GitHub CI 构建 Docker 镜像并发布到各个平台的 Action
name: Docker
on:
push:
branches:
- main
- dev*
tags:
- "*"
paths:
- "Containerfile"
- ".github/workflows/docker.yml"
- "src/**"
- "Cargo.toml"
jobs:
docker:
name: Build and Push
runs-on: ubuntu-latest
env:
package_name: shorturl
acr_registry: registry.cn-hangzhou.aliyuncs.com
hcr_registry: swr.ap-southeast-3.myhuaweicloud.com
tcr_registry: ccr.ccs.tencentyun.com
steps:
- name: Checkout Source Code
uses: actions/checkout@v4
- name: Login to GitHub Container Registry (ghcr.io)
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Generate Github Container Registry Tags
id: ghcr_tag
env:
IMAGE_REPO: ghcr.io/${{ github.repository_owner }}/${{ env.package_name }}
run: |
# Check if the current ref is a tag
if [[ "${{ github.ref_type }}" == "tag" ]]; then
# delete tag as v0.1.0 to 0.1.0
ref_tag="${{ github.ref_name }}"
ref_tag="${ref_tag#v}"
echo "Detected tag: $ref_tag"
echo "tag=$IMAGE_REPO:$ref_tag" >> $GITHUB_OUTPUT
echo "latest=$IMAGE_REPO:latest" >> $GITHUB_OUTPUT
elif [[ "${{ github.ref_name }}" == "main" ]]; then
echo "tag=$IMAGE_REPO:main" >> $GITHUB_OUTPUT
else
echo "tag=$IMAGE_REPO:dev" >> $GITHUB_OUTPUT
fi
- name: Check Docker Hub Credentials
id: check_docker_creds
run: |
if [[ -n "${{ secrets.DOCKERHUB_USERNAME }}" && -n "${{ secrets.DOCKERHUB_TOKEN }}" ]]; then
echo "creds_exist=true" >> $GITHUB_OUTPUT
else
echo "creds_exist=false" >> $GITHUB_OUTPUT
fi
- name: Login to Docker Hub
if: steps.check_docker_creds.outputs.creds_exist == 'true'
uses: docker/login-action@v3
with:
registry: docker.io
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Generate Docker Hub Tags
id: dockerhub_tag
if: steps.check_docker_creds.outputs.creds_exist == 'true'
env:
IMAGE_REPO: ${{ github.repository_owner }}/${{ env.package_name }}
run: |
# Check if the current ref is a tag
if [[ "${{ github.ref_type }}" == "tag" ]]; then
# delete tag as v0.1.0 to 0.1.0
ref_tag="${{ github.ref_name }}"
ref_tag="${ref_tag#v}"
echo "Detected tag: $ref_tag"
echo "tag=$IMAGE_REPO:$ref_tag" >> $GITHUB_OUTPUT
echo "latest=$IMAGE_REPO:latest" >> $GITHUB_OUTPUT
elif [[ "${{ github.ref_name }}" == "main" ]]; then
echo "tag=$IMAGE_REPO:main" >> $GITHUB_OUTPUT
else
echo "tag=$IMAGE_REPO:dev" >> $GITHUB_OUTPUT
fi
- name: Check Aliyun Credentials
id: check_aliyun_creds
run: |
if [[ -n "${{ secrets.ALIYUN_USERNAME }}" && -n "${{ secrets.ALIYUN_TOKEN }}" ]]; then
echo "creds_exist=true" >> $GITHUB_OUTPUT
else
echo "creds_exist=false" >> $GITHUB_OUTPUT
fi
- name: Login to Aliyun
if: steps.check_aliyun_creds.outputs.creds_exist == 'true'
uses: docker/login-action@v3
with:
registry: ${{ env.acr_registry }}
username: ${{ secrets.ALIYUN_USERNAME }}
password: ${{ secrets.ALIYUN_TOKEN }}
- name: Generate Aliyun Container Registry Tags
id: acr_tag
if: steps.check_aliyun_creds.outputs.creds_exist == 'true'
env:
IMAGE_REPO: ${{ env.acr_registry }}/${{ github.repository_owner }}/${{ env.package_name }}
run: |
# Check if the current ref is a tag
if [[ "${{ github.ref_type }}" == "tag" ]]; then
# delete tag as v0.1.0 to 0.1.0
ref_tag="${{ github.ref_name }}"
ref_tag="${ref_tag#v}"
echo "Detected tag: $ref_tag"
echo "tag=$IMAGE_REPO:$ref_tag" >> $GITHUB_OUTPUT
echo "latest=$IMAGE_REPO:latest" >> $GITHUB_OUTPUT
elif [[ "${{ github.ref_name }}" == "main" ]]; then
echo "tag=$IMAGE_REPO:main" >> $GITHUB_OUTPUT
else
echo "tag=$IMAGE_REPO:dev" >> $GITHUB_OUTPUT
fi
- name: 华为云无法推送
run: |
echo "华为云无法推送:"
echo "buildx failed with: ERROR: failed to solve: failed to push xxx: failed commit on ref "index-sha256:xxx": unexpected status from PUT request to https://xxx: 400 Bad Request"
- name: Check Huawei Cloud Credentials
id: check_huawei_creds
run: |
if [[ -n "${{ secrets.HUAWEI_USERNAME }}" && -n "${{ secrets.HUAWEI_TOKEN }}" ]]; then
echo "creds_exist=true" >> $GITHUB_OUTPUT
else
echo "creds_exist=false" >> $GITHUB_OUTPUT
fi
- name: Login to Huawei Cloud
if: steps.check_huawei_creds.outputs.creds_exist == 'true'
uses: docker/login-action@v3
with:
registry: ${{ env.hcr_registry }}
username: ${{ secrets.HUAWEI_USERNAME }}
password: ${{ secrets.HUAWEI_TOKEN }}
- name: Generate Huawei Cloud Container Registry Tags
id: hcr_tag
if: steps.check_huawei_creds.outputs.creds_exist == 'true'
env:
IMAGE_REPO: ${{ env.hcr_registry }}/${{ github.repository_owner }}/${{ env.package_name }}
run: |
# Check if the current ref is a tag
if [[ "${{ github.ref_type }}" == "tag" ]]; then
# delete tag as v0.1.0 to 0.1.0
ref_tag="${{ github.ref_name }}"
ref_tag="${ref_tag#v}"
echo "Detected tag: $ref_tag"
echo "tag=$IMAGE_REPO:$ref_tag" >> $GITHUB_OUTPUT
echo "latest=$IMAGE_REPO:latest" >> $GITHUB_OUTPUT
elif [[ "${{ github.ref_name }}" == "main" ]]; then
echo "tag=$IMAGE_REPO:main" >> $GITHUB_OUTPUT
else
echo "tag=$IMAGE_REPO:dev" >> $GITHUB_OUTPUT
fi
- name: Check Tencent Cloud Credentials
id: check_tencent_creds
run: |
if [[ -n "${{ secrets.TENCENT_USERNAME }}" && -n "${{ secrets.TENCENT_TOKEN }}" ]]; then
echo "creds_exist=true" >> $GITHUB_OUTPUT
else
echo "creds_exist=false" >> $GITHUB_OUTPUT
fi
- name: Login to Tencent Cloud
if: steps.check_tencent_creds.outputs.creds_exist == 'true'
uses: docker/login-action@v3
with:
registry: ${{ env.tcr_registry }}
username: ${{ secrets.TENCENT_USERNAME }}
password: ${{ secrets.TENCENT_TOKEN }}
- name: Generate Tencent Cloud Container Registry Tags
id: tcr_tag
if: steps.check_tencent_creds.outputs.creds_exist == 'true'
env:
IMAGE_REPO: ${{ env.tcr_registry }}/${{ github.repository_owner }}/${{ env.package_name }}
run: |
# Check if the current ref is a tag
if [[ "${{ github.ref_type }}" == "tag" ]]; then
# delete tag as v0.1.0 to 0.1.0
ref_tag="${{ github.ref_name }}"
ref_tag="${ref_tag#v}"
echo "Detected tag: $ref_tag"
echo "tag=$IMAGE_REPO:$ref_tag" >> $GITHUB_OUTPUT
echo "latest=$IMAGE_REPO:latest" >> $GITHUB_OUTPUT
elif [[ "${{ github.ref_name }}" == "main" ]]; then
echo "tag=$IMAGE_REPO:main" >> $GITHUB_OUTPUT
else
echo "tag=$IMAGE_REPO:dev" >> $GITHUB_OUTPUT
fi
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Build and Push Docker Images
uses: docker/build-push-action@v6
with:
push: true
context: .
platforms: linux/amd64, linux/arm64
file: Containerfile
tags: |
${{ steps.ghcr_tag.outputs.tag || '' }}
${{ steps.ghcr_tag.outputs.latest || '' }}
${{ steps.dockerhub_tag.outputs.tag || '' }}
${{ steps.dockerhub_tag.outputs.latest || '' }}
${{ steps.acr_tag.outputs.tag || '' }}
${{ steps.acr_tag.outputs.latest || '' }}
${{ steps.hcr_tag.outputs.tag || '' }}
${{ steps.hcr_tag.outputs.latest || '' }}
${{ steps.tcr_tag.outputs.tag || '' }}
${{ steps.tcr_tag.outputs.latest || '' }}
- uses: actions/delete-package-versions@v5
continue-on-error: true
with:
package-name: ${{ env.package_name }}
package-type: 'container'
delete-only-untagged-versions: 'true'