fix(ci): switch deploy images to cn registry

This commit is contained in:
chengkml
2026-05-16 14:23:23 +08:00
parent b649fac7b9
commit 90ed11c4da
4 changed files with 47 additions and 14 deletions
+19 -12
View File
@@ -12,10 +12,10 @@ concurrency:
permissions:
contents: read
packages: write
env:
REGISTRY: ghcr.io
REGISTRY: ${{ vars.REGISTRY || 'crpi-u265r07n4blchcqo.cn-shanghai.personal.cr.aliyuncs.com' }}
REGISTRY_NAMESPACE: ${{ vars.REGISTRY_NAMESPACE || 'ck-registry' }}
jobs:
build-and-push:
@@ -32,26 +32,27 @@ jobs:
id: vars
shell: bash
run: |
OWNER_LC="${GITHUB_REPOSITORY_OWNER,,}"
echo "api_image=${{ env.REGISTRY }}/${OWNER_LC}/fquiz-api" >> "$GITHUB_OUTPUT"
echo "web_image=${{ env.REGISTRY }}/${OWNER_LC}/fquiz-web" >> "$GITHUB_OUTPUT"
NS="${{ env.REGISTRY_NAMESPACE }}"
echo "api_image=${{ env.REGISTRY }}/${NS}/fquiz-api" >> "$GITHUB_OUTPUT"
echo "web_image=${{ env.REGISTRY }}/${NS}/fquiz-web" >> "$GITHUB_OUTPUT"
echo "image_tag=${GITHUB_SHA}" >> "$GITHUB_OUTPUT"
- name: 安装 Buildx
uses: docker/setup-buildx-action@v3
- name: 登录 GHCR
- name: 登录镜像仓库
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
username: ${{ secrets.REGISTRY_USERNAME }}
password: ${{ secrets.REGISTRY_PASSWORD }}
- name: 构建并推送 API 镜像
uses: docker/build-push-action@v6
with:
context: ./api
file: ./api/Dockerfile
pull: true
push: true
build-args: |
PIP_INDEX_URL=${{ secrets.PIP_INDEX_URL || vars.PIP_INDEX_URL || 'https://pypi.org/simple' }}
@@ -67,6 +68,7 @@ jobs:
with:
context: ./web
file: ./web/Dockerfile
pull: true
push: true
build-args: |
NEXT_PUBLIC_API_BASE_URL=${{ vars.NEXT_PUBLIC_API_BASE_URL || 'http://127.0.0.1:8000' }}
@@ -88,6 +90,8 @@ jobs:
SERVER_USER: ${{ secrets.SERVER_USER || vars.SERVER_USER }}
SERVER_SSH_KEY: ${{ secrets.SERVER_SSH_KEY }}
SERVER_PASSWORD: ${{ secrets.SERVER_PASSWORD }}
REGISTRY_USERNAME: ${{ secrets.REGISTRY_USERNAME }}
REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }}
run: |
set -euo pipefail
[ -n "${SERVER_HOST}" ] || { echo "::error::缺少 SERVER_HOST(请在 Secrets 或 Variables 中配置)"; exit 1; }
@@ -96,6 +100,8 @@ jobs:
echo "::error::缺少登录凭据:请至少配置 SERVER_SSH_KEY 或 SERVER_PASSWORD"
exit 1
fi
[ -n "${REGISTRY_USERNAME}" ] || { echo "::error::缺少 REGISTRY_USERNAME"; exit 1; }
[ -n "${REGISTRY_PASSWORD}" ] || { echo "::error::缺少 REGISTRY_PASSWORD"; exit 1; }
- name: 拉取代码
uses: actions/checkout@v4
@@ -141,8 +147,9 @@ jobs:
IMAGE_TAG: ${{ needs.build-and-push.outputs.image_tag }}
NEXT_PUBLIC_API_BASE_URL: ${{ vars.NEXT_PUBLIC_API_BASE_URL || 'http://127.0.0.1:8000' }}
FLOWER_BASIC_AUTH: ${{ secrets.FLOWER_BASIC_AUTH || vars.FLOWER_BASIC_AUTH || 'admin:admin' }}
GHCR_USERNAME: ${{ github.actor }}
GHCR_TOKEN: ${{ secrets.GITHUB_TOKEN }}
REGISTRY: ${{ env.REGISTRY }}
REGISTRY_USERNAME: ${{ secrets.REGISTRY_USERNAME }}
REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }}
with:
host: ${{ secrets.SERVER_HOST || vars.SERVER_HOST }}
username: ${{ secrets.SERVER_USER || vars.SERVER_USER }}
@@ -151,7 +158,7 @@ jobs:
command_timeout: 45m
key: ${{ secrets.SERVER_SSH_KEY }}
password: ${{ secrets.SERVER_PASSWORD }}
envs: DEPLOY_PATH,API_IMAGE,WEB_IMAGE,IMAGE_TAG,NEXT_PUBLIC_API_BASE_URL,FLOWER_BASIC_AUTH,GHCR_USERNAME,GHCR_TOKEN
envs: DEPLOY_PATH,API_IMAGE,WEB_IMAGE,IMAGE_TAG,NEXT_PUBLIC_API_BASE_URL,FLOWER_BASIC_AUTH,REGISTRY,REGISTRY_USERNAME,REGISTRY_PASSWORD
script: |
set -euo pipefail
export DOCKER_CLIENT_TIMEOUT="${DOCKER_CLIENT_TIMEOUT:-600}"
@@ -176,7 +183,7 @@ jobs:
FLOWER_BASIC_AUTH=${FLOWER_BASIC_AUTH}
ENV
echo "${GHCR_TOKEN}" | docker login ghcr.io -u "${GHCR_USERNAME}" --password-stdin
echo "${REGISTRY_PASSWORD}" | docker login "${REGISTRY}" -u "${REGISTRY_USERNAME}" --password-stdin
COMPOSE_CMD="docker compose"
if ! docker compose version >/dev/null 2>&1; then