fix: harden master auto deploy artifact delivery

[codex] add master auto deploy workflow

.github/scripts/deploy_windows_winrm.py

@@ -0,0 +1,107 @@
+#!/usr/bin/env python3
+import base64
+import os
+import pathlib
+import sys
+import uuid
+
+import winrm
+
+
+def require_env(name: str) -> str:
+    value = os.getenv(name, "").strip()
+    if not value:
+        raise SystemExit(f"Missing required environment variable: {name}")
+    return value
+
+
+def optional_env(name: str, default: str) -> str:
+    value = os.getenv(name, "").strip()
+    return value if value else default
+
+
+def ps_quote(value: str) -> str:
+    return value.replace("'", "''")
+
+
+def main() -> int:
+    host = require_env("KK_DEPLOY_HOST")
+    port = optional_env("KK_DEPLOY_PORT", "5985")
+    username = require_env("KK_DEPLOY_USERNAME")
+    password = require_env("KK_DEPLOY_PASSWORD")
+    deploy_root = optional_env("KK_DEPLOY_ROOT", r"C:\kkFileView-5.0")
+    health_url = optional_env("KK_DEPLOY_HEALTH_URL", "http://127.0.0.1:8012/")
+    artifact_url = require_env("KK_DEPLOY_ARTIFACT_URL")
+    dry_run = optional_env("KK_DEPLOY_DRY_RUN", "false").lower()
+
+    script_path = pathlib.Path(__file__).with_name("remote_windows_deploy.ps1")
+    script_body = script_path.read_text(encoding="utf-8")
+    payload = script_body.encode("utf-8-sig")
+    payload_b64 = base64.b64encode(payload).decode("ascii")
+
+    endpoint = f"http://{host}:{port}/wsman"
+    session = winrm.Session(endpoint, auth=(username, password), transport="ntlm")
+
+    suffix = uuid.uuid4().hex
+    remote_b64_path = fr"C:\Windows\Temp\kkfileview_deploy_{suffix}.b64"
+    remote_ps1_path = fr"C:\Windows\Temp\kkfileview_deploy_{suffix}.ps1"
+
+    prep = session.run_ps(
+        f"""
+$ErrorActionPreference = 'Stop'
+if (Test-Path '{ps_quote(remote_b64_path)}') {{ Remove-Item '{ps_quote(remote_b64_path)}' -Force }}
+if (Test-Path '{ps_quote(remote_ps1_path)}') {{ Remove-Item '{ps_quote(remote_ps1_path)}' -Force }}
+New-Item -ItemType File -Path '{ps_quote(remote_b64_path)}' -Force | Out-Null
+"""
+    )
+    if prep.status_code != 0:
+        sys.stderr.write(prep.std_err.decode("utf-8", errors="ignore"))
+        return prep.status_code
+
+    chunk_size = 1200
+    for start in range(0, len(payload_b64), chunk_size):
+        chunk = payload_b64[start : start + chunk_size]
+        append = session.run_ps(
+            f"Add-Content -LiteralPath '{ps_quote(remote_b64_path)}' -Value '{chunk}'"
+        )
+        if append.status_code != 0:
+            sys.stderr.write(append.std_err.decode("utf-8", errors="ignore"))
+            return append.status_code
+
+    result = session.run_ps(
+        f"""
+$ErrorActionPreference = 'Stop'
+$raw = Get-Content -LiteralPath '{ps_quote(remote_b64_path)}' -Raw
+[System.IO.File]::WriteAllBytes('{ps_quote(remote_ps1_path)}', [Convert]::FromBase64String($raw))
+try {{
+  $env:KK_DEPLOY_ARTIFACT_URL = '{ps_quote(artifact_url)}'
+  $env:KK_DEPLOY_ROOT = '{ps_quote(deploy_root)}'
+  $env:KK_DEPLOY_HEALTH_URL = '{ps_quote(health_url)}'
+  $env:KK_DEPLOY_DRY_RUN = '{ps_quote(dry_run)}'
+  powershell -NoProfile -ExecutionPolicy Bypass -File '{ps_quote(remote_ps1_path)}' `
+  $code = $LASTEXITCODE
+}} finally {{
+  Remove-Item Env:KK_DEPLOY_ARTIFACT_URL -ErrorAction SilentlyContinue
+  Remove-Item Env:KK_DEPLOY_ROOT -ErrorAction SilentlyContinue
+  Remove-Item Env:KK_DEPLOY_HEALTH_URL -ErrorAction SilentlyContinue
+  Remove-Item Env:KK_DEPLOY_DRY_RUN -ErrorAction SilentlyContinue
+  Remove-Item '{ps_quote(remote_b64_path)}' -Force -ErrorAction SilentlyContinue
+  Remove-Item '{ps_quote(remote_ps1_path)}' -Force -ErrorAction SilentlyContinue
+}}
+exit $code
+"""
+    )
+
+    stdout = result.std_out.decode("utf-8", errors="ignore").strip()
+    stderr = result.std_err.decode("utf-8", errors="ignore").strip()
+
+    if stdout:
+        print(stdout)
+    if stderr:
+        print(stderr, file=sys.stderr)
+
+    return result.status_code
+
+
+if __name__ == "__main__":
+    raise SystemExit(main())

.github/scripts/remote_windows_deploy.ps1

@@ -0,0 +1,203 @@
+$ErrorActionPreference = 'Stop'
+
+function Write-Step {
+    param([string]$Message)
+    Write-Host "==> $Message"
+}
+
+function Get-RequiredEnv {
+    param([string]$Name)
+
+    $Value = [Environment]::GetEnvironmentVariable($Name)
+    if ([string]::IsNullOrWhiteSpace($Value)) {
+        throw "Missing required environment variable: $Name"
+    }
+
+    return $Value
+}
+
+function Get-OptionalEnv {
+    param(
+        [string]$Name,
+        [string]$DefaultValue
+    )
+
+    $Value = [Environment]::GetEnvironmentVariable($Name)
+    if ([string]::IsNullOrWhiteSpace($Value)) {
+        return $DefaultValue
+    }
+
+    return $Value
+}
+
+$ArtifactDownloadUrl = Get-RequiredEnv 'KK_DEPLOY_ARTIFACT_URL'
+$DeployRoot = Get-OptionalEnv 'KK_DEPLOY_ROOT' 'C:\kkFileView-5.0'
+$HealthUrl = Get-OptionalEnv 'KK_DEPLOY_HEALTH_URL' 'http://127.0.0.1:8012/'
+$DryRun = Get-OptionalEnv 'KK_DEPLOY_DRY_RUN' 'false'
+
+$BinDir = Join-Path $DeployRoot 'bin'
+$StartupScript = Join-Path $BinDir 'startup.bat'
+$ReleaseDir = Join-Path $DeployRoot 'releases'
+$DeployTmp = Join-Path $DeployRoot 'deploy-tmp'
+$ArtifactZip = Join-Path $DeployTmp 'artifact.zip'
+$ExtractDir = Join-Path $DeployTmp 'artifact'
+
+if (-not (Test-Path $DeployRoot)) {
+    throw "Deploy root not found: $DeployRoot"
+}
+
+if (-not (Test-Path $BinDir)) {
+    throw "Bin directory not found: $BinDir"
+}
+
+if (-not (Test-Path $StartupScript)) {
+    throw "Startup script not found: $StartupScript"
+}
+
+$CurrentJar = Get-ChildItem $BinDir -Filter 'kkFileView-*.jar' | Sort-Object LastWriteTime -Descending | Select-Object -First 1
+if (-not $CurrentJar) {
+    throw "No kkFileView jar found in $BinDir"
+}
+
+$JarName = $CurrentJar.Name
+$JarPath = $CurrentJar.FullName
+
+Write-Step "Deploy root: $DeployRoot"
+Write-Step "Current jar: $JarPath"
+Write-Step "Startup script: $StartupScript"
+Write-Step "Health url: $HealthUrl"
+
+if ($DryRun -eq 'true') {
+    Write-Step "Dry run enabled, remote validation finished"
+    return
+}
+
+New-Item -ItemType Directory -Force -Path $ReleaseDir | Out-Null
+New-Item -ItemType Directory -Force -Path $DeployTmp | Out-Null
+
+if (Test-Path $ArtifactZip) {
+    Remove-Item $ArtifactZip -Force
+}
+
+if (Test-Path $ExtractDir) {
+    Remove-Item $ExtractDir -Recurse -Force
+}
+
+Write-Step 'Downloading workflow artifact via signed URL'
+$PreviousProgressPreference = $ProgressPreference
+$ProgressPreference = 'SilentlyContinue'
+try {
+    Invoke-WebRequest -Uri $ArtifactDownloadUrl -OutFile $ArtifactZip -UseBasicParsing -TimeoutSec 120
+} finally {
+    $ProgressPreference = $PreviousProgressPreference
+}
+
+if (-not (Test-Path $ArtifactZip)) {
+    throw "Artifact zip was not created: $ArtifactZip"
+}
+
+$ArtifactZipInfo = Get-Item $ArtifactZip
+if ($ArtifactZipInfo.Length -le 0) {
+    throw "Downloaded artifact zip is empty: $ArtifactZip"
+}
+
+Expand-Archive -LiteralPath $ArtifactZip -DestinationPath $ExtractDir -Force
+
+$DownloadedJars = Get-ChildItem $ExtractDir -Filter 'kkFileView-*.jar' -Recurse
+if (-not $DownloadedJars) {
+    throw 'No kkFileView jar found inside downloaded workflow artifact'
+}
+
+if ($DownloadedJars.Count -ne 1) {
+    throw "Expected exactly one kkFileView jar inside downloaded workflow artifact, found $($DownloadedJars.Count)"
+}
+
+$DownloadedJar = $DownloadedJars[0]
+
+$Timestamp = Get-Date -Format 'yyyyMMddHHmmss'
+$BackupJar = Join-Path $ReleaseDir ("{0}.{1}.bak" -f $JarName, $Timestamp)
+
+function Stop-KkFileView {
+    $JarPattern = [regex]::Escape($JarName)
+    $Processes = Get-CimInstance Win32_Process | Where-Object {
+        $_.Name -match '^java(\.exe)?$' -and $_.CommandLine -and $_.CommandLine -match $JarPattern
+    }
+
+    foreach ($Process in $Processes) {
+        Write-Step "Stopping java process $($Process.ProcessId)"
+        Stop-Process -Id $Process.ProcessId -Force -ErrorAction SilentlyContinue
+    }
+}
+
+function Wait-KkFileViewStopped {
+    param([int]$TimeoutSeconds = 30)
+
+    $JarPattern = [regex]::Escape($JarName)
+    for ($i = 0; $i -lt $TimeoutSeconds; $i++) {
+        $Processes = Get-CimInstance Win32_Process | Where-Object {
+            $_.Name -match '^java(\.exe)?$' -and $_.CommandLine -and $_.CommandLine -match $JarPattern
+        }
+
+        if (-not $Processes) {
+            return $true
+        }
+
+        Start-Sleep -Seconds 1
+    }
+
+    return $false
+}
+
+function Start-KkFileView {
+    Write-Step "Starting kkFileView"
+    Start-Process -FilePath 'cmd.exe' -ArgumentList '/c', "`"$StartupScript`"" -WorkingDirectory $BinDir -WindowStyle Hidden
+}
+
+function Wait-Health {
+    param([string]$Url)
+
+    for ($i = 0; $i -lt 24; $i++) {
+        Start-Sleep -Seconds 5
+        try {
+            $Response = Invoke-WebRequest -Uri $Url -UseBasicParsing -TimeoutSec 5
+            if ($Response.StatusCode -eq 200) {
+                return $true
+            }
+        } catch {
+            Start-Sleep -Milliseconds 200
+        }
+    }
+
+    return $false
+}
+
+Write-Step "Backing up current jar to $BackupJar"
+Copy-Item $JarPath $BackupJar -Force
+
+Stop-KkFileView
+if (-not (Wait-KkFileViewStopped)) {
+    throw "Timed out waiting for the previous kkFileView process to exit"
+}
+
+Write-Step "Replacing jar with artifact output"
+Copy-Item $DownloadedJar.FullName $JarPath -Force
+
+Start-KkFileView
+
+if (-not (Wait-Health -Url $HealthUrl)) {
+    Write-Step "Health check failed, rolling back"
+    Stop-KkFileView
+    if (-not (Wait-KkFileViewStopped)) {
+        throw "Timed out waiting for the failed kkFileView process to exit during rollback"
+    }
+    Copy-Item $BackupJar $JarPath -Force
+    Start-KkFileView
+
+    if (-not (Wait-Health -Url $HealthUrl)) {
+        throw "Deployment failed and rollback health check also failed"
+    }
+
+    throw "Deployment failed, rollback completed successfully"
+}
+
+Write-Step "Deployment completed successfully"

.github/workflows/master-auto-deploy.yml

@@ -0,0 +1,95 @@
+name: Master Auto Deploy
+
+on:
+  push:
+    branches: [ master ]
+  workflow_dispatch:
+
+concurrency:
+  group: master-auto-deploy-production
+  cancel-in-progress: false
+
+permissions:
+  contents: read
+  actions: read
+
+jobs:
+  build:
+    runs-on: ubuntu-22.04
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Set up JDK 21
+        uses: actions/setup-java@v4
+        with:
+          java-version: '21'
+          distribution: temurin
+          cache: maven
+
+      - name: Build with Maven
+        run: mvn -B package -Dmaven.test.skip=true --file pom.xml
+
+      - name: Upload server jar artifact
+        uses: actions/upload-artifact@v4
+        with:
+          name: kkfileview-server-jar
+          path: server/target/kkFileView-*.jar
+          retention-days: 7
+
+  deploy-windows:
+    needs: build
+    runs-on: ubuntu-22.04
+    env:
+      GITHUB_REPOSITORY_NAME: ${{ github.repository }}
+      GITHUB_RUN_ID_VALUE: ${{ github.run_id }}
+      KK_DEPLOY_HOST: ${{ secrets.KK_DEPLOY_HOST }}
+      KK_DEPLOY_PORT: ${{ secrets.KK_DEPLOY_PORT }}
+      KK_DEPLOY_USERNAME: ${{ secrets.KK_DEPLOY_USERNAME }}
+      KK_DEPLOY_PASSWORD: ${{ secrets.KK_DEPLOY_PASSWORD }}
+      KK_DEPLOY_ROOT: ${{ secrets.KK_DEPLOY_ROOT }}
+      KK_DEPLOY_HEALTH_URL: ${{ secrets.KK_DEPLOY_HEALTH_URL }}
+      KK_DEPLOY_ARTIFACT_NAME: kkfileview-server-jar
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.11'
+
+      - name: Install WinRM dependencies
+        run: pip install pywinrm
+
+      - name: Validate deploy secrets
+        run: |
+          test -n "$KK_DEPLOY_HOST" || (echo "Missing secret: KK_DEPLOY_HOST" && exit 1)
+          test -n "$KK_DEPLOY_USERNAME" || (echo "Missing secret: KK_DEPLOY_USERNAME" && exit 1)
+          test -n "$KK_DEPLOY_PASSWORD" || (echo "Missing secret: KK_DEPLOY_PASSWORD" && exit 1)
+
+      - name: Resolve artifact download URL
+        env:
+          GH_TOKEN: ${{ github.token }}
+        run: |
+          artifact_json=$(curl -fsSL \
+            -H "Authorization: Bearer $GH_TOKEN" \
+            -H "Accept: application/vnd.github+json" \
+            -H "X-GitHub-Api-Version: 2022-11-28" \
+            "https://api.github.com/repos/$GITHUB_REPOSITORY_NAME/actions/runs/$GITHUB_RUN_ID_VALUE/artifacts")
+          artifact_id=$(ARTIFACT_JSON="$artifact_json" ARTIFACT_NAME="$KK_DEPLOY_ARTIFACT_NAME" python -c "import json, os; payload=json.loads(os.environ['ARTIFACT_JSON']); name=os.environ['ARTIFACT_NAME']; matches=[artifact for artifact in payload.get('artifacts', []) if artifact.get('name') == name]; matches or (_ for _ in ()).throw(SystemExit(f\"Artifact '{name}' not found for run\")); len(matches) == 1 or (_ for _ in ()).throw(SystemExit(f\"Expected one artifact named '{name}', found {len(matches)}\")); print(matches[0]['id'])")
+          headers_file=$(mktemp)
+          curl -fsS -D "$headers_file" -o /dev/null \
+            -H "Authorization: Bearer $GH_TOKEN" \
+            -H "Accept: application/vnd.github+json" \
+            -H "X-GitHub-Api-Version: 2022-11-28" \
+            "https://api.github.com/repos/$GITHUB_REPOSITORY_NAME/actions/artifacts/$artifact_id/zip"
+          artifact_url=$(awk 'BEGIN{IGNORECASE=1} /^location:/ { sub(/\r$/, "", $0); print substr($0, index($0, ":") + 2); exit }' "$headers_file")
+          test -n "$artifact_url" || (echo "Failed to resolve artifact download redirect URL" && exit 1)
+          rm -f "$headers_file"
+          echo "KK_DEPLOY_ARTIFACT_URL=$artifact_url" >> "$GITHUB_ENV"
+
+      - name: Deploy to Windows server
+        run: python .github/scripts/deploy_windows_winrm.py

doc/ci-auto-deploy.md

@@ -0,0 +1,41 @@
+# kkFileView master 自动部署
+
+当前线上 Windows 服务器的实际部署信息如下：
+
+- 部署根目录：`C:\kkFileView-5.0`
+- 运行 jar：`C:\kkFileView-5.0\bin\kkFileView-5.0.jar`
+- 启动脚本：`C:\kkFileView-5.0\bin\startup.bat`
+- 运行配置：`C:\kkFileView-5.0\config\test.properties`
+- 健康检查地址：`http://127.0.0.1:8012/`
+
+服务器当前没有安装 `git` 和 `mvn`，因此自动部署链路采用：
+
+1. GitHub Actions 在 `master` 合并后构建 `kkFileView-*.jar`
+2. 由 GitHub Actions runner 解析当前 workflow artifact 的临时下载地址
+3. 通过 WinRM 连接 Windows 服务器
+4. 由服务器通过临时下载地址拉取 jar artifact
+5. 备份线上 jar，替换为新版本
+6. 使用现有 `startup.bat` 重启，并做健康检查
+7. 如果健康检查失败，则自动回滚旧 jar 并重新拉起
+
+这样做的目的是不把 GitHub token 下发到生产服务器，服务器只接触一次性 artifact 下载链接。
+
+## 需要配置的 GitHub Secrets
+
+- `KK_DEPLOY_HOST`
+- `KK_DEPLOY_USERNAME`
+- `KK_DEPLOY_PASSWORD`
+
+下面这些可以不配，未配置时会使用默认值：
+
+- `KK_DEPLOY_PORT=5985`
+- `KK_DEPLOY_ROOT=C:\kkFileView-5.0`
+- `KK_DEPLOY_HEALTH_URL=http://127.0.0.1:8012/`
+
+## Workflow
+
+新增 workflow：`.github/workflows/master-auto-deploy.yml`
+
+- 触发条件：`push` 到 `master`，或手动 `workflow_dispatch`
+- 构建产物：`kkfileview-server-jar`
+- 部署方式：WinRM + runner 侧解析 artifact 临时下载地址 + Windows 服务器拉取 artifact