diff --git a/docs/guide/install/images/github-release-2.png b/docs/guide/install/images/github-release-2.png new file mode 100644 index 00000000..4e9bb779 Binary files /dev/null and b/docs/guide/install/images/github-release-2.png differ diff --git a/docs/guide/install/images/github-release.png b/docs/guide/install/images/github-release.png new file mode 100644 index 00000000..fc06603e Binary files /dev/null and b/docs/guide/install/images/github-release.png differ diff --git a/docs/guide/install/upgrade.md b/docs/guide/install/upgrade.md index 11c6dc42..0f562ec5 100644 --- a/docs/guide/install/upgrade.md +++ b/docs/guide/install/upgrade.md @@ -13,4 +13,54 @@ ::: ## 升级日志 +可以查看最新版本号,以及所有版本的更新日志 [CHANGELOG](../changelogs/CHANGELOG.md) + + +## 自动升级配置 + +### 1. 方法一:使用watchtower监控 + +修改docker-compose.yaml文件增加如下配置, 使用watchtower监控自动升级 +```yaml +services: + certd: + ... + labels: + com.centurylinklabs.watchtower.enable: "true" + +# ↓↓↓↓ --------------------------------------------------------- 自动升级,上面certd的版本号要保持为latest + certd-updater: # 添加 Watchtower 服务 + image: containrrr/watchtower:latest + container_name: certd-updater + restart: unless-stopped + volumes: + - /var/run/docker.sock:/var/run/docker.sock + # 配置 自动更新 + environment: + - WATCHTOWER_CLEANUP=true # 自动清理旧版本容器 + - WATCHTOWER_INCLUDE_STOPPED=false # 不更新已停止的容器 + - WATCHTOWER_LABEL_ENABLE=true # 根据容器标签进行更新 + - WATCHTOWER_POLL_INTERVAL=600 # 每 10 分钟检查一次更新 + +``` + + +### 2. 方法二:使用Certd版本监控功能 + +选择Github-检查Release版本插件 +![](./images/github-release.png) +按如下图填写配置 +![](./images/github-release-2.png) + + +检测到新版本后执行宿主机升级命令: + +```shell +# 拉取最新镜像 +docker pull registry.cn-shenzhen.aliyuncs.com/handsfree/certd:latest +# 升级容器命令, 替换成你自己的certd更新命令 +export RESTART_CERT='sleep 10; cd ~/deploy/certd/ ; docker compose down; docker compose up -d' +# 构造一个脚本10s后在后台执行,避免容器销毁时执行太快,导致流水线任务无法结束 +nohup sh -c '$RESTART_CERT' >/dev/null 2>&1 & echo '10秒后重启' && exit +``` \ No newline at end of file diff --git a/packages/plugins/plugin-lib/src/ssh/ssh.ts b/packages/plugins/plugin-lib/src/ssh/ssh.ts index ccd12caf..b7d203a6 100644 --- a/packages/plugins/plugin-lib/src/ssh/ssh.ts +++ b/packages/plugins/plugin-lib/src/ssh/ssh.ts @@ -491,7 +491,7 @@ export class SshClient { * Set-ItemProperty -Path "HKLM:\SOFTWARE\OpenSSH" -Name DefaultShell -Value "C:\Windows\System32\cmd.exe" * @param options */ - async exec(options: { connectConf: SshAccess; script: string | Array; env?: any; throwOnStdErr?: boolean }): Promise { + async exec(options: { connectConf: SshAccess; script: string | Array; env?: any; throwOnStdErr?: boolean; stopOnError?: boolean }): Promise { let { script } = options; const { connectConf, throwOnStdErr } = options; @@ -506,6 +506,10 @@ export class SshClient { isWinCmd = await this.isCmd(conn); } + if (isLinux && options.stopOnError !== false) { + script = "set -e\n" + script; + } + if (options.env) { for (const key in options.env) { if (isLinux) { @@ -538,6 +542,7 @@ export class SshClient { script = envScripts.join(newLine) + newLine + script; } } + return await conn.exec(script as string, { throwOnStdErr }); }, }); diff --git a/packages/ui/certd-server/src/plugins/plugin-github/plugins/plugin-check-release.ts b/packages/ui/certd-server/src/plugins/plugin-github/plugins/plugin-check-release.ts index 2a596e84..2b34cbb1 100644 --- a/packages/ui/certd-server/src/plugins/plugin-github/plugins/plugin-check-release.ts +++ b/packages/ui/certd-server/src/plugins/plugin-github/plugins/plugin-check-release.ts @@ -47,7 +47,7 @@ export class GithubCheckRelease extends AbstractTaskPlugin { mode:"tags" } }, - required:true, + required:false, }) notificationIds!: number[]; @@ -74,9 +74,21 @@ export class GithubCheckRelease extends AbstractTaskPlugin { name: 'a-textarea', vModel: 'value', rows: 6, - placeholder: `#拉取最新版镜像\ndocker pull greper/certd:latest \n#重建容器 \nnohup sh -c 'sleep 10; cd ~/deploy/certd/ ; docker compose down; docker compose up -d' >/dev/null & `, + placeholder: ` +# 拉取最新镜像 +docker pull registry.cn-shenzhen.aliyuncs.com/handsfree/certd:latest +# 升级容器命令, 替换成你自己的实际部署位置及更新命令 +export RESTART_CERT='sleep 10; cd ~/deploy/certd/ ; docker compose down; docker compose up -d' +# 构造一个脚本10s后在后台执行,避免容器销毁时执行太快,导致流水线任务无法结束 +nohup sh -c '$RESTART_CERT' >/dev/null 2>&1 & echo '10秒后重启' && exit`, }, - helper: '有新版本后执行命令,比如:拉取最新版镜像,然后重建容器\n注意:自己升级自己需要使用nobup配合sleep', + helper: `有新版本后执行命令,比如:拉取最新版镜像,然后重建容器 +注意:自己升级自己需要使用nohup配合sleep +自动升级命令示例: +docker pull registry.cn-shenzhen.aliyuncs.com/handsfree/certd:latest +export RESTART_CERT='sleep 10; cd ~/deploy/certd/ ; docker compose down; docker compose up -d' +nohup sh -c '$RESTART_CERT' >/dev/null 2>&1 & echo '10秒后重启' && exit +`, required: false, }) script!: string; @@ -108,24 +120,24 @@ export class GithubCheckRelease extends AbstractTaskPlugin { //仅每行开头的* 替换成 -, *号前面可以有空格 const body = res.body.replace(/^(\s*)\* /gm, "$1- ") - if (this.notificationIds == null){ - this.notificationIds = [0] - } - //发送通知 - for (const notificationId of this.notificationIds) { - await this.ctx.notificationService.send({ - id: notificationId, - useDefault: false, - useEmail:false, - logger: this.logger, - body: { - title: `${this.repoName} 新版本 ${this.lastVersion} 发布`, - content: `${body}\n\n > [Certd](https://certd.docmirror.cn),不止证书自动化,插件解锁无限可能!\n\n`, - url: `https://github.com/${this.repoName}/releases/tag/${this.lastVersion}`, - } - }) + if (this.notificationIds && this.notificationIds.length > 0){ + //发送通知 + for (const notificationId of this.notificationIds) { + await this.ctx.notificationService.send({ + id: notificationId, + useDefault: false, + useEmail:false, + logger: this.logger, + body: { + title: `${this.repoName} 新版本 ${this.lastVersion} 发布`, + content: `${body}\n\n > [Certd](https://certd.docmirror.cn),不止证书自动化,插件解锁无限可能!\n\n`, + url: `https://github.com/${this.repoName}/releases/tag/${this.lastVersion}`, + } + }) + } } + if (this.script != null && this.script.trim() != "") { const connectConf = await this.getAccess(this.sshAccessId); const sshClient = new SshClient(this.logger);