'%3e%3cpath%20d='M9%2021H15'%20stroke='black'%20stroke-width='2'%20stroke-linecap='round'%20stroke-linejoin='round'/%3e%3cpath%20d='M5.25001%209.75C5.25001%207.95979%205.96116%206.2429%207.22703%204.97703C8.4929%203.71116%2010.2098%203%2012%203C13.7902%203%2015.5071%203.71116%2016.773%204.97703C18.0388%206.2429%2018.75%207.95979%2018.75%209.75C18.75%2013.1081%2019.5281%2015.8063%2020.1469%2016.875C20.2126%2016.9888%2020.2472%2017.1179%2020.2474%2017.2493C20.2475%2017.3808%2020.2131%2017.5099%2020.1475%2017.6239C20.082%2017.7378%2019.9877%2017.8325%2019.8741%2017.8985C19.7604%2017.9645%2019.6314%2017.9995%2019.5%2018H4.50001C4.36874%2017.9992%204.23997%2017.964%204.12659%2017.8978C4.0132%2017.8317%203.91916%2017.7369%203.85387%2017.6231C3.78858%2017.5092%203.75432%2017.3801%203.75452%2017.2489C3.75472%2017.1176%203.78937%2016.9887%203.85501%2016.875C4.47282%2015.8063%205.25001%2013.1072%205.25001%209.75Z'%20stroke='black'%20stroke-width='2'%20stroke-linecap='round'%20stroke-linejoin='round'/%3e%3c/g%3e%3cdefs%3e%3cclipPath%20id='clip0_4762_133'%3e%3crect%20width='24'%20height='24'%20fill='white'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e)
'%3e%3cpath%20d='M24%200H0V24H24V0Z'%20fill='white'%20fill-opacity='0.01'/%3e%3cpath%20d='M12%2011C14.2091%2011%2016%209.20914%2016%207C16%204.79086%2014.2091%203%2012%203C9.79086%203%208%204.79086%208%207C8%209.20914%209.79086%2011%2012%2011Z'%20stroke='black'%20stroke-width='2'%20stroke-linecap='round'%20stroke-linejoin='round'/%3e%3cpath%20d='M4%2021V20.4857C4%2018.5655%204%2017.6055%204.38753%2016.872C4.72841%2016.2269%205.27235%2015.7024%205.94138%2015.3737C6.70196%2015%207.6976%2015%209.68889%2015H14.3111C16.3024%2015%2017.298%2015%2018.0586%2015.3737C18.7276%2015.7024%2019.2716%2016.2269%2019.6125%2016.872C20%2017.6055%2020%2018.5655%2020%2020.4857V21'%20stroke='black'%20stroke-width='2'%20stroke-linecap='round'%20stroke-linejoin='round'/%3e%3c/g%3e%3cdefs%3e%3cclipPath%20id='clip0_4762_139'%3e%3crect%20width='24'%20height='24'%20fill='white'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e)
使用 Github Actions 实现 Docker 应用的自动更新和发布
anpho
发布于368天前还没想好签名
建议本篇作为移植 Docker 应用的标准化操作指南。
Hi,如上图,目前我已经在懒猫微服上发布了多款应用,并实现了自动更新、提交审核。
本文的前置需求如下:
- 有 Github 账号
- 有懒猫开发者账号
- 已经安装了 lzc-cli (npm/nodejs)开发工具
- 已经移植了至少1款 Docker 应用
闲言少叙,以下是具体步骤。
一、Github Repo 配置
创建 Git Repo 以后,需要在设置里配置一下你的懒猫开发者用户名和密码,位置在:
此处使用的是USERNAME和PASSWORD 。
该配置的主要用途是 copy-image 和提交审核时的身份认证。
二、调整 manifest
为了便于发布时的自动设置,将 manifest 中的 image 字段改为占位符,如下:
services:
resilio:
image: ##
# 上面一行修改为##,或者其他占位符
binds:
- /lzcapp/var/data:/mnt/sync
- /lzcapp/run/mnt/home/ResilioSync:/mnt/mounted_folders/LazyCat
三、编写 Action
在 Actions 中新建一个空白 Action 模板,然后进行修改。下面以我写的 action 为例,说明一下每一段代码,参考注释。
name: LoadAndPack
# Action的运行时机
on:
schedule:
- cron: '0 0 */7 * *' # 每 7 天执行一次 UTC 时间
# 当 master 分支被 commit 或者 PR 时触发
push:
branches: [ "master" ]
pull_request:
branches: [ "master" ]
# 允许手动触发
workflow_dispatch:
jobs:
build:
runs-on: ubuntu-latest
# 使用 ubuntu 作为运行环境
steps:
# 把库克隆到 $GITHUB_WORKSPACE
- uses: actions/checkout@v4
# 安装 Node JS
- uses: actions/setup-node@v3.9.1
# 安装 docker CE
- uses: docker/setup-docker-action@v4.3.0
# 配置 lzc-cli,并登录
- name: Prepare env etc.
env: # 这里的两个 secret 就是在第1步中设置的用户名和密码
USERNAME: ${{ secrets.USERNAME }}
PASSWORD: ${{ secrets.PASSWORD }}
run: |
npm install -g @lazycatcloud/lzc-cli # 安装lzc-cli
sudo apt install expect curl -y # 安装 expect 和 curl
expect -f ./int.exp "$USERNAME" "$PASSWORD" # 使用 expect 实现 lzc-cli 的登录时的用户名和密码输入
TAGS=$(docker run --rm gcr.io/go-containerregistry/crane:latest ls resilio/sync) # 使用 Docker 获取最新的 tag
echo "TAGS: $TAGS" # 把 tag 打在公屏上
LATEST_TAG=$(echo "$TAGS" | grep -v 'latest\|master\|rel' | sort -V | tail -n1) # 取一下最新的 tag,每个开发者的习惯不同,这里取的是纯数字
echo "Latest: $LATEST_TAG" # 把最后获取到的 tag 打在公屏上
sed -i "s/^version: .*/version: $LATEST_TAG/I" lzc-manifest.yml # 替换 manifest 里的 version 字段。
# 懒猫更新后,这个 version 必须使用 1.2.3 这样的字段,不能用字母,不能有前缀0,而且提交时需要大于已经上架的版本。
# 替换 image
- name: fetch image
run: |
last_part=$(lzc-cli appstore copy-image resilio/sync | tail -n 1 | awk '{print $NF}') # 调用 copy-image,把 docker 镜像复制到懒猫的服务器
function escape_sed() {
echo "$1" | sed 's/[&/\]/\\&/g'
}
last_part_escaped=$(escape_sed "$last_part") # 取一下最后一行输出的最后一段字符串。
sed -i "s/##/$last_part_escaped/" lzc-manifest.yml # 替换掉 manifest 里的占位符,之前改成了##
# 打包
- name: build
run: |
lzc-cli project build # 构建应用
TAGS=$(docker run --rm gcr.io/go-containerregistry/crane:latest ls resilio/sync)
LATEST_TAG=$(echo "$TAGS" | grep -v 'latest\|master\|wv' | sort -V | tail -n1)
lzc-cli appstore publish ./*.lpk -c "Auto Submit: $LATEST_TAG" # 提交应用
# 上传 artifact,会出现在 action 运行的记录里
- uses: actions/upload-artifact@v4.6.2
with:
path: ./*.lpk
最后上传的 artifact 位置在:
这样即可实现该应用的自动提交。
四、关于 expect
因为懒猫需要在终端里输入用户名和密码,没办法直接以参数传入,所以用了 expect,并编写了 expect 的脚本如下:
#!/usr/bin/expect
set username [lindex $argv 0]
set password [lindex $argv 1]
set cmd "/usr/local/bin/lzc-cli"
set timeout 20
match_max 100000
spawn $cmd appstore login
expect {
"请输入登录用户名" { send "$username\r" }
timeout { puts "Timeout waiting for username prompt"; exit 1 }
}
expect {
"请输入登录密码" { send "$password\r" }
timeout { puts "Timeout waiting for password prompt"; exit 1 }
}
expect {
"登录成功" { puts "Login successful!" }
"错误" { puts "Login failed!"; exit 1 }
timeout { puts "Login completed with unknown result." }
}
interact
看不懂没关系,直接用即可。
五、其他
以下是可供参考的库:
| 名称 | 地址 |
|---|---|
| Sync | Github/resilo-sync |
| Telegram | Github/telegram |
| Chromium | Github/chromium |
评论
4很厉害的样子。👍
lzc-cli appstore publish 命令行提交怎么标注原创呢?求问
先在开发者控制台里建好app,这个时候可以设置,控制台这边只是提交新版本审核。
明白了