actions/xgj
1
0
Fork 0
mirror of https://git.bjxgj.com/xgj/xgj-actions.git synced 2025-10-14 06:33:37 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat: 新增配置构建环境的 GitHub Action,支持 Git 和 kubectl 配置验证

Browse Source
This commit is contained in:
Lyda
2025-10-11 18:21:10 +08:00
parent 2fe7c6809c
commit f618608667
7 changed files with 448 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

76
config-env/README.md Normal file
View File

@@ -0,0 +1,76 @@
# Configure Build Environment Action
该 GitHub Action 用于在已有环境中执行验证与配置操作,确保必要工具可用并完成 Git 与 kubectl 配置,适用于已预装所有依赖的构建机场景。
## 🚦 能力概览
- ✅ 配置 Git 用户信息
- 🔍 校验 `docker``kubectl` 可用性及版本
- ☸️ 可选写入 Base64 编码的 kubeconfig并验证集群连通性
- ⚠️ **不进行任何软件安装**,适用于受控环境
## 📥 输入参数
| 参数名 | 描述 | 必填 | 默认值 |
| --- | --- | --- | --- |
| `git-user-name` | Git 用户名 | ❌ | `GiteaActions` |
| `git-user-email` | Git 用户邮箱 | ❌ | `actions@gitea.com` |
| `kube-config` | Base64 编码的 kubeconfig | ❌ | `''` |
| `require-docker` | 是否校验 docker 可用性 (`true`/`false`) | ❌ | `true` |
| `require-kubectl` | 是否校验 kubectl 可用性 (`true`/`false`) | ❌ | `true` |
| `verify-kubectl-cluster` | 是否验证 kubectl 集群连通性 (`true`/`false`) | ❌ | `true` |
## 📤 输出参数
| 参数名 | 描述 |
| --- | --- |
| `docker-version` | 检测到的 Docker 版本或状态 |
| `kubectl-version` | 检测到的 kubectl 版本或状态 |
| `kubectl-context` | 集群验证成功时的当前 context |
## 🚀 基本用法
```yaml
- name: 校验并配置环境
uses: actions/xgj/config-env@v1
with:
git-user-name: "CI Bot"
git-user-email: "ci@example.com"
kube-config: ${{ secrets.KUBE_CONFIG }}
```
## 🎯 自定义校验
仅检查 Git 配置与 docker
```yaml
- name: 仅验证 docker
uses: actions/xgj/config-env@v1
with:
require-kubectl: "false"
verify-kubectl-cluster: "false"
```
禁用 docker 校验,仅写入 kubeconfig 并验证:
```yaml
- name: 验证 kubectl 集群
uses: actions/xgj/config-env@v1
with:
require-docker: "false"
kube-config: ${{ secrets.KUBE_CONFIG }}
```
## 🔒 注意事项
- 请确保运行环境已安装 `docker``kubectl`(若开启对应校验)。
- kubeconfig 建议通过 GitHub Secrets 以 Base64 编码方式提供。
- Action 执行失败会立即终止后续步骤,便于快速发现环境问题。
## 🧪 示例工作流
详见 `examples/basic-usage.yml`,展示了与 CI 构建流程结合的典型用法。
## 🤝 贡献
欢迎提 Issue 或提交 PR

89
config-env/action.yml Normal file
View File

@@ -0,0 +1,89 @@
name: 'Configure Build Environment'
description: '验证已有环境并配置 Git 与 kubectl不执行软件安装'
author: 'Your Organization'
branding:
icon: 'settings'
color: 'green'
inputs:
git-user-name:
description: 'Git 用户名'
required: false
default: 'GiteaActions'
git-user-email:
description: 'Git 用户邮箱'
required: false
default: 'actions@gitea.com'
kube-config:
description: 'Base64 编码的 kubectl 配置文件'
required: false
default: ''
require-docker:
description: '是否校验 docker 可用性 (true/false)'
required: false
default: 'true'
require-kubectl:
description: '是否校验 kubectl 可用性 (true/false)'
required: false
default: 'true'
verify-kubectl-cluster:
description: '是否验证 kubectl 集群连通性 (true/false)'
required: false
default: 'true'
outputs:
docker-version:
description: '检测到的 Docker 版本'
value: ${{ steps.validate-tools.outputs.docker-version }}
kubectl-version:
description: '检测到的 kubectl 版本'
value: ${{ steps.validate-tools.outputs.kubectl-version }}
kubectl-context:
description: '验证通过时的当前 kubectl 上下文'
value: ${{ steps.verify-kubectl.outputs.current-context }}
runs:
using: 'composite'
steps:
- name: 配置 Git
shell: bash
run: ${{ github.action_path }}/scripts/configure-git.sh
env:
GIT_USER_NAME: ${{ inputs.git-user-name }}
GIT_USER_EMAIL: ${{ inputs.git-user-email }}
- name: 校验工具可用性
id: validate-tools
shell: bash
run: ${{ github.action_path }}/scripts/validate-tools.sh
env:
CHECK_DOCKER: ${{ inputs.require-docker }}
CHECK_KUBECTL: ${{ inputs.require-kubectl }}
- name: 配置 kubectl
if: ${{ inputs.kube-config != '' && inputs.require-kubectl != 'false' }}
shell: bash
run: ${{ github.action_path }}/scripts/configure-kubectl.sh
env:
KUBE_CONFIG_BASE64: ${{ inputs.kube-config }}
- name: 验证 kubectl 连通性
id: verify-kubectl
if: ${{ inputs.kube-config != '' && inputs.verify-kubectl-cluster != 'false' && inputs.require-kubectl != 'false' }}
shell: bash
run: ${{ github.action_path }}/scripts/verify-kubectl.sh
- name: 环境校验完成
shell: bash
run: |
echo '🎉 环境校验与配置步骤完成'
if [[ "${{ inputs.require-docker }}" != 'false' ]]; then
echo " - Docker: ${{ steps.validate-tools.outputs.docker-version }}"
fi
if [[ "${{ inputs.require-kubectl }}" != 'false' ]]; then
echo " - kubectl: ${{ steps.validate-tools.outputs.kubectl-version }}"
fi
if [[ "${{ inputs.kube-config }}" != '' && "${{ inputs.verify-kubectl-cluster }}" != 'false' && "${{ inputs.require-kubectl }}" != 'false' ]]; then
echo " - 当前上下文: ${{ steps.verify-kubectl.outputs.current-context }}"
fi

29
config-env/examples/basic-usage.yml Normal file
View File

@@ -0,0 +1,29 @@
name: Config Env Example
on:
push:
branches:
- main
jobs:
validate-environment:
runs-on: ubuntu-latest
steps:
- name: 检出代码
uses: actions/checkout@v4
- name: 校验环境并配置 Git
id: config-env
uses: actions/xgj/config-env@v1
with:
git-user-name: "CI Bot"
git-user-email: "ci@example.com"
require-docker: "true"
require-kubectl: "true"
verify-kubectl-cluster: "true"
kube-config: ${{ secrets.KUBE_CONFIG }}
- name: 输出工具信息
run: |
echo "Docker 版本: ${{ steps.config-env.outputs.docker-version }}"
echo "kubectl 版本: ${{ steps.config-env.outputs.kubectl-version }}"
echo "kubectl 上下文: ${{ steps.config-env.outputs.kubectl-context }}"

59
config-env/scripts/configure-git.sh Normal file
View File

@@ -0,0 +1,59 @@
#!/bin/bash
set -euo pipefail
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m'
log_info() {
echo -e "${BLUE} $1${NC}"
}
log_success() {
echo -e "${GREEN}$1${NC}"
}
log_warning() {
echo -e "${YELLOW}⚠️ $1${NC}"
}
log_error() {
echo -e "${RED}$1${NC}"
}
main() {
if ! command -v git >/dev/null 2>&1; then
log_error "未检测到 git 命令"
exit 1
else
log_info "已检测到 git: $(git --version)"
fi
local name="${GIT_USER_NAME:-}"
local email="${GIT_USER_EMAIL:-}"
if [[ -z "$name" && -z "$email" ]]; then
log_warning "未提供 Git 用户名和邮箱,跳过配置"
return 0
fi
if [[ -n "$name" ]]; then
git config --global user.name "$name"
log_success "已配置 Git 用户名: $name"
else
log_warning "未提供 Git 用户名"
fi
if [[ -n "$email" ]]; then
git config --global user.email "$email"
log_success "已配置 Git 邮箱: $email"
else
log_warning "未提供 Git 邮箱"
fi
}
trap 'log_error "Git 配置失败,退出码: $?"' ERR
main "$@"

65
config-env/scripts/configure-kubectl.sh Normal file
View File

@@ -0,0 +1,65 @@
#!/bin/bash
set -euo pipefail
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m'
log_info() {
echo -e "${BLUE} $1${NC}"
}
log_success() {
echo -e "${GREEN}$1${NC}"
}
log_warning() {
echo -e "${YELLOW}⚠️ $1${NC}"
}
log_error() {
echo -e "${RED}$1${NC}"
}
ensure_kubectl_available() {
if ! command -v kubectl >/dev/null 2>&1; then
log_error "kubectl 未安装或不可用"
exit 1
fi
log_info "kubectl 版本: $(kubectl version --client --short 2>/dev/null || kubectl version --client)"
}
write_kube_config() {
local encoded="${KUBE_CONFIG_BASE64:-}"
if [[ -z "$encoded" ]]; then
log_error "KUBE_CONFIG_BASE64 环境变量为空"
exit 1
fi
mkdir -p "$HOME/.kube"
local config_path="$HOME/.kube/config"
echo "$encoded" | base64 -d > "$config_path"
chmod 600 "$config_path"
log_success "已写入 kubectl 配置: $config_path"
}
validate_kube_config() {
if ! kubectl config view --minify >/dev/null 2>&1; then
log_error "kubectl 配置文件无效或权限不足"
exit 1
fi
log_success "kubectl 配置文件格式验证通过"
}
trap 'log_error "kubectl 配置失败,退出码: $?"' ERR
main() {
ensure_kubectl_available
write_kube_config
validate_kube_config
}
main "$@"

70
config-env/scripts/validate-tools.sh Normal file
View File

@@ -0,0 +1,70 @@
#!/bin/bash
set -euo pipefail
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m'
log_info() {
echo -e "${BLUE} $1${NC}"
}
log_success() {
echo -e "${GREEN}$1${NC}"
}
log_warning() {
echo -e "${YELLOW}⚠️ $1${NC}"
}
log_error() {
echo -e "${RED}$1${NC}"
}
validate_binary() {
local name="$1"
local required="$2"
local version_cmd="$3"
local output_var="$4"
if command -v "$name" >/dev/null 2>&1; then
log_success "检测到 $name: $($version_cmd)"
printf '%s=%s\n' "$output_var" "$($version_cmd)" >> "$GITHUB_OUTPUT"
return 0
fi
if [[ "$required" == "true" ]]; then
log_error "未检测到必需的命令: $name"
exit 1
else
log_warning "未检测到可选命令: $name"
printf '%s=%s\n' "$output_var" "not-found" >> "$GITHUB_OUTPUT"
fi
}
main() {
: "${GITHUB_OUTPUT:?GITHUB_OUTPUT 未设置}" >/dev/null
local check_docker="${CHECK_DOCKER:-true}"
local check_kubectl="${CHECK_KUBECTL:-true}"
if [[ "$check_docker" != "true" ]]; then
log_info "跳过 Docker 校验"
printf 'docker-version=%s\n' "skipped" >> "$GITHUB_OUTPUT"
else
validate_binary "docker" "true" "docker --version" "docker-version"
fi
if [[ "$check_kubectl" != "true" ]]; then
log_info "跳过 kubectl 校验"
printf 'kubectl-version=%s\n' "skipped" >> "$GITHUB_OUTPUT"
else
validate_binary "kubectl" "true" "kubectl version --client --short 2>/dev/null || kubectl version --client" "kubectl-version"
fi
}
trap 'log_error "工具校验失败,退出码: $?"' ERR
main "$@"

60
config-env/scripts/verify-kubectl.sh Normal file
View File

@@ -0,0 +1,60 @@
#!/bin/bash
set -euo pipefail
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m'
log_info() {
echo -e "${BLUE} $1${NC}"
}
log_success() {
echo -e "${GREEN}$1${NC}"
}
log_warning() {
echo -e "${YELLOW}⚠️ $1${NC}"
}
log_error() {
echo -e "${RED}$1${NC}"
}
: "${GITHUB_OUTPUT:?GITHUB_OUTPUT 未设置}" >/dev/null
verify_cluster() {
local timeout=30
if timeout "$timeout" kubectl cluster-info >/dev/null 2>&1; then
log_success "kubectl 集群连接验证通过"
log_info "集群信息:"
kubectl cluster-info
log_info "尝试获取节点信息"
if kubectl get nodes >/dev/null 2>&1; then
kubectl get nodes
else
log_warning "无法获取节点信息(可能权限不足)"
fi
local current_context
current_context=$(kubectl config current-context 2>/dev/null || echo "unknown")
log_info "当前上下文: $current_context"
printf 'current-context=%s\n' "$current_context" >> "$GITHUB_OUTPUT"
else
log_error "kubectl 集群连接验证失败"
kubectl cluster-info || true
exit 1
fi
}
trap 'log_error "kubectl 验证失败,退出码: $?"' ERR
main() {
verify_cluster
}
main "$@"