chore: Refresh Tencent Cloud CDN #55
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Pages | |
| on: | |
| push: | |
| branches: | |
| - main # default branch | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| # If your repository depends on submodule, please see: https://github.com/actions/checkout | |
| submodules: recursive | |
| - name: Use Node.js 20 | |
| uses: actions/setup-node@v4 | |
| with: | |
| # Examples: 20, 18.19, >=16.20.2, lts/Iron, lts/Hydrogen, *, latest, current, node | |
| # Ref: https://github.com/actions/setup-node#supported-version-syntax | |
| node-version: '20' | |
| - name: Cache NPM dependencies | |
| uses: actions/cache@v4 | |
| with: | |
| path: node_modules | |
| key: ${{ runner.OS }}-npm-cache | |
| restore-keys: | | |
| ${{ runner.OS }}-npm-cache | |
| - name: Install Dependencies | |
| run: npm install | |
| - name: Build | |
| run: npm run build | |
| - name: Upload Pages artifact | |
| uses: actions/upload-pages-artifact@v3 | |
| with: | |
| path: ./public | |
| deploy: | |
| needs: build | |
| permissions: | |
| pages: write | |
| id-token: write | |
| environment: | |
| name: github-pages | |
| url: ${{ steps.deployment.outputs.page_url }} | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Deploy to GitHub Pages | |
| id: deployment | |
| uses: actions/deploy-pages@v4 | |
| - name: Refresh Tencent Cloud CDN | |
| env: | |
| SECRET_ID: ${{ secrets.SECRETID }} | |
| SECRET_KEY: ${{ secrets.SECRETKEY }} | |
| DOMAIN_Path: 'https://www.ilikestudy.cn/*' | |
| run: | | |
| secret_id="${SECRET_ID}" | |
| secret_key="${SECRET_KEY}" | |
| token="" | |
| service="cdn" | |
| host="cdn.tencentcloudapi.com" | |
| region="" | |
| action="PurgePathCache" | |
| version="2018-06-06" | |
| algorithm="TC3-HMAC-SHA256" | |
| timestamp=$(date +%s) | |
| date=$(date -u -d @$timestamp +"%Y-%m-%d") | |
| payload="{\"Paths\":[\"${DOMAIN_Path}\"],\"FlushType\":\"delete\"}" | |
| # 生成规范请求串 | |
| http_request_method="POST" | |
| canonical_uri="/" | |
| canonical_querystring="" | |
| canonical_headers="content-type:application/json; charset=utf-8\nhost:$host\nx-tc-action:$(echo $action | awk '{print tolower($0)}')\n" | |
| signed_headers="content-type;host;x-tc-action" | |
| hashed_request_payload=$(echo -n "$payload" | openssl sha256 -hex | awk '{print $2}') | |
| canonical_request="$http_request_method\n$canonical_uri\n$canonical_querystring\n$canonical_headers\n$signed_headers\n$hashed_request_payload" | |
| # 构造待签名字符串 | |
| credential_scope="$date/$service/tc3_request" | |
| hashed_canonical_request=$(printf "$canonical_request" | openssl sha256 -hex | awk '{print $2}') | |
| string_to_sign="$algorithm\n$timestamp\n$credential_scope\n$hashed_canonical_request" | |
| # 计算签名 | |
| secret_date=$(printf "$date" | openssl sha256 -hmac "TC3$secret_key" | awk '{print $2}') | |
| secret_service=$(printf $service | openssl dgst -sha256 -mac hmac -macopt hexkey:"$secret_date" | awk '{print $2}') | |
| secret_signing=$(printf "tc3_request" | openssl dgst -sha256 -mac hmac -macopt hexkey:"$secret_service" | awk '{print $2}') | |
| signature=$(printf "$string_to_sign" | openssl dgst -sha256 -mac hmac -macopt hexkey:"$secret_signing" | awk '{print $2}') | |
| # 构造 Authorization 头部 | |
| authorization="$algorithm Credential=$secret_id/$credential_scope, SignedHeaders=$signed_headers, Signature=$signature" | |
| # 发起请求 | |
| curl -XPOST "https://$host" -d "$payload" \ | |
| -H "Authorization: $authorization" \ | |
| -H "Content-Type: application/json; charset=utf-8" \ | |
| -H "Host: $host" \ | |
| -H "X-TC-Action: $action" \ | |
| -H "X-TC-Timestamp: $timestamp" \ | |
| -H "X-TC-Version: $version" \ | |
| -H "X-TC-Region: $region" \ | |
| -H "X-TC-Token: $token" |