NodePassDash/.github/workflows/docker.yml at da4271fe7ad7295de2c291315d521f64eeb35295 · NodePassProject/NodePassDash · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
name: 🐳 构建并发布Docker镜像

on:
  push:
    branches: [ main ]
    tags: [ 'v*.*.*' ]
  pull_request:
    branches: [ main ]
  workflow_dispatch:  # 支持手动触发
    inputs:
      no_cache:
        description: '禁用构建缓存'
        required: false
        default: false
        type: boolean

env:
  REGISTRY: ghcr.io
  IMAGE_NAME: ${{ github.repository }}

jobs:
  docker:
    runs-on: ubuntu-latest
    permissions:
      contents: read
      packages: write

    steps:
      - name: 📦 检出代码
        uses: actions/checkout@v4
        with:
          fetch-depth: 0

      - name: 📝 获取版本信息
        id: get_version
        run: |
          # 从package.json获取版本号作为唯一来源
          VERSION=$(node -p "require('./package.json').version")
          # 如果是tag触发，验证tag版本与package.json版本是否匹配
          if [[ $GITHUB_REF == refs/tags/* ]]; then
            TAG_VERSION=${GITHUB_REF#refs/tags/v}
            if [ "$VERSION" != "$TAG_VERSION" ]; then
              echo "❌ 错误: Tag版本($TAG_VERSION)与package.json版本($VERSION)不匹配"
              exit 1
            fi
          fi
          # 转换仓库名为小写
          REPO_LC=$(echo "${{ github.repository }}" | tr '[:upper:]' '[:lower:]')
          echo "VERSION=$VERSION" >> $GITHUB_ENV
          echo "version=$VERSION" >> $GITHUB_OUTPUT
          echo "is_release=${{ startsWith(github.ref, 'refs/tags/') }}" >> $GITHUB_OUTPUT
          echo "is_main=${{ github.ref == 'refs/heads/main' }}" >> $GITHUB_OUTPUT
          echo "repo_name=$REPO_LC" >> $GITHUB_OUTPUT
          echo "📦 当前版本: $VERSION"

      # 只在发布版本时设置QEMU（用于多架构构建）
      - name: 🔧 设置 QEMU
        if: startsWith(github.ref, 'refs/tags/')
        uses: docker/setup-qemu-action@v3

      - name: 🔧 设置 Docker Buildx
        uses: docker/setup-buildx-action@v3
        with:
          driver-opts: |
            image=moby/buildkit:latest

      - name: 🔑 登录到容器仓库
        # 只在main分支或发布时登录
        if: github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/')
        uses: docker/login-action@v3
        with:
          registry: ${{ env.REGISTRY }}
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}

      - name: 📋 提取镜像元数据
        id: meta
        uses: docker/metadata-action@v5
        with:
          images: ${{ env.REGISTRY }}/${{ steps.get_version.outputs.repo_name }}
          tags: |
            # PR时使用pr-number作为标签
            type=raw,value=pr-${{ github.event.pull_request.number }},enable=${{ github.event_name == 'pull_request' }}
            # main分支推送时生成latest和版本号标签
            type=raw,value=latest,enable=${{ steps.get_version.outputs.is_main == 'true' }}
            type=raw,value=${{ steps.get_version.outputs.version }},enable=${{ steps.get_version.outputs.is_main == 'true' }}
            # tag发布时也生成版本号标签（确保一致性）
            type=raw,value=${{ steps.get_version.outputs.version }},enable=${{ steps.get_version.outputs.is_release == 'true' }}

      - name: 🏗️ 构建和推送（使用缓存）
        if: ${{ !inputs.no_cache }}
        uses: docker/build-push-action@v5
        with:
          context: .
          push: ${{ github.event_name != 'pull_request' }}  # PR不推送
          tags: ${{ steps.meta.outputs.tags }}
          labels: |
            org.opencontainers.image.version=${{ steps.get_version.outputs.version }}
            org.opencontainers.image.revision=${{ github.sha }}
            org.opencontainers.image.title=${{ steps.get_version.outputs.repo_name }}
          # 只在发布版本时构建多架构
          platforms: ${{ startsWith(github.ref, 'refs/tags/') && 'linux/amd64,linux/arm64' || 'linux/amd64' }}
          cache-from: |
            type=gha,scope=${{ github.workflow }}
            type=registry,ref=${{ env.REGISTRY }}/${{ steps.get_version.outputs.repo_name }}:buildcache
          cache-to: |
            type=gha,mode=max,scope=${{ github.workflow }}
            type=registry,ref=${{ env.REGISTRY }}/${{ steps.get_version.outputs.repo_name }}:buildcache,mode=max
          build-args: |
            BUILDKIT_INLINE_CACHE=1
            VERSION=${{ steps.get_version.outputs.version }}

      - name: 🏗️ 构建和推送（无缓存）
        if: ${{ inputs.no_cache }}
        uses: docker/build-push-action@v5
        with:
          context: .
          push: ${{ github.event_name != 'pull_request' }}
          tags: ${{ steps.meta.outputs.tags }}
          labels: |
            org.opencontainers.image.version=${{ steps.get_version.outputs.version }}
            org.opencontainers.image.revision=${{ github.sha }}
            org.opencontainers.image.title=${{ steps.get_version.outputs.repo_name }}
          platforms: ${{ startsWith(github.ref, 'refs/tags/') && 'linux/amd64,linux/arm64' || 'linux/amd64' }}
          no-cache: true
          build-args: |
            VERSION=${{ steps.get_version.outputs.version }}

      - name: 📢 输出版本信息
        run: |
          echo "🏷️ 版本: ${{ steps.get_version.outputs.version }}"
          echo "📦 镜像标签:"
          echo "${{ steps.meta.outputs.tags }}" | tr '\n' '\n  '
          echo "🏗️ 构建架构: ${{ startsWith(github.ref, 'refs/tags/') && 'linux/amd64,linux/arm64' || 'linux/amd64' }}"
          echo "🚫 缓存状态: ${{ inputs.no_cache && '已禁用' || '已启用' }}"

      - name: 📝 创建发布说明
        if: startsWith(github.ref, 'refs/tags/')
        uses: softprops/action-gh-release@v1
        with:
          name: 🚀 Release ${{ steps.get_version.outputs.version }}
          draft: false
          prerelease: false
          generate_release_notes: true