ai-workspace-lab/xworkspace-console
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor(ci): 将 render_backend_tf.py 移至 ai-workspace-infra vultr-vps/scripts/

Browse Source 
脚本从 xworkspace-console/scripts/ 移入 ai-workspace-infra 的
vultr-vps/scripts/,通过已有的 Checkout iac_modules 步骤引用,
无需额外 self-checkout xw-console;workflow 和 CLAUDE.md 同步更新路径。

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Haitao Pan 2026-06-25 12:02:48 +08:00
parent 9b3687e189
commit 12d9bb327f
3 changed files with 6 additions and 52 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
.github/workflows/deploy-ai-workspace-iac.yaml vendored
View File

@ -153,11 +153,6 @@ jobs:
fi fi
[ "$missing" -eq 0 ] || { echo "::error::必需机密缺失,终止 provision"; exit 1; } [ "$missing" -eq 0 ] || { echo "::error::必需机密缺失,终止 provision"; exit 1; }
- name: Checkout xworkspace-console (scripts)
uses: actions/checkout@v4
with:
path: xw-console
- name: Checkout iac_modules - name: Checkout iac_modules
uses: actions/checkout@v4 uses: actions/checkout@v4
with: with:
@ -188,7 +183,7 @@ jobs:
working-directory: ${{ env.ENV_DIR }} working-directory: ${{ env.ENV_DIR }}
env: env:
TF_STATE_ENDPOINT: ${{ steps.vault.outputs.TF_STATE_ENDPOINT }} TF_STATE_ENDPOINT: ${{ steps.vault.outputs.TF_STATE_ENDPOINT }}
run: python3 $GITHUB_WORKSPACE/xw-console/scripts/render_backend_tf.py backend.tf run: python3 $GITHUB_WORKSPACE/${{ env.VPS_ROOT }}/scripts/render_backend_tf.py backend.tf
- name: generate.py render (YAML -> 显式 HCL + tfvars) - name: generate.py render (YAML -> 显式 HCL + tfvars)
working-directory: ${{ env.VPS_ROOT }} working-directory: ${{ env.VPS_ROOT }}

13
CLAUDE.md
View File

@ -28,19 +28,16 @@ run: |
**正确做法外置脚本workflow 只做调用。** **正确做法外置脚本workflow 只做调用。**
```yaml ```yaml
# ✅ 正确 — 外置 Python 脚本 # ✅ 正确 — 外置 Python 脚本(放在 infra repo通过已有 checkout 引用)
- name: Checkout xworkspace-console (scripts)
uses: actions/checkout@v4
with:
path: xw-console
- name: Configure remote backend - name: Configure remote backend
env: env:
TF_STATE_ENDPOINT: ${{ steps.vault.outputs.TF_STATE_ENDPOINT }} TF_STATE_ENDPOINT: ${{ steps.vault.outputs.TF_STATE_ENDPOINT }}
run: python3 $GITHUB_WORKSPACE/xw-console/scripts/render_backend_tf.py backend.tf run: python3 $GITHUB_WORKSPACE/${{ env.VPS_ROOT }}/scripts/render_backend_tf.py backend.tf
``` ```
脚本存放在 `scripts/` 目录,命名规范 `动词_名词.py``动词-名词.sh` 渲染脚本存放在 `ai-workspace-infra/iac_modules/terraform-hcl-standard/vultr-vps/scripts/`
通过 workflow 内已有的 `Checkout iac_modules` 步骤引用,无需额外 self-checkout。
workflow 内的 `run:` 块调用外置脚本,命名规范 `动词_名词.py``动词-名词.sh`
### 其他规范 ### 其他规范

38
scripts/render_backend_tf.py
View File

@ -1,38 +0,0 @@
#!/usr/bin/env python3
"""
渲染 Terraform S3 backend 配置文件backend.tf
用法
TF_STATE_ENDPOINT=https://... python3 render_backend_tf.py [output_path]
默认输出到当前目录的 backend.tfterraform init working-directory 里执行
"""
import os
import sys
endpoint = os.environ.get("TF_STATE_ENDPOINT", "")
if not endpoint:
print("ERROR: TF_STATE_ENDPOINT is not set", file=sys.stderr)
sys.exit(1)
output = sys.argv[1] if len(sys.argv) > 1 else "backend.tf"
content = f"""\
terraform {{
backend "s3" {{
endpoints = {{ s3 = "{endpoint}" }}
skip_credentials_validation = true
skip_region_validation = true
skip_requesting_account_id = true
skip_metadata_api_check = true
skip_s3_checksum = true
use_path_style = true
}}
}}
"""
with open(output, "w") as f:
f.write(content)
print(f"backend.tf written to {output}")
print(f" endpoint = {endpoint[:40]}...")