admin/jiangchang-platform-kit
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: admin:v1.0.3
Branches Tags
admin:main
admin:v1.0.3 admin:v1.0.2 admin:v1.0.1
...
compare: admin:main
Branches Tags
admin:main
admin:v1.0.3 admin:v1.0.2 admin:v1.0.1

12 Commits
v1.0.3 ... main

Author SHA1 Message Date
chendelian
71a9ab1700 提交修改 2026-04-19 15:35:47 +08:00
chendelian
ca117cb5ac 提交修改 2026-04-19 15:17:57 +08:00
chendelian
892cf837a6 调整流水线 2026-04-16 15:06:49 +08:00
chendelian
a6bbd89350 调整流水线 2026-04-16 13:58:32 +08:00
chendelian
8778d641ab 调整流水线 2026-04-16 13:46:19 +08:00
chendelian
5037d83b3d 调整流水线 2026-04-16 13:41:36 +08:00
chendelian
8154de452b 调整流水线 2026-04-16 13:29:45 +08:00
chendelian
0bb6707e68 调整流水线 2026-04-16 11:49:06 +08:00
chendelian
4b15c6d99c ci: sync readme_md and description from references/README.md with SKILL.md fallback 
Made-with: Cursor
 2026-04-12 09:10:58 +08:00
chendelian
4856167682 ci: deploy 用 cp 替代 rsync;同步 contrib 模板;更新产品说明 2026-04-10 13:39:54 +08:00
chendelian
c67487ba16 ci: add reusable-release-frontend for static sites (fangzhen) 2026-04-10 13:31:08 +08:00
chendelian
69702f8ea2 ci: add reusable-release-frontend for static sites (fangzhen) 2026-04-10 12:04:51 +08:00
2 changed files with 156 additions and 9 deletions
Expand all files Collapse all files

115
.github/workflows/reusable-release-frontend.yaml vendored Normal file
View File

@@ -0,0 +1,115 @@
# Standalone reusable workflow for Node/Vite static sites.
# Does not reference reusable-release-skill.yaml; skill workflows remain unchanged.
#
# Node请在 Runner 上预装 Node 20+(勿用 actions/setup-node避免每次从 GitHub 拉包)。
# npm通过 npm_registry 输入使用国内镜像(默认 npmmirror
# Checkout不用 actions/checkouthost 模式下 JS Action 仍会进无 Node 的容器);改用 git + github.token。
# 重要act_runner 会把 run: 脚本写到 $GITHUB_WORKSPACE/workflow/*.sh
# 所以 checkout 绝对不能在 workspace 根上 rm -rf ./*,否则会把自己这个脚本一起删了。
# 解决办法:克隆到 $GITHUB_WORKSPACE/_src 子目录,后续 step 都在该子目录操作。
# 浅拉不要用「裸 SHA」作 fetch 参数Gitea 上易失败);按分支 clone 再对齐 SHA。
name: Reusable Frontend Deploy
on:
workflow_call:
inputs:
deploy_path:
description: "Target directory for static files (trailing slash optional)"
required: false
type: string
default: "/www/wwwroot/sandbox/web"
build_command:
required: false
type: string
default: "npm run build:jc2009"
npm_registry:
description: "npm registry (e.g. npmmirror for CN)"
required: false
type: string
default: "https://registry.npmmirror.com"
runs_on:
description: "Runner label; must match a registered runner"
required: false
type: string
default: "ubuntu-latest"
chown_www:
description: "Run chown -R www:www after sync (requires permission on runner)"
required: false
type: boolean
default: true
jobs:
build-and-deploy:
runs-on: ${{ inputs.runs_on }}
defaults:
run:
shell: bash
working-directory: ${{ github.workspace }}/_src
env:
NPM_CONFIG_REGISTRY: ${{ inputs.npm_registry }}
steps:
- name: Checkout
# 这一步在 workspace 根执行,不能用默认的 _src此时还不存在
working-directory: ${{ github.workspace }}
env:
GITEA_HOST: git.jc2009.com
GITEA_TOKEN: ${{ github.token }}
GITHUB_TOKEN: ${{ github.token }}
run: |
set -euo pipefail
git config --global --add safe.directory '*'
REPO="${{ github.repository }}"
SHA="${{ github.sha }}"
BRANCH="${{ github.ref_name }}"
TOKEN="${GITEA_TOKEN:-${GITHUB_TOKEN:-}}"
test -n "$TOKEN" || { echo "Checkout: empty token (github.token not available to this job)"; exit 1; }
URL="https://x-access-token:${TOKEN}@${GITEA_HOST}/${REPO}.git"
SRC_DIR="${GITHUB_WORKSPACE}/_src"
# 只清理 _src不动 workspace 根(保护 runner 写入的 workflow/*.sh
rm -rf "$SRC_DIR"
git clone --depth 1 --branch "$BRANCH" "$URL" "$SRC_DIR"
cd "$SRC_DIR"
if [ "$(git rev-parse HEAD)" != "$SHA" ]; then
git fetch --depth 200 origin "refs/heads/${BRANCH}"
git checkout --force "$SHA"
fi
echo "Checked out $(git rev-parse HEAD) to $SRC_DIR"
- name: Check Node.js (pre-installed on runner)
run: |
set -e
command -v node >/dev/null || { echo "Runner 上未找到 node请先安装 Node 20+"; exit 1; }
command -v npm >/dev/null || { echo "Runner 上未找到 npm"; exit 1; }
node -v
npm -v
NODE_MAJOR=$(node -p "process.versions.node.split('.')[0]")
test "$NODE_MAJOR" -ge 20 || { echo "需要 Node 20 及以上,当前: $(node -v)"; exit 1; }
- name: Install dependencies
run: npm ci
- name: Build
run: ${{ inputs.build_command }}
- name: Deploy (sync dist to web root)
run: |
set -euo pipefail
test -d dist
DEST="${{ inputs.deploy_path }}"
DEST="${DEST%/}"
mkdir -p "$DEST"
# 宝塔面板会自动生成 .user.ini(并加 immutable 属性)和 .htaccess,跳过它们
find "$DEST" -mindepth 1 -maxdepth 1 \
! -name ".user.ini" \
! -name ".htaccess" \
-exec rm -rf {} +
cp -a dist/. "$DEST/"
- name: Set ownership for Nginx (Baota www)
run: |
if [ "${{ inputs.chown_www }}" != "true" ]; then exit 0; fi
DEST="${{ inputs.deploy_path }}"
DEST="${DEST%/}"
chown -R www:www "$DEST" || chown -R nginx:nginx "$DEST" || true

50
.github/workflows/reusable-release-skill.yaml vendored
View File

@@ -3,6 +3,11 @@ name: Reusable Skill Release
on:
workflow_call:
inputs:
runs_on:
description: "Runner label; must match a registered runner (use host runner for pip/python on same machine as Node frontend)"
required: false
type: string
default: ubuntu-latest
artifact_platform:
required: false
type: string
@@ -30,23 +35,30 @@ on:
jobs:
build-and-deploy:
runs-on: ubuntu-latest
runs-on: ${{ inputs.runs_on }}
defaults:
run:
shell: bash
env:
ARTIFACT_PLATFORM: ${{ inputs.artifact_platform }}
PYARMOR_PLATFORM: ${{ inputs.pyarmor_platform }}
PIP_BREAK_SYSTEM_PACKAGES: "1"
# Prefer self-built Python 3.12 under /usr/local (Alibaba Cloud Linux host); keep system paths as fallback.
# 显式前缀,避免部分 Runner 未注入 env.PATH 时丢失系统路径
PATH: /usr/local/bin:/usr/local/python3.12/bin:/usr/bin:/bin:/usr/local/sbin:/usr/sbin
# PyArmor 交叉平台加密时会内部执行 pip 安装 pyarmor.cli.core.* 等包;不设则默认走 files.pythonhosted.org国内 CI 易超时。
PIP_INDEX_URL: https://pypi.tuna.tsinghua.edu.cn/simple
PIP_EXTRA_INDEX_URL: https://mirrors.aliyun.com/pypi/simple https://mirrors.cloud.tencent.com/pypi/simple https://mirrors.huaweicloud.com/repository/pypi/simple
PIP_DEFAULT_TIMEOUT: "180"
PIP_TRUSTED_HOST: pypi.tuna.tsinghua.edu.cn mirrors.aliyun.com mirrors.cloud.tencent.com mirrors.huaweicloud.com files.pythonhosted.org pypi.org
steps:
- uses: http://120.25.191.12:3000/admin/actions-checkout@v4
- uses: https://git.jc2009.com/admin/actions-checkout@v4
# Pin PyArmor 8.5.3 — matches desktop bundles; 9.x trial is stricter in CI。
# 镜像由 job envPIP_INDEX_URL / PIP_EXTRA_INDEX_URL统一指定与 Encrypt 步骤中 PyArmor 内部 pip 一致。
# 使用 python3.12 -m pip避免仅存在 python3(3.6) 或裸 pip 不在 PATH 的宿主机/容器。
- name: Setup Tools
run: pip install "pyarmor==8.5.3" requests python-frontmatter --break-system-packages
run: python3.12 -m pip install "pyarmor==8.5.3" requests python-frontmatter --break-system-packages
- name: Register PyArmor (optional)
env:
@@ -55,12 +67,13 @@ jobs:
if [ -z "${PYARMOR_REG_B64}" ]; then
echo "PyArmor: no PYARMOR_REG_B64 secret — trial mode (very large single .py modules may fail to obfuscate)."
else
python -c "import os,base64,pathlib,subprocess; p=pathlib.Path('/tmp/pyarmor-reg.zip'); p.write_bytes(base64.standard_b64decode(os.environ['PYARMOR_REG_B64'])); subprocess.run(['pyarmor','reg',str(p)],check=True); p.unlink(missing_ok=True)"
python3.12 -c "import os,base64,pathlib,subprocess; os.environ['PATH']='/usr/local/bin:/usr/local/python3.12/bin:'+os.environ.get('PATH',''); p=pathlib.Path('/tmp/pyarmor-reg.zip'); p.write_bytes(base64.standard_b64decode(os.environ['PYARMOR_REG_B64'])); subprocess.run(['pyarmor','reg',str(p)],check=True); p.unlink(missing_ok=True)"
fi
# 递归加密整个 scripts/(含 cli、service、db、util 等子包);产物保留与源码一致的 scripts/ 层级,入口为 scripts/main.py。
- name: Encrypt Source Code
run: |
export PATH="/usr/local/bin:/usr/local/python3.12/bin:${PATH:-}"
mkdir -p dist/package/scripts
set -euo pipefail
test -d scripts
@@ -72,11 +85,30 @@ jobs:
- name: Parse Metadata and Pack
id: build_task
run: |
python -c "
python3.12 -c "
import frontmatter, os, json, shutil
post = frontmatter.load('SKILL.md')
metadata = dict(post.metadata or {})
metadata['readme_md'] = (post.content or '').strip()
skill_readme_md = (post.content or '').strip()
skill_description = metadata.get('description')
metadata['readme_md'] = skill_readme_md
readme_path = os.path.join('references', 'README.md')
if os.path.isfile(readme_path):
try:
readme_post = frontmatter.load(readme_path)
body = (readme_post.content or '').strip()
rm_meta = readme_post.metadata or {}
desc = rm_meta.get('description')
if desc is not None and str(desc).strip():
metadata['description'] = str(desc).strip()
if body:
metadata['readme_md'] = body
except Exception:
pass
if not (metadata.get('readme_md') or '').strip():
metadata['readme_md'] = skill_readme_md
if skill_description is not None and not str(metadata.get('description', '') or '').strip():
metadata['description'] = skill_description
openclaw_meta = metadata.get('metadata', {}).get('openclaw', {})
slug = (openclaw_meta.get('slug') or metadata.get('slug') or metadata.get('name') or '').strip()
if not slug:
@@ -102,7 +134,7 @@ jobs:
METADATA_JSON: ${{ steps.build_task.outputs.metadata }}
SYNC_URL: ${{ inputs.sync_url }}
run: |
python -c "
python3.12 -c "
import requests, json, os
metadata = json.loads(os.environ['METADATA_JSON'])
res = requests.post(os.environ['SYNC_URL'], json=metadata)
@@ -121,7 +153,7 @@ jobs:
ARTIFACT_PLATFORM: ${{ steps.build_task.outputs.artifact_platform }}
UPLOAD_URL: ${{ inputs.upload_url }}
run: |
python -c "
python3.12 -c "
import requests, os
slug = os.environ['SLUG']
version = os.environ['VERSION']
@@ -148,7 +180,7 @@ jobs:
VERSION: ${{ steps.build_task.outputs.version }}
PRUNE_URL: ${{ inputs.prune_url }}
run: |
python -c "
python3.12 -c "
import requests, os
payload = {
'name': os.environ['SLUG'],