From ca117cb5ac058785065d7f8e04d16247ee518233 Mon Sep 17 00:00:00 2001 From: chendelian <116870791@qq.com> Date: Sun, 19 Apr 2026 15:17:57 +0800 Subject: [PATCH] =?UTF-8?q?=E6=8F=90=E4=BA=A4=E4=BF=AE=E6=94=B9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/reusable-release-skill.yaml | 26 ++++++++++++++----- 1 file changed, 19 insertions(+), 7 deletions(-) diff --git a/.github/workflows/reusable-release-skill.yaml b/.github/workflows/reusable-release-skill.yaml index c54049c..09598a5 100644 --- a/.github/workflows/reusable-release-skill.yaml +++ b/.github/workflows/reusable-release-skill.yaml @@ -3,6 +3,11 @@ name: Reusable Skill Release on: workflow_call: inputs: + runs_on: + description: "Runner label; must match a registered runner (use host runner for pip/python on same machine as Node frontend)" + required: false + type: string + default: ubuntu-latest artifact_platform: required: false type: string @@ -30,11 +35,17 @@ on: jobs: build-and-deploy: - runs-on: ubuntu-latest + runs-on: ${{ inputs.runs_on }} + defaults: + run: + shell: bash env: ARTIFACT_PLATFORM: ${{ inputs.artifact_platform }} PYARMOR_PLATFORM: ${{ inputs.pyarmor_platform }} PIP_BREAK_SYSTEM_PACKAGES: "1" + # Prefer self-built Python 3.12 under /usr/local (Alibaba Cloud Linux host); keep system paths as fallback. + # 显式前缀,避免部分 Runner 未注入 env.PATH 时丢失系统路径 + PATH: /usr/local/bin:/usr/local/python3.12/bin:/usr/bin:/bin:/usr/local/sbin:/usr/sbin # PyArmor 交叉平台加密时会内部执行 pip 安装 pyarmor.cli.core.* 等包;不设则默认走 files.pythonhosted.org,国内 CI 易超时。 PIP_INDEX_URL: https://pypi.tuna.tsinghua.edu.cn/simple PIP_EXTRA_INDEX_URL: https://mirrors.aliyun.com/pypi/simple https://mirrors.cloud.tencent.com/pypi/simple https://mirrors.huaweicloud.com/repository/pypi/simple @@ -45,8 +56,9 @@ jobs: # Pin PyArmor 8.5.3 — matches desktop bundles; 9.x trial is stricter in CI。 # 镜像由 job env(PIP_INDEX_URL / PIP_EXTRA_INDEX_URL)统一指定,与 Encrypt 步骤中 PyArmor 内部 pip 一致。 + # 使用 python3.12 -m pip,避免仅存在 python3(3.6) 或裸 pip 不在 PATH 的宿主机/容器。 - name: Setup Tools - run: pip install "pyarmor==8.5.3" requests python-frontmatter --break-system-packages + run: python3.12 -m pip install "pyarmor==8.5.3" requests python-frontmatter --break-system-packages - name: Register PyArmor (optional) env: @@ -55,7 +67,7 @@ jobs: if [ -z "${PYARMOR_REG_B64}" ]; then echo "PyArmor: no PYARMOR_REG_B64 secret — trial mode (very large single .py modules may fail to obfuscate)." else - python -c "import os,base64,pathlib,subprocess; p=pathlib.Path('/tmp/pyarmor-reg.zip'); p.write_bytes(base64.standard_b64decode(os.environ['PYARMOR_REG_B64'])); subprocess.run(['pyarmor','reg',str(p)],check=True); p.unlink(missing_ok=True)" + python3.12 -c "import os,base64,pathlib,subprocess; p=pathlib.Path('/tmp/pyarmor-reg.zip'); p.write_bytes(base64.standard_b64decode(os.environ['PYARMOR_REG_B64'])); subprocess.run(['pyarmor','reg',str(p)],check=True); p.unlink(missing_ok=True)" fi # 递归加密整个 scripts/(含 cli、service、db、util 等子包);产物保留与源码一致的 scripts/ 层级,入口为 scripts/main.py。 @@ -72,7 +84,7 @@ jobs: - name: Parse Metadata and Pack id: build_task run: | - python -c " + python3.12 -c " import frontmatter, os, json, shutil post = frontmatter.load('SKILL.md') metadata = dict(post.metadata or {}) @@ -121,7 +133,7 @@ jobs: METADATA_JSON: ${{ steps.build_task.outputs.metadata }} SYNC_URL: ${{ inputs.sync_url }} run: | - python -c " + python3.12 -c " import requests, json, os metadata = json.loads(os.environ['METADATA_JSON']) res = requests.post(os.environ['SYNC_URL'], json=metadata) @@ -140,7 +152,7 @@ jobs: ARTIFACT_PLATFORM: ${{ steps.build_task.outputs.artifact_platform }} UPLOAD_URL: ${{ inputs.upload_url }} run: | - python -c " + python3.12 -c " import requests, os slug = os.environ['SLUG'] version = os.environ['VERSION'] @@ -167,7 +179,7 @@ jobs: VERSION: ${{ steps.build_task.outputs.version }} PRUNE_URL: ${{ inputs.prune_url }} run: | - python -c " + python3.12 -c " import requests, os payload = { 'name': os.environ['SLUG'],