ci: move image to gcr

Signed-off-by: Sn0rt <wangguohao.2009@gmail.com>

Author: Sn0rt

.github/workflows/release.yaml

@@ -4,67 +4,75 @@ on:
   push:
     tags:
       - 'v*'
-    branches:
-      - release/*
-
-env:
-  DOCKER_REPO: wangguohao
-  IMAGE_NAME: secret2es
-  GO_VERSION: '1.22.5'
 
 jobs:
-  build-and-push:
+  docker:
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+      security-events: write
     steps:
-      - name: Check out code
-        uses: actions/checkout@v2
+      - name: Checkout code
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - name: Set build variables
+        id: vars
+        run: |
+          echo "VERSION=${GITHUB_REF#refs/tags/}" >> $GITHUB_OUTPUT
+          echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> $GITHUB_OUTPUT
+          echo "GIT_COMMIT=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT
 
       - name: Set up QEMU
-        uses: docker/setup-qemu-action@v1
+        uses: docker/setup-qemu-action@v2
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v1
-
-      - name: Set build time
-        run: echo "BUILD_TIME=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> $GITHUB_ENV
+        uses: docker/setup-buildx-action@v2
 
-      - name: Login to DockerHub
-        uses: docker/login-action@v1
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v2
         with:
-          username: ${{ secrets.DOCKERHUB_USERNAME }}
-          password: ${{ secrets.DOCKERHUB_TOKEN }}
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
 
-      - name: Extract metadata for Docker
+      - name: Extract metadata (tags, labels) for Docker
         id: meta
-        uses: docker/metadata-action@v3
+        uses: docker/metadata-action@v4
         with:
-          images: ${{ env.DOCKER_REPO }}/${{ env.IMAGE_NAME }}
+          images: ghcr.io/${{ github.repository }}
           tags: |
-            type=semver,pattern={{version}}
-            type=semver,pattern={{major}}.{{minor}}
-            type=raw,value=latest,enable=${{ startsWith(github.ref, 'refs/tags/v') }}
+            type=semver,pattern=v{{version}}
+            type=semver,pattern=v{{major}}.{{minor}}
+            type=raw,value=latest
 
       - name: Build and push Docker image
-        uses: docker/build-push-action@v2
+        id: docker_build
+        uses: docker/build-push-action@v4
         with:
           context: .
-          push: ${{ startsWith(github.ref, 'refs/tags/v') }}
+          push: true
+          platforms: linux/amd64
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
           build-args: |
-            VERSION=${{ steps.meta.outputs.version }}
-            BUILD_TIME=${{ env.BUILD_TIME }}
+            VERSION=${{ steps.vars.outputs.VERSION }}
+            BUILD_DATE=${{ steps.vars.outputs.BUILD_DATE }}
+            GIT_COMMIT=${{ steps.vars.outputs.GIT_COMMIT }}
+
+      - name: Image digest
+        run: echo ${{ steps.docker_build.outputs.digest }}
 
   release-binaries:
     permissions:
       contents: write
     runs-on: ubuntu-latest
-    needs: build-and-push
+    needs: docker
     strategy:
       matrix:
         include:
-          - os: darwin
-            arch: arm64
           - os: linux
             arch: arm64
           - os: linux
@@ -73,30 +81,29 @@ jobs:
       - name: Check out code
         uses: actions/checkout@v2
         with:
-          fetch-depth: 0  # Fetch all history for all tags and branches
+          fetch-depth: 0
 
       - name: Set up Go
         uses: actions/setup-go@v2
         with:
-          go-version: ${{ env.GO_VERSION }}
+          go-version: '1.22.5'
 
       - name: Get BINARY_NAME from Makefile
-        run: echo "BINARY_NAME=$(make -s print-binary-name)" >> $GITHUB_ENV
+        run: echo "BINARY_NAME=secret2es" >> $GITHUB_ENV
 
       - name: Build binary
         env:
           GOOS: ${{ matrix.os }}
           GOARCH: ${{ matrix.arch }}
         run: |
           make build
-          mv ${{ env.BINARY_NAME }} ${{ env.BINARY_NAME }}-${{ matrix.os }}-${{ matrix.arch }}
+          mv secret2es secret2es-${{ matrix.os }}-${{ matrix.arch }}
 
       - name: Upload binary to release
         uses: svenstaro/upload-release-action@v2
-        if: startsWith(github.ref, 'refs/tags/v')
         with:
           repo_token: ${{ secrets.GITHUB_TOKEN }}
-          file: ${{ env.BINARY_NAME }}-${{ matrix.os }}-${{ matrix.arch }}
-          asset_name: ${{ env.BINARY_NAME }}-${{ matrix.os }}-${{ matrix.arch }}
+          file: secret2es-${{ matrix.os }}-${{ matrix.arch }}
+          asset_name: secret2es-${{ matrix.os }}-${{ matrix.arch }}
           tag: ${{ github.ref }}
-          overwrite: true
+          overwrite: true