@@ -7,27 +7,27 @@ jobs:
|
||||
deploy:
|
||||
runs-on: ubuntu-latest
|
||||
env:
|
||||
# 从组织级Secrets读取,不用在仓库重复配置
|
||||
K3S_HOST: ${{ secrets.K3S_HOST }}
|
||||
APP_NAME: ${{ gitea.repo_name }}
|
||||
REPO_URL: ${{ gitea.repository.clone_url }}
|
||||
REF: ${{ gitea.ref_name }}
|
||||
steps:
|
||||
- name: 本地克隆代码
|
||||
run: |
|
||||
# 先创建临时目录
|
||||
mkdir -p ./temp
|
||||
# 克隆到临时目录
|
||||
git clone --depth 1 --branch $REF $REPO_URL ./temp
|
||||
# 把临时目录的文件移动到当前目录
|
||||
mv ./temp/* ./
|
||||
# 删除临时目录
|
||||
rm -rf ./temp
|
||||
- name: 拉取代码
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: SSH部署K3s
|
||||
run: |
|
||||
mkdir -p ~/.ssh
|
||||
# 写入组织配置的SSH私钥
|
||||
echo "${{ secrets.K3S_SSH_KEY }}" > k3s.pem
|
||||
chmod 600 k3s.pem
|
||||
# 调试:验证私钥是否正确写入
|
||||
echo "私钥文件权限:"
|
||||
ls -l k3s.pem
|
||||
echo "私钥头部(仅前5行):"
|
||||
head -5 k3s.pem
|
||||
# 测试连接(会输出服务器主机名和kubectl版本)
|
||||
ssh -i k3s.pem -o StrictHostKeyChecking=no -o ConnectTimeout=10 root@${K3S_HOST} "hostname && kubectl version --client"
|
||||
# 正式执行部署命令
|
||||
ssh -i k3s.pem -o StrictHostKeyChecking=no root@${K3S_HOST} << CMD
|
||||
kubectl apply -f /k8s/deploy.yaml
|
||||
kubectl rollout restart deployment ${APP_NAME}
|
||||
|
||||
Reference in New Issue
Block a user