From f6186086673799e0dbefb55fe690368ec9e12dcd Mon Sep 17 00:00:00 2001 From: Lyda <1829913225@qq.com> Date: Sat, 11 Oct 2025 18:21:10 +0800 Subject: [PATCH] =?UTF-8?q?feat:=20=E6=96=B0=E5=A2=9E=E9=85=8D=E7=BD=AE?= =?UTF-8?q?=E6=9E=84=E5=BB=BA=E7=8E=AF=E5=A2=83=E7=9A=84=20GitHub=20Action?= =?UTF-8?q?=EF=BC=8C=E6=94=AF=E6=8C=81=20Git=20=E5=92=8C=20kubectl=20?= =?UTF-8?q?=E9=85=8D=E7=BD=AE=E9=AA=8C=E8=AF=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- config-env/README.md | 76 +++++++++++++++++++++ config-env/action.yml | 89 +++++++++++++++++++++++++ config-env/examples/basic-usage.yml | 29 ++++++++ config-env/scripts/configure-git.sh | 59 ++++++++++++++++ config-env/scripts/configure-kubectl.sh | 65 ++++++++++++++++++ config-env/scripts/validate-tools.sh | 70 +++++++++++++++++++ config-env/scripts/verify-kubectl.sh | 60 +++++++++++++++++ 7 files changed, 448 insertions(+) create mode 100644 config-env/README.md create mode 100644 config-env/action.yml create mode 100644 config-env/examples/basic-usage.yml create mode 100644 config-env/scripts/configure-git.sh create mode 100644 config-env/scripts/configure-kubectl.sh create mode 100644 config-env/scripts/validate-tools.sh create mode 100644 config-env/scripts/verify-kubectl.sh diff --git a/config-env/README.md b/config-env/README.md new file mode 100644 index 0000000..2c2278e --- /dev/null +++ b/config-env/README.md @@ -0,0 +1,76 @@ +# Configure Build Environment Action + +该 GitHub Action 用于在已有环境中执行验证与配置操作,确保必要工具可用并完成 Git 与 kubectl 配置,适用于已预装所有依赖的构建机场景。 + +## 🚦 能力概览 + +- ✅ 配置 Git 用户信息 +- 🔍 校验 `docker` 与 `kubectl` 可用性及版本 +- ☸️ 可选写入 Base64 编码的 kubeconfig,并验证集群连通性 +- ⚠️ **不进行任何软件安装**,适用于受控环境 + +## 📥 输入参数 + +| 参数名 | 描述 | 必填 | 默认值 | +| --- | --- | --- | --- | +| `git-user-name` | Git 用户名 | ❌ | `GiteaActions` | +| `git-user-email` | Git 用户邮箱 | ❌ | `actions@gitea.com` | +| `kube-config` | Base64 编码的 kubeconfig | ❌ | `''` | +| `require-docker` | 是否校验 docker 可用性 (`true`/`false`) | ❌ | `true` | +| `require-kubectl` | 是否校验 kubectl 可用性 (`true`/`false`) | ❌ | `true` | +| `verify-kubectl-cluster` | 是否验证 kubectl 集群连通性 (`true`/`false`) | ❌ | `true` | + +## 📤 输出参数 + +| 参数名 | 描述 | +| --- | --- | +| `docker-version` | 检测到的 Docker 版本或状态 | +| `kubectl-version` | 检测到的 kubectl 版本或状态 | +| `kubectl-context` | 集群验证成功时的当前 context | + +## 🚀 基本用法 + +```yaml +- name: 校验并配置环境 + uses: actions/xgj/config-env@v1 + with: + git-user-name: "CI Bot" + git-user-email: "ci@example.com" + kube-config: ${{ secrets.KUBE_CONFIG }} +``` + +## 🎯 自定义校验 + +仅检查 Git 配置与 docker: + +```yaml +- name: 仅验证 docker + uses: actions/xgj/config-env@v1 + with: + require-kubectl: "false" + verify-kubectl-cluster: "false" +``` + +禁用 docker 校验,仅写入 kubeconfig 并验证: + +```yaml +- name: 验证 kubectl 集群 + uses: actions/xgj/config-env@v1 + with: + require-docker: "false" + kube-config: ${{ secrets.KUBE_CONFIG }} +``` + +## 🔒 注意事项 + +- 请确保运行环境已安装 `docker` 与 `kubectl`(若开启对应校验)。 +- kubeconfig 建议通过 GitHub Secrets 以 Base64 编码方式提供。 +- Action 执行失败会立即终止后续步骤,便于快速发现环境问题。 + +## 🧪 示例工作流 + +详见 `examples/basic-usage.yml`,展示了与 CI 构建流程结合的典型用法。 + +## 🤝 贡献 + +欢迎提 Issue 或提交 PR! diff --git a/config-env/action.yml b/config-env/action.yml new file mode 100644 index 0000000..73a62f7 --- /dev/null +++ b/config-env/action.yml @@ -0,0 +1,89 @@ +name: 'Configure Build Environment' +description: '验证已有环境并配置 Git 与 kubectl(不执行软件安装)' +author: 'Your Organization' + +branding: + icon: 'settings' + color: 'green' + +inputs: + git-user-name: + description: 'Git 用户名' + required: false + default: 'GiteaActions' + git-user-email: + description: 'Git 用户邮箱' + required: false + default: 'actions@gitea.com' + kube-config: + description: 'Base64 编码的 kubectl 配置文件' + required: false + default: '' + require-docker: + description: '是否校验 docker 可用性 (true/false)' + required: false + default: 'true' + require-kubectl: + description: '是否校验 kubectl 可用性 (true/false)' + required: false + default: 'true' + verify-kubectl-cluster: + description: '是否验证 kubectl 集群连通性 (true/false)' + required: false + default: 'true' + +outputs: + docker-version: + description: '检测到的 Docker 版本' + value: ${{ steps.validate-tools.outputs.docker-version }} + kubectl-version: + description: '检测到的 kubectl 版本' + value: ${{ steps.validate-tools.outputs.kubectl-version }} + kubectl-context: + description: '验证通过时的当前 kubectl 上下文' + value: ${{ steps.verify-kubectl.outputs.current-context }} + +runs: + using: 'composite' + steps: + - name: 配置 Git + shell: bash + run: ${{ github.action_path }}/scripts/configure-git.sh + env: + GIT_USER_NAME: ${{ inputs.git-user-name }} + GIT_USER_EMAIL: ${{ inputs.git-user-email }} + + - name: 校验工具可用性 + id: validate-tools + shell: bash + run: ${{ github.action_path }}/scripts/validate-tools.sh + env: + CHECK_DOCKER: ${{ inputs.require-docker }} + CHECK_KUBECTL: ${{ inputs.require-kubectl }} + + - name: 配置 kubectl + if: ${{ inputs.kube-config != '' && inputs.require-kubectl != 'false' }} + shell: bash + run: ${{ github.action_path }}/scripts/configure-kubectl.sh + env: + KUBE_CONFIG_BASE64: ${{ inputs.kube-config }} + + - name: 验证 kubectl 连通性 + id: verify-kubectl + if: ${{ inputs.kube-config != '' && inputs.verify-kubectl-cluster != 'false' && inputs.require-kubectl != 'false' }} + shell: bash + run: ${{ github.action_path }}/scripts/verify-kubectl.sh + + - name: 环境校验完成 + shell: bash + run: | + echo '🎉 环境校验与配置步骤完成' + if [[ "${{ inputs.require-docker }}" != 'false' ]]; then + echo " - Docker: ${{ steps.validate-tools.outputs.docker-version }}" + fi + if [[ "${{ inputs.require-kubectl }}" != 'false' ]]; then + echo " - kubectl: ${{ steps.validate-tools.outputs.kubectl-version }}" + fi + if [[ "${{ inputs.kube-config }}" != '' && "${{ inputs.verify-kubectl-cluster }}" != 'false' && "${{ inputs.require-kubectl }}" != 'false' ]]; then + echo " - 当前上下文: ${{ steps.verify-kubectl.outputs.current-context }}" + fi diff --git a/config-env/examples/basic-usage.yml b/config-env/examples/basic-usage.yml new file mode 100644 index 0000000..30fef1a --- /dev/null +++ b/config-env/examples/basic-usage.yml @@ -0,0 +1,29 @@ +name: Config Env Example +on: + push: + branches: + - main + +jobs: + validate-environment: + runs-on: ubuntu-latest + steps: + - name: 检出代码 + uses: actions/checkout@v4 + + - name: 校验环境并配置 Git + id: config-env + uses: actions/xgj/config-env@v1 + with: + git-user-name: "CI Bot" + git-user-email: "ci@example.com" + require-docker: "true" + require-kubectl: "true" + verify-kubectl-cluster: "true" + kube-config: ${{ secrets.KUBE_CONFIG }} + + - name: 输出工具信息 + run: | + echo "Docker 版本: ${{ steps.config-env.outputs.docker-version }}" + echo "kubectl 版本: ${{ steps.config-env.outputs.kubectl-version }}" + echo "kubectl 上下文: ${{ steps.config-env.outputs.kubectl-context }}" diff --git a/config-env/scripts/configure-git.sh b/config-env/scripts/configure-git.sh new file mode 100644 index 0000000..89306e5 --- /dev/null +++ b/config-env/scripts/configure-git.sh @@ -0,0 +1,59 @@ +#!/bin/bash +set -euo pipefail + +RED='\033[0;31m' +GREEN='\033[0;32m' +YELLOW='\033[1;33m' +BLUE='\033[0;34m' +NC='\033[0m' + +log_info() { + echo -e "${BLUE}ℹ️ $1${NC}" +} + +log_success() { + echo -e "${GREEN}✅ $1${NC}" +} + +log_warning() { + echo -e "${YELLOW}⚠️ $1${NC}" +} + +log_error() { + echo -e "${RED}❌ $1${NC}" +} + +main() { + if ! command -v git >/dev/null 2>&1; then + log_error "未检测到 git 命令" + exit 1 + else + log_info "已检测到 git: $(git --version)" + fi + + local name="${GIT_USER_NAME:-}" + local email="${GIT_USER_EMAIL:-}" + + if [[ -z "$name" && -z "$email" ]]; then + log_warning "未提供 Git 用户名和邮箱,跳过配置" + return 0 + fi + + if [[ -n "$name" ]]; then + git config --global user.name "$name" + log_success "已配置 Git 用户名: $name" + else + log_warning "未提供 Git 用户名" + fi + + if [[ -n "$email" ]]; then + git config --global user.email "$email" + log_success "已配置 Git 邮箱: $email" + else + log_warning "未提供 Git 邮箱" + fi +} + +trap 'log_error "Git 配置失败,退出码: $?"' ERR + +main "$@" diff --git a/config-env/scripts/configure-kubectl.sh b/config-env/scripts/configure-kubectl.sh new file mode 100644 index 0000000..0cfaceb --- /dev/null +++ b/config-env/scripts/configure-kubectl.sh @@ -0,0 +1,65 @@ +#!/bin/bash +set -euo pipefail + +RED='\033[0;31m' +GREEN='\033[0;32m' +YELLOW='\033[1;33m' +BLUE='\033[0;34m' +NC='\033[0m' + +log_info() { + echo -e "${BLUE}ℹ️ $1${NC}" +} + +log_success() { + echo -e "${GREEN}✅ $1${NC}" +} + +log_warning() { + echo -e "${YELLOW}⚠️ $1${NC}" +} + +log_error() { + echo -e "${RED}❌ $1${NC}" +} + +ensure_kubectl_available() { + if ! command -v kubectl >/dev/null 2>&1; then + log_error "kubectl 未安装或不可用" + exit 1 + fi + log_info "kubectl 版本: $(kubectl version --client --short 2>/dev/null || kubectl version --client)" +} + +write_kube_config() { + local encoded="${KUBE_CONFIG_BASE64:-}" + if [[ -z "$encoded" ]]; then + log_error "KUBE_CONFIG_BASE64 环境变量为空" + exit 1 + fi + + mkdir -p "$HOME/.kube" + local config_path="$HOME/.kube/config" + + echo "$encoded" | base64 -d > "$config_path" + chmod 600 "$config_path" + log_success "已写入 kubectl 配置: $config_path" +} + +validate_kube_config() { + if ! kubectl config view --minify >/dev/null 2>&1; then + log_error "kubectl 配置文件无效或权限不足" + exit 1 + fi + log_success "kubectl 配置文件格式验证通过" +} + +trap 'log_error "kubectl 配置失败,退出码: $?"' ERR + +main() { + ensure_kubectl_available + write_kube_config + validate_kube_config +} + +main "$@" diff --git a/config-env/scripts/validate-tools.sh b/config-env/scripts/validate-tools.sh new file mode 100644 index 0000000..a308b1b --- /dev/null +++ b/config-env/scripts/validate-tools.sh @@ -0,0 +1,70 @@ +#!/bin/bash +set -euo pipefail + +RED='\033[0;31m' +GREEN='\033[0;32m' +YELLOW='\033[1;33m' +BLUE='\033[0;34m' +NC='\033[0m' + +log_info() { + echo -e "${BLUE}ℹ️ $1${NC}" +} + +log_success() { + echo -e "${GREEN}✅ $1${NC}" +} + +log_warning() { + echo -e "${YELLOW}⚠️ $1${NC}" +} + +log_error() { + echo -e "${RED}❌ $1${NC}" +} + +validate_binary() { + local name="$1" + local required="$2" + local version_cmd="$3" + local output_var="$4" + + if command -v "$name" >/dev/null 2>&1; then + log_success "检测到 $name: $($version_cmd)" + printf '%s=%s\n' "$output_var" "$($version_cmd)" >> "$GITHUB_OUTPUT" + return 0 + fi + + if [[ "$required" == "true" ]]; then + log_error "未检测到必需的命令: $name" + exit 1 + else + log_warning "未检测到可选命令: $name" + printf '%s=%s\n' "$output_var" "not-found" >> "$GITHUB_OUTPUT" + fi +} + +main() { + : "${GITHUB_OUTPUT:?GITHUB_OUTPUT 未设置}" >/dev/null + + local check_docker="${CHECK_DOCKER:-true}" + local check_kubectl="${CHECK_KUBECTL:-true}" + + if [[ "$check_docker" != "true" ]]; then + log_info "跳过 Docker 校验" + printf 'docker-version=%s\n' "skipped" >> "$GITHUB_OUTPUT" + else + validate_binary "docker" "true" "docker --version" "docker-version" + fi + + if [[ "$check_kubectl" != "true" ]]; then + log_info "跳过 kubectl 校验" + printf 'kubectl-version=%s\n' "skipped" >> "$GITHUB_OUTPUT" + else + validate_binary "kubectl" "true" "kubectl version --client --short 2>/dev/null || kubectl version --client" "kubectl-version" + fi +} + +trap 'log_error "工具校验失败,退出码: $?"' ERR + +main "$@" diff --git a/config-env/scripts/verify-kubectl.sh b/config-env/scripts/verify-kubectl.sh new file mode 100644 index 0000000..32e6b5c --- /dev/null +++ b/config-env/scripts/verify-kubectl.sh @@ -0,0 +1,60 @@ +#!/bin/bash +set -euo pipefail + +RED='\033[0;31m' +GREEN='\033[0;32m' +YELLOW='\033[1;33m' +BLUE='\033[0;34m' +NC='\033[0m' + +log_info() { + echo -e "${BLUE}ℹ️ $1${NC}" +} + +log_success() { + echo -e "${GREEN}✅ $1${NC}" +} + +log_warning() { + echo -e "${YELLOW}⚠️ $1${NC}" +} + +log_error() { + echo -e "${RED}❌ $1${NC}" +} + +: "${GITHUB_OUTPUT:?GITHUB_OUTPUT 未设置}" >/dev/null + +verify_cluster() { + local timeout=30 + + if timeout "$timeout" kubectl cluster-info >/dev/null 2>&1; then + log_success "kubectl 集群连接验证通过" + log_info "集群信息:" + kubectl cluster-info + + log_info "尝试获取节点信息" + if kubectl get nodes >/dev/null 2>&1; then + kubectl get nodes + else + log_warning "无法获取节点信息(可能权限不足)" + fi + + local current_context + current_context=$(kubectl config current-context 2>/dev/null || echo "unknown") + log_info "当前上下文: $current_context" + printf 'current-context=%s\n' "$current_context" >> "$GITHUB_OUTPUT" + else + log_error "kubectl 集群连接验证失败" + kubectl cluster-info || true + exit 1 + fi +} + +trap 'log_error "kubectl 验证失败,退出码: $?"' ERR + +main() { + verify_cluster +} + +main "$@"