From 99d8f38c65a4c93a19d8a72362508e4f31d9e4da Mon Sep 17 00:00:00 2001 From: hotwa Date: Tue, 30 Sep 2025 15:02:00 +0800 Subject: [PATCH] debug --- .gitea/workflows/build-and-push.yml | 21 ++++++++++++++------- 1 file changed, 14 insertions(+), 7 deletions(-) diff --git a/.gitea/workflows/build-and-push.yml b/.gitea/workflows/build-and-push.yml index a9fc9de..3cbdf62 100644 --- a/.gitea/workflows/build-and-push.yml +++ b/.gitea/workflows/build-and-push.yml @@ -21,24 +21,31 @@ jobs: - name: Login to Aliyun ACR (non-interactive) env: - ACR_REGISTRY: ${{ secrets.ACR_REGISTRY }} # 例:registry.cn-hangzhou.aliyuncs.com 或 <实例>.registry.cn-hangzhou.aliyuncs.com - ACR_USERNAME: ${{ secrets.ACR_USERNAME }} # 例:ze***@qq.com(主账号/子账号)或 命名空间Token名 - ACR_PASSWORD: ${{ secrets.ACR_PASSWORD }} # 例:固定密码 / 命名空间Token值 + ACR_REGISTRY: ${{ secrets.ACR_REGISTRY }} # 例:registry.cn-hangzhou.aliyuncs.com 或 .registry.cn-hangzhou.aliyuncs.com + ACR_USERNAME: ${{ secrets.ACR_USERNAME }} # 例:主账号/ramuser@.onaliyun.com 或 命名空间Token名 + ACR_PASSWORD: ${{ secrets.ACR_PASSWORD }} # 例:固定密码 或 命名空间Token值 run: | set -euo pipefail - # 1) 注册表只能是“纯域名”,不能带 https:// 或路径 + # 检查 registry 形态 case "$ACR_REGISTRY" in http://*|https://*) echo "ACR_REGISTRY 不能带协议(http/https),只填域名"; exit 1;; - */*) echo "ACR_REGISTRY 不能带路径"; exit 1;; + */*) echo "ACR_REGISTRY 不能带路径/斜杠"; exit 1;; esac - # 2) 联通性探测(返回 401 属于正常,说明 /v2/ 可达) + # 打印可见但不过多泄露 + echo "REGISTRY=$ACR_REGISTRY USER_LEN=${#ACR_USERNAME} PASS_LEN=${#ACR_PASSWORD}" + + # 清理旧凭据,避免缓存干扰 + docker logout "$ACR_REGISTRY" || true + + # 探测连通性(401 正常) curl -sSIL "https://${ACR_REGISTRY}/v2/" || true - # 3) 非交互式登录 + # 非交互式登录 echo "$ACR_PASSWORD" | docker login "$ACR_REGISTRY" \ --username "$ACR_USERNAME" --password-stdin + - name: Build Docker Image run: | IMAGE=${{ secrets.ACR_REGISTRY }}/${{ secrets.ACR_NAMESPACE }}/myapp