Custom model #190
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Docker Build and Push | |
| on: | |
| push: | |
| branches: | |
| - main | |
| - develop | |
| tags: | |
| - 'v*.*.*' | |
| pull_request: | |
| branches: | |
| - main | |
| - develop | |
| workflow_dispatch: | |
| env: | |
| REGISTRY: ghcr.io | |
| IMAGE_PREFIX: jd-opensource | |
| jobs: | |
| # ============================================================================= | |
| # Main application images (backend, frontend, init) | |
| # Triggered on all pushes/PRs to main/develop branches | |
| # ============================================================================= | |
| build-and-push: | |
| name: Build and Push Docker Images | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| strategy: | |
| matrix: | |
| image: | |
| - name: joysafeter-backend | |
| context: ./backend | |
| dockerfile: ./deploy/docker/backend.Dockerfile | |
| - name: joysafeter-frontend | |
| context: ./frontend | |
| dockerfile: ./deploy/docker/frontend.Dockerfile | |
| - name: joysafeter-openclaw | |
| context: ./deploy/openclaw | |
| dockerfile: ./deploy/openclaw/Dockerfile | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Log in to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Extract metadata | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{ env.REGISTRY }}/${{ env.IMAGE_PREFIX }}/${{ matrix.image.name }} | |
| tags: | | |
| type=ref,event=branch | |
| type=ref,event=pr | |
| type=semver,pattern={{version}} | |
| type=semver,pattern={{major}}.{{minor}} | |
| type=raw,value=latest,enable={{is_default_branch}} | |
| - name: Build and push Docker image | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: ${{ matrix.image.context }} | |
| file: ${{ matrix.image.dockerfile }} | |
| platforms: linux/amd64,linux/arm64 | |
| push: ${{ github.event_name != 'pull_request' }} | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| build-args: | | |
| PIP_INDEX_URL=https://mirrors.tuna.tsinghua.edu.cn/pypi/web/simple | |
| UV_INDEX_URL=https://mirrors.tuna.tsinghua.edu.cn/pypi/web/simple | |
| # ============================================================================= | |
| # Sandbox image (independent, only triggered when sandbox files change) | |
| # This image contains security tools and doesn't depend on application source code | |
| # ============================================================================= | |
| check-sandbox-changes: | |
| name: Check Sandbox File Changes | |
| runs-on: ubuntu-latest | |
| outputs: | |
| sandbox_changed: ${{ steps.filter.outputs.sandbox }} | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Check for sandbox file changes | |
| uses: dorny/paths-filter@v3 | |
| id: filter | |
| with: | |
| filters: | | |
| sandbox: | |
| - 'deploy/docker/sandbox.Dockerfile' | |
| - 'deploy/docker/configs/**' | |
| - 'deploy/docker/entrypoint.sh' | |
| build-sandbox: | |
| name: Build and Push Sandbox Image | |
| runs-on: ubuntu-latest | |
| needs: check-sandbox-changes | |
| # Build sandbox only when: | |
| # 1. Sandbox-related files changed (push/PR) | |
| # 2. Manual trigger (workflow_dispatch) | |
| # 3. Tag push (for releases) | |
| if: | | |
| needs.check-sandbox-changes.outputs.sandbox_changed == 'true' || | |
| github.event_name == 'workflow_dispatch' || | |
| startsWith(github.ref, 'refs/tags/') | |
| permissions: | |
| contents: read | |
| packages: write | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Log in to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Extract metadata | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{ env.REGISTRY }}/${{ env.IMAGE_PREFIX }}/joysafeter-sandbox | |
| tags: | | |
| type=ref,event=branch | |
| type=ref,event=pr | |
| type=semver,pattern={{version}} | |
| type=semver,pattern={{major}}.{{minor}} | |
| type=raw,value=latest,enable={{is_default_branch}} | |
| - name: Build and push Sandbox image | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: ./deploy/docker | |
| file: ./deploy/docker/sandbox.Dockerfile | |
| platforms: linux/amd64,linux/arm64 | |
| push: ${{ github.event_name != 'pull_request' }} | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max |