-
Notifications
You must be signed in to change notification settings - Fork 20
110 lines (97 loc) · 3.72 KB
/
build.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
name: Docker Build Image And Push Docker Registry
on:
push:
paths-ignore:
- '**.md'
- 'LICENSE'
workflow_dispatch: # 手动触发
inputs:
updateServerVersion:
description: 'Update Server Docker Image Version'
type: boolean
default: false
required: false
jobs:
build:
name: Docker Build Image And Push Docker Registry
runs-on: ubicloud-standard-4
env:
SECRET_REPO_PREFIX: REPO_
SECRET_USERNAME_PREFIX: USERNAME_
SECRET_PASSWORD_PREFIX: PASSWORD_
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version: '18'
cache: 'yarn'
cache-dependency-path: yarn.lock
- name: Build front
run: |
npm install -g yarn
yarn && yarn build
- name: Set up QEMU # 设置 QEMU 环境,用来模拟操作系统,用来编译 arm64 镜像和 amd64 镜像
uses: docker/setup-qemu-action@v2
with:
platforms: all
- name: Set up Docker Buildx # 设置 Docker Buildx 环境
id: buildx
uses: docker/setup-buildx-action@v2
with:
version: latest
- name: Inspect builder # 查看 builder 状态
run: |
echo "Name: ${{ steps.buildx.outputs.name }}"
echo "Endpoint: ${{ steps.buildx.outputs.endpoint }}"
echo "Status: ${{ steps.buildx.outputs.status }}"
echo "Flags: ${{ steps.buildx.outputs.flags }}"
echo "Platforms: ${{ steps.buildx.outputs.platforms }}"
- name: Login and Build Docker Image And Push
shell: bash
env:
ALL_SECRETS: ${{ toJSON(secrets) }}
run: |
repos=()
for key in $(echo $ALL_SECRETS | jq -r "keys[]"); do
if [[ $key == $SECRET_REPO_PREFIX* ]]; then
repo_key=$key
char=$(echo $repo_key | sed "s/$SECRET_REPO_PREFIX//")
username_key="${SECRET_USERNAME_PREFIX}${char}"
password_key="${SECRET_PASSWORD_PREFIX}${char}"
repo=$(echo $ALL_SECRETS | jq -r ".${repo_key}")
username=$(echo $ALL_SECRETS | jq -r ".${username_key}")
password=$(echo $ALL_SECRETS | jq -r ".${password_key}")
repos+=($repo)
# 如果 repo 只有一个 / ,则说明是 docker hub 的镜像,登录时后面不需要加 repo
if [[ $(echo $repo | grep -o '/' | wc -l) -eq 1 ]]; then
echo $password | docker login -u $username --password-stdin
else
echo $password | docker login -u $username --password-stdin $repo
fi
fi
done
command="docker buildx build --platform linux/amd64,linux/arm64 --push . "
for repo in ${repos[@]}; do
command="$command -t $repo\:latest -t $repo\:$(git rev-parse --short HEAD)"
done
echo "$command"
eval $command
- name: executing remote ssh commands using ssh key
uses: appleboy/[email protected]
if: ${{ github.event.inputs.updateServerVersion == 'true' }}
with:
host: ${{ secrets.HOST }}
port: ${{ secrets.PORT }}
username: ${{ secrets.USERNAME }}
passphrase: ${{ secrets.PASSPHRASE }}
key: ${{ secrets.KEY }}
script: |
docker run --rm \
-v /var/run/docker.sock:/var/run/docker.sock \
-v ~/.docker/config.json:/config.json \
containrrr/watchtower \
--cleanup \
--run-once \
zfile-docs