1+ name : Docker Build Image And Push Docker Registry
2+
3+ on :
4+ push :
5+ paths-ignore :
6+ - ' **.md'
7+ - ' LICENSE'
8+ workflow_dispatch : # 手动触发
9+ inputs :
10+ updateServerVersion :
11+ description : ' Update Server Docker Image Version'
12+ type : boolean
13+ default : false
14+ required : false
15+
16+ jobs :
17+ build :
18+ name : Docker Build Image And Push Docker Registry
19+ runs-on : ubuntu-latest
20+ env :
21+ SECRET_REPO_PREFIX : REPO_
22+ SECRET_USERNAME_PREFIX : USERNAME_
23+ SECRET_PASSWORD_PREFIX : PASSWORD_
24+ steps :
25+ - name : Checkout
26+ uses : actions/checkout@v4
27+
28+ - name : Setup Node
29+ uses : actions/setup-node@v4
30+ with :
31+ node-version : ' 18'
32+
33+ - name : Get node_modules cache
34+ 35+ id : node_modules
36+ with :
37+ path : |
38+ **/node_modules
39+ # Add node version as a cache key to avoid yarn recompilation for particular node as it doesn't change often
40+ key : ${{ runner.os }}-node_modules-${{ hashFiles('**/yarn.lock') }}-${{ steps.node.outputs.version }}
41+
42+ - name : Build front
43+ - run : |
44+ npm install -g yarn
45+ yarn && yarn build
46+
47+ name : Set up QEMU # 设置 QEMU 环境,用来模拟操作系统,用来编译 arm64 镜像和 amd64 镜像
48+ uses : docker/setup-qemu-action@v2
49+ with :
50+ platforms : all
51+
52+ - name : Set up Docker Buildx # 设置 Docker Buildx 环境
53+ id : buildx
54+ uses : docker/setup-buildx-action@v2
55+ with :
56+ version : latest
57+
58+ - name : Inspect builder # 查看 builder 状态
59+ run : |
60+ echo "Name: ${{ steps.buildx.outputs.name }}"
61+ echo "Endpoint: ${{ steps.buildx.outputs.endpoint }}"
62+ echo "Status: ${{ steps.buildx.outputs.status }}"
63+ echo "Flags: ${{ steps.buildx.outputs.flags }}"
64+ echo "Platforms: ${{ steps.buildx.outputs.platforms }}"
65+
66+ name : Login and Build Docker Image And Push
67+ shell : bash
68+ env :
69+ ALL_SECRETS : ${{ toJSON(secrets) }}
70+ run : |
71+ repos=()
72+ for key in $(echo $ALL_SECRETS | jq -r "keys[]"); do
73+ if [[ $key == $SECRET_REPO_PREFIX* ]]; then
74+ repo_key=$key
75+ char=$(echo $repo_key | sed "s/$SECRET_REPO_PREFIX//")
76+ username_key="${SECRET_USERNAME_PREFIX}${char}"
77+ password_key="${SECRET_PASSWORD_PREFIX}${char}"
78+
79+ repo=$(echo $ALL_SECRETS | jq -r ".${repo_key}")
80+ username=$(echo $ALL_SECRETS | jq -r ".${username_key}")
81+ password=$(echo $ALL_SECRETS | jq -r ".${password_key}")
82+
83+ repos+=($repo)
84+
85+ # 如果 repo 只有一个 / ,则说明是 docker hub 的镜像,登录时后面不需要加 repo
86+ if [[ $(echo $repo | grep -o '/' | wc -l) -eq 1 ]]; then
87+ echo $password | docker login -u $username --password-stdin
88+ else
89+ echo $password | docker login -u $username --password-stdin $repo
90+ fi
91+ fi
92+ done
93+
94+ command="docker buildx build --platform linux/amd64,linux/arm64 --push . "
95+ for repo in ${repos[@]}; do
96+ command="$command -t $repo\:latest -t $repo\:$(git rev-parse --short HEAD)"
97+ done
98+ echo "$command"
99+ eval $command
100+
101+ name : executing remote ssh commands using ssh key
102+ 103+ if : ${{ github,event.inputs.updateServerVersion == 'true' }}
104+ with :
105+ host : ${{ secrets.HOST }}
106+ port : ${{ secrets.PORT }}
107+ username : ${{ secrets.USERNAME }}
108+ passphrase : ${{ secrets.PASSPHRASE }}
109+ key : ${{ secrets.KEY }}
110+ script : |
111+ docker run --rm \
112+ -v /var/run/docker.sock:/var/run/docker.sock \
113+ -v ~/.docker/config.json:/config.json \
114+ containrrr/watchtower \
115+ --cleanup \
116+ --run-once \
117+ zfile-docs
0 commit comments