mirrors/nocobase
1
0
Fork 0
mirror of https://github.com/nocobase/nocobase synced 2024-11-15 06:46:38 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

chore: optimize pro image build ci (#5140)

Browse Source 
* chore: optimize pro image build ci

* chore: update

* chore: update

* fix: branch
This commit is contained in:
YANG QIA 2024-08-27 06:46:25 +08:00 committed by GitHub
parent 7c28f4d066
commit 685f0764f1
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
4 changed files with 91 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
.github/workflows/build-pro-image.yml vendored
View File

@ -15,8 +15,12 @@ on:
- '.github/workflows/build-pro-image.yml' - '.github/workflows/build-pro-image.yml'
jobs: jobs:
build-and-push: app-token:
if: github.event.pull_request.head.repo.fork != true if: github.event.pull_request.head.repo.fork != true
uses: nocobase/nocobase/.github/workflows/get-nocobase-app-token.yml@main
secrets: inherit
build-and-push:
needs: app-token
runs-on: ubuntu-latest runs-on: ubuntu-latest
services: services:
verdaccio: verdaccio:
@ -24,10 +28,18 @@ jobs:
ports: ports:
- 4873:4873 - 4873:4873
steps: steps:
- name: Decrypt app token
id: app-token
shell: bash
run: |
ENCRYPTED_SECRET=${{ needs.app-token.outputs.token }};
BINARY_ENCRYPTED_SECRET=$(echo -n "$ENCRYPTED_SECRET" | base64 --decode);
APP_TOKEN=$(echo -n "$BINARY_ENCRYPTED_SECRET" | openssl enc -aes-256-cbc -pbkdf2 -d -salt -k "${{ secrets.APP_TOKEN_ENCRYPTION_PASSWORD }}");
echo "token=$APP_TOKEN" >> $GITHUB_OUTPUT
- name: Checkout - name: Checkout
uses: actions/checkout@v3 uses: actions/checkout@v3
with: with:
ssh-key: ${{ secrets.SUBMODULE_SSH_KEY }} token: ${{ steps.app-token.outputs.token }}
submodules: true submodules: true
- name: Checkout pro-plugins - name: Checkout pro-plugins
uses: actions/checkout@v3 uses: actions/checkout@v3
@ -36,7 +48,14 @@ jobs:
ref: main ref: main
path: packages/pro-plugins path: packages/pro-plugins
fetch-depth: 0 fetch-depth: 0
ssh-key: ${{ secrets.SUBMODULE_SSH_KEY }} token: ${{ steps.app-token.outputs.token }}
- name: Clone pro repos
shell: bash
run: |
for repo in ${{ join(fromJSON(vars.PRO_PLUGIN_REPOS), ' ') }}
do
git clone -b main https://x-access-token:${{ steps.app-token.outputs.token }}@github.com/nocobase/$repo.git packages/pro-plugins/@nocobase/$repo
done
- run: | - run: |
cd packages/pro-plugins && cd packages/pro-plugins &&
if git show-ref --quiet refs/remotes/origin/${{ github.head_ref || github.ref_name }}; then if git show-ref --quiet refs/remotes/origin/${{ github.head_ref || github.ref_name }}; then
@ -48,8 +67,30 @@ jobs:
git checkout main git checkout main
fi fi
fi fi
- run: |
for repo in ${{ join(fromJSON(vars.PRO_PLUGIN_REPOS), ' ') }}
do
cd ./packages/pro-plugins/@nocobase/$repo
if git show-ref --quiet refs/remotes/origin/${{ github.head_ref || github.ref_name }}; then
git checkout ${{ github.head_ref || github.ref_name }}
else
if git show-ref --quiet refs/remotes/origin/${{ github.event.pull_request.base.ref }}; then
git checkout ${{ github.event.pull_request.base.ref }}
else
git checkout main
fi
fi
cd ../../../../
done
- name: rm .git - name: rm .git
run: rm -rf packages/pro-plugins/.git && git config --global user.email "you@example.com" && git config --global user.name "Your Name" && git add -A && git commit -m "tmp commit" run: |
rm -rf packages/pro-plugins/.git
for repo in ${{ join(fromJSON(vars.PRO_PLUGIN_REPOS), ' ') }}
do
rm -rf packages/pro-plugins/@nocobase/$repo/.git
done
git config --global user.email "you@example.com"
git config --global user.name "Your Name" && git add -A && git commit -m "tmp commit"
- name: Set up QEMU - name: Set up QEMU
uses: docker/setup-qemu-action@v2 uses: docker/setup-qemu-action@v2
- name: Set up Docker Buildx - name: Set up Docker Buildx

34
.github/workflows/manual-build-pro-image.yml vendored
View File

@ -16,8 +16,12 @@ on:
required: true required: true
jobs: jobs:
build-and-push: app-token:
if: github.event.pull_request.head.repo.fork != true if: github.event.pull_request.head.repo.fork != true
uses: nocobase/nocobase/.github/workflows/get-nocobase-app-token.yml@main
secrets: inherit
build-and-push:
needs: app-token
runs-on: ubuntu-latest runs-on: ubuntu-latest
services: services:
verdaccio: verdaccio:
@ -25,11 +29,19 @@ jobs:
ports: ports:
- 4873:4873 - 4873:4873
steps: steps:
- name: Decrypt app token
id: app-token
shell: bash
run: |
ENCRYPTED_SECRET=${{ needs.app-token.outputs.token }};
BINARY_ENCRYPTED_SECRET=$(echo -n "$ENCRYPTED_SECRET" | base64 --decode);
APP_TOKEN=$(echo -n "$BINARY_ENCRYPTED_SECRET" | openssl enc -aes-256-cbc -pbkdf2 -d -salt -k "${{ secrets.APP_TOKEN_ENCRYPTION_PASSWORD }}");
echo "token=$APP_TOKEN" >> $GITHUB_OUTPUT
- name: Checkout - name: Checkout
uses: actions/checkout@v3 uses: actions/checkout@v3
with: with:
ref: ${{ github.event.inputs.base_branch }} ref: ${{ github.event.inputs.base_branch }}
ssh-key: ${{ secrets.SUBMODULE_SSH_KEY }} token: ${{ steps.app-token.outputs.token }}
submodules: true submodules: true
- name: Set PR branch - name: Set PR branch
id: set_pro_pr_branch id: set_pro_pr_branch
@ -43,9 +55,23 @@ jobs:
repository: nocobase/pro-plugins repository: nocobase/pro-plugins
path: packages/pro-plugins path: packages/pro-plugins
ref: ${{ steps.set_pro_pr_branch.outputs.pr_branch || 'main' }} ref: ${{ steps.set_pro_pr_branch.outputs.pr_branch || 'main' }}
ssh-key: ${{ secrets.SUBMODULE_SSH_KEY }} token: ${{ steps.app-token.outputs.token }}
- name: Clone pro repos
shell: bash
run: |
for repo in ${{ join(fromJSON(vars.PRO_PLUGIN_REPOS), ' ') }}
do
git clone -b ${{ steps.set_pro_pr_branch.outputs.pr_branch || 'main' }} https://x-access-token:${{ steps.app-token.outputs.token }}@github.com/nocobase/$repo.git packages/pro-plugins/@nocobase/$repo
done
- name: rm .git - name: rm .git
run: rm -rf packages/pro-plugins/.git && git config --global user.email "you@example.com" && git config --global user.name "Your Name" && git add -A && git commit -m "tmp commit" run: |
rm -rf packages/pro-plugins/.git
for repo in ${{ join(fromJSON(vars.PRO_PLUGIN_REPOS), ' ') }}
do
rm -rf packages/pro-plugins/@nocobase/$repo/.git
done
git config --global user.email "you@example.com"
git config --global user.name "Your Name" && git add -A && git commit -m "tmp commit"
- name: Set up QEMU - name: Set up QEMU
uses: docker/setup-qemu-action@v2 uses: docker/setup-qemu-action@v2
- name: Set up Docker Buildx - name: Set up Docker Buildx

16
.github/workflows/release-next.yml vendored
View File

@ -16,6 +16,14 @@ jobs:
container: node:18 container: node:18
needs: app-token needs: app-token
steps: steps:
- name: Decrypt app token
id: app-token
shell: bash
run: |
ENCRYPTED_SECRET=${{ needs.app-token.outputs.token }};
BINARY_ENCRYPTED_SECRET=$(echo -n "$ENCRYPTED_SECRET" | base64 --decode);
APP_TOKEN=$(echo -n "$BINARY_ENCRYPTED_SECRET" | openssl enc -aes-256-cbc -pbkdf2 -d -salt -k "${{ secrets.APP_TOKEN_ENCRYPTION_PASSWORD }}");
echo "token=$APP_TOKEN" >> $GITHUB_OUTPUT
- name: Checkout - name: Checkout
uses: actions/checkout@v4 uses: actions/checkout@v4
with: with:
@ -85,14 +93,6 @@ jobs:
git commit -m "chore(versions): test publish packages xxx" git commit -m "chore(versions): test publish packages xxx"
cat lerna.json cat lerna.json
yarn release:force --no-verify-access --no-git-reset --registry https://registry.npmjs.org/ --dist-tag=next yarn release:force --no-verify-access --no-git-reset --registry https://registry.npmjs.org/ --dist-tag=next
- name: Decrypt app token
id: app-token
shell: bash
run: |
ENCRYPTED_SECRET=${{ needs.app-token.outputs.token }};
BINARY_ENCRYPTED_SECRET=$(echo -n "$ENCRYPTED_SECRET" | base64 --decode);
APP_TOKEN=$(echo -n "$BINARY_ENCRYPTED_SECRET" | openssl enc -aes-256-cbc -pbkdf2 -d -salt -k "${{ secrets.APP_TOKEN_ENCRYPTION_PASSWORD }}");
echo "token=$APP_TOKEN" >> $GITHUB_OUTPUT
- name: Checkout pro-plugins - name: Checkout pro-plugins
uses: actions/checkout@v3 uses: actions/checkout@v3
with: with:

16
.github/workflows/release.yml vendored
View File

@ -18,6 +18,14 @@ jobs:
container: node:18 container: node:18
needs: app-token needs: app-token
steps: steps:
- name: Decrypt app token
id: app-token
shell: bash
run: |
ENCRYPTED_SECRET=${{ needs.app-token.outputs.token }};
BINARY_ENCRYPTED_SECRET=$(echo -n "$ENCRYPTED_SECRET" | base64 --decode);
APP_TOKEN=$(echo -n "$BINARY_ENCRYPTED_SECRET" | openssl enc -aes-256-cbc -pbkdf2 -d -salt -k "${{ secrets.APP_TOKEN_ENCRYPTION_PASSWORD }}");
echo "token=$APP_TOKEN" >> $GITHUB_OUTPUT
- name: Checkout - name: Checkout
uses: actions/checkout@v3 uses: actions/checkout@v3
- name: Send curl request and parse response - name: Send curl request and parse response
@ -59,14 +67,6 @@ jobs:
yarn config set //registry.npmjs.org/:_authToken=${{ secrets.NPM_TOKEN }} yarn config set //registry.npmjs.org/:_authToken=${{ secrets.NPM_TOKEN }}
npm whoami npm whoami
yarn release:force --no-verify-access --no-git-reset --registry https://registry.npmjs.org/ yarn release:force --no-verify-access --no-git-reset --registry https://registry.npmjs.org/
- name: Decrypt app token
id: app-token
shell: bash
run: |
ENCRYPTED_SECRET=${{ needs.app-token.outputs.token }};
BINARY_ENCRYPTED_SECRET=$(echo -n "$ENCRYPTED_SECRET" | base64 --decode);
APP_TOKEN=$(echo -n "$BINARY_ENCRYPTED_SECRET" | openssl enc -aes-256-cbc -pbkdf2 -d -salt -k "${{ secrets.APP_TOKEN_ENCRYPTION_PASSWORD }}");
echo "token=$APP_TOKEN" >> $GITHUB_OUTPUT
- name: Checkout pro-plugins - name: Checkout pro-plugins
uses: actions/checkout@v3 uses: actions/checkout@v3
with: with: