action

2026-03-02 15:25:42 +08:00
parent d74eb795c3
commit bb814061e7
1 changed files with 67 additions and 42 deletions
--- a/.gitea/workflows/deploy.yaml
+++ b/.gitea/workflows/deploy.yaml
@@ -10,17 +10,16 @@ jobs:
  deploy:
    runs-on: ubuntu
    steps:
-      # 直接使用 sshpass 连接服务器操作，完全绕过本地 Checkout 和 Node.js 环境依赖
-      # 因为我们的逻辑全部都在服务器上执行（git pull），所以本地 Runner 只需要能连上 SSH 即可
+      # 直接使用 expect 脚本处理交互，比 sshpass 更稳定，尤其是在 Alpine 上
      
      - name: Install dependencies
        run: |
          if command -v apt-get &> /dev/null; then
            apt-get update
-            apt-get install -y sshpass openssh-client
+            apt-get install -y expect openssh-client
          elif command -v apk &> /dev/null; then
            apk update
-            apk add sshpass openssh-client bash
+            apk add expect openssh-client bash
          else
            echo "Unknown package manager"
            exit 1
@@ -30,44 +29,70 @@ jobs:
        env:
          HOST: "6.6.6.66"
          USER: "quant-speed"
-          SSHPASS: "123quant-speed" # sshpass 使用 SSHPASS 环境变量
-          # 目标目录
+          PASS: "123quant-speed"
          TARGET_DIR: "/home/quant-speed/data/dev/ESP32_GDEY042T81_server"
        run: |
-          # 远程执行部署命令
-          # 使用 -e 从环境变量读取密码，避免特殊字符问题
-          # 添加 -o UserKnownHostsFile=/dev/null 避免 host key 问题
-          sshpass -e ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null $USER@$HOST "bash -s" <<EOF
-            # 确保目标目录存在
-            mkdir -p $TARGET_DIR
-            cd $TARGET_DIR
+          # 创建 expect 脚本
+          cat > deploy_script.exp <<EOF
+          #!/usr/bin/expect -f
          
-            # 记录当前 HEAD，用于后续 diff
-            OLD_HEAD=\$(git rev-parse HEAD 2>/dev/null || echo "")
+          set timeout 300
+          set host "$HOST"
+          set user "$USER"
+          set password "$PASS"
+          set target_dir "$TARGET_DIR"
          
-            # 拉取最新代码
-            echo "正在拉取最新代码..."
-            git pull || { echo "Git pull failed"; exit 1; }
+          spawn ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null \$user@\$host "bash -s"
          
-            NEW_HEAD=\$(git rev-parse HEAD)
+          expect {
+              "yes/no" { send "yes\r"; exp_continue }
+              "password:" { send "\$password\r" }
+          }
          
-            # 检查是否有代码更新
-            if [ "\$OLD_HEAD" == "\$NEW_HEAD" ]; then
-                echo "代码没有变化，无需重启"
-                exit 0
-            fi
+          # 发送远程命令
+          # 注意：这里的 EOF 结束符不能缩进
+          send "mkdir -p \$target_dir\r"
+          send "cd \$target_dir\r"
          
-            # 检查是否需要重新构建镜像 (Dockerfile 或 requirements.txt 变动)
-            # 使用 git diff 检查此次 pull 更新的文件列表
-            if git diff --name-only \$OLD_HEAD \$NEW_HEAD | grep -E 'Dockerfile|requirements.txt'; then
-                echo "检测到构建文件变动，开始重新构建镜像..."
-                echo "$SSHPASS" | sudo -S docker compose down --rmi local
-                # 确保清理干净
-                echo "$SSHPASS" | sudo -S docker rmi epaper_server:latest || true
-                echo "$SSHPASS" | sudo -S docker compose up -d --build
-            else
-                echo "仅代码变动，无需重新构建镜像，重启容器..."
-                echo "$SSHPASS" | sudo -S docker compose down
-                echo "$SSHPASS" | sudo -S docker compose up -d
-            fi
+          # 记录旧版本号
+          send "OLD_HEAD=\\\$(git rev-parse HEAD 2>/dev/null || echo '')\r"
+          
+          # 拉取代码
+          send "echo 'Pulling latest code...'\r"
+          send "git pull\r"
+          
+          # 检查拉取是否成功
+          expect {
+              "Already up to date." { send "echo 'Code is up to date'\r" }
+              "Updating" { send "echo 'Code updated'\r" }
+              timeout { puts "Git pull timeout"; exit 1 }
+          }
+          
+          # 获取新版本号
+          send "NEW_HEAD=\\\$(git rev-parse HEAD)\r"
+          
+          # 判断是否需要构建
+          send "if \[ \\\"\\\$OLD_HEAD\\\" == \\\"\\\$NEW_HEAD\\\" \]; then\r"
+          send "  echo 'No changes detected, skipping deploy'\r"
+          send "else\r"
+          # 检查构建文件变动
+          send "  if git diff --name-only \\\$OLD_HEAD \\\$NEW_HEAD | grep -E 'Dockerfile|requirements.txt'; then\r"
+          send "    echo 'Build files changed, rebuilding...'\r"
+          send "    echo '\$password' | sudo -S docker compose down --rmi local\r"
+          send "    echo '\$password' | sudo -S docker rmi epaper_server:latest || true\r"
+          send "    echo '\$password' | sudo -S docker compose up -d --build\r"
+          send "  else\r"
+          send "    echo 'Only code changed, restarting container...'\r"
+          send "    echo '\$password' | sudo -S docker compose down\r"
+          send "    echo '\$password' | sudo -S docker compose up -d\r"
+          send "  fi\r"
+          send "fi\r"
+          
+          # 退出 SSH
+          send "exit\r"
+          expect eof
          EOF
+          
+          # 执行 expect 脚本
+          chmod +x deploy_script.exp
+          ./deploy_script.exp