name: Deploy to Production Environment on: push: tags: - 'v*-prod' workflow_dispatch: concurrency: group: deploy-prod cancel-in-progress: false env: ENVIRONMENT: production REGISTRY: registry.cn-hangzhou.aliyuncs.com IMAGE_NAME: ${{ github.repository }} jobs: approval: name: Approval Required runs-on: ubuntu-latest environment: name: production url: https://fischerx.com steps: - name: Wait for approval run: echo "Deployment waiting for manual approval..." deploy: name: Deploy to Production needs: approval runs-on: ubuntu-latest environment: name: production url: https://fischerx.com timeout-minutes: 60 steps: - name: Checkout repository uses: actions/checkout@v4 - name: Setup kubectl uses: azure/setup-kubectl@v4 with: version: 'v1.28.0' - name: Configure Kubernetes credentials run: | mkdir -p ~/.kube echo "${{ secrets.KUBE_CONFIG_PROD }}" | base64 -d > ~/.kube/config chmod 600 ~/.kube/config - name: Verify Kubernetes connection run: kubectl cluster-info - name: Log in to Aliyun Container Registry uses: docker/login-action@v3 with: registry: ${{ env.REGISTRY }} username: ${{ secrets.ALIYUN_REGISTRY_USERNAME }} password: ${{ secrets.ALIYUN_REGISTRY_PASSWORD }} - name: Extract tag version id: extract_version run: | TAG=${GITHUB_REF#refs/tags/} VERSION=${TAG%%-prod} echo "VERSION=$VERSION" >> $GITHUB_OUTPUT - name: Run pre-deployment checks run: | echo "Running pre-deployment checks..." # 这里添加部署前检查 - name: Deploy to Kubernetes (Canary/Blue-Green) run: | echo "Deploying version ${{ steps.extract_version.outputs.VERSION }} to production..." # 这里添加具体的部署脚本,支持 Canary 或 Blue-Green 部署 # 示例: # kubectl set image deployment/fischerx-api fischerx-api=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.extract_version.outputs.VERSION }} # kubectl rollout status deployment/fischerx-api - name: Run database migrations run: | echo "Running database migrations..." # 这里添加数据库迁移命令 - name: Health check run: | echo "Running health checks..." # 这里添加健康检查脚本 - name: Send deployment notification if: always() uses: 8398a7/action-slack@v3 with: status: ${{ job.status }} text: 'Deployment to production environment ${{ job.status }}' webhook_url: ${{ secrets.SLACK_WEBHOOK_URL }}