From cfe56264ea031ac5da788d8b6de87b965314ecfa Mon Sep 17 00:00:00 2001 From: huty Date: Tue, 28 Apr 2026 12:56:40 +0900 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=20Gitea=20=E5=B7=A5=E4=BD=9C?= =?UTF-8?q?=E6=B5=81=E9=97=AE=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .gitea/workflows/ci.yml | 28 +++++++++++++++++++++++++--- .gitea/workflows/deploy-demo.yml | 16 ++++++++++++++++ .gitea/workflows/release.yml | 21 ++++++++++++++++++++- 3 files changed, 61 insertions(+), 4 deletions(-) diff --git a/.gitea/workflows/ci.yml b/.gitea/workflows/ci.yml index 1611048..d214299 100644 --- a/.gitea/workflows/ci.yml +++ b/.gitea/workflows/ci.yml @@ -24,6 +24,11 @@ on: - '.gitignore' - '.env*.example' +# 同分支只保留最新一次构建,旧的自动取消,避免 runner 上多份 buildx 同时跑导致 OOM +concurrency: + group: ci-build-${{ github.ref }} + cancel-in-progress: true + env: REGISTRY: git.hty1024.com @@ -31,6 +36,8 @@ jobs: build-and-push: name: Build & Push Image runs-on: ubuntu-latest + # 防止 buildx 卡死导致 docker daemon 被一直占用 + timeout-minutes: 30 steps: # ── 1. 检出代码 ────────────────────────────────────────── @@ -50,8 +57,13 @@ jobs: # uses: docker/setup-qemu-action@v3 # ── 4. 设置 Docker Buildx ──────────────────────────────── + # 限制 buildkitd 并行度,避免在小内存 runner 上同时编译过多步骤导致 OOM - name: 设置 Docker Buildx uses: docker/setup-buildx-action@v3 + with: + driver-opts: | + network=host + buildkitd-flags: --debug --oci-worker-gc-keepstorage 5000 # ── 5. 登录 Gitea 镜像仓库 ────────────────────────────── - name: 登录 Gitea 镜像仓库 @@ -80,6 +92,8 @@ jobs: org.opencontainers.image.vendor=HTY1024 # ── 7. 构建并推送镜像 ──────────────────────────────────── + # cache-to 用 mode=min(仅导出最终层引用),避免每次构建把所有中间层 + # 都推到 registry 造成大量磁盘 I/O 和带宽占用 —— 这是 runner 卡死的主因之一 - name: 构建并推送镜像 id: build uses: docker/build-push-action@v5 @@ -89,11 +103,19 @@ jobs: push: true tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} - # 利用镜像层缓存加速构建(buildcache tag 仅用于缓存) + provenance: false cache-from: type=registry,ref=${{ steps.image.outputs.name }}:buildcache - cache-to: type=registry,ref=${{ steps.image.outputs.name }}:buildcache,mode=max + cache-to: type=registry,ref=${{ steps.image.outputs.name }}:buildcache,mode=min - # ── 8. 输出构建摘要 ────────────────────────────────────── + # ── 8. 清理 buildx 缓存(防止 runner 磁盘被撑满)───────── + # always() 保证即使前面失败也清理,避免反复失败把磁盘吃光 + - name: 清理 buildx 构建缓存 + if: always() + run: | + docker buildx prune -f --keep-storage 2GB || true + docker image prune -f || true + + # ── 9. 输出构建摘要 ────────────────────────────────────── - name: 输出构建信息 run: | echo "### 🐳 镜像构建成功" >> $GITHUB_STEP_SUMMARY diff --git a/.gitea/workflows/deploy-demo.yml b/.gitea/workflows/deploy-demo.yml index cd8dbf2..33f3d91 100644 --- a/.gitea/workflows/deploy-demo.yml +++ b/.gitea/workflows/deploy-demo.yml @@ -41,6 +41,12 @@ on: required: false default: 'latest' +# 部署互斥:避免新旧两次 deploy 同时操作同一目录与同一组容器, +# 也避免 CI 刚结束就有第二次 push 触发的 deploy 与本次抢资源 +concurrency: + group: deploy-demo + cancel-in-progress: false + env: REGISTRY: git.hty1024.com # Demo 部署目录(需与服务器实际路径一致) @@ -58,6 +64,7 @@ jobs: deploy-demo: name: Deploy to Demo runs-on: self-hosted + timeout-minutes: 20 # workflow_run 触发时,仅在 CI 成功时继续 if: > @@ -208,6 +215,15 @@ jobs: echo "Caddy 配置未变更,跳过重载" fi + # ── 12.5 清理旧镜像(避免长期运行后磁盘被旧版本镜像撑满)───── + - name: 清理悬挂镜像 + if: always() + run: | + # 清理 dangling 镜像(被新版本顶替的旧 latest) + docker image prune -f || true + # 清理 24 小时以上没用的镜像(保留最近一份) + docker image prune -af --filter "until=24h" || true + # ── 13. 输出部署摘要 ───────────────────────────────────────── - name: 输出部署摘要 run: | diff --git a/.gitea/workflows/release.yml b/.gitea/workflows/release.yml index 16aa863..9aa8475 100644 --- a/.gitea/workflows/release.yml +++ b/.gitea/workflows/release.yml @@ -17,6 +17,11 @@ on: tags: - 'v*' +# release 工作流互斥:同时只允许一次 release 跑,避免与 ci.yml 争抢 buildx +concurrency: + group: release-build + cancel-in-progress: false + env: REGISTRY: git.hty1024.com @@ -24,6 +29,7 @@ jobs: release: name: Release Image runs-on: ubuntu-latest + timeout-minutes: 40 steps: # ── 1. 检出代码(完整历史,用于生成 changelog)────────── @@ -56,6 +62,10 @@ jobs: # ── 4. 设置 Docker Buildx ──────────────────────────────── - name: 设置 Docker Buildx uses: docker/setup-buildx-action@v3 + with: + driver-opts: | + network=host + buildkitd-flags: --debug --oci-worker-gc-keepstorage 5000 # ── 5. 登录 Gitea 镜像仓库 ────────────────────────────── - name: 登录 Gitea 镜像仓库 @@ -100,13 +110,22 @@ jobs: push: true tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} + provenance: false # 复用 CI 构建的缓存层,加速 release 构建 + # mode=min:只导出最终层引用,减小磁盘 I/O 与 registry 带宽 cache-from: type=registry,ref=${{ steps.image.outputs.name }}:buildcache - cache-to: type=registry,ref=${{ steps.image.outputs.name }}:buildcache,mode=max + cache-to: type=registry,ref=${{ steps.image.outputs.name }}:buildcache,mode=min # 构建参数:写入版本号到镜像内 build-args: | APP_VERSION=${{ steps.image.outputs.version }} + # ── 7.5 清理 buildx 缓存 ───────────────────────────────── + - name: 清理 buildx 构建缓存 + if: always() + run: | + docker buildx prune -f --keep-storage 2GB || true + docker image prune -f || true + # ── 8. 生成两次 tag 之间的变更日志 ─────────────────────── - name: 生成变更日志 id: changelog