name: Auto Deploy NeoBot (FRP + SSH 密码登录) on: push: branches: [ main ] workflow_dispatch: jobs: deploy-to-server: environment: ENV runs-on: ubuntu-latest timeout-minutes: 10 # 防超时堵塞 steps: # ========== 1. 检查环境密钥配置 ========== - name: 检查环境密钥配置 run: | echo "✅ 已关联环境: ${{ github.environment }}" # 仅检查密码登录必需的3个密钥 echo "✅ PROD_SERVER_HOST 密钥是否存在: ${{ secrets.PROD_SERVER_HOST != '' }}" echo "✅ PROD_SERVER_USER 密钥是否存在: ${{ secrets.PROD_SERVER_USER != '' }}" echo "✅ PROD_SERVER_PASS 密钥是否存在: ${{ secrets.PROD_SERVER_PASS != '' }}" # ========== 2. 安装 sshpass(密码登录必需) ========== - name: 安装 sshpass 工具 run: | sudo apt-get update && sudo apt-get install -y sshpass # ========== 3. 密码登录服务器 + 执行部署 ========== - name: 执行FRP穿透部署(用户名+密码登录) id: ssh_deploy_step continue-on-error: true run: | # 核心:sshpass 实现密码登录,-p 8000 是FRP转发端口 sshpass -p "${{ secrets.PROD_SERVER_PASS }}" \ ssh -o StrictHostKeyChecking=no -p 8000 ${{ secrets.PROD_SERVER_USER }}@${{ secrets.PROD_SERVER_HOST }} << 'EOF' set -e # 适配NeoBot项目:更新依赖+重启systemd服务 cd /home/k/NeoBot pip install -r requirements.txt --upgrade --timeout 300 --only-binary=:all: sudo systemctl daemon-reload sudo systemctl restart neobot # 验证服务状态 if ! sudo systemctl is-active --quiet neobot; then echo "❌ NeoBot服务启动失败,最后10行日志:" sudo journalctl -u neobot -n 10 --no-pager exit 1 fi echo "✅ NeoBot服务重启成功" EOF # ========== 4. 判定最终部署结果 ========== - name: 判定最终部署结果 run: | if [ ${{ steps.ssh_deploy_step.outcome }} = 'success' ]; then echo "✅ 最终部署成功!已更新依赖并重启NeoBot systemd服务" exit 0 else echo "❌ 最终部署失败!核心SSH部署步骤执行出错" exit 1 fi # ========== 5. 部署失败通知(可选) ========== - name: 部署失败通知(可选) if: failure() run: | echo "⚠️ 部署失败,可在此添加钉钉/企业微信通知逻辑"