CI deploy without sudo: tar over ssh when rsync missing

Remove apt/sudo install step (act runners lack sudo). Use rsync when available; otherwise clear remote web root and stream dist/ via tar|ssh. Co-authored-by: Cursor <cursoragent@cursor.com>
2026-05-18 15:19:16 +08:00
parent 5f9e8db7e5
commit a481c382a6
2 changed files with 18 additions and 30 deletions
--- a/.gitea/workflows/deploy-talkpro.yml
+++ b/.gitea/workflows/deploy-talkpro.yml
@@ -5,7 +5,7 @@
 #
 # Host/user/path defaults are in the `env:` block below (edit there if needed).
 #
-# Requires a runner with: node 22+, npm, rsync, ssh, ssh-keyscan.
+# Requires a runner with: node 22+, ssh, ssh-keyscan, tar (rsync optional; no sudo needed).

 name: Deploy to talkpro

@@ -45,33 +45,13 @@ jobs:
            exit 1
          fi

-      - name: Install rsync and SSH client
-        run: |
-          if command -v rsync >/dev/null && command -v ssh >/dev/null; then
-            echo "rsync and ssh already installed"
-            exit 0
-          fi
-          if command -v apt-get >/dev/null 2>&1; then
-            sudo apt-get update -qq
-            sudo apt-get install -y -qq rsync openssh-client
-          elif command -v apk >/dev/null 2>&1; then
-            sudo apk add --no-cache rsync openssh-client-default
-          elif command -v dnf >/dev/null 2>&1; then
-            sudo dnf install -y rsync openssh-clients
-          else
-            echo "ERROR: Could not install rsync — apt-get, apk, or dnf required" >&2
-            exit 1
-          fi
-          command -v rsync
-          command -v ssh
-
      - name: Trust host key
        run: |
          mkdir -p ~/.ssh
          chmod 700 ~/.ssh
          ssh-keyscan -H "$TALKPRO_HOST" >> ~/.ssh/known_hosts 2>/dev/null || true

-      - name: Build and rsync to talkpro
+      - name: Build and deploy to talkpro
        env:
          TALKPRO_SSH_PRIVATE_KEY: ${{ secrets.TALKPRO_SSH_PRIVATE_KEY }}
        run: bash scripts/deploy-talkpro.sh
--- a/scripts/deploy-talkpro.sh
+++ b/scripts/deploy-talkpro.sh
@@ -1,5 +1,5 @@
 #!/usr/bin/env bash
-# Build Astro dist/ and rsync to the Talk Pro marketing host (talkpro.info).
+# Build Astro dist/ and sync to the Talk Pro marketing host (talkpro.info).
 # Used by Gitea Actions and for manual deploys from this repo.
 #
 # Required (CI): TALKPRO_SSH_PRIVATE_KEY — PEM contents (Gitea secret)
@@ -42,6 +42,7 @@ chmod 600 "$KEY_FILE"

 SSH_OPTS=(-i "$KEY_FILE" -o BatchMode=yes -o StrictHostKeyChecking=accept-new)
 RSYNC_SSH="ssh -i \"$KEY_FILE\" -o BatchMode=yes -o StrictHostKeyChecking=accept-new"
+REMOTE="${USER}@${HOST}"

 if [[ -f package-lock.json ]]; then
  npm ci
@@ -51,13 +52,20 @@ fi
 npm run build

 command -v ssh >/dev/null || { echo "ERROR: ssh not found (install openssh-client)" >&2; exit 127; }
-command -v rsync >/dev/null || { echo "ERROR: rsync not found (CI: apt-get install rsync)" >&2; exit 127; }

-ssh "${SSH_OPTS[@]}" "${USER}@${HOST}" "mkdir -p ${REMOTE_ROOT}"
+ssh "${SSH_OPTS[@]}" "$REMOTE" "mkdir -p ${REMOTE_ROOT}"

-rsync -avz --delete \
-  -e "$RSYNC_SSH" \
-  dist/ \
-  "${USER}@${HOST}:${REMOTE_ROOT}/"
+if command -v rsync >/dev/null 2>&1; then
+  echo "Uploading with rsync..."
+  rsync -avz --delete \
+    -e "$RSYNC_SSH" \
+    dist/ \
+    "${REMOTE}:${REMOTE_ROOT}/"
+else
+  command -v tar >/dev/null || { echo "ERROR: need rsync or tar on the runner" >&2; exit 127; }
+  echo "Uploading with tar over ssh (rsync not available on runner)..."
+  ssh "${SSH_OPTS[@]}" "$REMOTE" "mkdir -p ${REMOTE_ROOT} && rm -rf ${REMOTE_ROOT:?}/*"
+  tar -C dist -cf - . | ssh "${SSH_OPTS[@]}" "$REMOTE" "tar -C ${REMOTE_ROOT} -xf -"
+fi

-echo "Deployed dist/ → ${USER}@${HOST}:${REMOTE_ROOT}/"
+echo "Deployed dist/ → ${REMOTE}:${REMOTE_ROOT}/"