add docker workflow

2025-12-02 11:53:08 +08:00
parent 653acebe47
commit 373c61f625
1 changed files with 34 additions and 41 deletions
--- a/.gitea/workflows/docker.yml
+++ b/.gitea/workflows/docker.yml
@@ -18,68 +18,62 @@ jobs:
  build-and-push:
    runs-on: ubuntu-latest
    container:
-      image: node:20-bookworm  # Debian 镜像，包含完整工具链
+      image: quay.io/buildah/stable:latest
      options: --privileged
    steps:
      - name: Install dependencies
        run: |
-          apt-get update
+          dnf install -y git nodejs
          apt-get install -y curl git ca-certificates
      - name: Checkout code
        uses: actions/checkout@v4
        with:
          fetch-depth: 0
-      - name: Download Kaniko
+      - name: Login to registry
        run: |
-          mkdir -p /kaniko
+          buildah login \
-          curl -L https://github.com/GoogleContainerTools/kaniko/releases/download/v1.23.2/executor-linux-amd64 -o /kaniko/executor
+            -u "${{ secrets.REGISTRY_USERNAME }}" \
-          chmod +x /kaniko/executor
+            -p "${{ secrets.REGISTRY_PASSWORD }}" \
-          echo "Kaniko 下载完成"
+            ${{ env.REGISTRY }}
          echo "Registry 登录成功"
-      - name: Create registry config
+      - name: Build image
        run: |
-          mkdir -p /kaniko/.docker
+          buildah bud \
-          AUTH=$(echo -n "${{ secrets.REGISTRY_USERNAME }}:${{ secrets.REGISTRY_PASSWORD }}" | base64 | tr -d '\n')
+            --format docker \
-          cat > /kaniko/.docker/config.json << EOF
+            --layers \
-          {
+            -t ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:build \
-            "auths": {
+            -f Dockerfile \
-              "${{ env.REGISTRY }}": {
+            .
-                "auth": "$AUTH"
+          echo "镜像构建完成"
              }
            }
          }
          EOF
          echo "Registry 认证配置完成: ${{ env.REGISTRY }}"
-      - name: Build and push image
+      - name: Tag and push image
        run: |
          SHORT_SHA=$(echo "${{ github.sha }}" | cut -c1-7)
          REF_NAME="${{ github.ref_name }}"
          REF="${{ github.ref }}"
-          # 构建目标标签
+          # 推送分支/标签名
-          DESTINATIONS="--destination=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${REF_NAME}"
+          buildah tag ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:build \
-          DESTINATIONS="$DESTINATIONS --destination=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:sha-${SHORT_SHA}"
+            ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${REF_NAME}
          buildah push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${REF_NAME}
          echo "✓ 推送: ${REF_NAME}"
-          # main/master 分支添加 latest 标签
+          # 推送 SHA 标签
          buildah tag ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:build \
            ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:sha-${SHORT_SHA}
          buildah push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:sha-${SHORT_SHA}
          echo "✓ 推送: sha-${SHORT_SHA}"
          # main/master 推送 latest
          if [ "$REF" = "refs/heads/main" ] || [ "$REF" = "refs/heads/master" ]; then
-            DESTINATIONS="$DESTINATIONS --destination=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest"
+            buildah tag ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:build \
              ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest
            buildah push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest
            echo "✓ 推送: latest"
          fi
          echo "=============================="
          echo "开始构建 Docker 镜像"
          echo "目标: $DESTINATIONS"
          echo "=============================="
          # 使用 Kaniko 构建并推送
          /kaniko/executor \
            --context "${GITHUB_WORKSPACE}" \
            --dockerfile "${GITHUB_WORKSPACE}/Dockerfile" \
            $DESTINATIONS \
            --cache=false \
            --snapshot-mode=redo
      - name: Build summary
        run: |
@@ -87,5 +81,4 @@ jobs:
          echo "✅ 镜像构建完成!"
          echo "仓库: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}"
          echo "分支: ${{ github.ref_name }}"
          echo "提交: ${{ github.sha }}"
          echo "=============================="