# Standalone reusable workflow for Node/Vite static sites. # Does not reference reusable-release-skill.yaml; skill workflows remain unchanged. # # Node:请在 Runner 上预装 Node 20+(勿用 actions/setup-node,避免每次从 GitHub 拉包)。 # npm:通过 npm_registry 输入使用国内镜像(默认 npmmirror)。 # Checkout:不用 actions/checkout(host 模式下 JS Action 仍会进无 Node 的容器);改用 git + github.token。 # 重要:act_runner 会把 run: 脚本写到 $GITHUB_WORKSPACE/workflow/*.sh, # 所以 checkout 绝对不能在 workspace 根上 rm -rf ./*,否则会把自己这个脚本一起删了。 # 解决办法:克隆到 $GITHUB_WORKSPACE/_src 子目录,后续 step 都在该子目录操作。 # 浅拉不要用「裸 SHA」作 fetch 参数(Gitea 上易失败);按分支 clone 再对齐 SHA。 name: Reusable Frontend Deploy on: workflow_call: inputs: deploy_path: description: "Target directory for static files (trailing slash optional)" required: false type: string default: "/www/wwwroot/sandbox/web" build_command: required: false type: string default: "npm run build:jc2009" npm_registry: description: "npm registry (e.g. npmmirror for CN)" required: false type: string default: "https://registry.npmmirror.com" runs_on: description: "Runner label; must match a registered runner" required: false type: string default: "ubuntu-latest" chown_www: description: "Run chown -R www:www after sync (requires permission on runner)" required: false type: boolean default: true jobs: build-and-deploy: runs-on: ${{ inputs.runs_on }} defaults: run: shell: bash working-directory: ${{ github.workspace }}/_src env: NPM_CONFIG_REGISTRY: ${{ inputs.npm_registry }} steps: - name: Checkout # 这一步在 workspace 根执行,不能用默认的 _src(此时还不存在) working-directory: ${{ github.workspace }} env: GITEA_HOST: git.jc2009.com GITEA_TOKEN: ${{ github.token }} GITHUB_TOKEN: ${{ github.token }} run: | set -euo pipefail git config --global --add safe.directory '*' REPO="${{ github.repository }}" SHA="${{ github.sha }}" BRANCH="${{ github.ref_name }}" TOKEN="${GITEA_TOKEN:-${GITHUB_TOKEN:-}}" test -n "$TOKEN" || { echo "Checkout: empty token (github.token not available to this job)"; exit 1; } URL="https://x-access-token:${TOKEN}@${GITEA_HOST}/${REPO}.git" SRC_DIR="${GITHUB_WORKSPACE}/_src" # 只清理 _src,不动 workspace 根(保护 runner 写入的 workflow/*.sh) rm -rf "$SRC_DIR" git clone --depth 1 --branch "$BRANCH" "$URL" "$SRC_DIR" cd "$SRC_DIR" if [ "$(git rev-parse HEAD)" != "$SHA" ]; then git fetch --depth 200 origin "refs/heads/${BRANCH}" git checkout --force "$SHA" fi echo "Checked out $(git rev-parse HEAD) to $SRC_DIR" - name: Check Node.js (pre-installed on runner) run: | set -e command -v node >/dev/null || { echo "Runner 上未找到 node,请先安装 Node 20+"; exit 1; } command -v npm >/dev/null || { echo "Runner 上未找到 npm"; exit 1; } node -v npm -v NODE_MAJOR=$(node -p "process.versions.node.split('.')[0]") test "$NODE_MAJOR" -ge 20 || { echo "需要 Node 20 及以上,当前: $(node -v)"; exit 1; } - name: Install dependencies run: npm ci - name: Build run: ${{ inputs.build_command }} - name: Deploy (sync dist to web root) run: | set -euo pipefail test -d dist DEST="${{ inputs.deploy_path }}" DEST="${DEST%/}" mkdir -p "$DEST" # 宝塔面板会自动生成 .user.ini(并加 immutable 属性)和 .htaccess,跳过它们 find "$DEST" -mindepth 1 -maxdepth 1 \ ! -name ".user.ini" \ ! -name ".htaccess" \ -exec rm -rf {} + cp -a dist/. "$DEST/" - name: Set ownership for Nginx (Baota www) run: | if [ "${{ inputs.chown_www }}" != "true" ]; then exit 0; fi DEST="${{ inputs.deploy_path }}" DEST="${DEST%/}" chown -R www:www "$DEST" || chown -R nginx:nginx "$DEST" || true