From 938b9fe9634f1788fb8291b6c9b61a6b5df864f5 Mon Sep 17 00:00:00 2001 From: OoO Date: Sun, 17 May 2026 21:01:33 +0800 Subject: [PATCH] =?UTF-8?q?fix:=20=E4=BF=AE=E6=AD=A3=20CD=20=E5=90=8C?= =?UTF-8?q?=E6=AD=A5=E5=88=A4=E6=96=B7=E8=88=87=E6=AD=A3=E5=BC=8F=E7=89=88?= =?UTF-8?q?=E6=9C=AC=E9=A9=97=E8=AD=89?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .gitea/workflows/cd.yaml | 27 +++++++++++++++++++-------- 1 file changed, 19 insertions(+), 8 deletions(-) diff --git a/.gitea/workflows/cd.yaml b/.gitea/workflows/cd.yaml index f4ab1b4..618d7fc 100644 --- a/.gitea/workflows/cd.yaml +++ b/.gitea/workflows/cd.yaml @@ -76,6 +76,8 @@ jobs: run: | echo "short_sha=${GITHUB_SHA::7}" >> $GITHUB_OUTPUT echo "message=$(git log -1 --pretty=%s | head -c 60)" >> $GITHUB_OUTPUT + VERSION=$(sed -n "s/^SYSTEM_VERSION[[:space:]]*=[[:space:]]*[\"']\([^\"']*\)[\"'].*/\1/p" config.py | head -1) + echo "version=$VERSION" >> $GITHUB_OUTPUT echo "start_time=$(date +%s)" >> $GITHUB_OUTPUT # 偵測是否需重建 Docker image(force_rebuild 優先,其次看變更檔案) @@ -87,6 +89,14 @@ jobs: echo "label=🔨 強制重建 Docker Image" >> $GITHUB_OUTPUT exit 0 fi + CHANGED=$(git diff --name-only HEAD~1 HEAD 2>/dev/null || echo "") + if echo "$CHANGED" | grep -qE '^(Dockerfile|requirements\.txt|docker-compose\.yml)$'; then + echo "type=rebuild" >> $GITHUB_OUTPUT + echo "label=🔨 重建 Docker Image" >> $GITHUB_OUTPUT + else + echo "type=sync" >> $GITHUB_OUTPUT + echo "label=📁 同步 runtime 檔案" >> $GITHUB_OUTPUT + fi - name: 偵測 AI 觀測台前端 QA 是否需要執行 id: observability_qa @@ -99,14 +109,6 @@ jobs: else echo "ℹ️ AI 觀測台 QA: skipped" fi - CHANGED=$(git diff --name-only HEAD~1 HEAD 2>/dev/null || echo "") - if echo "$CHANGED" | grep -qE '^(Dockerfile|requirements\.txt|docker-compose\.yml)$'; then - echo "type=rebuild" >> $GITHUB_OUTPUT - echo "label=🔨 重建 Docker Image" >> $GITHUB_OUTPUT - else - echo "type=sync" >> $GITHUB_OUTPUT - echo "label=📁 同步 Python 檔案" >> $GITHUB_OUTPUT - fi # 設定 SSH 金鑰 + 主機驗證(C2 fix: 移除 StrictHostKeyChecking no) - name: 設定 SSH 金鑰 @@ -313,6 +315,7 @@ jobs: - name: 健康檢查 env: COMMIT_SHA: ${{ steps.commit.outputs.short_sha }} + EXPECTED_VERSION: ${{ steps.commit.outputs.version }} TELEGRAM_BOT_TOKEN: ${{ secrets.TELEGRAM_BOT_TOKEN }} TELEGRAM_CHAT_ID: ${{ secrets.TELEGRAM_CHAT_ID }} run: | @@ -332,6 +335,14 @@ jobs: [ "$i" -eq 12 ] && echo "❌ HTTP 健康檢查失敗" && exit 1 sleep 15 done + EXTERNAL_HEALTH=$(curl -fsS --max-time 10 https://mo.wooo.work/health) + EXTERNAL_VERSION=$(python3 -c "import json,sys; print(json.load(sys.stdin).get('version',''))" <<< "$EXTERNAL_HEALTH") + if [ "$EXTERNAL_VERSION" != "$EXPECTED_VERSION" ]; then + echo "❌ 正式版本未更新:expected=$EXPECTED_VERSION actual=$EXTERNAL_VERSION" + echo "$EXTERNAL_HEALTH" + exit 1 + fi + echo "✅ 正式版本驗證通過:$EXTERNAL_VERSION" # 驗證三應用容器均在 Running 狀態 ssh -i ~/.ssh/id_deploy ollama@192.168.0.188 \ 'RUNNING=$(docker ps --format "{{.Names}}" | grep -cE "momo-(pro-system|scheduler|telegram-bot)" || true); \