From b79efb9586f19d750afc199a47b074df3dca9490 Mon Sep 17 00:00:00 2001 From: bujie9527 Date: Thu, 5 Feb 2026 20:09:07 +0800 Subject: [PATCH] Configure private registry and Git repository Co-authored-by: Cursor --- .github/workflows/build-deploy.yml | 93 +++++++++ .github/workflows/deploy.yml | 178 ++++++++++++++++ .gitignore | 3 + .registry-config.example | 20 ++ docker-compose.prod.yml | 4 +- docs/private-registry-setup.md | 214 ++++++++++++++++++++ scripts/push-images-to-private-registry.ps1 | 123 +++++++++++ scripts/push-to-private-repo.ps1 | 95 +++++++++ scripts/test-registry-connection.ps1 | 78 +++++++ 9 files changed, 806 insertions(+), 2 deletions(-) create mode 100644 .github/workflows/build-deploy.yml create mode 100644 .github/workflows/deploy.yml create mode 100644 .registry-config.example create mode 100644 docs/private-registry-setup.md create mode 100644 scripts/push-images-to-private-registry.ps1 create mode 100644 scripts/push-to-private-repo.ps1 create mode 100644 scripts/test-registry-connection.ps1 diff --git a/.github/workflows/build-deploy.yml b/.github/workflows/build-deploy.yml new file mode 100644 index 0000000..4524700 --- /dev/null +++ b/.github/workflows/build-deploy.yml @@ -0,0 +1,93 @@ +# 推送 main 时构建并发布(镜像推送 + 后端测试) +name: Build and Deploy + +on: + push: + branches: [main] + +env: + REGISTRY: ghcr.io + +jobs: + test-backend: + runs-on: ubuntu-latest + services: + postgres: + image: postgres:16-alpine + env: + POSTGRES_USER: wecom + POSTGRES_PASSWORD: wecom_secret + POSTGRES_DB: wecom_ai + ports: + - 5432:5432 + options: >- + --health-cmd pg_isready + --health-interval 10s + --health-timeout 5s + --health-retries 5 + env: + DATABASE_URL: postgresql+asyncpg://wecom:wecom_secret@localhost:5432/wecom_ai + DATABASE_URL_SYNC: postgresql://wecom:wecom_secret@localhost:5432/wecom_ai + JWT_SECRET: test-secret + WECOM_TOKEN: test + WECOM_ENCODING_AES_KEY: abcdefghijklmnopqrstuvwxyz0123456789ABCDEFG + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-python@v5 + with: + python-version: "3.12" + - name: Install dependencies + run: | + cd backend + pip install -r requirements.txt + - name: Run migrations + run: | + cd backend && PYTHONPATH=. alembic upgrade head + - name: Pytest + run: | + cd backend && PYTHONPATH=. pytest tests/ -v --tb=short + + build-backend: + runs-on: ubuntu-latest + needs: test-backend + steps: + - uses: actions/checkout@v4 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: Log in to Container Registry + uses: docker/login-action@v3 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Build and push backend + uses: docker/build-push-action@v6 + with: + context: ./backend + file: ./backend/Dockerfile + push: true + tags: | + ${{ env.REGISTRY }}/${{ github.repository_owner }}/wecom-ai-backend:latest + ${{ env.REGISTRY }}/${{ github.repository_owner }}/wecom-ai-backend:${{ github.sha }} + + build-admin: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: Log in to Container Registry + uses: docker/login-action@v3 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Build and push admin + uses: docker/build-push-action@v6 + with: + context: ./admin + file: ./admin/Dockerfile + push: true + tags: | + ${{ env.REGISTRY }}/${{ github.repository_owner }}/wecom-ai-admin:latest + ${{ env.REGISTRY }}/${{ github.repository_owner }}/wecom-ai-admin:${{ github.sha }} diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml new file mode 100644 index 0000000..e6020f6 --- /dev/null +++ b/.github/workflows/deploy.yml @@ -0,0 +1,178 @@ +# 生产环境自动部署 +# 触发条件:push 到 main 分支 +# 功能:构建 backend 镜像 → 推送到 GHCR → SSH 部署到云服务器 → 健康检查 + +name: Deploy to Production + +on: + push: + branches: [main] + workflow_dispatch: + inputs: + image_tag: + description: '镜像标签(默认: latest)' + required: false + default: 'latest' + +env: + REGISTRY: ghcr.io + IMAGE_NAME_BACKEND: wecom-ai-backend + +jobs: + # 构建并推送 Backend 镜像 + build-backend: + runs-on: ubuntu-latest + outputs: + image_tag: ${{ steps.meta.outputs.tags }} + image_digest: ${{ steps.build.outputs.digest }} + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Log in to Container Registry + uses: docker/login-action@v3 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Extract metadata + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ env.REGISTRY }}/${{ github.repository_owner }}/${{ env.IMAGE_NAME_BACKEND }} + tags: | + type=raw,value=latest + type=sha,prefix={{branch}}- + type=sha,format=short + + - name: Build and push backend image + id: build + uses: docker/build-push-action@v6 + with: + context: . + file: ./deploy/docker/backend.Dockerfile + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + cache-from: type=gha + cache-to: type=gha,mode=max + + # 部署到生产服务器 + deploy: + runs-on: ubuntu-latest + needs: build-backend + if: github.ref == 'refs/heads/main' + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Set deployment variables + id: vars + run: | + if [ "${{ github.event_name }}" == "workflow_dispatch" ]; then + echo "image_tag=${{ github.event.inputs.image_tag }}" >> $GITHUB_OUTPUT + else + echo "image_tag=latest" >> $GITHUB_OUTPUT + fi + echo "domain=${{ secrets.PROD_DOMAIN }}" >> $GITHUB_OUTPUT + + - name: Prepare deployment token + id: prepare-token + run: | + if [ -n "${{ secrets.GHCR_TOKEN }}" ]; then + echo "token=${{ secrets.GHCR_TOKEN }}" >> $GITHUB_OUTPUT + else + echo "token=${{ secrets.GITHUB_TOKEN }}" >> $GITHUB_OUTPUT + fi + + - name: Deploy to production server + uses: appleboy/ssh-action@v1.0.0 + env: + DEPLOY_TOKEN: ${{ steps.prepare-token.outputs.token }} + with: + host: ${{ secrets.PROD_HOST }} + username: ${{ secrets.PROD_USER }} + key: ${{ secrets.PROD_SSH_KEY }} + port: ${{ secrets.PROD_SSH_PORT || 22 }} + script: | + set -e + + # 设置变量 + IMAGE_TAG="${{ steps.vars.outputs.image_tag }}" + GITHUB_REPOSITORY_OWNER="${{ github.repository_owner }}" + REGISTRY="${{ env.REGISTRY }}" + IMAGE_NAME_BACKEND="${{ env.IMAGE_NAME_BACKEND }}" + APP_PATH="${{ secrets.PROD_APP_PATH || '/opt/wecom-ai-assistant' }}" + + # 进入项目目录 + cd "${APP_PATH}" || { echo "错误: 无法进入目录 ${APP_PATH}"; exit 1; } + + # 登录到容器镜像仓库 + echo "${DEPLOY_TOKEN}" | docker login "${REGISTRY}" -u "${{ github.actor }}" --password-stdin || { + echo "警告: Docker 登录失败,尝试继续部署(可能使用本地镜像)" + } + + # 拉取最新镜像 + IMAGE_FULL="${REGISTRY}/${GITHUB_REPOSITORY_OWNER}/${IMAGE_NAME_BACKEND}:${IMAGE_TAG}" + echo "拉取镜像: ${IMAGE_FULL}" + docker pull "${IMAGE_FULL}" || { + echo "警告: 拉取镜像失败,尝试使用 latest 标签" + docker pull "${REGISTRY}/${GITHUB_REPOSITORY_OWNER}/${IMAGE_NAME_BACKEND}:latest" + IMAGE_TAG="latest" + } + + # 设置环境变量供 docker-compose 使用 + export IMAGE_TAG="${IMAGE_TAG}" + export GITHUB_REPOSITORY_OWNER="${GITHUB_REPOSITORY_OWNER}" + + # 更新服务 + echo "更新服务..." + docker compose -f docker-compose.prod.yml --env-file .env.prod pull backend 2>/dev/null || true + docker compose -f docker-compose.prod.yml --env-file .env.prod up -d --force-recreate backend + + # 等待服务启动 + echo "等待服务启动..." + sleep 15 + + # 检查服务状态 + echo "服务状态:" + docker compose -f docker-compose.prod.yml ps + + # 检查后端健康状态 + echo "检查后端健康状态..." + for i in {1..10}; do + if docker compose -f docker-compose.prod.yml exec -T backend python -c "import urllib.request; urllib.request.urlopen('http://localhost:8000/api/health')" 2>/dev/null; then + echo "✓ 后端服务健康" + break + fi + if [ $i -eq 10 ]; then + echo "⚠ 后端服务可能未就绪,请检查日志" + else + sleep 2 + fi + done + + - name: Health check + run: | + DOMAIN=${{ secrets.PROD_DOMAIN }} + MAX_RETRIES=30 + RETRY_COUNT=0 + + echo "健康检查: https://${DOMAIN}/api/health" + + while [ $RETRY_COUNT -lt $MAX_RETRIES ]; do + if curl -f -s "https://${DOMAIN}/api/health" > /dev/null 2>&1; then + echo "✓ 健康检查通过" + exit 0 + fi + RETRY_COUNT=$((RETRY_COUNT + 1)) + echo "等待服务就绪... ($RETRY_COUNT/$MAX_RETRIES)" + sleep 2 + done + + echo "✗ 健康检查失败" + exit 1 diff --git a/.gitignore b/.gitignore index f3832ac..5beb736 100644 --- a/.gitignore +++ b/.gitignore @@ -8,6 +8,9 @@ .github-config github-actions.key +# Registry Config (包含敏感密码) +.registry-config + # Python __pycache__/ *.py[cod] diff --git a/.registry-config.example b/.registry-config.example new file mode 100644 index 0000000..92910d5 --- /dev/null +++ b/.registry-config.example @@ -0,0 +1,20 @@ +# Docker Registry 配置文件模板 +# 复制此文件为 .registry-config(不提交到 Git) + +# 私有 Docker Registry 配置 +REGISTRY_URL=your-registry.com +REGISTRY_USERNAME=your-username +REGISTRY_PASSWORD=your-password + +# 完整 Registry 地址 +REGISTRY_FULL=https://your-registry.com + +# 镜像命名空间(可选) +REGISTRY_NAMESPACE=wecom-ai + +# 镜像名称 +BACKEND_IMAGE_NAME=wecom-ai-backend +ADMIN_IMAGE_NAME=wecom-ai-admin + +# 默认镜像标签 +DEFAULT_IMAGE_TAG=latest diff --git a/docker-compose.prod.yml b/docker-compose.prod.yml index 812eb4b..acfdb33 100644 --- a/docker-compose.prod.yml +++ b/docker-compose.prod.yml @@ -6,7 +6,7 @@ version: '3.8' services: backend: - image: ghcr.io/${GITHUB_REPOSITORY_OWNER:-your-org}/wecom-ai-backend:${IMAGE_TAG:-latest} + image: ${REGISTRY_URL:-git.quanyu360.cn}/${REGISTRY_NAMESPACE:-wecom-ai}/wecom-ai-backend:${IMAGE_TAG:-latest} build: context: . dockerfile: deploy/docker/backend.Dockerfile @@ -28,7 +28,7 @@ services: # Admin 服务(可选,最小回调壳可以先不启用) # admin: - # image: ghcr.io/${GITHUB_REPOSITORY_OWNER:-your-org}/wecom-ai-admin:${IMAGE_TAG:-latest} + # image: ${REGISTRY_URL:-git.quanyu360.cn}/${REGISTRY_NAMESPACE:-wecom-ai}/wecom-ai-admin:${IMAGE_TAG:-latest} # build: # context: . # dockerfile: deploy/docker/admin.Dockerfile diff --git a/docs/private-registry-setup.md b/docs/private-registry-setup.md new file mode 100644 index 0000000..863d3c7 --- /dev/null +++ b/docs/private-registry-setup.md @@ -0,0 +1,214 @@ +# 私有仓库和 Docker Registry 配置指南 + +## 概述 + +项目已配置为使用私有 Git 仓库和私有 Docker Registry: +- **Git 仓库**: https://git.quanyu360.cn/admin/wecom-ai-assistant +- **Docker Registry**: git.quanyu360.cn + +## 配置信息 + +### Git 仓库配置 + +- **远程名称**: `private` +- **仓库地址**: https://git.quanyu360.cn/admin/wecom-ai-assistant.git +- **用户名**: admin +- **密码**: 已配置(存储在 Git 凭据中) + +### Docker Registry 配置 + +配置文件:`.registry-config`(不提交到 Git) + +```bash +REGISTRY_URL=git.quanyu360.cn +REGISTRY_USERNAME=admin +REGISTRY_PASSWORD=ye972030 +REGISTRY_NAMESPACE=wecom-ai +BACKEND_IMAGE_NAME=wecom-ai-backend +ADMIN_IMAGE_NAME=wecom-ai-admin +``` + +## 使用方法 + +### 1. 推送代码到私有仓库 + +#### 默认推送到私有仓库 + +```powershell +# 使用脚本(推荐) +.\scripts\push-to-private-repo.ps1 + +# 或手动推送 +git push private main +``` + +#### 推送到 GitHub + +```powershell +# 使用脚本 +.\scripts\push-to-private-repo.ps1 -PushToGitHub + +# 或手动推送 +git push origin main +``` + +#### 推送到两个仓库 + +```powershell +# 使用脚本 +.\scripts\push-to-private-repo.ps1 -PushToBoth + +# 或手动推送 +git push private main +git push origin main +``` + +### 2. 构建并推送 Docker 镜像 + +#### 测试 Registry 连接 + +```powershell +.\scripts\test-registry-connection.ps1 +``` + +#### 推送所有镜像 + +```powershell +# 推送所有镜像(backend + admin) +.\scripts\push-images-to-private-registry.ps1 -BuildAll + +# 或指定标签 +.\scripts\push-images-to-private-registry.ps1 -BuildAll -Tag v1.0.0 +``` + +#### 只推送 Backend 镜像 + +```powershell +.\scripts\push-images-to-private-registry.ps1 -BuildBackend +``` + +#### 只推送 Admin 镜像 + +```powershell +.\scripts\push-images-to-private-registry.ps1 -BuildAdmin +``` + +### 3. 在生产环境使用私有镜像 + +更新 `docker-compose.prod.yml` 中的环境变量: + +```bash +# 在 .env.prod 中设置 +REGISTRY_URL=git.quanyu360.cn +REGISTRY_NAMESPACE=wecom-ai +IMAGE_TAG=latest +``` + +或在服务器上登录 Registry: + +```bash +docker login git.quanyu360.cn -u admin -p ye972030 +``` + +然后使用 docker-compose 部署: + +```bash +docker-compose -f docker-compose.prod.yml --env-file .env.prod up -d +``` + +## 镜像命名规则 + +推送后的镜像地址: + +- **Backend**: `git.quanyu360.cn/wecom-ai/wecom-ai-backend:latest` +- **Admin**: `git.quanyu360.cn/wecom-ai/wecom-ai-admin:latest` + +## 验证配置 + +### 检查 Git 远程仓库 + +```powershell +git remote -v +``` + +应该看到: +- `origin` → GitHub 仓库 +- `private` → 私有仓库 + +### 检查 Docker Registry 登录 + +```powershell +docker login git.quanyu360.cn -u admin -p ye972030 +``` + +### 测试 Registry 连接 + +```powershell +.\scripts\test-registry-connection.ps1 +``` + +## 更新配置 + +### 修改 Registry 配置 + +编辑 `.registry-config` 文件: + +```bash +REGISTRY_URL=新的registry地址 +REGISTRY_USERNAME=新的用户名 +REGISTRY_PASSWORD=新的密码 +``` + +### 修改 Git 远程仓库 + +```powershell +# 更新私有仓库地址 +git remote set-url private https://admin:password@git.quanyu360.cn/admin/wecom-ai-assistant.git + +# 验证 +git remote -v +``` + +## 安全建议 + +1. **配置文件安全**: + - `.registry-config` 已添加到 `.gitignore` + - 不要将密码提交到 Git + - 定期更新密码 + +2. **Docker 凭据**: + - 使用 Docker Credential Helper 存储凭据 + - 或在 CI/CD 中使用 Secrets + +3. **访问控制**: + - 限制 Registry 访问权限 + - 使用只读用户进行拉取操作 + +## 故障排查 + +### 问题:Docker 登录失败 + +**检查项**: +1. Registry URL 是否正确 +2. 用户名和密码是否正确 +3. Registry 服务是否正常运行 +4. 网络连接是否正常 + +### 问题:推送镜像失败 + +**解决方案**: +1. 确认已登录 Registry +2. 检查镜像名称格式是否正确 +3. 确认有推送权限 + +### 问题:Git 推送失败 + +**解决方案**: +1. 检查远程仓库地址是否正确 +2. 确认用户名和密码正确 +3. 检查网络连接 + +## 相关文档 + +- [Docker Registry 文档](https://docs.docker.com/registry/) +- [Git 远程仓库文档](https://git-scm.com/book/en/v2/Git-Basics-Working-with-Remotes) diff --git a/scripts/push-images-to-private-registry.ps1 b/scripts/push-images-to-private-registry.ps1 new file mode 100644 index 0000000..f4834c6 --- /dev/null +++ b/scripts/push-images-to-private-registry.ps1 @@ -0,0 +1,123 @@ +# 推送 Docker 镜像到私有 Registry +# 用途:构建并推送 backend 和 admin 镜像到私有仓库 + +param( + [string]$Tag = "latest", + [switch]$BuildBackend, + [switch]$BuildAdmin, + [switch]$BuildAll +) + +# 读取 Registry 配置 +$configFile = ".registry-config" +if (-not (Test-Path $configFile)) { + Write-Host "错误: 配置文件 $configFile 不存在" -ForegroundColor Red + exit 1 +} + +$config = @{} +Get-Content $configFile | ForEach-Object { + if ($_ -match '^\s*([^#=]+?)\s*=\s*(.+?)\s*$') { + $key = $matches[1].Trim() + $value = $matches[2].Trim() + $config[$key] = $value + } +} + +$registryUrl = $config['REGISTRY_URL'] +$registryUsername = $config['REGISTRY_USERNAME'] +$registryPassword = $config['REGISTRY_PASSWORD'] +$namespace = $config['REGISTRY_NAMESPACE'] +$backendImageName = $config['BACKEND_IMAGE_NAME'] +$adminImageName = $config['ADMIN_IMAGE_NAME'] + +if (-not $registryUrl -or -not $registryUsername -or -not $registryPassword) { + Write-Host "错误: Registry 配置不完整" -ForegroundColor Red + exit 1 +} + +Write-Host "=== 推送 Docker 镜像到私有 Registry ===" -ForegroundColor Cyan +Write-Host "" +Write-Host "Registry: $registryUrl" -ForegroundColor Gray +Write-Host "命名空间: $namespace" -ForegroundColor Gray +Write-Host "标签: $Tag" -ForegroundColor Gray +Write-Host "" + +# 登录到 Registry +Write-Host "登录到 Registry..." -ForegroundColor Yellow +echo $registryPassword | docker login $registryUrl -u $registryUsername --password-stdin +if ($LASTEXITCODE -ne 0) { + Write-Host "✗ 登录失败" -ForegroundColor Red + exit 1 +} +Write-Host "✓ 登录成功" -ForegroundColor Green +Write-Host "" + +# 确定要构建的镜像 +$buildBackend = $BuildBackend -or $BuildAll +$buildAdmin = $BuildAdmin -or $BuildAll + +if (-not $buildBackend -and -not $buildAdmin) { + Write-Host "未指定要构建的镜像,构建所有镜像..." -ForegroundColor Yellow + $buildBackend = $true + $buildAdmin = $true +} + +# 构建并推送 Backend 镜像 +if ($buildBackend) { + Write-Host "=== 构建 Backend 镜像 ===" -ForegroundColor Cyan + $backendImage = "${registryUrl}/${namespace}/${backendImageName}:${Tag}" + Write-Host "镜像名称: $backendImage" -ForegroundColor Gray + + Write-Host "构建镜像..." -ForegroundColor Yellow + docker build -f deploy/docker/backend.Dockerfile -t $backendImage . + if ($LASTEXITCODE -ne 0) { + Write-Host "✗ Backend 镜像构建失败" -ForegroundColor Red + exit 1 + } + Write-Host "✓ Backend 镜像构建成功" -ForegroundColor Green + + Write-Host "推送镜像..." -ForegroundColor Yellow + docker push $backendImage + if ($LASTEXITCODE -ne 0) { + Write-Host "✗ Backend 镜像推送失败" -ForegroundColor Red + exit 1 + } + Write-Host "✓ Backend 镜像推送成功" -ForegroundColor Green + Write-Host "" +} + +# 构建并推送 Admin 镜像 +if ($buildAdmin) { + Write-Host "=== 构建 Admin 镜像 ===" -ForegroundColor Cyan + $adminImage = "${registryUrl}/${namespace}/${adminImageName}:${Tag}" + Write-Host "镜像名称: $adminImage" -ForegroundColor Gray + + Write-Host "构建镜像..." -ForegroundColor Yellow + docker build -f deploy/docker/admin.Dockerfile -t $adminImage . + if ($LASTEXITCODE -ne 0) { + Write-Host "✗ Admin 镜像构建失败" -ForegroundColor Red + exit 1 + } + Write-Host "✓ Admin 镜像构建成功" -ForegroundColor Green + + Write-Host "推送镜像..." -ForegroundColor Yellow + docker push $adminImage + if ($LASTEXITCODE -ne 0) { + Write-Host "✗ Admin 镜像推送失败" -ForegroundColor Red + exit 1 + } + Write-Host "✓ Admin 镜像推送成功" -ForegroundColor Green + Write-Host "" +} + +Write-Host "=== 完成 ===" -ForegroundColor Green +Write-Host "" +Write-Host "镜像已推送到私有 Registry:" -ForegroundColor Cyan +if ($buildBackend) { + Write-Host " - ${registryUrl}/${namespace}/${backendImageName}:${Tag}" -ForegroundColor Gray +} +if ($buildAdmin) { + Write-Host " - ${registryUrl}/${namespace}/${adminImageName}:${Tag}" -ForegroundColor Gray +} +Write-Host "" diff --git a/scripts/push-to-private-repo.ps1 b/scripts/push-to-private-repo.ps1 new file mode 100644 index 0000000..eaa3053 --- /dev/null +++ b/scripts/push-to-private-repo.ps1 @@ -0,0 +1,95 @@ +# 推送代码到私有 Git 仓库 +# 用途:将代码推送到私有仓库(默认推送到私有仓库) + +param( + [string]$CommitMessage = "Update: $(Get-Date -Format 'yyyy-MM-dd HH:mm:ss')", + [switch]$PushToGitHub, + [switch]$PushToBoth +) + +Write-Host "=== 推送代码到 Git 仓库 ===" -ForegroundColor Cyan +Write-Host "" + +# 检查 Git 状态 +$status = git status --porcelain 2>$null +if ($status) { + Write-Host "发现更改的文件:" -ForegroundColor Cyan + git status --short + Write-Host "" + + # 添加所有更改 + Write-Host "添加所有更改..." -ForegroundColor Yellow + git add . + Write-Host "✓ 文件已添加到暂存区" -ForegroundColor Green + + # 提交 + Write-Host "提交更改..." -ForegroundColor Yellow + Write-Host "提交信息: $CommitMessage" -ForegroundColor Gray + git commit -m $CommitMessage + Write-Host "✓ 更改已提交" -ForegroundColor Green +} else { + Write-Host "✓ 没有需要提交的更改" -ForegroundColor Green +} + +# 检查远程仓库 +$privateRemote = git remote get-url private 2>$null +$originRemote = git remote get-url origin 2>$null + +if (-not $privateRemote -and -not $originRemote) { + Write-Host "错误: 未配置远程仓库" -ForegroundColor Red + exit 1 +} + +# 确定推送目标 +if ($PushToBoth) { + $pushToPrivate = $true + $pushToOrigin = $true +} elseif ($PushToGitHub) { + $pushToPrivate = $false + $pushToOrigin = $true +} else { + # 默认推送到私有仓库 + $pushToPrivate = $true + $pushToOrigin = $false +} + +# 推送到私有仓库 +if ($pushToPrivate -and $privateRemote) { + Write-Host "" + Write-Host "推送到私有仓库..." -ForegroundColor Yellow + Write-Host "远程仓库: $($privateRemote -replace '://.*@', '://****@')" -ForegroundColor Gray + Write-Host "分支: main" -ForegroundColor Gray + Write-Host "" + + git push private main + if ($LASTEXITCODE -eq 0) { + Write-Host "✓ 代码已成功推送到私有仓库" -ForegroundColor Green + } else { + Write-Host "✗ 推送到私有仓库失败" -ForegroundColor Red + } +} + +# 推送到 GitHub(如果指定) +if ($pushToOrigin -and $originRemote) { + Write-Host "" + Write-Host "推送到 GitHub..." -ForegroundColor Yellow + Write-Host "远程仓库: $($originRemote -replace '://.*@', '://****@')" -ForegroundColor Gray + Write-Host "分支: main" -ForegroundColor Gray + Write-Host "" + + git push origin main + if ($LASTEXITCODE -eq 0) { + Write-Host "✓ 代码已成功推送到 GitHub" -ForegroundColor Green + } else { + Write-Host "✗ 推送到 GitHub 失败" -ForegroundColor Red + } +} + +Write-Host "" +Write-Host "=== 完成 ===" -ForegroundColor Green +Write-Host "" +Write-Host "使用说明:" -ForegroundColor Cyan +Write-Host " - 默认推送到私有仓库: .\scripts\push-to-private-repo.ps1" -ForegroundColor Gray +Write-Host " - 推送到 GitHub: .\scripts\push-to-private-repo.ps1 -PushToGitHub" -ForegroundColor Gray +Write-Host " - 推送到两个仓库: .\scripts\push-to-private-repo.ps1 -PushToBoth" -ForegroundColor Gray +Write-Host "" diff --git a/scripts/test-registry-connection.ps1 b/scripts/test-registry-connection.ps1 new file mode 100644 index 0000000..950fb97 --- /dev/null +++ b/scripts/test-registry-connection.ps1 @@ -0,0 +1,78 @@ +# 测试私有 Registry 连接 +# 用途:验证 Docker Registry 连接和认证 + +Write-Host "=== 测试私有 Registry 连接 ===" -ForegroundColor Cyan +Write-Host "" + +# 读取 Registry 配置 +$configFile = ".registry-config" +if (-not (Test-Path $configFile)) { + Write-Host "错误: 配置文件 $configFile 不存在" -ForegroundColor Red + exit 1 +} + +$config = @{} +Get-Content $configFile | ForEach-Object { + if ($_ -match '^\s*([^#=]+?)\s*=\s*(.+?)\s*$') { + $key = $matches[1].Trim() + $value = $matches[2].Trim() + $config[$key] = $value + } +} + +$registryUrl = $config['REGISTRY_URL'] +$registryUsername = $config['REGISTRY_USERNAME'] +$registryPassword = $config['REGISTRY_PASSWORD'] + +if (-not $registryUrl -or -not $registryUsername -or -not $registryPassword) { + Write-Host "错误: Registry 配置不完整" -ForegroundColor Red + exit 1 +} + +Write-Host "配置信息:" -ForegroundColor Cyan +Write-Host " Registry URL: $registryUrl" -ForegroundColor Gray +Write-Host " 用户名: $registryUsername" -ForegroundColor Gray +Write-Host " 密码: ****" -ForegroundColor Gray +Write-Host "" + +# 测试网络连接 +Write-Host "1. 测试网络连接..." -ForegroundColor Yellow +$testResult = Test-NetConnection -ComputerName $registryUrl -Port 443 -InformationLevel Quiet -WarningAction SilentlyContinue 2>$null +if ($testResult) { + Write-Host "✓ 网络连接正常" -ForegroundColor Green +} else { + Write-Host "⚠ 网络连接可能有问题" -ForegroundColor Yellow +} +Write-Host "" + +# 测试 Docker 登录 +Write-Host "2. 测试 Docker 登录..." -ForegroundColor Yellow +$loginResult = echo $registryPassword | docker login $registryUrl -u $registryUsername --password-stdin 2>&1 +if ($LASTEXITCODE -eq 0) { + Write-Host "✓ Docker 登录成功" -ForegroundColor Green +} else { + Write-Host "✗ Docker 登录失败" -ForegroundColor Red + Write-Host " 请检查:" -ForegroundColor Yellow + Write-Host " - Registry URL 是否正确" -ForegroundColor Gray + Write-Host " - 用户名和密码是否正确" -ForegroundColor Gray + Write-Host " - Registry 服务是否正常运行" -ForegroundColor Gray + exit 1 +} +Write-Host "" + +# 测试 Registry 访问 +Write-Host "3. 测试 Registry 访问..." -ForegroundColor Yellow +$images = docker images 2>&1 +if ($images -match $registryUrl) { + Write-Host "✓ Registry 访问正常" -ForegroundColor Green +} else { + Write-Host "⚠ 无法验证 Registry 访问(可能需要先推送镜像)" -ForegroundColor Yellow +} +Write-Host "" + +Write-Host "=== 测试完成 ===" -ForegroundColor Green +Write-Host "" +Write-Host "Registry 连接正常,可以使用以下命令推送镜像:" -ForegroundColor Cyan +$pushScript = ".\scripts\push-images-to-private-registry.ps1" +Write-Host " $pushScript" -ForegroundColor Gray +Write-Host ""