OrgTJWater/TJWaterFrontend_Refine
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

ci: harden gitea package workflow
Build Push and Deploy / docker-image (push) Failing after 2s
Details
Build Push and Deploy / deploy-fallback-log (push) Successful in 2s
Details

Browse Source 
Make checkout idempotent for reused runner workspaces and add a safe test-tag path that validates builds without pushing images or calling the deploy webhook.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
This commit is contained in:
Huarch
2026-04-24 15:31:01 +08:00
parent b99fe66704
commit 3afe885cc0
2 changed files with 41 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.gitea/workflows/package.yml
+31 -3
View File
@@ -35,10 +35,19 @@ jobs:
;; ;;
esac esac
git init . if [ ! -d .git ]; then
git remote add origin "${AUTH_SERVER_URL}/${REPOSITORY}.git" git init .
fi
if git remote get-url origin >/dev/null 2>&1; then
git remote set-url origin "${AUTH_SERVER_URL}/${REPOSITORY}.git"
else
git remote add origin "${AUTH_SERVER_URL}/${REPOSITORY}.git"
fi
git fetch --depth=1 origin "$COMMIT_SHA" git fetch --depth=1 origin "$COMMIT_SHA"
git checkout --detach FETCH_HEAD git checkout --force --detach FETCH_HEAD
git clean -ffdx
- name: Normalize image metadata - name: Normalize image metadata
env: env:
@@ -51,16 +60,26 @@ jobs:
REGISTRY_HOST="${REGISTRY_HOST%/}" REGISTRY_HOST="${REGISTRY_HOST%/}"
REPOSITORY_PATH="${RAW_REPOSITORY#/}" REPOSITORY_PATH="${RAW_REPOSITORY#/}"
IMAGE_NAME="${REGISTRY_HOST}/${REPOSITORY_PATH}" IMAGE_NAME="${REGISTRY_HOST}/${REPOSITORY_PATH}"
case "$IMAGE_TAG" in
*-test) IS_TEST_TAG=true ;;
*) IS_TEST_TAG=false ;;
esac
{ {
echo "REGISTRY_HOST=${REGISTRY_HOST}" echo "REGISTRY_HOST=${REGISTRY_HOST}"
echo "REPOSITORY_PATH=${REPOSITORY_PATH}" echo "REPOSITORY_PATH=${REPOSITORY_PATH}"
echo "IMAGE_NAME=${IMAGE_NAME}" echo "IMAGE_NAME=${IMAGE_NAME}"
echo "IMAGE_TAG=${IMAGE_TAG}" echo "IMAGE_TAG=${IMAGE_TAG}"
echo "IMAGE_REF=${IMAGE_NAME}:${IMAGE_TAG}" echo "IMAGE_REF=${IMAGE_NAME}:${IMAGE_TAG}"
echo "IS_TEST_TAG=${IS_TEST_TAG}"
} >> "$GITHUB_ENV" } >> "$GITHUB_ENV"
- name: Login to Gitea Container Registry - name: Login to Gitea Container Registry
run: | run: |
if [ "$IS_TEST_TAG" = "true" ]; then
echo "Test tag detected; skipping registry login."
exit 0
fi
echo "${{ secrets.REGISTRY_PASSWORD }}" | docker login "$REGISTRY_HOST" \ echo "${{ secrets.REGISTRY_PASSWORD }}" | docker login "$REGISTRY_HOST" \
--username "${{ secrets.REGISTRY_USERNAME }}" \ --username "${{ secrets.REGISTRY_USERNAME }}" \
--password-stdin --password-stdin
@@ -81,12 +100,21 @@ jobs:
--build-arg NEXT_PUBLIC_MAPBOX_TOKEN="${{ secrets.NEXT_PUBLIC_MAPBOX_TOKEN }}" \ --build-arg NEXT_PUBLIC_MAPBOX_TOKEN="${{ secrets.NEXT_PUBLIC_MAPBOX_TOKEN }}" \
--build-arg NEXT_PUBLIC_TIANDITU_TOKEN="${{ secrets.NEXT_PUBLIC_TIANDITU_TOKEN }}" \ --build-arg NEXT_PUBLIC_TIANDITU_TOKEN="${{ secrets.NEXT_PUBLIC_TIANDITU_TOKEN }}" \
. .
if [ "$IS_TEST_TAG" = "true" ]; then
echo "Test tag detected; build completed without pushing images."
exit 0
fi
docker push "${IMAGE_NAME}:${IMAGE_TAG}" docker push "${IMAGE_NAME}:${IMAGE_TAG}"
docker push "${IMAGE_NAME}:latest" docker push "${IMAGE_NAME}:latest"
- name: Notify Deploy Server - name: Notify Deploy Server
if: success() if: success()
run: | run: |
if [ "$IS_TEST_TAG" = "true" ]; then
echo "Test tag detected; skipping deploy webhook."
exit 0
fi
curl -fsSL -X POST "${{ vars.DEPLOY_WEBHOOK_URL }}" \ curl -fsSL -X POST "${{ vars.DEPLOY_WEBHOOK_URL }}" \
-H "Content-Type: application/json" \ -H "Content-Type: application/json" \
-H "Authorization: Bearer ${{ secrets.DEPLOY_WEBHOOK_TOKEN }}" \ -H "Authorization: Bearer ${{ secrets.DEPLOY_WEBHOOK_TOKEN }}" \
memery.md
+10
View File
@@ -0,0 +1,10 @@
# CI build notes
## 2026-04-24
- **Observed failure while reproducing workflow checkout locally:** the `Checkout code` step ran `git remote add origin ...` unconditionally. In a workspace that already had an `origin` remote, the job failed with `error: remote origin already exists.` and exited before `docker build`.
- **Why this matters for act_runner:** self-hosted Gitea runners can reuse working directories or start from repositories that already contain Git metadata, so checkout logic must be idempotent.
- **Applied fix:** changed `.gitea/workflows/package.yml` to initialize Git only when needed, use `git remote set-url origin ...` when `origin` already exists, and force-clean the workspace after checking out `FETCH_HEAD`.
- **Safety improvement for remote validation:** tags ending with `-test` now run the build verification path only. They skip registry login, image push, `latest` updates, and the deploy webhook so act_runner can be tested without deployment side effects.
- **Current local result:** `npm run lint`, `npm run test -- --runInBand`, `npm run build`, `docker build ...`, and `npm run build` inside `gitea/runner-images:ubuntu-22.04` all completed successfully after the workflow adjustment.
- **Non-blocking note:** local Jest run reported a haste-map naming collision between `package.json` and `.next/standalone/package.json`; tests still passed, and this does not affect the current image-build workflow.