Superuser/miniapp-api
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
e73149f91d7014e7f46ad6a12ba42488cbdcef49
miniapp-api/deploy/webhook-server.js
T
Developer e73149f91d feat: 添加 miniapp-api_test 测试环境自动化部署配置 
- 新增 docker-compose.test.yml 测试环境配置
  - API 端口: 3001
  - MongoDB 端口: 27019
  - 独立数据卷隔离
  - SERVER_URL: https://miniapp-api-test.dxz99wyr.cn
- 新增 deploy/webhook-server.js Webhook 自动部署服务
- 新增 deploy/webhook.service systemd 服务配置
- 新增 deploy/setup.sh 一键初始化脚本
- Webhook Secret 与正式版保持一致: miniapp-api-deploy-secret
2026-05-18 20:42:40 +08:00

106 lines
3.5 KiB
JavaScript
Raw Blame History

const http = require('http');
const { exec } = require('child_process');
const path = require('path');
const crypto = require('crypto');
const PORT = 9001;
const DEPLOY_DIR = '/opt/miniapp-api_test';
const COMPOSE_FILE = 'docker-compose.test.yml';
const SECRET = process.env.WEBHOOK_SECRET || 'miniapp-api-deploy-secret';
function verifySignature(payload, signature) {
const hmac = crypto.createHmac('sha256', SECRET);
const digest = 'sha256=' + hmac.update(payload).digest('hex');
return crypto.timingSafeEqual(Buffer.from(digest), Buffer.from(signature));
}
function runCommand(command, cwd) {
return new Promise((resolve, reject) => {
console.log(`[${new Date().toISOString()}] 执行命令: ${command}`);
const child = exec(command, { cwd, maxBuffer: 1024 * 1024 }, (error, stdout, stderr) => {
if (error) {
console.error(`[${new Date().toISOString()}] 命令执行失败:`, error.message);
console.error('stderr:', stderr);
reject(error);
return;
}
console.log(`[${new Date().toISOString()}] 命令输出:\n${stdout}`);
if (stderr) console.error(`stderr: ${stderr}`);
resolve(stdout);
});
});
}
async function deploy() {
const timestamp = new Date().toISOString();
console.log(`\n========== 开始部署 miniapp-api_test [${timestamp}] ==========`);
try {
await runCommand('git fetch origin', DEPLOY_DIR);
await runCommand('git reset --hard origin/main', DEPLOY_DIR);
await runCommand(`docker-compose -f ${COMPOSE_FILE} build --no-cache`, DEPLOY_DIR);
await runCommand(`docker-compose -f ${COMPOSE_FILE} up -d`, DEPLOY_DIR);
await runCommand('docker image prune -f', DEPLOY_DIR);
console.log(`[${new Date().toISOString()}] 部署成功完成`);
return { success: true, message: '部署成功' };
} catch (error) {
console.error(`[${new Date().toISOString()}] 部署失败:`, error.message);
return { success: false, message: error.message };
}
}
const server = http.createServer(async (req, res) => {
if (req.method !== 'POST' || req.url !== '/webhook') {
res.writeHead(404);
res.end('Not Found');
return;
}
let body = '';
req.on('data', chunk => { body += chunk; });
req.on('end', async () => {
const signature = req.headers['x-hub-signature-256'] || req.headers['x-gitlab-token'];
if (SECRET !== 'your_webhook_secret_here' && signature) {
const isValid = verifySignature(body, signature);
if (!isValid) {
console.warn(`[${new Date().toISOString()}] Webhook 签名验证失败`);
res.writeHead(401);
res.end('Unauthorized');
return;
}
}
let payload;
try {
payload = JSON.parse(body);
} catch (e) {
payload = {};
}
const ref = payload.ref || payload.object_attributes?.ref || 'unknown';
console.log(`[${new Date().toISOString()}] 收到 Webhook 请求, ref: ${ref}`);
if (ref === 'refs/heads/main' || ref === 'main' || !ref.includes('refs/')) {
res.writeHead(202);
res.end(JSON.stringify({ status: 'accepted', message: '部署任务已启动' }));
const result = await deploy();
console.log(`[${new Date().toISOString()}] 部署结果:`, result);
} else {
res.writeHead(200);
res.end(JSON.stringify({ status: 'ignored', message: '非 main 分支推送, 忽略' }));
}
});
});
server.listen(PORT, '0.0.0.0', () => {
console.log(`Webhook 服务器已启动, 监听端口 ${PORT}`);
console.log(`部署目录: ${DEPLOY_DIR}`);
console.log(`接收地址: http://your-server-ip:${PORT}/webhook`);
});
Reference in New Issue View Git Blame Copy Permalink