feat: 实用工具增加 2FA APP 排行榜 #76

Workflow file for this run

	name: Deploy to Cloudflare Workers

	on:
	push:
	branches:
	- main
	workflow_dispatch:

	jobs:
	deploy:
	runs-on: ubuntu-latest
	permissions:
	contents: read
	name: Deploy
	steps:
	- name: Checkout
	uses: actions/checkout@v4

	- name: Setup Node.js
	uses: actions/setup-node@v4
	with:
	node-version: '20'
	cache: 'npm'
	cache-dependency-path: \|
	package.json

	# 安装全部依赖
	- name: Install Dependencies
	run: npm install

	# 准备配置文件
	- name: Prepare Wrangler Config
	env:
	CONFIG_FILE: ${{ env.WRANGLER_CONFIG \|\| 'wrangler.toml' }}
	run: \|
	cp wrangler.toml wrangler.toml.bak

	if [ "$CONFIG_FILE" != "wrangler.toml" ]; then
	cp "$CONFIG_FILE" wrangler.toml
	fi

	# 注入 D1 数据库配置
	- name: Inject D1 Database ID
	env:
	CONFIG_FILE: ${{ env.WRANGLER_CONFIG \|\| 'wrangler.toml' }}
	CLOUDFLARE_D1_DATABASE_ID: ${{ secrets.CLOUDFLARE_D1_DATABASE_ID }}
	CLOUDFLARE_D1_DATABASE_NAME: ${{ secrets.CLOUDFLARE_D1_DATABASE_NAME \|\| '2fauth-db' }}
	run: \|
	# 仅替换第一个匹配到的 database_id (对应生产环境配置)，保留 dev 环境配置
	sed -i "0,/database_id =/s/database_id = \".*\"/database_id = \"$CLOUDFLARE_D1_DATABASE_ID\"/" "wrangler.toml"
	sed -i "0,/database_name =/s/database_name = \".*\"/database_name = \"$CLOUDFLARE_D1_DATABASE_NAME\"/" "wrangler.toml"

	# 更新数据库结构
	- name: Update Database Schema
	uses: cloudflare/wrangler-action@v3
	with:
	apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }}
	accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
	command: d1 execute ${{ secrets.CLOUDFLARE_D1_DATABASE_NAME \|\| '2fauth-db' }} --remote --file=backend/schema.sql

	# 动态生成 Secrets 列表 (仅包含已配置的变量)
	- name: Generate Secret List
	id: secret_list
	env:
	OAUTH_GITHUB_CLIENT_ID: ${{ secrets.OAUTH_GITHUB_CLIENT_ID }}
	OAUTH_GITHUB_CLIENT_SECRET: ${{ secrets.OAUTH_GITHUB_CLIENT_SECRET }}
	OAUTH_GITHUB_REDIRECT_URI: ${{ secrets.OAUTH_GITHUB_REDIRECT_URI }}
	OAUTH_CLOUDFLARE_CLIENT_ID: ${{ secrets.OAUTH_CLOUDFLARE_CLIENT_ID }}
	OAUTH_CLOUDFLARE_CLIENT_SECRET: ${{ secrets.OAUTH_CLOUDFLARE_CLIENT_SECRET }}
	OAUTH_CLOUDFLARE_ORG_DOMAIN: ${{ secrets.OAUTH_CLOUDFLARE_ORG_DOMAIN }}
	OAUTH_CLOUDFLARE_REDIRECT_URI: ${{ secrets.OAUTH_CLOUDFLARE_REDIRECT_URI }}
	OAUTH_NODELOC_CLIENT_ID: ${{ secrets.OAUTH_NODELOC_CLIENT_ID }}
	OAUTH_NODELOC_CLIENT_SECRET: ${{ secrets.OAUTH_NODELOC_CLIENT_SECRET }}
	OAUTH_NODELOC_REDIRECT_URI: ${{ secrets.OAUTH_NODELOC_REDIRECT_URI }}
	OAUTH_GITEE_CLIENT_ID: ${{ secrets.OAUTH_GITEE_CLIENT_ID }}
	OAUTH_GITEE_CLIENT_SECRET: ${{ secrets.OAUTH_GITEE_CLIENT_SECRET }}
	OAUTH_GITEE_REDIRECT_URI: ${{ secrets.OAUTH_GITEE_REDIRECT_URI }}
	OAUTH_TELEGRAM_BOT_NAME: ${{ secrets.OAUTH_TELEGRAM_BOT_NAME }}
	OAUTH_TELEGRAM_BOT_TOKEN: ${{ secrets.OAUTH_TELEGRAM_BOT_TOKEN }}
	OAUTH_GOOGLE_CLIENT_ID: ${{ secrets.OAUTH_GOOGLE_CLIENT_ID }}
	OAUTH_GOOGLE_CLIENT_SECRET: ${{ secrets.OAUTH_GOOGLE_CLIENT_SECRET }}
	OAUTH_GOOGLE_REDIRECT_URI: ${{ secrets.OAUTH_GOOGLE_REDIRECT_URI }}

	run: \|
	SECRETS="
	OAUTH_ALLOW_ALL
	OAUTH_ALLOWED_USERS
	ENCRYPTION_KEY
	JWT_SECRET"

	OPTIONAL_VARS=(
	"OAUTH_GITHUB_CLIENT_ID" "OAUTH_GITHUB_CLIENT_SECRET" "OAUTH_GITHUB_REDIRECT_URI"
	"OAUTH_CLOUDFLARE_CLIENT_ID" "OAUTH_CLOUDFLARE_CLIENT_SECRET" "OAUTH_CLOUDFLARE_ORG_DOMAIN" "OAUTH_CLOUDFLARE_REDIRECT_URI"
	"OAUTH_NODELOC_CLIENT_ID" "OAUTH_NODELOC_CLIENT_SECRET" "OAUTH_NODELOC_REDIRECT_URI"
	"OAUTH_GITEE_CLIENT_ID" "OAUTH_GITEE_CLIENT_SECRET" "OAUTH_GITEE_REDIRECT_URI"
	"OAUTH_TELEGRAM_BOT_NAME" "OAUTH_TELEGRAM_BOT_TOKEN"
	"OAUTH_GOOGLE_CLIENT_ID" "OAUTH_GOOGLE_CLIENT_SECRET" "OAUTH_GOOGLE_REDIRECT_URI"
	)

	for VAR in "${OPTIONAL_VARS[@]}"; do
	if [ -n "${!VAR}" ]; then
	SECRETS="$SECRETS
	$VAR"
	fi
	done

	echo "secrets<<EOF" >> $GITHUB_OUTPUT
	echo "$SECRETS" >> $GITHUB_OUTPUT
	echo "EOF" >> $GITHUB_OUTPUT

	- name: Mask Sensitive Domain
	run: \|
	if [ -n "${{ secrets.CLOUDFLARE_WORKER_SUBDOMAIN }}" ]; then
	echo "::add-mask::${{ secrets.CLOUDFLARE_WORKER_SUBDOMAIN }}"
	fi

	# 部署到 Cloudflare Workers
	- name: Deploy to Cloudflare Workers
	uses: cloudflare/wrangler-action@v3
	with:
	apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }}
	accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
	command: deploy --minify
	secrets: ${{ steps.secret_list.outputs.secrets }}
	env:
	OAUTH_ALLOW_ALL: ${{ secrets.OAUTH_ALLOW_ALL \|\| 'false' }}
	OAUTH_ALLOWED_USERS: ${{ secrets.OAUTH_ALLOWED_USERS }}
	OAUTH_GITHUB_CLIENT_ID: ${{ secrets.OAUTH_GITHUB_CLIENT_ID }}
	OAUTH_GITHUB_CLIENT_SECRET: ${{ secrets.OAUTH_GITHUB_CLIENT_SECRET }}
	OAUTH_GITHUB_REDIRECT_URI: ${{ secrets.OAUTH_GITHUB_REDIRECT_URI }}
	OAUTH_CLOUDFLARE_CLIENT_ID: ${{ secrets.OAUTH_CLOUDFLARE_CLIENT_ID }}
	OAUTH_CLOUDFLARE_CLIENT_SECRET: ${{ secrets.OAUTH_CLOUDFLARE_CLIENT_SECRET }}
	OAUTH_CLOUDFLARE_ORG_DOMAIN: ${{ secrets.OAUTH_CLOUDFLARE_ORG_DOMAIN }}
	OAUTH_CLOUDFLARE_REDIRECT_URI: ${{ secrets.OAUTH_CLOUDFLARE_REDIRECT_URI }}
	OAUTH_NODELOC_CLIENT_ID: ${{ secrets.OAUTH_NODELOC_CLIENT_ID }}
	OAUTH_NODELOC_CLIENT_SECRET: ${{ secrets.OAUTH_NODELOC_CLIENT_SECRET }}
	OAUTH_NODELOC_REDIRECT_URI: ${{ secrets.OAUTH_NODELOC_REDIRECT_URI }}
	OAUTH_GITEE_CLIENT_ID: ${{ secrets.OAUTH_GITEE_CLIENT_ID }}
	OAUTH_GITEE_CLIENT_SECRET: ${{ secrets.OAUTH_GITEE_CLIENT_SECRET }}
	OAUTH_GITEE_REDIRECT_URI: ${{ secrets.OAUTH_GITEE_REDIRECT_URI }}
	OAUTH_TELEGRAM_BOT_NAME: ${{ secrets.OAUTH_TELEGRAM_BOT_NAME }}
	OAUTH_TELEGRAM_BOT_TOKEN: ${{ secrets.OAUTH_TELEGRAM_BOT_TOKEN }}
	OAUTH_GOOGLE_CLIENT_ID: ${{ secrets.OAUTH_GOOGLE_CLIENT_ID }}
	OAUTH_GOOGLE_CLIENT_SECRET: ${{ secrets.OAUTH_GOOGLE_CLIENT_SECRET }}
	OAUTH_GOOGLE_REDIRECT_URI: ${{ secrets.OAUTH_GOOGLE_REDIRECT_URI }}
	ENCRYPTION_KEY: ${{ secrets.ENCRYPTION_KEY }}
	JWT_SECRET: ${{ secrets.JWT_SECRET }}

	# 恢复配置文件
	- name: Restore Wrangler Config
	if: always()
	run: \|
	if [ -f wrangler.toml.bak ]; then
	mv wrangler.toml.bak wrangler.toml
	fi

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

feat: 实用工具增加 2FA APP 排行榜 #76

Workflow file

feat: 实用工具增加 2FA APP 排行榜 #76

Uh oh!

Workflow file for this run