JavaWebSec/.github/workflows/deploy-vps.yml at main · gb233/JavaWebSec · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
# CI 通过后自动部署到 VPS 演示环境，并做简单验证
# 支持账号密码 SSH（VPS_PASSWORD）或私钥（SSH_PRIVATE_KEY）二选一
name: Deploy to VPS

on:
  workflow_run:
    workflows: ["CI"]
    types: [completed]
    branches: [main, master]
  workflow_dispatch:

jobs:
  deploy:
    name: Deploy to VPS
    runs-on: ubuntu-latest
    if: ${{ github.event.workflow_run.conclusion == 'success' || github.event_name == 'workflow_dispatch' }}
    steps:
      - name: Deploy and restart on VPS (SSH)
        uses: appleboy/ssh-action@v1.0.3
        with:
          host: ${{ secrets.VPS_HOST }}
          username: ${{ secrets.VPS_USER }}
          password: ${{ secrets.VPS_PASSWORD }}
          port: ${{ secrets.VPS_PORT || 22 }}
          script: |
            cd ${{ secrets.DEPLOY_PATH || 'javaweb-security' }} || exit 1
            if [ "${{ secrets.STOP_BEFORE_START || 'true' }}" = "true" ]; then docker compose -f docker-compose.prod.yml down; fi
            git fetch origin && (git reset --hard origin/main || git reset --hard origin/master)
            docker compose -f docker-compose.prod.yml pull --quiet 2>/dev/null || true
            docker compose -f docker-compose.prod.yml up -d --build
            docker compose -f docker-compose.prod.yml ps

      - name: Verify deployment
        run: |
          url="${{ secrets.DEMO_URL || 'http://43.139.23.197:8080' }}"
          if curl -sf --connect-timeout 10 "${url}/actuator/health" > /dev/null 2>&1; then
            echo "✅ Backend health check passed: $url/actuator/health"
          else
            echo "⚠️ Backend health check failed or DEMO_URL not set; skipping."
          fi