name: Build and Push Docker Image on: push: branches: - main - master - dev tags: - 'v*' workflow_dispatch: env: REGISTRY: code.littlelan.cn IMAGE_NAME: carrotskin/backend jobs: build-and-push: runs-on: ubuntu-latest container: image: quay.io/buildah/stable:latest options: --privileged steps: - name: Install dependencies run: | dnf install -y git nodejs - name: Checkout code uses: actions/checkout@v4 with: fetch-depth: 0 - name: Login to registry run: | buildah login \ -u "${{ secrets.REGISTRY_USERNAME }}" \ -p "${{ secrets.REGISTRY_PASSWORD }}" \ ${{ env.REGISTRY }} echo "Registry 登录成功" - name: Build image run: | buildah bud \ --format docker \ --layers \ -t ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:build \ -f Dockerfile \ . echo "镜像构建完成" - name: Tag and push image run: | SHORT_SHA=$(echo "${{ github.sha }}" | cut -c1-7) REF_NAME="${{ github.ref_name }}" REF="${{ github.ref }}" # 推送分支/标签名 buildah tag ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:build \ ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${REF_NAME} buildah push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${REF_NAME} echo "✓ 推送: ${REF_NAME}" # 推送 SHA 标签 buildah tag ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:build \ ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:sha-${SHORT_SHA} buildah push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:sha-${SHORT_SHA} echo "✓ 推送: sha-${SHORT_SHA}" # main/master 推送 latest if [ "$REF" = "refs/heads/main" ] || [ "$REF" = "refs/heads/master" ]; then buildah tag ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:build \ ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest buildah push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest echo "✓ 推送: latest" fi - name: Build summary run: | echo "==============================" echo "✅ 镜像构建完成!" echo "仓库: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}" echo "分支: ${{ github.ref_name }}" echo "=============================="