
|
|
disable: true
|
|
|
|
trigger:
|
|
branch:
|
|
- test
|
|
event:
|
|
- push
|
|
|
|
steps:
|
|
- name: debug
|
|
commands:
|
|
- echo $PATH
|
|
- whoami
|
|
- which node
|
|
- which pm2
|
|
- name: deploy
|
|
environment:
|
|
# exec runner 常不设置 HOME,会导致 ~/.bun、~/.nvm 等路径展开错误
|
|
HOME: /root
|
|
DEPLOY_BRANCH: deploy
|
|
REPO_DIR: /root/projects/nuxt4-demo/nuxt4-demo-origin
|
|
# Gitea 必须用 git 用户拉代码;用 root@ 可能 SSH 能过但 git 会话卡住
|
|
GIT_REMOTE: ssh://git@git.xieyaxin.top:8892/topuser/nuxt4-demo.git
|
|
GIT_SSH_HOST: git.xieyaxin.top
|
|
GIT_SSH_PORT: "8892"
|
|
UNZIP_DIR: /root/projects/nuxt4-demo/nuxt4-demo
|
|
DEPLOY_SSH_KEY:
|
|
from_secret: DEPLOY_SSH_KEY
|
|
DATABASE_URL:
|
|
from_secret: DATABASE_URL
|
|
NITRO_PORT:
|
|
from_secret: NITRO_PORT
|
|
STATIC_DIR:
|
|
from_secret: STATIC_DIR
|
|
TMP_DIR:
|
|
from_secret: TMP_DIR
|
|
MEDIA_UPLOAD_SUBDIR:
|
|
from_secret: MEDIA_UPLOAD_SUBDIR
|
|
BOOTSTRAP_ADMIN_USERNAME:
|
|
from_secret: BOOTSTRAP_ADMIN_USERNAME
|
|
BOOTSTRAP_ADMIN_PASSWORD:
|
|
from_secret: BOOTSTRAP_ADMIN_PASSWORD
|
|
commands:
|
|
- mkdir -p -m 700 "/root/.ssh"
|
|
- umask 077 && printf '%s\n' "$DEPLOY_SSH_KEY" > "/root/.ssh/id_rsa"
|
|
# 须与 GIT_REMOTE 主机一致,否则 StrictHostKeyChecking 会因缺少 [host]:port 的密钥失败
|
|
- 'ssh-keyscan -p "$GIT_SSH_PORT" -H -T 15 "$GIT_SSH_HOST" > "/root/.ssh/known_hosts" && chmod 644 "/root/.ssh/known_hosts"'
|
|
- 'export SSH_OPTS="-i /root/.ssh/id_rsa -p $GIT_SSH_PORT -o IdentitiesOnly=yes -o UserKnownHostsFile=/root/.ssh/known_hosts -o StrictHostKeyChecking=yes -o BatchMode=yes -o ConnectTimeout=10 -o ServerAliveInterval=15 -o ServerAliveCountMax=3"'
|
|
# 与 GIT_REMOTE 用户一致(deploy key 挂在 Gitea 的 git 访问上)
|
|
- 'ssh $SSH_OPTS -T git@"$GIT_SSH_HOST" || true'
|
|
- 'export GIT_SSH_COMMAND="ssh $SSH_OPTS"'
|
|
- |
|
|
set -e
|
|
export GIT_TERMINAL_PROMPT=0
|
|
BRANCH="$DEPLOY_BRANCH"
|
|
REPO_DIR="$REPO_DIR"
|
|
GIT_REMOTE="$GIT_REMOTE"
|
|
if [ -d "$REPO_DIR/.git" ]; then
|
|
git -C "$REPO_DIR" fetch --progress --depth 1 origin "$BRANCH"
|
|
git -C "$REPO_DIR" checkout -B "$BRANCH" "origin/$BRANCH"
|
|
git -C "$REPO_DIR" reset --hard "origin/$BRANCH"
|
|
git -C "$REPO_DIR" clean -fdx
|
|
else
|
|
rm -rf "$REPO_DIR"
|
|
mkdir -p "$(dirname "$REPO_DIR")"
|
|
git clone --progress --depth 1 -b "$BRANCH" "$GIT_REMOTE" "$REPO_DIR"
|
|
fi
|
|
- |
|
|
set -e
|
|
[ -f "$REPO_DIR/build-output.tar.gz" ] || { echo "build-output.tar.gz not found in $REPO_DIR"; exit 1; }
|
|
rm -rf "$UNZIP_DIR"
|
|
mkdir -p "$UNZIP_DIR"
|
|
tar -xzf "$REPO_DIR/build-output.tar.gz" -C "$UNZIP_DIR"
|
|
- cd "$UNZIP_DIR"
|
|
- pm2 stop nuxt4-demo || true
|
|
- pm2 delete nuxt4-demo || true
|
|
- pm2 start ./run.sh --name nuxt4-demo
|