name: 构建并部署 AI Agent 服务 on: push: branches: [ main, master ] workflow_dispatch: jobs: deploy: runs-on: ubuntu-latest steps: - name: 检出代码 uses: actions/checkout@v4.1.1 - name: 检查 Python 环境 run: | python3 --version pip3 --version - name: 验证 Secrets 配置 run: | echo "🔐 检查环境变量注入情况..." check_secret() { local name="$1" local desc="$2" local value="${!name}" if [ -n "$value" ]; then echo "✅ ${name} 已注入(长度:${#value})" else echo "⚠️ ${name} 未注入(${desc})" fi } check_secret "ZHIPUAI_API_KEY" "智谱模型不可用" check_secret "DEEPSEEK_API_KEY" "DeepSeek模型不可用" check_secret "LLAMACPP_API_KEY" "本地LLM/Embedding不可用" check_secret "DB_PASSWORD" "PostgreSQL数据库不可用" check_secret "QDRANT_API_KEY" "Qdrant向量数据库不可用" check_secret "MAIL_USERNAME" "邮件通知不可用" check_secret "MAIL_PASSWORD" "邮件通知不可用" check_secret "MAIL_TO" "邮件通知不可用" echo "" echo "💡 提示:如果看到警告,请在 Gitea 仓库 Settings → Secrets 中添加对应密钥" env: ZHIPUAI_API_KEY: ${{ secrets.ZHIPUAI_API_KEY }} DEEPSEEK_API_KEY: ${{ secrets.DEEPSEEK_API_KEY }} LLAMACPP_API_KEY: ${{ secrets.LLAMACPP_API_KEY }} DB_PASSWORD: ${{ secrets.DB_PASSWORD }} QDRANT_API_KEY: ${{ secrets.QDRANT_API_KEY }} MAIL_USERNAME: ${{ secrets.MAIL_USERNAME }} MAIL_PASSWORD: ${{ secrets.MAIL_PASSWORD }} MAIL_TO: ${{ secrets.MAIL_TO }} - name: 确保基础镜像已拉取 run: | docker pull python:3.11-slim || true - name: 构建并启动前后端服务(环境变量注入) env: ZHIPUAI_API_KEY: ${{ secrets.ZHIPUAI_API_KEY }} DEEPSEEK_API_KEY: ${{ secrets.DEEPSEEK_API_KEY }} LLAMACPP_API_KEY: ${{ secrets.LLAMACPP_API_KEY }} DB_PASSWORD: ${{ secrets.DB_PASSWORD }} QDRANT_API_KEY: ${{ secrets.QDRANT_API_KEY }} run: | export DOCKER_BUILDKIT=1 cd docker docker compose up -d --build backend frontend - name: 健康检查 run: | echo "等待后端服务启动..." sleep 30 for i in {1..10}; do # 修正端口为 8079 if curl -f http://172.17.0.1:8079/health > /dev/null 2>&1; then echo "✅ 后端服务正常" exit 0 fi echo "等待中... ($i/10)" sleep 5 done echo "❌ 后端服务未就绪,查看日志:" cd docker docker compose logs backend --tail 50 exit 1 - name: 清理无用的 Docker 资源 run: docker system prune -f - name: 显示运行状态 env: ZHIPUAI_API_KEY: ${{ secrets.ZHIPUAI_API_KEY }} DEEPSEEK_API_KEY: ${{ secrets.DEEPSEEK_API_KEY }} LLAMACPP_API_KEY: ${{ secrets.LLAMACPP_API_KEY }} DB_PASSWORD: ${{ secrets.DB_PASSWORD }} QDRANT_API_KEY: ${{ secrets.QDRANT_API_KEY }} run: | cd docker docker compose ps - name: 发送成功通知邮件 if: success() env: MAIL_USERNAME: ${{ secrets.MAIL_USERNAME }} MAIL_PASSWORD: ${{ secrets.MAIL_PASSWORD }} MAIL_TO: ${{ secrets.MAIL_TO }} run: | if [ -z "$MAIL_USERNAME" ] || [ -z "$MAIL_PASSWORD" ] || [ -z "$MAIL_TO" ]; then echo "⚠️ 邮件 Secrets 未配置,跳过发送邮件" exit 0 fi SUBJECT="✅ AI Agent 构建成功 - ${{ github.repository }}" BODY="构建成功!\n\n仓库: ${{ github.repository }}\n分支: ${{ github.ref }}\n提交: ${{ github.sha }}\n提交者: ${{ github.actor }}\n提交信息: ${{ github.event.head_commit.message }}\n\n查看详情: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}" echo "📧 发送成功通知邮件..." curl --url "smtps://smtp.qq.com:465" \ --ssl-reqd \ --mail-from "$MAIL_USERNAME" \ --mail-rcpt "$MAIL_TO" \ --user "$MAIL_USERNAME:$MAIL_PASSWORD" \ --upload-file <(echo -e "From: GitHub Actions <$MAIL_USERNAME>\nTo: $MAIL_TO\nSubject: $SUBJECT\n\n$BODY") - name: 发送失败通知邮件 if: failure() env: MAIL_USERNAME: ${{ secrets.MAIL_USERNAME }} MAIL_PASSWORD: ${{ secrets.MAIL_PASSWORD }} MAIL_TO: ${{ secrets.MAIL_TO }} run: | if [ -z "$MAIL_USERNAME" ] || [ -z "$MAIL_PASSWORD" ] || [ -z "$MAIL_TO" ]; then echo "⚠️ 邮件 Secrets 未配置,跳过发送邮件" exit 0 fi SUBJECT="❌ AI Agent 构建失败 - ${{ github.repository }}" BODY="构建失败!\n\n仓库: ${{ github.repository }}\n分支: ${{ github.ref }}\n提交: ${{ github.sha }}\n提交者: ${{ github.actor }}\n提交信息: ${{ github.event.head_commit.message }}\n\n查看详情: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}" echo "📧 发送失败通知邮件..." curl --url "smtps://smtp.qq.com:465" \ --ssl-reqd \ --mail-from "$MAIL_USERNAME" \ --mail-rcpt "$MAIL_TO" \ --user "$MAIL_USERNAME:$MAIL_PASSWORD" \ --upload-file <(echo -e "From: GitHub Actions <$MAIL_USERNAME>\nTo: $MAIL_TO\nSubject: $SUBJECT\n\n$BODY")