feat(admin): 泛化 /api/admin/devtool-check 给所有 admin-only 工具复用 (#15) #44
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: 构建并部署后端 | |
| on: | |
| push: | |
| branches: [main] | |
| workflow_dispatch: | |
| jobs: | |
| deploy: | |
| name: 在服务器上编译并部署 | |
| runs-on: ubuntu-latest | |
| environment: production | |
| steps: | |
| - name: 检出代码 | |
| uses: actions/checkout@v4 | |
| - name: 将源码同步到服务器 | |
| uses: appleboy/scp-action@v0.1.7 | |
| with: | |
| host: ${{ secrets.SERVER_HOST }} | |
| username: ${{ secrets.SERVER_USER }} | |
| key: ${{ secrets.SERVER_SSH_KEY }} | |
| source: "." | |
| target: "/home/ubuntu/involution-hell" | |
| - name: 在服务器上构建并启动 | |
| uses: appleboy/ssh-action@v1 | |
| with: | |
| host: ${{ secrets.SERVER_HOST }} | |
| username: ${{ secrets.SERVER_USER }} | |
| key: ${{ secrets.SERVER_SSH_KEY }} | |
| # 命令超时设长一点,Native Image 编译需要时间 | |
| command_timeout: 30m | |
| script: | | |
| cd /home/ubuntu/involution-hell | |
| # 保存当前镜像为回滚备份(首次部署时镜像可能不存在,忽略错误) | |
| docker tag involutionhell-backend:latest involutionhell-backend:rollback 2>/dev/null || true | |
| # 构建新镜像(失败则整个 workflow 标红,旧容器不受影响) | |
| docker build -t involutionhell-backend:latest . | |
| # 用新镜像重启服务。 | |
| # --force-recreate 是必须的:compose 看 image 名(始终是 :latest)没变就不会重建容器, | |
| # 结果 CI 的 docker build 虽然把 :latest 标签指向新 sha,但运行中容器仍绑死老 sha, | |
| # 部署一直 "success" 但实际 JAR 没换。用 --force-recreate backend 强制销毁重建。 | |
| docker compose up -d --remove-orphans --force-recreate backend | |
| # 等待服务启动,最多 60 秒 | |
| echo "等待服务健康检查..." | |
| for i in $(seq 1 12); do | |
| if docker exec involution-hell-backend curl -fsS "http://127.0.0.1:8080/actuator/health" | grep -q '"status":"UP"'; then | |
| echo "✅ 部署成功,服务正常运行" | |
| exit 0 | |
| fi | |
| echo "第 $i 次检查未就绪,5 秒后重试..." | |
| sleep 5 | |
| done | |
| # 健康检查失败:先把新容器的日志打印出来,方便在 GitHub Actions 日志里定位问题 | |
| echo "========== 新容器 docker logs(最近 300 行) ==========" | |
| docker logs --tail=300 involution-hell-backend 2>&1 || true | |
| echo "========== docker compose ps ==========" | |
| docker compose ps 2>&1 || true | |
| echo "========== 容器 inspect(State + ExitCode) ==========" | |
| docker inspect --format='State: {{.State.Status}} ExitCode: {{.State.ExitCode}} Error: {{.State.Error}}' involution-hell-backend 2>&1 || true | |
| echo "========== 最后的 restart 原因 ==========" | |
| docker inspect involution-hell-backend 2>&1 | grep -A3 'RestartCount\|OOMKilled\|Error' | head -20 || true | |
| # 用备份镜像回滚 | |
| echo "❌ 健康检查失败,正在回滚到上一个版本..." | |
| docker tag involutionhell-backend:rollback involutionhell-backend:latest | |
| # 回滚同样需要 --force-recreate:rollback tag 覆盖回 latest 后 image 名依旧是 :latest, | |
| # compose 看不出变化就不会重建容器,运行中容器仍绑死着失败那版的 sha,回滚等于没回。 | |
| # --no-deps 避免顺带重建 postgres 等依赖服务,减小爆炸半径。 | |
| docker compose up -d --remove-orphans --force-recreate --no-deps backend | |
| echo "回滚完成,workflow 标红以提示本次部署失败" | |
| exit 1 |