diff --git a/.github/workflows/buidl_and_push_ghcr.yml b/.github/workflows/buidl_and_push_ghcr.yml index 32efd52..9bf1389 100644 --- a/.github/workflows/buidl_and_push_ghcr.yml +++ b/.github/workflows/buidl_and_push_ghcr.yml @@ -41,35 +41,88 @@ jobs: - name: Deploy to Kubernetes uses: docker://bitnami/kubectl:latest env: - # 这里传入的是 Base64 编码后的字符串,不再是原始 YAML + # --- 1. 将变量提到这里,避免 Shell 引号地狱 --- KUBECONFIG_BASE64: ${{ secrets.KUBE_CONFIG_TEST }} + HOST: gitea-http.gitea.svc.cluster.local:3000 + # Gitea 变量直接在这里注入 + RAW_USER: ${{ gitea.actor }} + IMAGE_TAG: ${{ github.sha }} with: entrypoint: /bin/sh args: >- -c " - # 1. 解码 Base64 并写入文件 (最稳健的方式) - echo \"$KUBECONFIG_BASE64\" | base64 -d > /tmp/kubeconfig; + # --- 2. 开启 Debug 模式 (关键!) --- + # -x: 打印执行的每一行命令 + # -e: 遇到错误立即退出,不再继续 + set -xe + + echo '>>> Step 1: Checking Environment' + if [ -z \"$KUBECONFIG_BASE64\" ]; then + echo 'Error: KUBECONFIG_BASE64 is empty! Check Gitea Secrets.' + exit 1 + fi + + echo '>>> Step 2: Decoding Kubeconfig' + # 使用 base64 -d 解码,忽略可能存在的换行符 + echo \"$KUBECONFIG_BASE64\" | base64 -d > /tmp/kubeconfig + export KUBECONFIG=/tmp/kubeconfig - # 设置环境变量 - export KUBECONFIG=/tmp/kubeconfig; + # 测试 kubectl 是否能连接 (验证 config 是否有效) + echo '>>> Step 3: Verifying Cluster Connection' + kubectl cluster-info + kubectl get pods -n dev || echo 'Warning: Could not list pods, check permissions' - # --- 调试代码 (如果还报错,请取消下面两行的注释来查看文件是否有内容) --- - # echo 'Checking kubeconfig content size:' - # ls -l /tmp/kubeconfig - # ------------------------------------------------------------- + echo '>>> Step 4: Preparing Image Name' + # 在 Shell 内部处理大小写转换 + LOWER_USER=$(echo $RAW_USER | tr '[:upper:]' '[:lower:]') + FULL_IMAGE=\"$HOST/$LOWER_USER/my-docs:$IMAGE_TAG\" + + echo \"Target Image: $FULL_IMAGE\" - # 2. 准备变量 - HOST='gitea-http.gitea.svc.cluster.local:3000'; - RAW_USER='${{ gitea.actor }}'; - LOWER_USER=$(echo $RAW_USER | tr '[:upper:]' '[:lower:]'); - IMAGE_TAG='${{ github.sha }}'; - FULL_IMAGE=\"$HOST/$LOWER_USER/my-docs:$IMAGE_TAG\"; + echo '>>> Step 5: Executing Deployment' + # 执行部署 + kubectl set image deployment/my-docs nginx=$FULL_IMAGE -n dev + + echo '>>> Step 6: Restarting and Waiting' + kubectl rollout restart deployment/my-docs -n dev + kubectl rollout status deployment/my-docs -n dev + " + -c + " + # --- 2. 开启 Debug 模式 (关键!) --- + # -x: 打印执行的每一行命令 + # -e: 遇到错误立即退出,不再继续 + set -xe - echo \"Deploying image: $FULL_IMAGE\"; + echo '>>> Step 1: Checking Environment' + if [ -z \"$KUBECONFIG_BASE64\" ]; then + echo 'Error: KUBECONFIG_BASE64 is empty! Check Gitea Secrets.' + exit 1 + fi - # 3. 执行命令 - kubectl set image deployment/my-docs nginx=$FULL_IMAGE -n dev; - kubectl rollout restart deployment/my-docs -n dev; - kubectl rollout status deployment/my-docs -n dev; - " \ No newline at end of file + echo '>>> Step 2: Decoding Kubeconfig' + # 使用 base64 -d 解码,忽略可能存在的换行符 + echo \"$KUBECONFIG_BASE64\" | base64 -d > /tmp/kubeconfig + export KUBECONFIG=/tmp/kubeconfig + + # 测试 kubectl 是否能连接 (验证 config 是否有效) + echo '>>> Step 3: Verifying Cluster Connection' + kubectl cluster-info + kubectl get pods -n dev || echo 'Warning: Could not list pods, check permissions' + + echo '>>> Step 4: Preparing Image Name' + # 在 Shell 内部处理大小写转换 + LOWER_USER=$(echo $RAW_USER | tr '[:upper:]' '[:lower:]') + FULL_IMAGE=\"$HOST/$LOWER_USER/my-docs:$IMAGE_TAG\" + + echo \"Target Image: $FULL_IMAGE\" + + echo '>>> Step 5: Executing Deployment' + # 执行部署 + kubectl set image deployment/my-docs nginx=$FULL_IMAGE -n dev + + echo '>>> Step 6: Restarting and Waiting' + kubectl rollout restart deployment/my-docs -n dev + kubectl rollout status deployment/my-docs -n dev + " \ No newline at end of file