open-source/file-online-preview
1
0
Fork 0
mirror of https://gitee.com/kekingcn/file-online-preview.git synced 2026-04-17 13:53:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: address deploy review comments

Browse Source
This commit is contained in:
chenkailing
2026-04-11 20:22:15 +08:00
parent 1b3cf33bf0
commit 58fc1af74f
2 changed files with 30 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
.github/scripts/remote_windows_deploy.ps1 vendored
View File

@@ -46,7 +46,7 @@ $BinDir = Join-Path $DeployRoot 'bin'
$StartupScript = Join-Path $BinDir 'startup.bat' $StartupScript = Join-Path $BinDir 'startup.bat'
$ReleaseDir = Join-Path $DeployRoot 'releases' $ReleaseDir = Join-Path $DeployRoot 'releases'
$DeployTmp = Join-Path $DeployRoot 'deploy-tmp' $DeployTmp = Join-Path $DeployRoot 'deploy-tmp'
$BuildOutputDir = Join-Path $SourceRoot 'server\target' $BuildOutputDir = Join-Path (Join-Path $SourceRoot 'server') 'target'
if (-not (Test-Path $DeployRoot)) { if (-not (Test-Path $DeployRoot)) {
throw "Deploy root not found: $DeployRoot" throw "Deploy root not found: $DeployRoot"
@@ -123,6 +123,28 @@ function Invoke-External {
} }
} }
function Assert-SafeSourceRoot {
param([string]$PathToCheck)
$FullPath = [System.IO.Path]::GetFullPath($PathToCheck)
$RootPath = [System.IO.Path]::GetPathRoot($FullPath)
if ($FullPath.TrimEnd('\') -eq $RootPath.TrimEnd('\')) {
throw "Refusing to use drive root as source root: $FullPath"
}
$DangerousLeafNames = @(
'Windows',
'Users',
'Program Files',
'Program Files (x86)',
'ProgramData'
)
$LeafName = Split-Path -Leaf $FullPath.TrimEnd('\')
if ($DangerousLeafNames -contains $LeafName) {
throw "Refusing to use a high-risk source root path: $FullPath"
}
}
$env:JAVA_HOME = $JavaHome $env:JAVA_HOME = $JavaHome
$env:Path = (Join-Path $JavaHome 'bin') + ';' + (Split-Path -Parent $GitExe) + ';' + (Split-Path -Parent $MvnCmd) + ';' + $env:Path $env:Path = (Join-Path $JavaHome 'bin') + ';' + (Split-Path -Parent $GitExe) + ';' + (Split-Path -Parent $MvnCmd) + ';' + $env:Path
@@ -145,6 +167,8 @@ New-Item -ItemType Directory -Force -Path $ReleaseDir | Out-Null
New-Item -ItemType Directory -Force -Path $DeployTmp | Out-Null New-Item -ItemType Directory -Force -Path $DeployTmp | Out-Null
function Sync-Repository { function Sync-Repository {
Assert-SafeSourceRoot -PathToCheck $SourceRoot
if (-not (Test-Path (Join-Path $SourceRoot '.git'))) { if (-not (Test-Path (Join-Path $SourceRoot '.git'))) {
if (Test-Path $SourceRoot) { if (Test-Path $SourceRoot) {
Remove-Item $SourceRoot -Recurse -Force Remove-Item $SourceRoot -Recurse -Force
@@ -161,6 +185,7 @@ function Sync-Repository {
} }
Write-Step "Fetching latest branch state from origin/$Branch" Write-Step "Fetching latest branch state from origin/$Branch"
Invoke-External -FilePath $GitExe -Arguments @('remote', 'set-url', 'origin', $RepoUrl) -WorkingDirectory $SourceRoot
Invoke-External -FilePath $GitExe -Arguments @('fetch', '--prune', '--depth', '1', 'origin', $Branch) -WorkingDirectory $SourceRoot Invoke-External -FilePath $GitExe -Arguments @('fetch', '--prune', '--depth', '1', 'origin', $Branch) -WorkingDirectory $SourceRoot
Invoke-External -FilePath $GitExe -Arguments @('checkout', '-B', $Branch, "origin/$Branch") -WorkingDirectory $SourceRoot Invoke-External -FilePath $GitExe -Arguments @('checkout', '-B', $Branch, "origin/$Branch") -WorkingDirectory $SourceRoot
Invoke-External -FilePath $GitExe -Arguments @('reset', '--hard', "origin/$Branch") -WorkingDirectory $SourceRoot Invoke-External -FilePath $GitExe -Arguments @('reset', '--hard', "origin/$Branch") -WorkingDirectory $SourceRoot

6
doc/ci-auto-deploy.md
View File

@@ -11,7 +11,7 @@
当前自动部署链路采用服务器拉最新源码并本机编译的方式 当前自动部署链路采用服务器拉最新源码并本机编译的方式
1. 通过 WinRM 连接 Windows 服务器 1. 通过 WinRM 连接 Windows 服务器
2. 在服务器上的源码目录执行 `git fetch/reset/clean`同步到 `origin/master` 2. 在服务器上的源码目录执行 `git fetch/reset/clean`同步到 `origin/$KK_DEPLOY_BRANCH`默认 `master`
3. 使用服务器上的 JDK 21 Maven 执行 `mvn clean package -Dmaven.test.skip=true` 3. 使用服务器上的 JDK 21 Maven 执行 `mvn clean package -Dmaven.test.skip=true`
4. 备份线上 jar替换为新构建产物 4. 备份线上 jar替换为新构建产物
5. 使用现有 `startup.bat` 重启并做健康检查 5. 使用现有 `startup.bat` 重启并做健康检查
@@ -23,11 +23,13 @@
- `KK_DEPLOY_USERNAME` - `KK_DEPLOY_USERNAME`
- `KK_DEPLOY_PASSWORD` - `KK_DEPLOY_PASSWORD`
下面这些可以通过 workflow env GitHub Variables 覆盖未配置时会使用默认值 以下部署参数当前由 workflow GitHub Secrets 读取如果未单独配置则使用脚本默认值
- `KK_DEPLOY_PORT=5985` - `KK_DEPLOY_PORT=5985`
- `KK_DEPLOY_ROOT=C:\kkFileView-5.0` - `KK_DEPLOY_ROOT=C:\kkFileView-5.0`
- `KK_DEPLOY_HEALTH_URL=http://127.0.0.1:8012/` - `KK_DEPLOY_HEALTH_URL=http://127.0.0.1:8012/`
下面这些非敏感参数可以通过 workflow env GitHub Variables 覆盖未配置时会使用默认值
- `KK_DEPLOY_REPO_URL=https://github.com/kekingcn/kkFileView.git` - `KK_DEPLOY_REPO_URL=https://github.com/kekingcn/kkFileView.git`
- `KK_DEPLOY_BRANCH=master` - `KK_DEPLOY_BRANCH=master`
- `KK_DEPLOY_SOURCE_ROOT=C:\kkFileView-source` - `KK_DEPLOY_SOURCE_ROOT=C:\kkFileView-source`