actions/xgj
1
0
Fork 0
mirror of https://git.bjxgj.com/xgj/xgj-actions.git synced 2025-10-14 06:33:37 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat: 添加构建和部署环境配置的 GitHub Action,包括 Docker 和 kubectl 的安装与配置,支持阿里云镜像源,提供详细的日志输出和错误处理。

Browse Source
This commit is contained in:
Lyda
2025-08-20 11:42:59 +08:00
parent 0c6afd9bcf
commit 8132353be7
11 changed files with 1622 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

199
setup-env/README.md Normal file
View File

@@ -0,0 +1,199 @@
# Setup Build Environment Action
这是一个用于配置构建和部署环境的 GitHub Action专门为 CI/CD 流水线设计。它能够自动安装和配置 Docker、kubectl 以及其他必要的构建工具。
## 🚀 特性
- ✅ 自动配置 Git 用户信息
- 🐳 安装 Docker CLI 和相关插件
- ☸️ 安装和配置 kubectl
- 🗄️ 智能缓存机制,提高构建速度
- 🌏 支持阿里云镜像源,提升国内访问速度
- 🔐 自动登录私有 Docker 仓库
- 📋 详细的日志输出和错误处理
- ⚡ 灵活的配置选项
## 📋 输入参数
| 参数名 | 描述 | 必填 | 默认值 |
| ------------------- | ------------------------------ | ---- | --------------------------- |
| `docker-registry` | Docker 私有仓库地址 | ❌ | `docker-registry.bjxgj.com` |
| `docker-username` | Docker 仓库用户名 | ❌ | `ci-action` |
| `docker-password` | Docker 仓库密码 | ✅ | - |
| `kube-config` | Base64 编码的 kubectl 配置文件 | ❌ | `''` |
| `cache-key` | 缓存键值 | ❌ | `setup-env` |
| `use-aliyun-mirror` | 是否使用阿里云镜像源 | ❌ | `true` |
| `git-user-name` | Git 用户名 | ❌ | `GiteaActions` |
| `git-user-email` | Git 用户邮箱 | ❌ | `actions@gitea.com` |
| `skip-kubectl` | 跳过 kubectl 安装和配置 | ❌ | `false` |
| `skip-docker-login` | 跳过 Docker 登录 | ❌ | `false` |
## 📤 输出参数
| 参数名 | 描述 |
| ----------------- | ------------------- |
| `cache-hit` | 缓存是否命中 |
| `kubectl-version` | 安装的 kubectl 版本 |
| `docker-version` | 安装的 Docker 版本 |
## 🏗️ 基本使用
### 最简配置
```yaml
- name: 配置构建环境
uses: xgj/actions/setup-env@v1
with:
docker-password: ${{ secrets.DOCKER_PASSWORD }}
```
### 完整配置
```yaml
- name: 配置构建环境
uses: xgj/actions/setup-env@v1
with:
docker-registry: "your-registry.com"
docker-username: "your-username"
docker-password: ${{ secrets.DOCKER_PASSWORD }}
kube-config: ${{ secrets.KUBE_CONFIG }}
cache-key: "my-project-env"
use-aliyun-mirror: "true"
git-user-name: "CI Bot"
git-user-email: "ci@yourcompany.com"
```
### 仅 Docker 环境
```yaml
- name: 配置 Docker 环境
uses: xgj/actions/setup-env@v1
with:
docker-password: ${{ secrets.DOCKER_PASSWORD }}
skip-kubectl: "true"
```
### 仅 kubectl 环境
```yaml
- name: 配置 Kubernetes 环境
uses: xgj/actions/setup-env@v1
with:
kube-config: ${{ secrets.KUBE_CONFIG }}
skip-docker-login: "true"
```
## 📝 完整工作流示例
```yaml
name: Build and Deploy
on: [push]
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: 检出代码
uses: actions/checkout@v4
- name: 配置构建环境
id: setup
uses: xgj/actions/setup-env@v1
with:
docker-password: ${{ secrets.DOCKER_PASSWORD }}
kube-config: ${{ secrets.KUBE_CONFIG }}
cache-key: "build-${{ github.sha }}"
- name: 检查环境信息
run: |
echo "缓存命中: ${{ steps.setup.outputs.cache-hit }}"
echo "Docker 版本: ${{ steps.setup.outputs.docker-version }}"
echo "kubectl 版本: ${{ steps.setup.outputs.kubectl-version }}"
- name: 构建 Docker 镜像
run: |
docker build -t my-app:latest .
- name: 部署到 Kubernetes
run: |
kubectl apply -f k8s/
```
## 🔧 高级配置
### 自定义缓存策略
```yaml
- name: 配置环境(自定义缓存)
uses: xgj/actions/setup-env@v1
with:
docker-password: ${{ secrets.DOCKER_PASSWORD }}
cache-key: 'env-${{ matrix.os }}-${{ hashFiles("Dockerfile") }}'
```
### 多环境部署
```yaml
strategy:
matrix:
environment: [dev, staging, prod]
steps:
- name: 配置环境
uses: xgj/actions/setup-env@v1
with:
docker-password: ${{ secrets.DOCKER_PASSWORD }}
kube-config: ${{ secrets[format('KUBE_CONFIG_{0}', matrix.environment)] }}
cache-key: "deploy-${{ matrix.environment }}"
```
## 🛠️ 故障排除
### 常见问题
1. **Docker 登录失败**
- 检查 `docker-password` 是否正确设置
- 确认 Docker 仓库地址和用户名
2. **kubectl 连接失败**
- 验证 `kube-config` 是否正确的 Base64 编码
- 检查集群网络连接
3. **缓存未命中**
- 检查 `cache-key` 配置
- 确认文件哈希是否变化
### 调试模式
启用详细日志输出:
```yaml
- name: 配置环境(调试模式)
uses: xgj/actions/setup-env@v1
with:
docker-password: ${{ secrets.DOCKER_PASSWORD }}
env:
ACTIONS_STEP_DEBUG: true
```
## 📋 环境要求
- **操作系统**: Ubuntu 18.04+, Debian 10+
- **权限**: 需要 sudo 权限安装软件包
- **网络**: 需要访问外部软件包仓库
## 🔒 安全考虑
- 使用 GitHub Secrets 存储敏感信息
- 定期更新依赖版本
- 限制 kubectl 权限范围
- 使用最小权限原则
## 🤝 贡献
欢迎提交 Issue 和 Pull Request
## 📄 许可证
MIT License

174
setup-env/action.yml Normal file
View File

@@ -0,0 +1,174 @@
name: 'Setup Build Environment'
description: '配置构建发布环境,包括 Docker、kubectl 和基础工具'
author: 'Your Organization'
branding:
icon: 'settings'
color: 'blue'
inputs:
docker-registry:
description: 'Docker 私有仓库地址'
required: false
default: 'docker-registry.bjxgj.com'
docker-username:
description: 'Docker 仓库用户名'
required: false
default: 'ci-action'
docker-password:
description: 'Docker 仓库密码'
required: true
kube-config:
description: 'Base64 编码的 kubectl 配置文件'
required: false
default: ''
cache-key:
description: '缓存键值,用于依赖缓存'
required: false
default: 'setup-env'
use-aliyun-mirror:
description: '是否使用阿里云镜像源 (true/false)'
required: false
default: 'true'
git-user-name:
description: 'Git 用户名'
required: false
default: 'GiteaActions'
git-user-email:
description: 'Git 用户邮箱'
required: false
default: 'actions@gitea.com'
skip-kubectl:
description: '跳过 kubectl 安装和配置 (true/false)'
required: false
default: 'false'
skip-docker-login:
description: '跳过 Docker 登录 (true/false)'
required: false
default: 'false'
outputs:
cache-hit:
description: '缓存是否命中'
value: ${{ steps.cache-setup.outputs.cache-hit }}
kubectl-version:
description: '安装的 kubectl 版本'
value: ${{ steps.kubectl-version.outputs.version }}
docker-version:
description: '安装的 Docker 版本'
value: ${{ steps.docker-version.outputs.version }}
runs:
using: 'composite'
steps:
- name: 配置Git
shell: bash
run: |
echo "🔧 配置 Git 用户信息..."
git config --global user.name "${{ inputs.git-user-name }}"
git config --global user.email "${{ inputs.git-user-email }}"
echo "✅ Git 配置完成"
- name: 缓存依赖与配置环境
id: cache-setup
uses: actions/cache@v4
with:
path: |
/var/cache/apt/archives
/var/lib/apt/lists
/usr/bin/curl
/usr/bin/gpg
/usr/bin/base64
/usr/share/ca-certificates
/etc/apt/keyrings/docker.gpg
/etc/apt/keyrings/kubernetes-apt-keyring.gpg
/etc/apt/sources.list.d/kubernetes.list
/etc/apt/sources.list.d/docker.list
/usr/bin/docker
/usr/bin/buildx
/usr/bin/docker-compose
/usr/libexec/docker/cli-plugins/docker-buildx
/usr/libexec/docker/cli-plugins/docker-compose
/usr/bin/kubectl
key: ${{ runner.os }}-${{ inputs.cache-key }}-${{ hashFiles('**/action.yml') }}-v2
restore-keys: |
${{ runner.os }}-${{ inputs.cache-key }}-
- name: 配置环境(如果未命中缓存)
if: steps.cache-setup.outputs.cache-hit != 'true'
shell: bash
run: ${{ github.action_path }}/scripts/setup-environment.sh
env:
USE_ALIYUN_MIRROR: ${{ inputs.use-aliyun-mirror }}
SKIP_KUBECTL: ${{ inputs.skip-kubectl }}
- name: 获取 Docker 版本
id: docker-version
shell: bash
run: |
if command -v docker &> /dev/null; then
VERSION=$(docker --version | cut -d' ' -f3 | cut -d',' -f1)
echo "version=$VERSION" >> $GITHUB_OUTPUT
echo "🐳 Docker 版本: $VERSION"
else
echo "version=not-installed" >> $GITHUB_OUTPUT
echo "⚠️ Docker 未安装"
fi
- name: 获取 kubectl 版本
id: kubectl-version
if: ${{ inputs.skip-kubectl != 'true' }}
shell: bash
run: |
if command -v kubectl &> /dev/null; then
VERSION=$(kubectl version --client --short 2>/dev/null | cut -d' ' -f3 || echo "unknown")
echo "version=$VERSION" >> $GITHUB_OUTPUT
echo "☸️ kubectl 版本: $VERSION"
else
echo "version=not-installed" >> $GITHUB_OUTPUT
echo "⚠️ kubectl 未安装"
fi
- name: 配置 kubectl
if: ${{ inputs.kube-config != '' && inputs.skip-kubectl != 'true' }}
shell: bash
run: ${{ github.action_path }}/scripts/setup-kubectl.sh
env:
KUBE_CONFIG_BASE64: ${{ inputs.kube-config }}
- name: 验证 kubectl 配置
if: ${{ inputs.kube-config != '' && inputs.skip-kubectl != 'true' }}
shell: bash
run: ${{ github.action_path }}/scripts/verify-kubectl.sh
- name: 登录私有 Docker 仓库
if: ${{ inputs.skip-docker-login != 'true' }}
uses: docker/login-action@v3
with:
registry: ${{ inputs.docker-registry }}
username: ${{ inputs.docker-username }}
password: ${{ inputs.docker-password }}
- name: 环境配置完成
shell: bash
run: |
echo "🎉 环境配置完成!"
echo "📋 已安装的工具:"
if command -v docker &> /dev/null; then
echo " - Docker: $(docker --version | cut -d' ' -f3 | cut -d',' -f1)"
fi
if command -v kubectl &> /dev/null && [[ "${{ inputs.skip-kubectl }}" != "true" ]]; then
echo " - kubectl: $(kubectl version --client --short 2>/dev/null | cut -d' ' -f3 || echo "已安装")"
fi
echo " - Git: $(git --version | cut -d' ' -f3)"

30
setup-env/examples/basic-workflow.yml Normal file
View File

@@ -0,0 +1,30 @@
# 基本使用示例
name: Basic Build and Deploy
on:
push:
branches: [ main ]
pull_request:
branches: [ main ]
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: 检出代码
uses: actions/checkout@v4
- name: 配置构建环境
uses: xgj/actions/setup-env@v1
with:
docker-password: ${{ secrets.DOCKER_PASSWORD }}
- name: 构建应用
run: |
echo "开始构建应用..."
docker build -t my-app:${{ github.sha }} .
echo "构建完成!"
- name: 推送镜像
run: |
docker push my-app:${{ github.sha }}
echo "镜像推送完成!"

107
setup-env/examples/full-deployment.yml Normal file
View File

@@ -0,0 +1,107 @@
# 完整部署示例
name: Full Build and Deploy Pipeline
on:
workflow_dispatch:
inputs:
environment:
description: '部署环境'
required: true
default: 'dev'
type: choice
options:
- dev
- staging
- prod
env:
REGISTRY: docker-registry.bjxgj.com
IMAGE_NAME: my-application
jobs:
build:
runs-on: ubuntu-latest
outputs:
image-tag: ${{ steps.meta.outputs.tags }}
cache-hit: ${{ steps.setup.outputs.cache-hit }}
steps:
- name: 检出代码
uses: actions/checkout@v4
- name: 配置构建环境
id: setup
uses: xgj/actions/setup-env@v1
with:
docker-registry: ${{ env.REGISTRY }}
docker-username: ci-action
docker-password: ${{ secrets.DOCKER_PASSWORD }}
cache-key: 'build-${{ github.sha }}'
use-aliyun-mirror: 'true'
- name: 生成镜像元数据
id: meta
run: |
IMAGE_TAG="${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.sha }}"
echo "tags=$IMAGE_TAG" >> $GITHUB_OUTPUT
echo "Generated image tag: $IMAGE_TAG"
- name: 构建 Docker 镜像
run: |
docker build \
--tag ${{ steps.meta.outputs.tags }} \
--label "org.opencontainers.image.source=${{ github.server_url }}/${{ github.repository }}" \
--label "org.opencontainers.image.revision=${{ github.sha }}" \
--label "org.opencontainers.image.created=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" \
.
- name: 推送镜像
run: |
docker push ${{ steps.meta.outputs.tags }}
- name: 构建摘要
run: |
echo "## 🐳 构建信息" >> $GITHUB_STEP_SUMMARY
echo "- **镜像**: ${{ steps.meta.outputs.tags }}" >> $GITHUB_STEP_SUMMARY
echo "- **缓存命中**: ${{ steps.setup.outputs.cache-hit }}" >> $GITHUB_STEP_SUMMARY
echo "- **Docker 版本**: ${{ steps.setup.outputs.docker-version }}" >> $GITHUB_STEP_SUMMARY
deploy:
needs: build
runs-on: ubuntu-latest
environment: ${{ inputs.environment }}
steps:
- name: 检出代码
uses: actions/checkout@v4
- name: 配置部署环境
id: setup
uses: xgj/actions/setup-env@v1
with:
docker-password: ${{ secrets.DOCKER_PASSWORD }}
kube-config: ${{ secrets[format('KUBE_CONFIG_{0}', inputs.environment)] }}
cache-key: 'deploy-${{ inputs.environment }}'
- name: 部署到 Kubernetes
run: |
# 替换镜像标签
sed -i "s|{{IMAGE_TAG}}|${{ needs.build.outputs.image-tag }}|g" k8s/deployment.yaml
# 应用配置
kubectl apply -f k8s/ -n ${{ inputs.environment }}
# 等待部署完成
kubectl rollout status deployment/my-application -n ${{ inputs.environment }} --timeout=300s
- name: 验证部署
run: |
# 检查 Pod 状态
kubectl get pods -n ${{ inputs.environment }} -l app=my-application
# 检查服务状态
kubectl get svc -n ${{ inputs.environment }} -l app=my-application
- name: 部署摘要
run: |
echo "## ☸️ 部署信息" >> $GITHUB_STEP_SUMMARY
echo "- **环境**: ${{ inputs.environment }}" >> $GITHUB_STEP_SUMMARY
echo "- **镜像**: ${{ needs.build.outputs.image-tag }}" >> $GITHUB_STEP_SUMMARY
echo "- **kubectl 版本**: ${{ steps.setup.outputs.kubectl-version }}" >> $GITHUB_STEP_SUMMARY

110
setup-env/examples/multi-environment.yml Normal file
View File

@@ -0,0 +1,110 @@
# 多环境部署示例
name: Multi-Environment Deploy
on:
push:
branches: [ main ]
tags: [ 'v*' ]
jobs:
build:
runs-on: ubuntu-latest
outputs:
image-tag: ${{ steps.meta.outputs.tags }}
steps:
- name: 检出代码
uses: actions/checkout@v4
- name: 配置构建环境
uses: xgj/actions/setup-env@v1
with:
docker-password: ${{ secrets.DOCKER_PASSWORD }}
cache-key: 'multi-env-build'
- name: 生成镜像标签
id: meta
run: |
if [[ $GITHUB_REF == refs/tags/* ]]; then
VERSION=${GITHUB_REF#refs/tags/}
else
VERSION=${GITHUB_SHA::7}
fi
IMAGE_TAG="docker-registry.bjxgj.com/my-app:$VERSION"
echo "tags=$IMAGE_TAG" >> $GITHUB_OUTPUT
echo "version=$VERSION" >> $GITHUB_OUTPUT
- name: 构建并推送
run: |
docker build -t ${{ steps.meta.outputs.tags }} .
docker push ${{ steps.meta.outputs.tags }}
deploy-dev:
needs: build
runs-on: ubuntu-latest
if: github.ref == 'refs/heads/main'
environment: development
steps:
- name: 检出代码
uses: actions/checkout@v4
- name: 配置开发环境
uses: xgj/actions/setup-env@v1
with:
docker-password: ${{ secrets.DOCKER_PASSWORD }}
kube-config: ${{ secrets.KUBE_CONFIG_DEV }}
cache-key: 'deploy-dev'
- name: 部署到开发环境
run: |
sed -i "s|{{IMAGE_TAG}}|${{ needs.build.outputs.image-tag }}|g" k8s/dev/deployment.yaml
kubectl apply -f k8s/dev/ -n development
kubectl rollout status deployment/my-app -n development
deploy-staging:
needs: build
runs-on: ubuntu-latest
if: startsWith(github.ref, 'refs/tags/')
environment: staging
steps:
- name: 检出代码
uses: actions/checkout@v4
- name: 配置预发布环境
uses: xgj/actions/setup-env@v1
with:
docker-password: ${{ secrets.DOCKER_PASSWORD }}
kube-config: ${{ secrets.KUBE_CONFIG_STAGING }}
cache-key: 'deploy-staging'
- name: 部署到预发布环境
run: |
sed -i "s|{{IMAGE_TAG}}|${{ needs.build.outputs.image-tag }}|g" k8s/staging/deployment.yaml
kubectl apply -f k8s/staging/ -n staging
kubectl rollout status deployment/my-app -n staging
deploy-production:
needs: [build, deploy-staging]
runs-on: ubuntu-latest
if: startsWith(github.ref, 'refs/tags/')
environment: production
steps:
- name: 检出代码
uses: actions/checkout@v4
- name: 配置生产环境
uses: xgj/actions/setup-env@v1
with:
docker-password: ${{ secrets.DOCKER_PASSWORD }}
kube-config: ${{ secrets.KUBE_CONFIG_PROD }}
cache-key: 'deploy-production'
use-aliyun-mirror: 'false' # 生产环境使用官方源
- name: 部署到生产环境
run: |
sed -i "s|{{IMAGE_TAG}}|${{ needs.build.outputs.image-tag }}|g" k8s/prod/deployment.yaml
kubectl apply -f k8s/prod/ -n production
kubectl rollout status deployment/my-app -n production
- name: 健康检查
run: |
kubectl get pods -n production -l app=my-app
# 可以添加更多健康检查逻辑

132
setup-env/examples/troubleshooting.yml Normal file
View File

@@ -0,0 +1,132 @@
# 故障排除和调试示例
name: Troubleshooting Example
on:
workflow_dispatch:
inputs:
debug_mode:
description: '启用调试模式'
required: false
default: false
type: boolean
jobs:
debug-setup:
runs-on: ubuntu-latest
steps:
- name: 检出代码
uses: actions/checkout@v4
- name: 配置环境(调试模式)
id: setup
uses: xgj/actions/setup-env@v1
with:
docker-password: ${{ secrets.DOCKER_PASSWORD }}
kube-config: ${{ secrets.KUBE_CONFIG }}
cache-key: 'debug-env'
env:
# 启用详细日志
ACTIONS_STEP_DEBUG: ${{ inputs.debug_mode }}
ACTIONS_RUNNER_DEBUG: ${{ inputs.debug_mode }}
- name: 环境信息检查
run: |
echo "=== 系统信息 ==="
uname -a
cat /etc/os-release
echo -e "\n=== 已安装工具版本 ==="
echo "Docker: ${{ steps.setup.outputs.docker-version }}"
echo "kubectl: ${{ steps.setup.outputs.kubectl-version }}"
echo "Git: $(git --version)"
echo -e "\n=== 缓存状态 ==="
echo "Cache Hit: ${{ steps.setup.outputs.cache-hit }}"
echo -e "\n=== Docker 状态 ==="
docker version || echo "Docker 命令失败"
docker info || echo "Docker info 失败"
echo -e "\n=== kubectl 状态 ==="
kubectl version --client || echo "kubectl 客户端版本获取失败"
kubectl config current-context || echo "kubectl 上下文获取失败"
- name: 网络连接测试
run: |
echo "=== 网络连接测试 ==="
# 测试 Docker 仓库连接
echo "测试 Docker 仓库连接..."
curl -I https://docker-registry.bjxgj.com/v2/ || echo "Docker 仓库连接失败"
# 测试 Kubernetes API
if [[ -n "${{ secrets.KUBE_CONFIG }}" ]]; then
echo "测试 Kubernetes API 连接..."
kubectl cluster-info --request-timeout=10s || echo "Kubernetes API 连接失败"
fi
# 测试外部网络
echo "测试外部网络连接..."
curl -I https://github.com || echo "GitHub 连接失败"
curl -I https://mirrors.aliyun.com || echo "阿里云镜像连接失败"
- name: 权限检查
run: |
echo "=== 权限检查 ==="
# 检查文件权限
ls -la ~/.kube/ || echo "kubectl 配置目录不存在"
ls -la ~/.docker/ || echo "Docker 配置目录不存在"
# 检查用户权限
id
groups
# 检查 sudo 权限
sudo -n true && echo "具有 sudo 权限" || echo "无 sudo 权限"
- name: 清理和重试(失败时)
if: failure()
run: |
echo "=== 清理环境 ==="
# 清理 Docker 配置
rm -rf ~/.docker/config.json || true
# 清理 kubectl 配置
rm -rf ~/.kube/config || true
# 清理缓存
rm -rf /tmp/setup-env-* || true
echo "环境已清理,建议重新运行"
- name: 收集日志
if: always()
run: |
echo "=== 收集系统日志 ==="
# 收集系统日志
sudo dmesg | tail -50 || echo "无法获取系统日志"
# 收集 Docker 日志
sudo journalctl -u docker --no-pager --lines=20 || echo "无法获取 Docker 日志"
# 收集网络信息
ip addr show || echo "无法获取网络信息"
ss -tuln || echo "无法获取端口信息"
- name: 生成故障报告
if: failure()
run: |
echo "## 🚨 故障报告" >> $GITHUB_STEP_SUMMARY
echo "### 环境信息" >> $GITHUB_STEP_SUMMARY
echo "- **运行器**: ${{ runner.os }}" >> $GITHUB_STEP_SUMMARY
echo "- **缓存命中**: ${{ steps.setup.outputs.cache-hit }}" >> $GITHUB_STEP_SUMMARY
echo "- **Docker 版本**: ${{ steps.setup.outputs.docker-version }}" >> $GITHUB_STEP_SUMMARY
echo "- **kubectl 版本**: ${{ steps.setup.outputs.kubectl-version }}" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "### 建议解决方案" >> $GITHUB_STEP_SUMMARY
echo "1. 检查网络连接" >> $GITHUB_STEP_SUMMARY
echo "2. 验证 secrets 配置" >> $GITHUB_STEP_SUMMARY
echo "3. 清除缓存重试" >> $GITHUB_STEP_SUMMARY
echo "4. 联系运维团队" >> $GITHUB_STEP_SUMMARY

204
setup-env/scripts/setup-environment.sh Executable file
View File

@@ -0,0 +1,204 @@
#!/bin/bash
set -euo pipefail
# 颜色输出
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m' # No Color
# 输出函数
log_info() {
echo -e "${BLUE} $1${NC}"
}
log_success() {
echo -e "${GREEN}$1${NC}"
}
log_warning() {
echo -e "${YELLOW}⚠️ $1${NC}"
}
log_error() {
echo -e "${RED}$1${NC}"
}
# 检查是否为 root 用户
check_root() {
if [[ $EUID -ne 0 ]]; then
log_error "此脚本需要 root 权限运行"
exit 1
fi
}
# 配置阿里云镜像源
setup_aliyun_sources() {
log_info "配置阿里云镜像源..."
# 备份原始源列表
if [[ -f /etc/apt/sources.list ]]; then
cp /etc/apt/sources.list /etc/apt/sources.list.backup
fi
# 设置阿里云镜像源
cat > /etc/apt/sources.list << 'EOF'
deb https://mirrors.aliyun.com/debian/ bullseye main contrib non-free
deb https://mirrors.aliyun.com/debian-security bullseye-security main contrib non-free
deb https://mirrors.aliyun.com/debian/ bullseye-updates main contrib non-free
EOF
log_success "阿里云镜像源配置完成"
}
# 安装基础依赖
install_base_packages() {
log_info "更新包列表并安装基础依赖..."
apt-get update
apt-get install -y \
ca-certificates \
curl \
gnupg \
coreutils \
lsb-release \
software-properties-common \
apt-transport-https
log_success "基础依赖安装完成"
}
# 安装 Docker
install_docker() {
log_info "安装 Docker..."
# 创建密钥目录
mkdir -p /etc/apt/keyrings
# 下载 Docker GPG 密钥
if [[ "${USE_ALIYUN_MIRROR:-true}" == "true" ]]; then
log_info "使用阿里云 Docker 镜像源..."
curl -fsSL https://mirrors.aliyun.com/docker-ce/linux/debian/gpg | \
gpg --batch --yes --dearmor -o /etc/apt/keyrings/docker.gpg
else
log_info "使用官方 Docker 源..."
curl -fsSL https://download.docker.com/linux/debian/gpg | \
gpg --batch --yes --dearmor -o /etc/apt/keyrings/docker.gpg
fi
chmod a+r /etc/apt/keyrings/docker.gpg
# 添加 Docker 源
if [[ "${USE_ALIYUN_MIRROR:-true}" == "true" ]]; then
echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://mirrors.aliyun.com/docker-ce/linux/debian $(lsb_release -cs) stable" | \
tee /etc/apt/sources.list.d/docker.list > /dev/null
else
echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" | \
tee /etc/apt/sources.list.d/docker.list > /dev/null
fi
# 更新源并安装 Docker
apt-get update
apt-get install -y \
docker-ce-cli \
docker-buildx-plugin \
docker-compose-plugin
log_success "Docker 安装完成"
}
# 安装 kubectl
install_kubectl() {
if [[ "${SKIP_KUBECTL:-false}" == "true" ]]; then
log_info "跳过 kubectl 安装"
return 0
fi
log_info "安装 kubectl..."
# 添加 Kubernetes GPG 密钥
curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.33/deb/Release.key | \
gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
chmod 644 /etc/apt/keyrings/kubernetes-apt-keyring.gpg
# 添加 Kubernetes apt 仓库
echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.33/deb/ /' | \
tee /etc/apt/sources.list.d/kubernetes.list
chmod 644 /etc/apt/sources.list.d/kubernetes.list
# 更新包索引并安装 kubectl
apt-get update
apt-get install -y kubectl
log_success "kubectl 安装完成"
}
# 验证安装
verify_installation() {
log_info "验证安装..."
# 验证 Docker
if command -v docker &> /dev/null; then
DOCKER_VERSION=$(docker --version | cut -d' ' -f3 | cut -d',' -f1)
log_success "Docker 版本: $DOCKER_VERSION"
else
log_error "Docker 安装失败"
exit 1
fi
# 验证 kubectl (如果安装了)
if [[ "${SKIP_KUBECTL:-false}" != "true" ]]; then
if command -v kubectl &> /dev/null; then
KUBECTL_VERSION=$(kubectl version --client --short 2>/dev/null | cut -d' ' -f3 || echo "已安装")
log_success "kubectl 版本: $KUBECTL_VERSION"
else
log_error "kubectl 安装失败"
exit 1
fi
fi
}
# 清理临时文件
cleanup() {
log_info "清理临时文件..."
apt-get clean
rm -rf /var/lib/apt/lists/*
log_success "清理完成"
}
# 主函数
main() {
log_info "开始配置构建环境..."
# 检查 root 权限
check_root
# 配置镜像源
if [[ "${USE_ALIYUN_MIRROR:-true}" == "true" ]]; then
setup_aliyun_sources
fi
# 安装基础包
install_base_packages
# 安装 Docker
install_docker
# 安装 kubectl
install_kubectl
# 验证安装
verify_installation
# 清理
cleanup
log_success "环境配置完成!"
}
# 错误处理
trap 'log_error "脚本执行失败,退出码: $?"' ERR
# 执行主函数
main "$@"

67
setup-env/scripts/setup-kubectl.sh Executable file
View File

@@ -0,0 +1,67 @@
#!/bin/bash
set -euo pipefail
# 颜色输出
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m' # No Color
# 输出函数
log_info() {
echo -e "${BLUE} $1${NC}"
}
log_success() {
echo -e "${GREEN}$1${NC}"
}
log_warning() {
echo -e "${YELLOW}⚠️ $1${NC}"
}
log_error() {
echo -e "${RED}$1${NC}"
}
# 配置 kubectl
setup_kubectl_config() {
log_info "配置 kubectl..."
# 检查环境变量
if [[ -z "${KUBE_CONFIG_BASE64:-}" ]]; then
log_error "KUBE_CONFIG_BASE64 环境变量未设置"
exit 1
fi
# 创建 .kube 目录
mkdir -p "$HOME/.kube"
# 解码并写入配置文件
echo "$KUBE_CONFIG_BASE64" | base64 -d > "$HOME/.kube/config"
# 设置正确的权限
chmod 600 "$HOME/.kube/config"
log_success "kubectl 配置文件已创建"
# 验证配置文件格式
if ! kubectl config view --minify >/dev/null 2>&1; then
log_error "kubectl 配置文件格式无效"
exit 1
fi
log_success "kubectl 配置验证通过"
}
# 主函数
main() {
setup_kubectl_config
}
# 错误处理
trap 'log_error "kubectl 配置失败,退出码: $?"' ERR
# 执行主函数
main "$@"

76
setup-env/scripts/verify-kubectl.sh Executable file
View File

@@ -0,0 +1,76 @@
#!/bin/bash
set -euo pipefail
# 颜色输出
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m' # No Color
# 输出函数
log_info() {
echo -e "${BLUE} $1${NC}"
}
log_success() {
echo -e "${GREEN}$1${NC}"
}
log_warning() {
echo -e "${YELLOW}⚠️ $1${NC}"
}
log_error() {
echo -e "${RED}$1${NC}"
}
# 验证 kubectl 连接
verify_kubectl_connection() {
log_info "验证 kubectl 连接..."
# 设置超时时间
TIMEOUT=30
# 检查集群连接
if timeout $TIMEOUT kubectl cluster-info >/dev/null 2>&1; then
log_success "集群连接成功"
# 显示集群信息
log_info "集群信息:"
kubectl cluster-info
# 显示节点信息
log_info "集群节点:"
if kubectl get nodes >/dev/null 2>&1; then
kubectl get nodes
else
log_warning "无法获取节点信息(可能权限不足)"
fi
# 显示当前上下文
CURRENT_CONTEXT=$(kubectl config current-context 2>/dev/null || echo "未知")
log_info "当前上下文: $CURRENT_CONTEXT"
# 显示 kubectl 版本
log_info "kubectl 版本信息:"
kubectl version --short 2>/dev/null || kubectl version --client
else
log_error "kubectl 连接验证失败"
log_info "尝试显示详细错误信息..."
kubectl cluster-info || true
exit 1
fi
}
# 主函数
main() {
verify_kubectl_connection
}
# 错误处理
trap 'log_error "kubectl 验证失败,退出码: $?"' ERR
# 执行主函数
main "$@"