trigger-workflow #33
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and Deploy | |
| on: | |
| push: | |
| branches: | |
| - main | |
| schedule: | |
| - cron: '0 3 * * *' | |
| repository_dispatch: | |
| types: [trigger-workflow] | |
| permissions: write-all | |
| env: | |
| PNPM_VERSION: 9.x.x | |
| HASH_FILE: build_hash | |
| jobs: | |
| prepare: | |
| name: Prepare | |
| runs-on: ubuntu-latest | |
| if: ${{ github.event.head_commit.message != 'Update hash file' }} | |
| outputs: | |
| hash_content: ${{ steps.read_hash.outputs.hash_content }} | |
| steps: | |
| - name: Cancel Previous Runs | |
| uses: styfle/cancel-workflow-action@0.12.1 | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Read HASH_FILE content | |
| id: read_hash | |
| run: | | |
| content=$(cat ${{ env.HASH_FILE }}) || true | |
| echo "hash_content=$content" >> "$GITHUB_OUTPUT" | |
| check: | |
| name: Check Should Rebuild | |
| runs-on: ubuntu-latest | |
| needs: prepare | |
| outputs: | |
| canceled: ${{ steps.use_content.outputs.canceled }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| repository: innei-dev/shiroi | |
| token: ${{ secrets.GH_PAT }} # `GH_PAT` is a secret that contains your PAT | |
| fetch-depth: 0 | |
| lfs: true | |
| - name: Use content from prev job and compare | |
| id: use_content | |
| env: | |
| FILE_HASH: ${{ needs.prepare.outputs.hash_content }} | |
| run: | | |
| file_hash=$FILE_HASH | |
| current_hash=$(git rev-parse --short HEAD) | |
| echo "File Hash: $file_hash" | |
| echo "Current Git Hash: $current_hash" | |
| if [ "$file_hash" == "$current_hash" ]; then | |
| echo "Hashes match. Stopping workflow." | |
| echo "canceled=true" >> $GITHUB_OUTPUT | |
| else | |
| echo "Hashes do not match. Continuing workflow." | |
| fi | |
| build: | |
| name: Build artifact | |
| runs-on: ubuntu-latest | |
| needs: check | |
| if: ${{needs.check.outputs.canceled != 'true'}} | |
| strategy: | |
| matrix: | |
| node-version: [18.x] | |
| outputs: | |
| sha_short: ${{ steps.store.outputs.sha_short }} | |
| branch: ${{ steps.store.outputs.branch }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| repository: innei-dev/shiroi | |
| token: ${{ secrets.GH_PAT }} # `GH_PAT` is a secret that contains your PAT | |
| fetch-depth: 0 | |
| lfs: true | |
| - name: Checkout LFS objects | |
| run: git lfs checkout | |
| - uses: pnpm/action-setup@v2 | |
| with: | |
| version: ${{ env.PNPM_VERSION }} | |
| - name: Use Node.js ${{ matrix.node-version }} | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: ${{ matrix.node-version }} | |
| cache: 'pnpm' | |
| - name: Install dependencies | |
| run: pnpm install | |
| - name: Build project | |
| run: | | |
| sh ./ci-release-build.sh | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: dist | |
| path: assets/release.zip | |
| retention-days: 7 | |
| - name: Store artifact commit version | |
| shell: bash | |
| id: store | |
| run: | | |
| sha_short=$(git rev-parse --short HEAD) | |
| branch_name=$(git rev-parse --abbrev-ref HEAD) | |
| echo "sha_short=$sha_short" >> "$GITHUB_OUTPUT" | |
| echo "branch=$branch_name" >> "$GITHUB_OUTPUT" | |
| deploy: | |
| name: Deploy artifact | |
| runs-on: ubuntu-latest | |
| needs: build | |
| steps: | |
| - name: Download artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: dist | |
| - name: copy file via ssh password | |
| uses: appleboy/scp-action@v0.1.7 | |
| with: | |
| host: ${{ secrets.HOST }} | |
| username: ${{ secrets.USER }} | |
| password: ${{ secrets.PASSWORD }} | |
| key: ${{ secrets.KEY }} | |
| port: ${{ secrets.PORT }} | |
| source: 'release.zip' | |
| target: '/tmp/shiro' | |
| - name: Exec deploy script with SSH | |
| uses: appleboy/ssh-action@master | |
| with: | |
| command_timeout: 5m | |
| host: ${{ secrets.HOST }} | |
| username: ${{ secrets.USER }} | |
| password: ${{ secrets.PASSWORD }} | |
| key: ${{ secrets.KEY }} | |
| port: ${{ secrets.PORT }} | |
| script_stop: true | |
| script: | | |
| set -e | |
| source $HOME/.bashrc | |
| workdir=$HOME/shiro/${{ github.run_number }} | |
| mkdir -p $workdir | |
| mv /tmp/shiro/release.zip $workdir/release.zip | |
| rm -r /tmp/shiro | |
| cd $workdir | |
| # 其实用另一个临时文件去解压会更好,但是这里就这样了,后续可能会越来越大。 | |
| unzip -o $workdir/release.zip | |
| cp $HOME/shiro/.env $workdir/standalone/.env | |
| export NEXT_SHARP_PATH=$(npm root -g)/sharp | |
| # https://github.com/Unitech/pm2/issues/3054 | |
| cd $workdir/standalone | |
| pm2 stop $workdir/standalone/ecosystem.config.js && pm2 delete $workdir/standalone/ecosystem.config.js && pm2 start $workdir/standalone/ecosystem.config.js | |
| rm $workdir/release.zip | |
| echo "Deployed successfully" | |
| store: | |
| name: Store artifact commit version | |
| runs-on: ubuntu-latest | |
| needs: [deploy, build] | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| persist-credentials: false # otherwise, the token used is the GITHUB_TOKEN, instead of your personal token | |
| fetch-depth: 0 # otherwise, you will failed to push refs to dest repo | |
| # Get the commit version from the build job | |
| - name: Use outputs from build | |
| env: | |
| SHA_SHORT: ${{ needs.build.outputs.sha_short }} | |
| BRANCH: ${{ needs.build.outputs.branch }} | |
| run: | | |
| echo "SHA Short from build: $SHA_SHORT" | |
| echo "Branch from build: $BRANCH" | |
| - name: Write hash to file | |
| env: | |
| SHA_SHORT: ${{ needs.build.outputs.sha_short }} | |
| run: echo $SHA_SHORT > ${{ env.HASH_FILE }} | |
| - name: Commit files | |
| run: | | |
| git config --local user.email "41898282+github-actions[bot]@users.noreply.github.com" | |
| git config --local user.name "github-actions[bot]" | |
| git add ${{ env.HASH_FILE }} | |
| git commit -a -m "Update hash file" | |
| - name: Push changes | |
| uses: ad-m/github-push-action@master | |
| with: | |
| github_token: ${{ secrets.GITHUB_TOKEN }} | |
| branch: ${{ github.ref }} |