name: 🚀 灰度版本转正全量 (Promote to Production) # 【核心】配置为手动触发按钮 on: workflow_dispatch: jobs: promote-to-stable: runs-on: ubuntu-latest steps: - name: 🛡️ 安装远程连接依赖 run: | sudo apt-get update && sudo apt-get install -y openssh-client sshpass - name: 🔄 远程连接主节点执行转正 env: SSH_PWD: ${{ secrets.SSH_PWD }} # 确保你在 Gitea 仓库的 Secrets 中配置了这些变量 SSH_USER: ${{ secrets.SSH_USER }} SSH_HOST: ${{ secrets.SSH_HOST }} run: | sshpass -p "${SSH_PWD}" ssh -o StrictHostKeyChecking=no -p 22 ${SSH_USER}@${SSH_HOST} << 'EOF' set -e echo "==================== 开始灰度版本转正全量流程 ====================" # 1. 获取当前灰度版(Canary)正在运行的真实镜像标签 CANARY_IMAGE=$(kubectl get deployment nextjs-app-canary -o jsonpath='{.spec.template.spec.containers.image}' 2>/dev/null || true) if [ -z "${CANARY_IMAGE}" ] || [[ "${CANARY_IMAGE}" == *"latest"* ]]; then echo "【警告】未检测到带有具体 SHA 标签的灰度版本,或灰度版未启动!" echo "无法安全获取当前测试通过的版本号,终止转正。" exit 1 fi echo "🔥 成功捕获待转正的灰度版镜像: ${CANARY_IMAGE}" # 2. SQLite 数据库安全同步 echo "📦 正在进行数据库热备与同步..." BACKUP_DIR="/home/ai/k3s/data/nextjs/db/backup" mkdir -p ${BACKUP_DIR} # 如果原生产数据库存在,则进行备份 if [ -f "/home/ai/k3s/data/nextjs/db/dev.db" ]; then cp /home/ai/k3s/data/nextjs/db/dev.db ${BACKUP_DIR}/dev.db.bak.$(date +%Y%m%d_%H%M%S) fi # 将测试通过的灰度数据库同步至生产环境 if [ -f "/home/ai/k3s/data/nextjs/canary-db/dev.db" ]; then cp /home/ai/k3s/data/nextjs/canary-db/dev.db /home/ai/k3s/data/nextjs/db/dev.db echo "✅ 数据库同步成功" else echo "⚠️ 未找到灰度数据库文件,跳过数据同步" fi # 3. 应用稳定版基础架构定义(确保基础设施存在) echo "🧱 应用稳定版基础资源配置..." kubectl apply -f /home/ai/k3s/nextjs-stable-promote.yaml # 4. 将稳定版的镜像提升为灰度版的镜像版本 echo "🚀 开始将稳定版滚动升级至: ${CANARY_IMAGE}" kubectl set image deployment/nextjs-app-stable nextjs=${CANARY_IMAGE} # 5. 监控生产环境滚动更新状态 echo "⏳ 等待全量生产环境滚动更新完成..." if kubectl rollout status deployment/nextjs-app-stable --timeout=90s; then echo "=========================================================" echo " 🎉【转正成功】全量版本已无缝升级至灰度同等版本!" echo "=========================================================" else echo "❌【严重错误】生产环境升级超时,正在尝试自动回滚..." kubectl rollout undo deployment/nextjs-app-stable exit 1 fi EOF