K2CrO4/NeoBot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update main.yml

Browse Source
This commit is contained in:
镀铬酸钾
2026-01-23 01:10:58 +08:00
committed by GitHub
parent bd283cde48
commit 8be60d7086
1 changed files with 35 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

62
.github/workflows/main.yml vendored
View File

@@ -15,47 +15,55 @@ on:
jobs: jobs:
deploy: deploy:
runs-on: ubuntu-latest runs-on: ubuntu-latest
environment: SSH-KEY environment: SSH-KEY # 确保该环境配置了KEY、PASSPHRASE、SERVER_USER、SERVER_ADDRESS等变量
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
- name: 安装依赖工具 - name: 安装依赖工具
run: sudo apt-get install -y sshpass expect run: |
# 移除sshpass不再使用密码登录保留expect用于处理密钥密码
sudo apt-get update
sudo apt-get install -y expect
- name: 配置SSH密钥并启动ssh-agent
run: |
# 创建SSH目录并设置正确权限
mkdir -p ~/.ssh
chmod 700 ~/.ssh
# 将GitHub Secrets中的KEY写入私钥文件
echo "${{ secrets.KEY }}" > ~/.ssh/id_rsa
chmod 600 ~/.ssh/id_rsa # SSH密钥必须是600权限否则会被拒绝
# 启动ssh-agent并加载密钥处理密钥密码
eval $(ssh-agent -s)
expect -c "
spawn ssh-add ~/.ssh/id_rsa
expect \"Enter passphrase for /home/runner/.ssh/id_rsa:\"
send \"${{ secrets.PASSPHRASE }}\r\"
expect eof
"
# 禁用StrictHostKeyChecking避免首次连接的确认提示
echo "StrictHostKeyChecking no" >> ~/.ssh/config
chmod 600 ~/.ssh/config
- name: 执行部署 - name: 执行部署
run: | run: |
sshpass -p "${{ secrets.SERVER_PASSWORD }}" ssh -o StrictHostKeyChecking=no -p 42422 ${{ secrets.SERVER_USER }}@${{ secrets.SERVER_ADDRESS }} ' # 使用SSH密钥登录服务器不再需要sshpass
ssh -p 42422 ${{ secrets.SERVER_USER }}@${{ secrets.SERVER_ADDRESS }} '
set -ex set -ex
echo "=== 部署调试信息开始 ===" echo "=== 部署调试信息开始 ==="
echo "测试sudo权限..." echo "测试sudo权限..."
# 注意这里仍需要服务器用户密码如果sudo需要请确保secrets.SERVER_PASSWORD已配置
echo "${{ secrets.SERVER_PASSWORD }}" | sudo -S whoami echo "${{ secrets.SERVER_PASSWORD }}" | sudo -S whoami
echo "停止服务..." echo "停止服务..."
echo "${{ secrets.SERVER_PASSWORD }}" | sudo -S systemctl stop neobot.service echo "${{ secrets.SERVER_PASSWORD }}" | sudo -S systemctl stop neobot.service
echo "修复文件权限..." echo "修复文件权限..."
echo "${{ secrets.SERVER_PASSWORD }}" | sudo -S chown -R ${{ secrets.SERVER_USER }}:${{ secrets.SERVER_USER }} /home/luoxiaolei/neobot/NeoBot echo "${{ secrets.SERVER_PASSWORD }}" | sudo -S chown -R ${{ secrets.SERVER_USER }}:${{ secrets.SERVER_USER }} /home/luoxiaolei/neobot/NeoBot
cd /home/luoxiaolei/neobot/NeoBot cd /home/luoxiaolei/neobot/NeoBot
echo "配置Git安全目录..." echo "拉取最新代码服务器本地已有GitHub密钥..."
git config --global --add safe.directory /home/luoxiaolei/neobot/NeoBot git pull origin main
echo "检查Git配置..."
git config --global --list | grep -i "safe.directory"
echo "检查Git远程仓库..."
git remote -v
echo "检查SSH配置..."
echo "当前用户: $(whoami)"
echo "家目录: $HOME"
echo "检查SSH密钥..."
ls -la ~/.ssh/ 2>/dev/null || echo "没有SSH目录"
echo "检查SSH代理..."
ssh-add -l 2>/dev/null || echo "SSH代理没有密钥"
echo "测试GitHub SSH连接..."
ssh -T git@github.com 2>&1 || echo "SSH连接测试失败"
echo "拉取最新代码..."
# 设置Git超时时间并禁用主机密钥检查
GIT_SSH_COMMAND="ssh -o ConnectTimeout=30 -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o GlobalKnownHostsFile=/dev/null"
export GIT_SSH_COMMAND
echo "环境变量 GIT_SSH_COMMAND: $GIT_SSH_COMMAND"
echo "尝试拉取代码(详细模式)..."
GIT_TRACE=1 GIT_SSH_COMMAND="ssh -o ConnectTimeout=30 -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o GlobalKnownHostsFile=/dev/null" git pull origin main 2>&1
echo "启动服务..." echo "启动服务..."
echo "${{ secrets.SERVER_PASSWORD }}" | sudo -S systemctl start neobot.service echo "${{ secrets.SERVER_PASSWORD }}" | sudo -S systemctl start neobot.service
echo "检查服务状态..." echo "检查服务状态..."
@@ -63,10 +71,10 @@ jobs:
echo "部署完成!" echo "部署完成!"
echo "=== 部署调试信息结束 ===" echo "=== 部署调试信息结束 ==="
' '
continue-on-error: true continue-on-error: false # 部署失败时直接终止,便于排查问题
- name: 检查部署状态 - name: 检查部署状态
if: failure() if: failure()
run: | run: |
echo "部署失败!请检查服务器日志。" echo "部署失败!请检查服务器日志和Actions执行日志。"
exit 1 exit 1