synchronization

2025-08-25 17:53:08 +08:00
commit c201eb5ef9
318 changed files with 23092 additions and 0 deletions
--- a/CICD/Github/README.md
+++ b/CICD/Github/README.md
@@ -0,0 +1,189 @@
+> 本文作者：丁辉
+
+# GithubAction学习
+
+## 触发Action构建
+
+```bash
+curl -X POST https://api.github.com/repos/$用户/$仓库名/dispatches -H "Accept: application/vnd.github.everest-preview+json" -H "Authorization: token $YOUR_API_TOKEN" --data '{"event_type": "StartAction"}'
+```
+
+## GITHUB设置Secrets
+
+网址为：`仓库地址/settings/secrets/actions`
+
+## 构建示例
+
+### 构建触发
+
+```yaml
+#定时任务触发构建
+on:
+  schedule:
+    - cron: "0 0 * * *"
+
+#通过接口触发构建
+on:
+  repository_dispatch:
+    types:
+      - StartAction
+
+#通过 push 代码触发构建
+on:
+  push:
+    branches:
+      - master
+
+# 当 push 到 master 分支，或者创建以 v 开头的 tag 时触发
+on:
+  push:
+    branches:
+      - master
+    tags:
+      - v*
+```
+
+### 本地执行命令类
+
+```yaml
+name: Build
+
+#本地执行命令类
+jobs:
+  run-docker-command:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+      - name: Run Docker Command
+        run: |
+          docker run --name mysql \
+          -e MYSQL_ROOT_PASSWORD=${{ secrets.PASSWORD }} \
+          ${{ secrets.IMAGES }}
+```
+
+### 构建Docker镜像
+
+```yaml
+name: Build-Images
+
+# Docker构建镜像并 push 到仓库内
+jobs:
+  Build-Images-One:
+    runs-on: ubuntu-latest
+    steps:
+      -
+        name: Checkout
+        uses: actions/checkout@v3
+      -
+        name: Login to Docker Hub
+        uses: docker/login-action@v2
+        with:
+          username: ${{ secrets.DOCKER_HUB_USERNAME }}
+          password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
+      -
+        name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+      -
+        name: Build and push image
+        uses: docker/build-push-action@v3
+        with:
+          context: ./
+          file: ./Dockerfile
+          push: true
+          tags: ${{ secrets.DOCKER_HUB_USERNAME }}/${{ secrets.DOCKER_HUB_STASH }}:${{ secrets.TAG }}
+          
+  Build--Images-Two:
+    needs: Build-Images-One #等待 One 构建成功后开始执行
+    runs-on: ubuntu-latest
+    steps:
+    -
+      name: Check Out
+      uses: actions/checkout@v3
+    -
+      name: Login to Docker Hub
+      uses: docker/login-action@v2
+      with:
+        username: ${{ secrets.DOCKER_HUB_USERNAME }}
+        password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
+    -
+       name: Set up Docker Buildx
+       uses: docker/setup-buildx-action@v2
+
+    - name: Build and push
+      id: docker_build
+      uses: docker/build-push-action@v3
+      with:
+        context: ./demo/
+        file: ./demo/Dockerfile
+        push: true
+        tags: ${{ secrets.DOCKER_HUB_USERNAME }}/${{ secrets.DOCKER_HUB_STASH }}:${{ secrets.TAG }}
+```
+
+### 构建多架构镜像
+
+[官方Demo](https://docs.docker.com/build/ci/github-actions/multi-platform/)
+
+```yaml
+name: ci
+
+on:
+  push:
+    branches:
+      - "main"
+
+jobs:
+  docker:
+    runs-on: ubuntu-latest
+    steps:
+      -
+        name: Login to Docker Hub
+        uses: docker/login-action@v2
+        with:
+            username: ${{ secrets.DOCKERHUB_USERNAME }}
+            password: ${{ secrets.DOCKERHUB_TOKEN }}
+      -
+        name: Checkout
+        uses: actions/checkout@v3
+      -
+        name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
+      -
+        name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+      -
+        name: Build and push
+        uses: docker/build-push-action@v4
+        with:
+          context: .
+          platforms: linux/amd64,linux/arm64
+          #支持列表：https://github.com/docker-library/official-images#architectures-other-than-amd64
+          #platforms: |
+            #linux/arm64
+            #linux/amd64
+            #linux/arm/v5
+            #linux/arm/v7
+            #linux/386 #适用于 x86 32 位架构的 Docker 镜像
+            #linux/mips64le #适用于 MIPS 64 位架构的 Docker 镜像
+            #linux/ppc64le #适用于 IBM Power 架构的 Docker 镜像
+            #linux/s390x #适用于 IBM Z 架构的 Docker 镜像
+          push: true
+          tags: ${{ secrets.DOCKERHUB_USERNAME }}/demo:latest
+```
+
+### Dependabot实现更新项目中的依赖项
+
+当你在项目中使用很多第三方库（例如JavaScript项目中的npm包）时，这些库会不断更新，有时是为了添加新功能，有时是为了修复安全漏洞。手动跟踪和更新这些库可能既费时又容易出错。这就是Dependabot发挥作用的地方。
+
+[官方文档](https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates)
+
+```yaml
+version: 2
+updates:
+- package-ecosystem: npm
+  directory: "/"
+  schedule:
+    interval: daily
+  open-pull-requests-limit: 20
+```
+