zhilv
abcfcf7b33
- 工作流发布步骤改为显式使用仓库密钥 RELEASE_TOKEN - 去掉发布脚本对 404 的吞错处理,改回明确暴露真实权限或接口错误 - 便于验证当前自定义 token 是否具备 Gitea Release 创建与附件上传权限
149 lines
5.8 KiB
YAML
149 lines
5.8 KiB
YAML
name: 发布 Linux 二进制
|
|
|
|
on:
|
|
push:
|
|
tags:
|
|
- "v*"
|
|
|
|
jobs:
|
|
release-linux-x86_64:
|
|
runs-on: runner_admin
|
|
steps:
|
|
- name: 检出代码
|
|
env:
|
|
GITEA_TOKEN: ${{ secrets.GITEA_TOKEN }}
|
|
GIT_TERMINAL_PROMPT: "0"
|
|
run: |
|
|
set -eux
|
|
SERVER_URL="${GITHUB_SERVER_URL:-${GITEA_SERVER_URL:-https://gitea.kmux.cn}}"
|
|
REPOSITORY="${GITHUB_REPOSITORY:-${GITEA_REPOSITORY:-}}"
|
|
TAG="${GITHUB_REF_NAME:-${GITEA_REF_NAME:-}}"
|
|
if [ -z "$REPOSITORY" ]; then
|
|
echo "无法识别触发仓库"
|
|
env | sort
|
|
exit 1
|
|
fi
|
|
if [ -z "$TAG" ] && [ -n "${GITHUB_REF:-}" ]; then
|
|
TAG="${GITHUB_REF##*/}"
|
|
fi
|
|
if [ -z "$TAG" ]; then
|
|
echo "无法识别触发标签"
|
|
env | sort
|
|
exit 1
|
|
fi
|
|
CLONE_URL="${SERVER_URL%/}/${REPOSITORY}.git"
|
|
printf '%s' "$TAG" > /tmp/lightops-release-tag
|
|
rm -rf lightops-src
|
|
if [ -n "${GITEA_TOKEN:-}" ]; then
|
|
AUTH_HEADER="Authorization: Basic $(printf 'oauth2:%s' "$GITEA_TOKEN" | base64 | tr -d '\n')"
|
|
git -c http.extraHeader="$AUTH_HEADER" clone --branch "$TAG" --depth 1 --single-branch "$CLONE_URL" lightops-src
|
|
else
|
|
git clone --branch "$TAG" --depth 1 --single-branch "$CLONE_URL" lightops-src
|
|
fi
|
|
cd lightops-src
|
|
git rev-parse --verify HEAD
|
|
|
|
- name: 安装系统依赖
|
|
run: |
|
|
set -eux
|
|
if command -v apt-get >/dev/null 2>&1; then
|
|
apt-get update
|
|
apt-get install -y build-essential pkg-config sqlite3 curl tar ca-certificates nodejs npm rustc cargo
|
|
elif command -v dnf >/dev/null 2>&1; then
|
|
dnf install -y gcc gcc-c++ make pkgconf-pkg-config sqlite curl tar ca-certificates nodejs npm rust cargo
|
|
elif command -v yum >/dev/null 2>&1; then
|
|
yum install -y gcc gcc-c++ make pkgconfig sqlite curl tar ca-certificates nodejs npm rust cargo
|
|
elif command -v pacman >/dev/null 2>&1; then
|
|
pacman -Sy --noconfirm base-devel pkgconf sqlite curl tar ca-certificates nodejs npm rust cargo
|
|
fi
|
|
|
|
- name: 安装 Rust
|
|
run: |
|
|
set -eux
|
|
PATH_BASE="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
|
|
PATH_EXTRA=""
|
|
OLD_IFS="$IFS"
|
|
IFS=':'
|
|
set -- $PATH
|
|
IFS="$OLD_IFS"
|
|
for entry in "$@"; do
|
|
[ -n "$entry" ] || continue
|
|
[ "$entry" = "$HOME/.cargo/bin" ] && continue
|
|
case ":$PATH_BASE:$PATH_EXTRA:" in
|
|
*":$entry:"*) continue ;;
|
|
esac
|
|
PATH_EXTRA="${PATH_EXTRA:+$PATH_EXTRA:}$entry"
|
|
done
|
|
export PATH="$PATH_BASE${PATH_EXTRA:+:$PATH_EXTRA}"
|
|
if ! command -v cargo >/dev/null 2>&1 || ! command -v rustc >/dev/null 2>&1; then
|
|
[ -f "$HOME/.cargo/env" ] && . "$HOME/.cargo/env"
|
|
fi
|
|
if ! command -v cargo >/dev/null 2>&1 || ! command -v rustc >/dev/null 2>&1; then
|
|
curl --proto '=https' --tlsv1.2 -fsSL https://sh.rustup.rs | sh -s -- -y --profile minimal
|
|
. "$HOME/.cargo/env"
|
|
fi
|
|
HOST_TARGET="$(rustc -vV | sed -n 's/^host: //p')"
|
|
BUILD_TARGET="$HOST_TARGET"
|
|
if [ "$HOST_TARGET" != "x86_64-unknown-linux-gnu" ] && command -v rustup >/dev/null 2>&1; then
|
|
if rustup target list --installed | grep -qx 'x86_64-unknown-linux-gnu' && command -v x86_64-linux-gnu-gcc >/dev/null 2>&1; then
|
|
BUILD_TARGET="x86_64-unknown-linux-gnu"
|
|
fi
|
|
fi
|
|
printf '%s' "$BUILD_TARGET" > /tmp/lightops-build-target
|
|
echo "使用 Rust 构建目标: $BUILD_TARGET"
|
|
rustc -V
|
|
cargo -V
|
|
|
|
- name: 构建发布包
|
|
run: |
|
|
set -eux
|
|
PATH_BASE="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
|
|
PATH_EXTRA=""
|
|
OLD_IFS="$IFS"
|
|
IFS=':'
|
|
set -- $PATH
|
|
IFS="$OLD_IFS"
|
|
for entry in "$@"; do
|
|
[ -n "$entry" ] || continue
|
|
[ "$entry" = "$HOME/.cargo/bin" ] && continue
|
|
case ":$PATH_BASE:$PATH_EXTRA:" in
|
|
*":$entry:"*) continue ;;
|
|
esac
|
|
PATH_EXTRA="${PATH_EXTRA:+$PATH_EXTRA:}$entry"
|
|
done
|
|
export PATH="$PATH_BASE${PATH_EXTRA:+:$PATH_EXTRA}"
|
|
if ! command -v cargo >/dev/null 2>&1 || ! command -v rustc >/dev/null 2>&1; then
|
|
[ -f "$HOME/.cargo/env" ] && . "$HOME/.cargo/env"
|
|
fi
|
|
cd lightops-src
|
|
TAG="$(cat /tmp/lightops-release-tag)"
|
|
VERSION="${TAG#v}"
|
|
BUILD_TARGET="$(cat /tmp/lightops-build-target 2>/dev/null || true)"
|
|
if [ -z "$BUILD_TARGET" ]; then
|
|
BUILD_TARGET="$(rustc -vV | sed -n 's/^host: //p')"
|
|
fi
|
|
echo "构建发布目标: $BUILD_TARGET"
|
|
bash scripts/build-release.sh --version "$VERSION" --target "$BUILD_TARGET"
|
|
|
|
- name: 发布到 Gitea Release
|
|
env:
|
|
GITEA_TOKEN: ${{ secrets.RELEASE_TOKEN }}
|
|
run: |
|
|
set -eux
|
|
SERVER_URL="${GITHUB_SERVER_URL:-${GITEA_SERVER_URL:-https://gitea.kmux.cn}}"
|
|
REPOSITORY="${GITHUB_REPOSITORY:-${GITEA_REPOSITORY:-}}"
|
|
GITEA_URL="${SERVER_URL%/}"
|
|
GITEA_OWNER="${REPOSITORY%%/*}"
|
|
GITEA_REPO="${REPOSITORY#*/}"
|
|
cd lightops-src
|
|
TAG="$(cat /tmp/lightops-release-tag)"
|
|
TARGET_SHA="$(git rev-parse HEAD)"
|
|
bash scripts/publish-gitea-release.sh \
|
|
--tag "$TAG" \
|
|
--title "LightOps ${TAG}" \
|
|
--target "$TARGET_SHA" \
|
|
--no-create-tag \
|
|
--no-push-tag \
|
|
--package target/releases/*.tar.gz \
|
|
--package target/releases/*.tar.gz.sha256
|