test 2
Browse files- Dockerfile +6 -15
- clone_and_run.py +41 -0
Dockerfile
CHANGED
|
@@ -1,5 +1,5 @@
|
|
| 1 |
-
#
|
| 2 |
-
FROM python:3.
|
| 3 |
|
| 4 |
# 安装 Git
|
| 5 |
RUN apt-get update && \
|
|
@@ -9,21 +9,12 @@ RUN apt-get update && \
|
|
| 9 |
# 设置工作目录
|
| 10 |
WORKDIR /app
|
| 11 |
|
| 12 |
-
#
|
| 13 |
-
|
| 14 |
-
git clone "https://x-access-token:$(cat /run/secrets/GITHUB_TOKEN)@github.com/luoh-an/luoh-api.git" && \
|
| 15 |
-
cd luoh-api && \
|
| 16 |
-
rm -rf .git && \
|
| 17 |
-
find . -type d -name "__pycache__" -exec rm -rf {} + && \
|
| 18 |
-
find . -type f -name "*.pyc" -delete
|
| 19 |
|
| 20 |
# 设置非 root 用户
|
| 21 |
RUN useradd -m appuser && chown -R appuser:appuser /app
|
| 22 |
USER appuser
|
| 23 |
|
| 24 |
-
#
|
| 25 |
-
|
| 26 |
-
RUN pip install --user --no-cache-dir -r requirements.txt
|
| 27 |
-
|
| 28 |
-
EXPOSE 7860
|
| 29 |
-
CMD ["uvicorn", "app.main:app", "--host", "0.0.0.0", "--port", "7860"]
|
|
|
|
| 1 |
+
# 使用官方 Python 镜像
|
| 2 |
+
FROM python:3.13
|
| 3 |
|
| 4 |
# 安装 Git
|
| 5 |
RUN apt-get update && \
|
|
|
|
| 9 |
# 设置工作目录
|
| 10 |
WORKDIR /app
|
| 11 |
|
| 12 |
+
# 复制 Python 脚本
|
| 13 |
+
COPY clone_and_run.py .
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 14 |
|
| 15 |
# 设置非 root 用户
|
| 16 |
RUN useradd -m appuser && chown -R appuser:appuser /app
|
| 17 |
USER appuser
|
| 18 |
|
| 19 |
+
# 启动命令
|
| 20 |
+
CMD ["python", "clone_and_run.py"]
|
|
|
|
|
|
|
|
|
|
|
|
clone_and_run.py
ADDED
|
@@ -0,0 +1,41 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1 |
+
import os
|
| 2 |
+
import subprocess
|
| 3 |
+
import shutil
|
| 4 |
+
|
| 5 |
+
def clone_repo(token, repo_url, target_dir):
|
| 6 |
+
"""安全克隆私有仓库"""
|
| 7 |
+
try:
|
| 8 |
+
# 构造认证 URL
|
| 9 |
+
auth_url = repo_url.replace("https://", f"https://x-access-token:{token}@")
|
| 10 |
+
|
| 11 |
+
# 克隆仓库
|
| 12 |
+
subprocess.run(["git", "clone", auth_url, target_dir], check=True)
|
| 13 |
+
|
| 14 |
+
# 清理 .git 目录
|
| 15 |
+
shutil.rmtree(os.path.join(target_dir, ".git"))
|
| 16 |
+
|
| 17 |
+
print(f"仓库成功克隆到: {target_dir}")
|
| 18 |
+
except Exception as e:
|
| 19 |
+
print(f"克隆失败: {e}")
|
| 20 |
+
raise
|
| 21 |
+
|
| 22 |
+
if __name__ == "__main__":
|
| 23 |
+
# 从环境变量获取 GitHub Token 和仓库 URL
|
| 24 |
+
token = os.getenv("GITHUB_TOKEN")
|
| 25 |
+
repo_url = "https://github.com/luoh-an/luoh-api.git"
|
| 26 |
+
target_dir = "/app/luoh-api"
|
| 27 |
+
|
| 28 |
+
if not token:
|
| 29 |
+
raise ValueError("未提供 GITHUB_TOKEN 环境变量")
|
| 30 |
+
|
| 31 |
+
# 克隆仓库
|
| 32 |
+
clone_repo(token, repo_url, target_dir)
|
| 33 |
+
|
| 34 |
+
# 切换到项目目录
|
| 35 |
+
os.chdir(target_dir)
|
| 36 |
+
|
| 37 |
+
# 安装依赖
|
| 38 |
+
subprocess.run(["pip", "install", "--no-cache-dir", "-r", "requirements.txt"], check=True)
|
| 39 |
+
|
| 40 |
+
# 启动 FastAPI 服务
|
| 41 |
+
subprocess.run(["uvicorn", "app.main:app", "--host", "0.0.0.0", "--port", "7860"])
|