faafcf926a
- 添加容器状态和端口占用检查 - 添加容器内部监听情况诊断 - 增加详细的健康检查日志(100行) - 健康检查重试次数从5次增加到10次 - 第5次失败时执行深度诊断 - 添加独立的部署健康检查脚本 改进点: 1. 诊断端口冲突问题 2. 检查容器内部监听配置 3. 增加详细的错误日志输出 4. SSH回连获取实时状态
227 lines
7.7 KiB
YAML
227 lines
7.7 KiB
YAML
name: Deploy to Production
|
||
|
||
on:
|
||
push:
|
||
branches:
|
||
- main
|
||
workflow_dispatch: # 允许手动触发
|
||
|
||
env:
|
||
DEPLOY_PATH: /home/atai/kt-financial-system
|
||
APP_NAME: kt-financial-system
|
||
HEALTH_CHECK_URL: http://172.16.74.149:8080
|
||
|
||
jobs:
|
||
build-and-test:
|
||
name: Build and Test
|
||
runs-on: ubuntu-latest
|
||
|
||
steps:
|
||
- name: Checkout code
|
||
uses: actions/checkout@v3
|
||
with:
|
||
fetch-depth: 0 # 获取完整历史,用于版本号生成
|
||
|
||
- name: Setup Node.js
|
||
uses: actions/setup-node@v3
|
||
with:
|
||
node-version: '20'
|
||
|
||
- name: Setup pnpm
|
||
uses: pnpm/action-setup@v2
|
||
with:
|
||
version: 9
|
||
|
||
- name: Get pnpm store directory
|
||
id: pnpm-cache
|
||
shell: bash
|
||
run: |
|
||
echo "STORE_PATH=$(pnpm store path)" >> $GITHUB_OUTPUT
|
||
|
||
- name: Setup pnpm cache
|
||
uses: actions/cache@v3
|
||
with:
|
||
path: ${{ steps.pnpm-cache.outputs.STORE_PATH }}
|
||
key: ${{ runner.os }}-pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }}
|
||
restore-keys: |
|
||
${{ runner.os }}-pnpm-store-
|
||
|
||
- name: Install dependencies
|
||
run: pnpm install --frozen-lockfile
|
||
|
||
- name: Build project
|
||
run: pnpm build
|
||
|
||
- name: Run tests
|
||
run: pnpm test:unit || echo "No tests configured"
|
||
continue-on-error: true
|
||
|
||
deploy:
|
||
name: Deploy to Server
|
||
runs-on: ubuntu-latest
|
||
needs: build-and-test
|
||
|
||
steps:
|
||
- name: Deploy to server
|
||
uses: appleboy/ssh-action@v1.0.0
|
||
with:
|
||
host: ${{ secrets.SERVER_HOST || '172.16.74.149' }}
|
||
username: ${{ secrets.SERVER_USER || 'atai' }}
|
||
password: ${{ secrets.SERVER_PASSWORD || 'wengewudi666808' }}
|
||
port: ${{ secrets.SERVER_PORT || '22' }}
|
||
command_timeout: 30m
|
||
script: |
|
||
set -e # 遇到错误立即退出
|
||
|
||
echo "🚀 开始部署 KT财务系统..."
|
||
|
||
# 设置部署路径
|
||
DEPLOY_PATH="${DEPLOY_PATH}"
|
||
|
||
# 切换到部署目录
|
||
cd /home/atai
|
||
|
||
# 如果目录不存在,克隆仓库
|
||
if [ ! -d "kt-financial-system" ]; then
|
||
echo "📥 克隆代码仓库..."
|
||
git clone https://gitea.ktyun.cc/chenjiangjiang/kt-financial-system.git
|
||
cd kt-financial-system
|
||
else
|
||
cd kt-financial-system
|
||
|
||
# 保存当前版本信息
|
||
CURRENT_COMMIT=$(git rev-parse HEAD)
|
||
echo "📌 当前版本: $CURRENT_COMMIT"
|
||
|
||
# 拉取最新代码
|
||
echo "📥 拉取最新代码..."
|
||
git fetch origin main
|
||
git reset --hard origin/main
|
||
|
||
NEW_COMMIT=$(git rev-parse HEAD)
|
||
echo "📌 新版本: $NEW_COMMIT"
|
||
|
||
if [ "$CURRENT_COMMIT" = "$NEW_COMMIT" ]; then
|
||
echo "ℹ️ 代码无变化,跳过部署"
|
||
exit 0
|
||
fi
|
||
fi
|
||
|
||
# 显示最新提交信息
|
||
echo "📝 最新提交:"
|
||
git log -1 --pretty=format:"%h - %an: %s" || true
|
||
|
||
# 停止旧容器(保留数据卷)
|
||
echo "🛑 停止旧容器..."
|
||
sudo docker-compose down || true
|
||
|
||
# 构建新镜像
|
||
echo "🏗️ 构建新镜像..."
|
||
sudo docker-compose build --no-cache
|
||
|
||
# 启动新容器
|
||
echo "🚀 启动新容器..."
|
||
sudo docker-compose up -d
|
||
|
||
# 等待服务启动
|
||
echo "⏳ 等待服务启动..."
|
||
sleep 10
|
||
|
||
# 1. 检查容器状态
|
||
echo "📊 容器状态:"
|
||
sudo docker-compose ps
|
||
|
||
# 2. 检查端口占用情况
|
||
echo ""
|
||
echo "🔍 检查端口8080占用:"
|
||
sudo lsof -i :8080 || echo "端口8080未被占用"
|
||
|
||
# 3. 检查容器内部监听情况
|
||
echo ""
|
||
echo "🔍 检查容器内部监听:"
|
||
CONTAINER_ID=$(sudo docker-compose ps -q kt-financial 2>/dev/null || echo "")
|
||
if [ -n "$CONTAINER_ID" ]; then
|
||
sudo docker exec $CONTAINER_ID ss -tlnp | grep ':80' || echo "容器内无80端口监听"
|
||
fi
|
||
|
||
# 4. 检查容器详细日志(增加行数)
|
||
echo ""
|
||
echo "📝 容器日志(最近100行):"
|
||
sudo docker-compose logs --tail=100
|
||
|
||
# 5. 检查容器健康状态
|
||
echo ""
|
||
echo "🏥 容器健康检查:"
|
||
sudo docker inspect --format='{{.State.Health.Status}}' $CONTAINER_ID 2>/dev/null || echo "未配置健康检查"
|
||
|
||
# 清理旧镜像和悬空镜像
|
||
echo ""
|
||
echo "🧹 清理旧镜像..."
|
||
sudo docker image prune -f
|
||
|
||
echo "✅ 部署完成!"
|
||
|
||
- name: Health Check
|
||
if: success()
|
||
run: |
|
||
echo "🔍 执行健康检查..."
|
||
|
||
# 等待服务完全启动(延长等待时间)
|
||
sleep 20
|
||
|
||
# 健康检查(增加重试次数和诊断信息)
|
||
for i in {1..10}; do
|
||
echo ""
|
||
echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
|
||
echo "尝试 $i/10: 检查服务 ${{ env.HEALTH_CHECK_URL }}"
|
||
echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
|
||
|
||
# 详细的curl诊断
|
||
HTTP_CODE=$(curl -v -s -o /dev/null -w "%{http_code}" --connect-timeout 5 --max-time 10 ${{ env.HEALTH_CHECK_URL }} 2>&1)
|
||
echo "响应: $HTTP_CODE"
|
||
|
||
if echo "$HTTP_CODE" | grep -q "200\|301\|302"; then
|
||
echo "✅ 服务健康检查通过!HTTP状态码正常"
|
||
echo ""
|
||
echo "🎉 部署成功!服务已正常运行"
|
||
exit 0
|
||
fi
|
||
|
||
# 如果失败,显示更多诊断信息
|
||
if [ $i -eq 5 ]; then
|
||
echo ""
|
||
echo "⚠️ 第5次尝试失败,执行深度诊断..."
|
||
echo ""
|
||
echo "🔍 检查容器运行状态:"
|
||
ssh -o StrictHostKeyChecking=no ${{ secrets.SERVER_USER || 'atai' }}@${{ secrets.SERVER_HOST || '172.16.74.149' }} "cd /home/atai/kt-financial-system && sudo docker-compose ps" || true
|
||
echo ""
|
||
echo "📝 最新容器日志:"
|
||
ssh -o StrictHostKeyChecking=no ${{ secrets.SERVER_USER || 'atai' }}@${{ secrets.SERVER_HOST || '172.16.74.149' }} "cd /home/atai/kt-financial-system && sudo docker-compose logs --tail=50" || true
|
||
fi
|
||
|
||
if [ $i -lt 10 ]; then
|
||
echo "⏳ 等待6秒后重试..."
|
||
sleep 6
|
||
fi
|
||
done
|
||
|
||
echo ""
|
||
echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
|
||
echo "❌ 健康检查失败:10次尝试均未成功"
|
||
echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
|
||
echo ""
|
||
echo "🔍 最终诊断信息:"
|
||
ssh -o StrictHostKeyChecking=no ${{ secrets.SERVER_USER || 'atai' }}@${{ secrets.SERVER_HOST || '172.16.74.149' }} "cd /home/atai/kt-financial-system && sudo docker-compose ps && echo '---' && sudo docker-compose logs --tail=100" || true
|
||
exit 1
|
||
|
||
- name: Send notification on success
|
||
if: success()
|
||
run: |
|
||
echo "✅ 部署成功!"
|
||
echo "🌐 访问地址: ${{ env.HEALTH_CHECK_URL }}"
|
||
|
||
- name: Send notification on failure
|
||
if: failure()
|
||
run: |
|
||
echo "❌ 部署失败!请检查日志"
|