name: Build and Push Docker Image on: push: branches: - main - master - dev tags: - 'v*' workflow_dispatch: env: REGISTRY: code.littlelan.cn IMAGE_NAME: carrotskin/backend jobs: build-and-push: runs-on: ubuntu-latest container: image: gcr.io/kaniko-project/executor:debug options: --entrypoint "" steps: - name: Checkout code uses: actions/checkout@v4 with: fetch-depth: 0 - name: Create registry config run: | mkdir -p /kaniko/.docker AUTH=$(echo -n "${{ secrets.REGISTRY_USERNAME }}:${{ secrets.REGISTRY_PASSWORD }}" | base64 | tr -d '\n') cat > /kaniko/.docker/config.json << EOF { "auths": { "${{ env.REGISTRY }}": { "auth": "$AUTH" } } } EOF echo "Registry config created" - name: Build and push image run: | # 获取短 SHA SHORT_SHA=$(echo "${{ github.sha }}" | cut -c1-7) REF_NAME="${{ github.ref_name }}" REF="${{ github.ref }}" # 构建目标标签 DESTINATIONS="--destination=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${REF_NAME}" DESTINATIONS="$DESTINATIONS --destination=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:sha-${SHORT_SHA}" # main/master 分支添加 latest 标签 if [ "$REF" = "refs/heads/main" ] || [ "$REF" = "refs/heads/master" ]; then DESTINATIONS="$DESTINATIONS --destination=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest" fi echo "构建目标: $DESTINATIONS" # 使用 Kaniko 构建并推送 /kaniko/executor \ --context "${GITHUB_WORKSPACE}" \ --dockerfile "${GITHUB_WORKSPACE}/Dockerfile" \ $DESTINATIONS \ --cache=true \ --cache-repo=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/cache \ --snapshot-mode=redo \ --use-new-run - name: Build complete run: | echo "✅ 镜像构建完成!" echo "仓库: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}" echo "分支: ${{ github.ref_name }}" echo "提交: ${{ github.sha }}"