ci(deploy): 优化部署流程并提升安全性

- 添加下载并使用 drone-scp 二进制文件的步骤，以提高 SCP传输的安全性 - 修改目标路径，将 docker-compose 文件直接复制到目标目录 - 为 SCP传输步骤设置 DRONE_SCP_BINARY 环境变量，指定自定义 SCP 二进制文件
2025-05-11 12:05:33 +08:00 · 2025-05-11 12:05:33 +08:00 · fb224b3bce
commit fb224b3bce
parent a12c8b61f7
1 changed files with 11 additions and 2 deletions
--- a/.gitea/workflows/deploy.master.yml
+++ b/.gitea/workflows/deploy.master.yml
@ -76,24 +76,33 @@ jobs:
        uses: ${{env.JCNC_GITEA_URL}}/gradle/actions/setup-gradle@v4
        with:
          gradle-version: wrapper           # 使用项目自带的gradle-wrapper
+      - name: 🔽 Download drone-scp
+        run: |
+          curl -L "https://github.moeyy.xyz/https://github.com/appleboy/drone-scp/releases/download/v1.8.0/drone-scp-1.8.0-linux-amd64" \
+            -o drone-scp
+          chmod +x drone-scp
      - name: 📦 Copy Compose File to Internal Server
        uses: ${{env.JCNC_GITEA_URL}}/appleboy/scp-action@v1
+        env:
+          DRONE_SCP_BINARY: ./drone-scp
        with:
          host: ${{ env.INTERNAL_SERVER_HOST }}
          port: $INTERNAL_SERVER_PROT
          username: root
          password: ${{ secrets.INTERNAL_SERVER_PASSWORD }}
          source: $MAIN_COMPOSE_FILE
-          target: "/home/luke/deploy/llmx/docker-compose.master.yml"
+          target: "/home/luke/deploy/llmx/"
      - name: 📦 Copy Compose File to Singapore Server
        uses: ${{env.JCNC_GITEA_URL}}/appleboy/scp-action@v1
+        env:
+          DRONE_SCP_BINARY: ./drone-scp
        with:
          host: $SINGAPORE_SERVER_HOST
          port: $SSH_PROT
          username: root
          password: ${{ secrets.SINGAPORE_SERVER_PASSWORD }}
          source: $AGENT_COMPOSE_FILE
-          target: "/home/deploy/llmx/docker-compose.master.yml"
+          target: "/home/deploy/llmx/"
      # ========== 5. 构建阶段 ==========
      - name: 🏗️ Build with Jib
        run: |