weli
e56713e23e
新增 scripts/moicen-remote-readonly-check.sh;同源 PR/push 跑 MOICEN_SSH_*。 Made-with: Cursor
75 lines
2.5 KiB
YAML
75 lines
2.5 KiB
YAML
# 仅 npm + Playwright,不 build Rust / 不 Compose;测已部署 music-room H5。
|
|
name: music-room Playwright
|
|
|
|
on:
|
|
push:
|
|
branches: [master, main]
|
|
pull_request:
|
|
workflow_dispatch:
|
|
inputs:
|
|
base_url:
|
|
description: H5 基址(含协议,无末尾斜杠)
|
|
required: false
|
|
default: "https://music-room.moicen.com"
|
|
type: string
|
|
schedule:
|
|
# 每天 06:30 UTC 对默认 H5 跑一遍(北京时间约 14:30)
|
|
- cron: "30 6 * * *"
|
|
|
|
concurrency:
|
|
group: huike-e2e-moicen-${{ github.workflow }}-${{ github.ref }}
|
|
cancel-in-progress: true
|
|
|
|
jobs:
|
|
playwright:
|
|
runs-on: ubuntu-latest
|
|
timeout-minutes: 30
|
|
permissions:
|
|
contents: read
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- name: 解析 H5 基址
|
|
run: |
|
|
URL="${{ inputs.base_url }}"
|
|
if [ -z "$URL" ]; then URL="https://music-room.moicen.com"; fi
|
|
echo "HUIKE_FRONT_BASE_URL=$URL" >> "$GITHUB_ENV"
|
|
echo "Using HUIKE_FRONT_BASE_URL=$URL"
|
|
|
|
- uses: actions/setup-node@v4
|
|
with:
|
|
node-version: "20"
|
|
cache: "npm"
|
|
cache-dependency-path: package-lock.json
|
|
|
|
- name: 依赖与 Chromium
|
|
run: |
|
|
npm ci
|
|
npx playwright install chromium --with-deps
|
|
|
|
- name: Playwright
|
|
env:
|
|
MOICEN_E2E_UNIONID: ${{ secrets.MOICEN_E2E_UNIONID }}
|
|
# 可选:Repository variables,例如后端 health/ping;未配置时对应用例 skip
|
|
MOICEN_HEALTHCHECK_URL: ${{ vars.MOICEN_HEALTHCHECK_URL }}
|
|
run: npx playwright test
|
|
|
|
# 同源 PR / push / 定时 / dispatch 才跑;fork 打开 PR 时不注入仓库 Secrets,避免误用空密钥失败。
|
|
- name: Moicen SSH 只读校验(DB / Redis / 日志)
|
|
if: success() && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository)
|
|
env:
|
|
MOICEN_SSH_HOST: moicen.com
|
|
SSH_USER: ${{ secrets.MOICEN_SSH_USER }}
|
|
run: |
|
|
set -euo pipefail
|
|
mkdir -p ~/.ssh
|
|
chmod 700 ~/.ssh
|
|
printf '%s\n' "${{ secrets.MOICEN_SSH_KNOWN_HOSTS }}" >> ~/.ssh/known_hosts
|
|
printf '%s\n' "${{ secrets.MOICEN_SSH_PRIVATE_KEY }}" > ~/.ssh/moicen_ci
|
|
chmod 600 ~/.ssh/moicen_ci
|
|
ssh -i ~/.ssh/moicen_ci \
|
|
-o StrictHostKeyChecking=yes \
|
|
-o IdentitiesOnly=yes \
|
|
"${SSH_USER}@${MOICEN_SSH_HOST}" \
|
|
'bash -s' < scripts/moicen-remote-readonly-check.sh
|