163 lines
6.0 KiB
PowerShell
163 lines
6.0 KiB
PowerShell
# GitHub Actions 部署快速设置脚本
|
||
# 用途:生成 SSH 密钥、准备 GitHub 推送
|
||
|
||
Write-Host "=== GitHub Actions 部署快速设置 ===" -ForegroundColor Cyan
|
||
Write-Host ""
|
||
|
||
# 检查 Git 是否已初始化
|
||
if (-not (Test-Path .git)) {
|
||
Write-Host "初始化 Git 仓库..." -ForegroundColor Yellow
|
||
git init
|
||
Write-Host "✓ Git 仓库已初始化" -ForegroundColor Green
|
||
} else {
|
||
Write-Host "✓ Git 仓库已存在" -ForegroundColor Green
|
||
}
|
||
|
||
# 检查是否已配置远程仓库
|
||
$remoteUrl = git remote get-url origin 2>$null
|
||
if ($remoteUrl) {
|
||
Write-Host ""
|
||
Write-Host "当前远程仓库: $remoteUrl" -ForegroundColor Cyan
|
||
$changeRemote = Read-Host "是否更改远程仓库地址? (y/n)"
|
||
if ($changeRemote -eq "y" -or $changeRemote -eq "Y") {
|
||
$newUrl = Read-Host "请输入新的 GitHub 仓库 URL"
|
||
git remote set-url origin $newUrl
|
||
Write-Host "✓ 远程仓库已更新" -ForegroundColor Green
|
||
}
|
||
} else {
|
||
Write-Host ""
|
||
Write-Host "未配置远程仓库" -ForegroundColor Yellow
|
||
$setupRemote = Read-Host "是否现在配置? (y/n)"
|
||
if ($setupRemote -eq "y" -or $setupRemote -eq "Y") {
|
||
$githubUrl = Read-Host "请输入 GitHub 仓库 URL (例如: https://github.com/username/repo.git)"
|
||
git remote add origin $githubUrl
|
||
Write-Host "✓ 远程仓库已添加" -ForegroundColor Green
|
||
}
|
||
}
|
||
|
||
# 生成 SSH 密钥
|
||
Write-Host ""
|
||
Write-Host "=== 生成 SSH 密钥 ===" -ForegroundColor Cyan
|
||
$sshKeyPath = "$env:USERPROFILE\.ssh\github-actions"
|
||
$sshKeyPubPath = "$sshKeyPath.pub"
|
||
|
||
if (Test-Path $sshKeyPath) {
|
||
Write-Host "SSH 密钥已存在: $sshKeyPath" -ForegroundColor Yellow
|
||
$regenerate = Read-Host "是否重新生成? (y/n)"
|
||
if ($regenerate -ne "y" -and $regenerate -ne "Y") {
|
||
Write-Host "跳过 SSH 密钥生成" -ForegroundColor Gray
|
||
} else {
|
||
Remove-Item $sshKeyPath -Force -ErrorAction SilentlyContinue
|
||
Remove-Item $sshKeyPubPath -Force -ErrorAction SilentlyContinue
|
||
}
|
||
}
|
||
|
||
if (-not (Test-Path $sshKeyPath)) {
|
||
Write-Host "正在生成 SSH 密钥..." -ForegroundColor Yellow
|
||
ssh-keygen -t ed25519 -C "github-actions-deploy" -f $sshKeyPath -N '""' | Out-Null
|
||
Write-Host "✓ SSH 密钥已生成" -ForegroundColor Green
|
||
}
|
||
|
||
# 显示公钥和私钥
|
||
Write-Host ""
|
||
Write-Host "=== SSH 密钥信息 ===" -ForegroundColor Cyan
|
||
Write-Host ""
|
||
Write-Host "公钥(需要添加到服务器的 ~/.ssh/authorized_keys):" -ForegroundColor Yellow
|
||
Write-Host "---"
|
||
Get-Content $sshKeyPubPath
|
||
Write-Host "---"
|
||
Write-Host ""
|
||
|
||
Write-Host "私钥(需要添加到 GitHub Secrets 的 PROD_SSH_KEY):" -ForegroundColor Yellow
|
||
Write-Host "---"
|
||
Get-Content $sshKeyPath
|
||
Write-Host "---"
|
||
Write-Host ""
|
||
|
||
# 保存到文件
|
||
$pubKeyFile = "github-actions.pub"
|
||
$privKeyFile = "github-actions.key"
|
||
Copy-Item $sshKeyPubPath $pubKeyFile -Force
|
||
Copy-Item $sshKeyPath $privKeyFile -Force
|
||
Write-Host "✓ 密钥已保存到项目根目录:" -ForegroundColor Green
|
||
Write-Host " - $pubKeyFile (公钥)" -ForegroundColor Gray
|
||
Write-Host " - $privKeyFile (私钥)" -ForegroundColor Gray
|
||
Write-Host ""
|
||
Write-Host "⚠ 注意: 请妥善保管私钥文件,不要提交到 Git!" -ForegroundColor Red
|
||
|
||
# 检查 .gitignore
|
||
Write-Host ""
|
||
Write-Host "=== 检查 .gitignore ===" -ForegroundColor Cyan
|
||
if (Test-Path .gitignore) {
|
||
$gitignoreContent = Get-Content .gitignore -Raw
|
||
if ($gitignoreContent -notmatch "github-actions\.key") {
|
||
Add-Content .gitignore "`n# GitHub Actions SSH Key`ngithub-actions.key`n"
|
||
Write-Host "✓ 已添加 github-actions.key 到 .gitignore" -ForegroundColor Green
|
||
} else {
|
||
Write-Host "✓ .gitignore 已包含 github-actions.key" -ForegroundColor Green
|
||
}
|
||
} else {
|
||
Write-Host "创建 .gitignore..." -ForegroundColor Yellow
|
||
@"
|
||
# GitHub Actions SSH Key
|
||
github-actions.key
|
||
"@ | Out-File .gitignore -Encoding UTF8
|
||
Write-Host "✓ .gitignore 已创建" -ForegroundColor Green
|
||
}
|
||
|
||
# 生成 GitHub Secrets 配置模板
|
||
Write-Host ""
|
||
Write-Host "=== GitHub Secrets 配置模板 ===" -ForegroundColor Cyan
|
||
$secretsTemplate = @"
|
||
# GitHub Secrets 配置清单
|
||
# 进入仓库: Settings → Secrets and variables → Actions → New repository secret
|
||
|
||
## 必需 Secrets
|
||
|
||
PROD_HOST=你的服务器IP
|
||
PROD_USER=你的SSH用户名(通常是 root 或 ubuntu)
|
||
PROD_SSH_KEY=上面的私钥内容(github-actions.key 文件内容)
|
||
PROD_DOMAIN=你的生产域名(例如: api.yourdomain.com)
|
||
|
||
## 可选 Secrets
|
||
|
||
PROD_SSH_PORT=22
|
||
PROD_APP_PATH=/opt/wecom-ai-assistant
|
||
GHCR_TOKEN=(可选,默认使用 GITHUB_TOKEN)
|
||
|
||
## 配置步骤
|
||
|
||
1. 复制上面的私钥内容
|
||
2. 进入 GitHub 仓库 → Settings → Secrets and variables → Actions
|
||
3. 点击 New repository secret
|
||
4. 依次添加上述 Secrets(名称和值)
|
||
5. 确保 Workflow permissions 设置为 "Read and write permissions"
|
||
"@
|
||
|
||
$secretsFile = "GITHUB_SECRETS_TEMPLATE.md"
|
||
$secretsTemplate | Out-File $secretsFile -Encoding UTF8
|
||
Write-Host "✓ 配置模板已保存到: $secretsFile" -ForegroundColor Green
|
||
|
||
# 显示下一步操作
|
||
Write-Host ""
|
||
Write-Host "=== 下一步操作 ===" -ForegroundColor Cyan
|
||
Write-Host ""
|
||
Write-Host "1. 将公钥添加到服务器:" -ForegroundColor Yellow
|
||
Write-Host " ssh user@your-server" -ForegroundColor Gray
|
||
Write-Host " mkdir -p ~/.ssh" -ForegroundColor Gray
|
||
Write-Host " echo '$(Get-Content $pubKeyFile)' >> ~/.ssh/authorized_keys" -ForegroundColor Gray
|
||
Write-Host " chmod 600 ~/.ssh/authorized_keys" -ForegroundColor Gray
|
||
Write-Host ""
|
||
Write-Host "2. 配置 GitHub Secrets:" -ForegroundColor Yellow
|
||
Write-Host " 查看文件: $secretsFile" -ForegroundColor Gray
|
||
Write-Host ""
|
||
Write-Host "3. 推送代码到 GitHub:" -ForegroundColor Yellow
|
||
Write-Host " git add ." -ForegroundColor Gray
|
||
Write-Host " git commit -m 'Initial commit'" -ForegroundColor Gray
|
||
Write-Host " git push -u origin main" -ForegroundColor Gray
|
||
Write-Host ""
|
||
Write-Host "4. 在生产服务器上准备:" -ForegroundColor Yellow
|
||
Write-Host " 参见: docs/github-quickstart.md" -ForegroundColor Gray
|
||
Write-Host ""
|
||
Write-Host "✓ 设置完成!" -ForegroundColor Green
|