ci/cd

.onedev-buildspec.yml

@@ -3,6 +3,13 @@ jobs:
   - name: Build and Deploy mqtt_power on myagent
     agentMatcher: name_is("myagent") # 确保 "myagent" 是您 OneDev 中 agent 的确切名称
     # 如果 myagent 是通过标签选择的，请使用类似 agentMatcher: has_tag("your-agent-tag") 的形式
+    jobSecrets: # <-- 添加此部分以声明 Job 需要的 Secrets
+      - name: DB_ROOT_PASSWORD
+      - name: DB_NAME
+      - name: DB_USER
+      - name: DB_PASSWORD
+      - name: MQTT_USER
+      - name: MQTT_PASSWORD
     steps:
       - checkout # OneDev 会自动检出与触发事件相关的代码
       - group: "Prepare Environment and Build"
@@ -15,21 +22,21 @@ jobs:
               echo "Workspace: $ONEDEV_WORKSPACE"
 
               echo "Generating .env file for Docker Compose..."
-              # 使用 get_job_secret 函数从 OneDev Job Secrets 获取值
-              # 确保在 OneDev 项目的 Job Secrets 中定义了这些 secret
-              echo "MYSQL_ROOT_PASSWORD=${get_job_secret('DB_ROOT_PASSWORD')}" > .env
-              echo "MYSQL_DATABASE=${get_job_secret('DB_NAME')}" >> .env
-              echo "MYSQL_USER=${get_job_secret('DB_USER')}" >> .env
-              echo "MYSQL_PASSWORD=${get_job_secret('DB_PASSWORD')}" >> .env
+              # 使用 @secret:SECRET_NAME@ 语法从 OneDev Job Secrets 获取值
+              # 确保在 OneDev 项目的 Job Secrets 中定义了这些 secret，并且名称与此处一致
+              echo "MYSQL_ROOT_PASSWORD=@secret:DB_ROOT_PASSWORD@" > .env
+              echo "MYSQL_DATABASE=@secret:DB_NAME@" >> .env
+              echo "MYSQL_USER=@secret:DB_USER@" >> .env
+              echo "MYSQL_PASSWORD=@secret:DB_PASSWORD@" >> .env
 
-              echo "SPRING_DATASOURCE_URL=jdbc:mysql://mysql-db:3306/${get_job_secret('DB_NAME')}?useUnicode=true&characterEncoding=utf8&serverTimezone=Asia/Shanghai&allowPublicKeyRetrieval=true&useSSL=false" >> .env
-              echo "SPRING_DATASOURCE_USERNAME=${get_job_secret('DB_USER')}" >> .env
-              echo "SPRING_DATASOURCE_PASSWORD=${get_job_secret('DB_PASSWORD')}" >> .env
+              echo "SPRING_DATASOURCE_URL=jdbc:mysql://mysql-db:3306/@secret:DB_NAME@?useUnicode=true&characterEncoding=utf8&serverTimezone=Asia/Shanghai&allowPublicKeyRetrieval=true&useSSL=false" >> .env
+              echo "SPRING_DATASOURCE_USERNAME=@secret:DB_USER@" >> .env
+              echo "SPRING_DATASOURCE_PASSWORD=@secret:DB_PASSWORD@" >> .env
 
               echo "SPRING_MQTT_BROKER_HOST=emqx-broker" >> .env # docker-compose 服务名
               echo "SPRING_MQTT_BROKER_PORT=1883" >> .env
-              echo "SPRING_MQTT_USERNAME=${get_job_secret('MQTT_USER')}" >> .env
-              echo "SPRING_MQTT_PASSWORD=${get_job_secret('MQTT_PASSWORD')}" >> .env
+              echo "SPRING_MQTT_USERNAME=@secret:MQTT_USER@" >> .env
+              echo "SPRING_MQTT_PASSWORD=@secret:MQTT_PASSWORD@" >> .env
               # 使用 $ONEDEV_BUILD_NUMBER 保证客户端 ID 唯一性
               echo "SPRING_MQTT_CLIENT_ID_BACKEND=springboot-mqtt-client-backend-$ONEDEV_BUILD_NUMBER" >> .env
               echo "SPRING_MQTT_LOG_CLIENT_ID=springboot-mqtt-log-client-$ONEDEV_BUILD_NUMBER" >> .env
@@ -49,6 +56,7 @@ jobs:
               echo "Building Docker images locally for springboot-app and nextjs-app..."
               # 确保 docker-compose.yml 中的 build context 指向正确
               # 例如: springboot-init-main 和 charging_web_app
+              # 并且服务名称 'springboot-app' 和 'nextjs-app' 与 docker-compose.yml 中的定义一致
               docker-compose -f docker-compose.yml build --no-cache springboot-app nextjs-app
               
               echo "Starting all services via Docker Compose..."