GitHub CI 构建 Docker 镜像并发布到各个平台的 Action

jetsung

GitHub CI 构建 Docker 镜像并发布到各个平台的 Action

name: Docker

on:
  push:
    branches:
      - main
      - dev*
    tags:
      - "*"
    paths:
      - "Containerfile"
      - ".github/workflows/docker.yml"
      - "src/**"
      - "Cargo.toml"

jobs:
  docker:
    name: Build and Push
    runs-on: ubuntu-latest
    env:
      package_name: shorturl
      acr_registry: registry.cn-hangzhou.aliyuncs.com
      hcr_registry: swr.ap-southeast-3.myhuaweicloud.com
      tcr_registry: ccr.ccs.tencentyun.com
    steps:
      - name: Checkout Source Code
        uses: actions/checkout@v4

      - name: Login to GitHub Container Registry (ghcr.io)
        uses: docker/login-action@v3
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}

      - name: Generate Github Container Registry Tags
        id: ghcr_tag
        env:
          IMAGE_REPO: ghcr.io/${{ github.repository_owner }}/${{ env.package_name }}
        run: |
          # Check if the current ref is a tag
          if [[ "${{ github.ref_type }}" == "tag" ]]; then
            # delete tag as v0.1.0 to 0.1.0
            ref_tag="${{ github.ref_name }}"
            ref_tag="${ref_tag#v}"
            echo "Detected tag: $ref_tag"
            echo "tag=$IMAGE_REPO:$ref_tag" >> $GITHUB_OUTPUT
            echo "latest=$IMAGE_REPO:latest" >> $GITHUB_OUTPUT
          elif [[ "${{ github.ref_name }}" == "main" ]]; then
            echo "tag=$IMAGE_REPO:main" >> $GITHUB_OUTPUT
          else
            echo "tag=$IMAGE_REPO:dev" >> $GITHUB_OUTPUT
          fi    

      - name: Check Docker Hub Credentials
        id: check_docker_creds
        run: |
          if [[ -n "${{ secrets.DOCKERHUB_USERNAME }}" && -n "${{ secrets.DOCKERHUB_TOKEN }}" ]]; then
            echo "creds_exist=true" >> $GITHUB_OUTPUT
          else
            echo "creds_exist=false" >> $GITHUB_OUTPUT
          fi
      - name: Login to Docker Hub 
        if: steps.check_docker_creds.outputs.creds_exist == 'true'
        uses: docker/login-action@v3
        with:
          registry: docker.io
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      - name: Generate Docker Hub Tags
        id: dockerhub_tag
        if: steps.check_docker_creds.outputs.creds_exist == 'true'
        env:
          IMAGE_REPO: ${{ github.repository_owner }}/${{ env.package_name }}
        run: |
          # Check if the current ref is a tag
          if [[ "${{ github.ref_type }}" == "tag" ]]; then
            # delete tag as v0.1.0 to 0.1.0
            ref_tag="${{ github.ref_name }}"
            ref_tag="${ref_tag#v}"
            echo "Detected tag: $ref_tag"
            echo "tag=$IMAGE_REPO:$ref_tag" >> $GITHUB_OUTPUT
            echo "latest=$IMAGE_REPO:latest" >> $GITHUB_OUTPUT
          elif [[ "${{ github.ref_name }}" == "main" ]]; then
            echo "tag=$IMAGE_REPO:main" >> $GITHUB_OUTPUT
          else
            echo "tag=$IMAGE_REPO:dev" >> $GITHUB_OUTPUT
          fi   

      - name: Check Aliyun Credentials
        id: check_aliyun_creds
        run: |
          if [[ -n "${{ secrets.ALIYUN_USERNAME }}" && -n "${{ secrets.ALIYUN_TOKEN }}" ]]; then
            echo "creds_exist=true" >> $GITHUB_OUTPUT
          else
            echo "creds_exist=false" >> $GITHUB_OUTPUT
          fi
      - name: Login to Aliyun 
        if: steps.check_aliyun_creds.outputs.creds_exist == 'true'
        uses: docker/login-action@v3
        with:
          registry: ${{ env.acr_registry }}
          username: ${{ secrets.ALIYUN_USERNAME }}
          password: ${{ secrets.ALIYUN_TOKEN }}
      - name: Generate Aliyun Container Registry Tags
        id: acr_tag
        if: steps.check_aliyun_creds.outputs.creds_exist == 'true'
        env:
          IMAGE_REPO:  ${{ env.acr_registry }}/${{ github.repository_owner }}/${{ env.package_name }}
        run: |
          # Check if the current ref is a tag
          if [[ "${{ github.ref_type }}" == "tag" ]]; then
            # delete tag as v0.1.0 to 0.1.0
            ref_tag="${{ github.ref_name }}"
            ref_tag="${ref_tag#v}"
            echo "Detected tag: $ref_tag"
            echo "tag=$IMAGE_REPO:$ref_tag" >> $GITHUB_OUTPUT
            echo "latest=$IMAGE_REPO:latest" >> $GITHUB_OUTPUT
          elif [[ "${{ github.ref_name }}" == "main" ]]; then
            echo "tag=$IMAGE_REPO:main" >> $GITHUB_OUTPUT
          else
            echo "tag=$IMAGE_REPO:dev" >> $GITHUB_OUTPUT
          fi   

      - name: 华为云无法推送
        run: |
          echo "华为云无法推送："
          echo "buildx failed with: ERROR: failed to solve: failed to push xxx: failed commit on ref "index-sha256:xxx": unexpected status from PUT request to https://xxx: 400 Bad Request"
      - name: Check Huawei Cloud Credentials
        id: check_huawei_creds
        run: |
          if [[ -n "${{ secrets.HUAWEI_USERNAME }}" && -n "${{ secrets.HUAWEI_TOKEN }}" ]]; then
            echo "creds_exist=true" >> $GITHUB_OUTPUT
          else
            echo "creds_exist=false" >> $GITHUB_OUTPUT
          fi
      - name: Login to Huawei Cloud 
        if: steps.check_huawei_creds.outputs.creds_exist == 'true'
        uses: docker/login-action@v3
        with:
          registry: ${{ env.hcr_registry }}
          username: ${{ secrets.HUAWEI_USERNAME }}
          password: ${{ secrets.HUAWEI_TOKEN }}
      - name: Generate Huawei Cloud Container Registry Tags
        id: hcr_tag
        if: steps.check_huawei_creds.outputs.creds_exist == 'true'
        env:
          IMAGE_REPO:  ${{ env.hcr_registry }}/${{ github.repository_owner }}/${{ env.package_name }}
        run: |
          # Check if the current ref is a tag
          if [[ "${{ github.ref_type }}" == "tag" ]]; then
            # delete tag as v0.1.0 to 0.1.0
            ref_tag="${{ github.ref_name }}"
            ref_tag="${ref_tag#v}"
            echo "Detected tag: $ref_tag"
            echo "tag=$IMAGE_REPO:$ref_tag" >> $GITHUB_OUTPUT
            echo "latest=$IMAGE_REPO:latest" >> $GITHUB_OUTPUT
          elif [[ "${{ github.ref_name }}" == "main" ]]; then
            echo "tag=$IMAGE_REPO:main" >> $GITHUB_OUTPUT
          else
            echo "tag=$IMAGE_REPO:dev" >> $GITHUB_OUTPUT
          fi   

      - name: Check Tencent Cloud Credentials
        id: check_tencent_creds
        run: |
          if [[ -n "${{ secrets.TENCENT_USERNAME }}" && -n "${{ secrets.TENCENT_TOKEN }}" ]]; then
            echo "creds_exist=true" >> $GITHUB_OUTPUT
          else
            echo "creds_exist=false" >> $GITHUB_OUTPUT
          fi
      - name: Login to Tencent Cloud
        if: steps.check_tencent_creds.outputs.creds_exist == 'true'
        uses: docker/login-action@v3
        with:
          registry: ${{ env.tcr_registry }}
          username: ${{ secrets.TENCENT_USERNAME }}
          password: ${{ secrets.TENCENT_TOKEN }}
      - name: Generate Tencent Cloud Container Registry Tags
        id: tcr_tag
        if: steps.check_tencent_creds.outputs.creds_exist == 'true'
        env:
          IMAGE_REPO:  ${{ env.tcr_registry }}/${{ github.repository_owner }}/${{ env.package_name }}
        run: |
          # Check if the current ref is a tag
          if [[ "${{ github.ref_type }}" == "tag" ]]; then
            # delete tag as v0.1.0 to 0.1.0
            ref_tag="${{ github.ref_name }}"
            ref_tag="${ref_tag#v}"
            echo "Detected tag: $ref_tag"
            echo "tag=$IMAGE_REPO:$ref_tag" >> $GITHUB_OUTPUT
            echo "latest=$IMAGE_REPO:latest" >> $GITHUB_OUTPUT
          elif [[ "${{ github.ref_name }}" == "main" ]]; then
            echo "tag=$IMAGE_REPO:main" >> $GITHUB_OUTPUT
          else
            echo "tag=$IMAGE_REPO:dev" >> $GITHUB_OUTPUT
          fi   

      - name: Set up QEMU
        uses: docker/setup-qemu-action@v3

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3

      - name: Build and Push Docker Images
        uses: docker/build-push-action@v6
        with:
          push: true
          context: .
          platforms: linux/amd64, linux/arm64
          file: Containerfile
          tags: |
            ${{ steps.ghcr_tag.outputs.tag || '' }}
            ${{ steps.ghcr_tag.outputs.latest || '' }}
            ${{ steps.dockerhub_tag.outputs.tag || '' }}
            ${{ steps.dockerhub_tag.outputs.latest || '' }}
            ${{ steps.acr_tag.outputs.tag || '' }}
            ${{ steps.acr_tag.outputs.latest || '' }}
            ${{ steps.hcr_tag.outputs.tag || '' }}
            ${{ steps.hcr_tag.outputs.latest || '' }}
            ${{ steps.tcr_tag.outputs.tag || '' }}
            ${{ steps.tcr_tag.outputs.latest || '' }}

      - uses: actions/delete-package-versions@v5
        continue-on-error: true
        with: 
          package-name: ${{ env.package_name }}
          package-type: 'container'
          delete-only-untagged-versions: 'true'
jetsung

Registry	Zone	Image
Docker Hub		`docker.io`
GitHub Container Registry		`ghcr.io`
Tencent Cloud Container Registry		`ccr.ccs.tencentyun.com`
Aliyun Cloud Container Registry	杭州	`registry.cn-hangzhou.aliyuncs.com`
	广州	`registry.cn-guangzhou.aliyuncs.com`
Huawei Cloud Container Registry	华南	`swr.cn-south-1.myhuaweicloud.com`
	东南亚	`swr.ap-southeast-3.myhuaweicloud.com`