66 lines
2.6 KiB
YAML
66 lines
2.6 KiB
YAML
name: Auto Deploy NeoBot (FRP + SSH 密码登录)
|
||
on:
|
||
push:
|
||
branches: [ main ]
|
||
workflow_dispatch:
|
||
|
||
jobs:
|
||
deploy-to-server:
|
||
environment: ENV
|
||
runs-on: ubuntu-latest
|
||
timeout-minutes: 10 # 防超时堵塞
|
||
steps:
|
||
# ========== 1. 检查环境密钥配置 ==========
|
||
- name: 检查环境密钥配置
|
||
run: |
|
||
echo "✅ 已关联环境: ${{ github.environment }}"
|
||
# 仅检查密码登录必需的3个密钥
|
||
echo "✅ PROD_SERVER_HOST 密钥是否存在: ${{ secrets.PROD_SERVER_HOST != '' }}"
|
||
echo "✅ PROD_SERVER_USER 密钥是否存在: ${{ secrets.PROD_SERVER_USER != '' }}"
|
||
echo "✅ PROD_SERVER_PASS 密钥是否存在: ${{ secrets.PROD_SERVER_PASS != '' }}"
|
||
|
||
# ========== 2. 安装 sshpass(密码登录必需) ==========
|
||
- name: 安装 sshpass 工具
|
||
run: |
|
||
sudo apt-get update && sudo apt-get install -y sshpass
|
||
|
||
# ========== 3. 密码登录服务器 + 执行部署 ==========
|
||
- name: 执行FRP穿透部署(用户名+密码登录)
|
||
id: ssh_deploy_step
|
||
continue-on-error: true
|
||
run: |
|
||
# 核心:sshpass 实现密码登录,-p 8000 是FRP转发端口
|
||
sshpass -p "${{ secrets.PROD_SERVER_PASS }}" \
|
||
ssh -o StrictHostKeyChecking=no -p 8000 ${{ secrets.PROD_SERVER_USER }}@${{ secrets.PROD_SERVER_HOST }} << 'EOF'
|
||
set -e
|
||
# 适配NeoBot项目:更新依赖+重启systemd服务
|
||
cd /home/k/NeoBot
|
||
pip install -r requirements.txt --upgrade --timeout 300 --only-binary=:all:
|
||
sudo systemctl daemon-reload
|
||
sudo systemctl restart neobot
|
||
# 验证服务状态
|
||
if ! sudo systemctl is-active --quiet neobot; then
|
||
echo "❌ NeoBot服务启动失败,最后10行日志:"
|
||
sudo journalctl -u neobot -n 10 --no-pager
|
||
exit 1
|
||
fi
|
||
echo "✅ NeoBot服务重启成功"
|
||
EOF
|
||
|
||
# ========== 4. 判定最终部署结果 ==========
|
||
- name: 判定最终部署结果
|
||
run: |
|
||
if [ ${{ steps.ssh_deploy_step.outcome }} = 'success' ]; then
|
||
echo "✅ 最终部署成功!已更新依赖并重启NeoBot systemd服务"
|
||
exit 0
|
||
else
|
||
echo "❌ 最终部署失败!核心SSH部署步骤执行出错"
|
||
exit 1
|
||
fi
|
||
|
||
# ========== 5. 部署失败通知(可选) ==========
|
||
- name: 部署失败通知(可选)
|
||
if: failure()
|
||
run: |
|
||
echo "⚠️ 部署失败,可在此添加钉钉/企业微信通知逻辑"
|