添加 .gitea/workflows/build-prod.yaml

.gitea/workflows/build-prod.yaml

@@ -0,0 +1,111 @@
+name: rn-h5-prod
+
+on:
+  push:
+    tags: ['v*']
+
+jobs:
+  build-and-push:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+        with:
+          driver-opts: |
+            network=host
+          buildkitd-flags: |
+            --allow-insecure-entitlement security.insecure
+
+      - name: Log in to container registry
+        uses: docker/login-action@v3
+        with:
+          registry: 626064810415.dkr.ecr.us-west-1.amazonaws.com
+          username: ${{ secrets.PROD_DOCKER_USERNAME }}
+          password: ${{ secrets.PROD_DOCKER_PASSWORD }}
+
+      - name: Extract tag name
+        id: tag
+        run: echo "TAG=${GITHUB_REF#refs/tags/}" >> $GITHUB_OUTPUT
+
+      - name: Build Docker image
+        run: |
+          docker build -t 626064810415.dkr.ecr.us-west-1.amazonaws.com/raveai/rn-h5:${{ steps.tag.outputs.TAG }} .
+
+      - name: Push Docker image
+        run: |
+          docker push 626064810415.dkr.ecr.us-west-1.amazonaws.com/raveai/rn-h5:${{ steps.tag.outputs.TAG }}
+        env:
+          DOCKER_CONTENT_TRUST: 0
+
+  deploy:
+    runs-on: ubuntu-latest
+    needs: build-and-push
+    environment: test
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Extract tag name
+        id: tag
+        run: echo "TAG=${GITHUB_REF#refs/tags/}" >> $GITHUB_OUTPUT
+
+      - name: Copy files and deploy via SSH
+        uses: appleboy/scp-action@v0.1.3
+        with:
+          host: ${{ secrets.PROD_SERVER_HOST }}
+          username: ${{ secrets.PROD_SERVER_USERNAME }}
+          key: ${{ secrets.PROD_SERVER_KEY }}
+          port: 22
+          source: "docker-compose.yaml"
+          target: "/home/ubuntu/docker-compose/rn-h5"
+          override: true
+
+      - name: Deploy with Docker Compose
+        uses: appleboy/ssh-action@v1.0.3
+        with:
+          host: ${{ secrets.PROD_SERVER_HOST }}
+          username: ${{ secrets.PROD_SERVER_USERNAME }}
+          key: ${{ secrets.PROD_SERVER_KEY }}
+          port: 22
+          script: |
+            # 切换到项目目录
+            cd /home/ubuntu/docker-compose/rn-h5
+            
+            aws ecr get-login-password --region us-west-1 | docker login --username AWS --password-stdin 626064810415.dkr.ecr.us-west-1.amazonaws.com
+            
+            # 拉取指定tag的镜像
+            docker pull 626064810415.dkr.ecr.us-west-1.amazonaws.com/raveai/rn-h5:${{ steps.tag.outputs.TAG }}
+            
+            TAG=${{ steps.tag.outputs.TAG }} docker compose down
+            TAG=${{ steps.tag.outputs.TAG }} docker compose up -d
+  
+
+  cleanup:
+    runs-on: ubuntu-latest
+    needs: deploy
+    if: always()
+
+    steps:
+      - name: Clean up Docker resources on server
+        uses: appleboy/ssh-action@v1.0.3
+        with:
+          host: ${{ secrets.PROD_SERVER_HOST }}
+          username: ${{ secrets.PROD_SERVER_USERNAME }}
+          key: ${{ secrets.PROD_SERVER_KEY }}
+          port: 22
+          script: |
+            docker image prune -f
+            docker container prune -f
+            docker builder prune -f
+            docker network prune -f
+            echo "Cleanup completed!"
+
+      - name: Clean up GitHub Actions workspace
+        run: |
+          echo "Cleaning up GitHub Actions workspace..."
+          docker system df