diff --git a/.blueprint/modules/gitea-integration.md b/.blueprint/modules/gitea-integration.md index 620e593..096cf25 100644 --- a/.blueprint/modules/gitea-integration.md +++ b/.blueprint/modules/gitea-integration.md @@ -110,8 +110,8 @@ Gitea push → POST /webhook/gitea/:project_id - complexity: L - acceptance: TBD —— 静态检查 + 测试自修 + PR review;作为复杂项目可选增配,不进基线档 -### 📋 R0. 炼境自身发版链路迁移(本机 act_runner + Gitea Actions) -- status: todo +### 🔵 R0. 炼境自身发版链路迁移(本机 act_runner + Gitea Actions) +- status: in_progress - complexity: M - depends: Gitea Actions workflow 生成 - files: .gitea/workflows/release.yml(生成), .github/workflows/release.yml(删除) diff --git a/.github/workflows/release.yml b/.gitea/workflows/release.yml similarity index 58% rename from .github/workflows/release.yml rename to .gitea/workflows/release.yml index 698114f..71ce95e 100644 --- a/.github/workflows/release.yml +++ b/.gitea/workflows/release.yml @@ -1,5 +1,7 @@ -# Tauri v2 Windows 自动构建 + 签名 + 阿里云 OSS 发布 -# 完整部署教程与踩坑指南见 docs/tauri-cicd-guide.md +# Tauri v2 Windows 构建 + 签名 + 阿里云 OSS 发布(Gitea Actions) +# runner:本机 act_runner(label: windows,host 模式)——工具链直接使用本机环境, +# 故省去 setup-node/pnpm/rust 等 action,减少 host 模式下的下载与 toolcache 故障面。 +# 发布产物走 OSS 分发(tauri-plugin-updater 读 latest.json),不依赖 Release 页面。 name: Release on: @@ -9,33 +11,14 @@ on: jobs: release: - runs-on: windows-latest - permissions: - contents: write + runs-on: windows steps: - uses: actions/checkout@v4 - - uses: pnpm/action-setup@v4 - with: - version: 9 + - name: Install deps + shell: pwsh + run: pnpm install --frozen-lockfile - - name: Setup Node.js - uses: actions/setup-node@v4 - with: - node-version: '20' - cache: 'pnpm' - - - name: Install Rust - uses: dtolnay/rust-toolchain@stable - - - name: Rust cache - uses: swatinem/rust-cache@v2 - with: - workspaces: './src-tauri -> target' - - - run: pnpm install --frozen-lockfile - - # 诊断:确认签名密钥已注入 - name: Verify signing key shell: pwsh env: @@ -45,39 +28,15 @@ jobs: Write-Error "TAURI_SIGNING_PRIVATE_KEY is EMPTY - update bundles will not be generated!" exit 1 } - $lines = $env:TAURI_SIGNING_PRIVATE_KEY.Split("`n").Count - Write-Host "TAURI_SIGNING_PRIVATE_KEY is set ($lines lines)" + Write-Host "TAURI_SIGNING_PRIVATE_KEY is set" - # 先创建 GitHub Release(解决 tauri-action 权限问题) - - name: Create Release - uses: softprops/action-gh-release@v2 - with: - tag_name: ${{ github.ref_name }} - name: 炼境 ${{ github.ref_name }} - body: | - ## 更新内容 - 请查看提交记录了解详情。 - draft: false - prerelease: false - - # 构建 Tauri 应用,tauri-action 发现已有 Release 后只上传文件 - - name: Build & Release - uses: tauri-apps/tauri-action@v0 + - name: Build(签名随环境变量注入) + shell: pwsh env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} TAURI_SIGNING_PRIVATE_KEY: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY }} TAURI_SIGNING_PRIVATE_KEY_PASSWORD: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY_PASSWORD }} - with: - tagName: ${{ github.ref_name }} - releaseName: 炼境 ${{ github.ref_name }} - releaseBody: | - ## 更新内容 - 请查看提交记录了解详情。 - releaseDraft: false - prerelease: false - args: --verbose + run: pnpm tauri build --verbose - # 上传到阿里云 OSS + 生成 latest.json - name: Upload to OSS & generate latest.json shell: pwsh env: @@ -89,39 +48,32 @@ jobs: # 下载 ossutil $oss = "$env:GITHUB_WORKSPACE\ossutil64.exe" Invoke-WebRequest -Uri "https://gosspublic.alicdn.com/ossutil/1.7.17/ossutil-v1.7.17-windows-amd64.zip" -OutFile oss.zip - Expand-Archive oss.zip -DestinationPath oss_tmp + Expand-Archive oss.zip -DestinationPath oss_tmp -Force $exeFound = Get-ChildItem oss_tmp -Filter "ossutil*.exe" -Recurse | Select-Object -First 1 Copy-Item $exeFound.FullName $oss - # 直接在本步骤找文件,不依赖 step outputs $tag = "${{ github.ref_name }}" $version = $tag.TrimStart('v') $nsisDir = "$env:GITHUB_WORKSPACE\src-tauri\target\release\bundle\nsis" - Write-Host "=== bundle dir (all) ===" + Write-Host "=== bundle dir ===" Get-ChildItem "$env:GITHUB_WORKSPACE\src-tauri\target\release\bundle" -Recurse | ForEach-Object { Write-Host $_.FullName } $all = Get-ChildItem $nsisDir - # Tauri v2: 更新包是 .exe + .exe.sig(不再是 .nsis.zip) $installer = $all | Where-Object { $_.Name.EndsWith('-setup.exe') } | Select-Object -First 1 $sigFile = $all | Where-Object { $_.Name.EndsWith('-setup.exe.sig') } | Select-Object -First 1 - Write-Host "installer : $($installer?.FullName)" - Write-Host "sigFile : $($sigFile?.FullName)" - if (-not $installer) { Write-Error "installer not found!"; exit 1 } $bucket = "oss://$env:OSS_BUCKET" $endpoint = "https://$env:OSS_ENDPOINT" & $oss config -e $endpoint -i $env:OSS_KEY_ID -k $env:OSS_KEY_SECRET -L CH - & $oss cp $installer.FullName "$bucket/releases/$tag/$($installer.Name)" -f if ($sigFile) { & $oss cp $sigFile.FullName "$bucket/releases/$tag/$($sigFile.Name)" -f - # 生成 latest.json(Tauri v2 格式:url 指向 .exe,signature 来自 .exe.sig) $date = (Get-Date -Format 'yyyy-MM-ddTHH:mm:ssZ') $baseUrl = "https://$env:OSS_BUCKET.$env:OSS_ENDPOINT/releases/$tag" $sig = (Get-Content $sigFile.FullName -Raw).Trim() @@ -145,5 +97,5 @@ jobs: & $oss cp latest.json "$bucket/latest.json" -f Write-Host "latest.json uploaded" } else { - Write-Warning "sigFile (.exe.sig) not found — skipping updater upload" + Write-Warning "sigFile (.exe.sig) not found - skipping updater upload" }