OrgTJWater/TJWaterServerBinary
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(ci): 添加 Gitea 仓库密钥 TJWATER_SERVER_ENV 检查
Server CI/CD / docker-image (push) Failing after 11s
Details
Server CI/CD / deploy-fallback-log (push) Successful in 0s
Details

Browse Source
This commit is contained in:
Jiang
2026-06-10 15:08:47 +08:00
parent f35287d3cf
commit 26643d68c7
2 changed files with 59 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.env.example
+1
View File
@@ -1,5 +1,6 @@
# TJWater Server 环境变量配置模板
# 复制此文件为 .env 并填写实际值
# CI/CD: 将生产 .env 的完整内容保存为 Gitea 仓库密钥 TJWATER_SERVER_ENV。
ENVIRONMENT="production"
NETWORK_NAME="tjwater"
# ============================================
.gitea/workflows/package.yml
+58
View File
@@ -112,6 +112,54 @@ jobs:
--username "${REGISTRY_USERNAME}" \
--password-stdin
- name: Materialize runtime env file
env:
TJWATER_SERVER_ENV: ${{ secrets.TJWATER_SERVER_ENV }}
run: |
if [ -z "${TJWATER_SERVER_ENV}" ]; then
echo "Missing required repository secret: TJWATER_SERVER_ENV"
echo "Store the backend .env file content as a multiline Gitea repository secret named TJWATER_SERVER_ENV."
exit 1
fi
printf '%s\n' "${TJWATER_SERVER_ENV}" > .env
chmod 600 .env
required_env_keys=(
ENVIRONMENT
NETWORK_NAME
SECRET_KEY
ENCRYPTION_KEY
DB_NAME
DB_HOST
DB_PORT
DB_USER
DB_PASSWORD
TIMESCALEDB_DB_NAME
TIMESCALEDB_DB_HOST
TIMESCALEDB_DB_PORT
TIMESCALEDB_DB_USER
TIMESCALEDB_DB_PASSWORD
METADATA_DB_NAME
METADATA_DB_HOST
METADATA_DB_PORT
METADATA_DB_USER
METADATA_DB_PASSWORD
DATABASE_ENCRYPTION_KEY
)
missing_keys=()
for key in "${required_env_keys[@]}"; do
if ! grep -Eq "^[[:space:]]*${key}=" .env; then
missing_keys+=("$key")
fi
done
if [ "${#missing_keys[@]}" -gt 0 ]; then
echo "TJWATER_SERVER_ENV is missing required keys: ${missing_keys[*]}"
exit 1
fi
- name: Build and Push Image
run: |
if [ -z "${IMAGE_NAME:-}" ] || [ -z "${IMAGE_TAG:-}" ]; then
@@ -165,6 +213,16 @@ jobs:
webhook_url=$(echo "$webhook_url" | xargs)
if [ -z "$webhook_url" ]; then
echo "Missing required repository variable: DEPLOY_WEBHOOK_URL"
return 1
fi
if [ -z "$token" ]; then
echo "Missing required repository secret: DEPLOY_WEBHOOK_TOKEN"
return 1
fi
echo "[$label] Calling webhook: $webhook_url"
http_code=$(curl -sS -D /tmp/deploy_headers.txt -o /tmp/deploy_response.txt -w "%{http_code}" -X POST "$webhook_url" \