-
-
Notifications
You must be signed in to change notification settings - Fork 2
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
1 changed file
with
77 additions
and
77 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -13,89 +13,89 @@ on: | |
| workflow_dispatch: | ||
|
|
||
| jobs: | ||
| steps: | ||
| # 1. 检出代码 | ||
| - name: Checkout code | ||
| uses: actions/checkout@v4 | ||
| with: | ||
| fetch-depth: 0 # 确保获取所有标签 | ||
| steps: | ||
| # 1. 检出代码 | ||
| - name: Checkout code | ||
| uses: actions/checkout@v4 | ||
| with: | ||
| fetch-depth: 0 # 确保获取所有标签 | ||
|
|
||
| # 2. 设置 Docker Buildx | ||
| - name: Set up Docker Buildx | ||
| uses: docker/[email protected] | ||
| # 2. 设置 Docker Buildx | ||
| - name: Set up Docker Buildx | ||
| uses: docker/[email protected] | ||
|
|
||
| - name: Cache Docker layers | ||
| uses: actions/cache@v4 | ||
| with: | ||
| path: /tmp/.buildx-cache | ||
| key: ${{ runner.os }}-buildx-${{ github.sha }} | ||
| restore-keys: | | ||
| ${{ runner.os }}-buildx- | ||
| - name: Cache Docker layers | ||
| uses: actions/cache@v4 | ||
| with: | ||
| path: /tmp/.buildx-cache | ||
| key: ${{ runner.os }}-buildx-${{ github.sha }} | ||
| restore-keys: | | ||
| ${{ runner.os }}-buildx- | ||
| # 3. 登录 Docker Hub | ||
| - name: Log in to Docker Hub | ||
| uses: docker/login-action@v3 | ||
| with: | ||
| username: ${{ secrets.DOCKER_USERNAME }} | ||
| password: ${{ secrets.DOCKER_PASSWORD }} | ||
| # 3. 登录 Docker Hub | ||
| - name: Log in to Docker Hub | ||
| uses: docker/login-action@v3 | ||
| with: | ||
| username: ${{ secrets.DOCKER_USERNAME }} | ||
| password: ${{ secrets.DOCKER_PASSWORD }} | ||
|
|
||
| # 4. 登录阿里云容器注册表 | ||
| - name: Log in to AliYun Docker Hub | ||
| uses: docker/login-action@v3 | ||
| with: | ||
| registry: registry.cn-hangzhou.aliyuncs.com | ||
| username: ${{ secrets.ALIREGISTRY_USERNAME }} | ||
| password: ${{ secrets.ALIREGISTRY_TOKEN }} | ||
| # 4. 登录阿里云容器注册表 | ||
| - name: Log in to AliYun Docker Hub | ||
| uses: docker/login-action@v3 | ||
| with: | ||
| registry: registry.cn-hangzhou.aliyuncs.com | ||
| username: ${{ secrets.ALIREGISTRY_USERNAME }} | ||
| password: ${{ secrets.ALIREGISTRY_TOKEN }} | ||
|
|
||
| # 5. 登录 GitHub Container Registry | ||
| - name: Log in to GitHub Container Registry | ||
| uses: docker/login-action@v3 | ||
| with: | ||
| registry: ghcr.io | ||
| username: ${{ github.repository_owner }} | ||
| password: ${{ secrets.GITHUB_TOKEN }} | ||
| # 5. 登录 GitHub Container Registry | ||
| - name: Log in to GitHub Container Registry | ||
| uses: docker/login-action@v3 | ||
| with: | ||
| registry: ghcr.io | ||
| username: ${{ github.repository_owner }} | ||
| password: ${{ secrets.GITHUB_TOKEN }} | ||
|
|
||
| # 6. 获取 Docker Metadata | ||
| - name: Get Docker metadata | ||
| id: metadata | ||
| uses: docker/[email protected] | ||
| with: | ||
| images: | | ||
| docker.io/telepace/voiceflow | ||
| registry.cn-hangzhou.aliyuncs.com/telepace/voiceflow | ||
| ghcr.io/telepace/voiceflow | ||
| tags: | | ||
| type=ref,event=tag | ||
| type=schedule | ||
| type=ref,event=branch | ||
| type=ref,event=pr | ||
| type=semver,pattern={{version}} | ||
| type=semver,pattern=v{{version}} | ||
| type=semver,pattern={{major}}.{{minor}} | ||
| type=semver,pattern={{major}} | ||
| type=sha | ||
| # 6. 获取 Docker Metadata | ||
| - name: Get Docker metadata | ||
| id: metadata | ||
| uses: docker/[email protected] | ||
| with: | ||
| images: | | ||
| docker.io/telepace/voiceflow | ||
| registry.cn-hangzhou.aliyuncs.com/telepace/voiceflow | ||
| ghcr.io/telepace/voiceflow | ||
| tags: | | ||
| type=ref,event=tag | ||
| type=schedule | ||
| type=ref,event=branch | ||
| type=ref,event=pr | ||
| type=semver,pattern={{version}} | ||
| type=semver,pattern=v{{version}} | ||
| type=semver,pattern={{major}}.{{minor}} | ||
| type=semver,pattern={{major}} | ||
| type=sha | ||
| # 7. 构建并推送 Docker 镜像 | ||
| - name: Build and push Docker image for voiceflow | ||
| uses: docker/build-push-action@v5 | ||
| with: | ||
| context: . | ||
| file: ./build/images/voiceflow/Dockerfile | ||
| platforms: linux/amd64,linux/arm64 | ||
| push: ${{ github.event_name != 'pull_request' }} | ||
| tags: ${{ steps.meta1.outputs.tags }} | ||
| labels: ${{ steps.meta1.outputs.labels }} | ||
| cache-from: type=local,src=/tmp/.buildx-cache | ||
| cache-to: type=local,dest=/tmp/.buildx-cache | ||
| # 7. 构建并推送 Docker 镜像 | ||
| - name: Build and push Docker image for voiceflow | ||
| uses: docker/build-push-action@v5 | ||
| with: | ||
| context: . | ||
| file: ./build/images/voiceflow/Dockerfile | ||
| platforms: linux/amd64,linux/arm64 | ||
| push: ${{ github.event_name != 'pull_request' }} | ||
| tags: ${{ steps.meta1.outputs.tags }} | ||
| labels: ${{ steps.meta1.outputs.labels }} | ||
| cache-from: type=local,src=/tmp/.buildx-cache | ||
| cache-to: type=local,dest=/tmp/.buildx-cache | ||
|
|
||
| # 8. 可选:安全扫描(例如 Trivy) | ||
| - name: Scan Docker image for vulnerabilities | ||
| uses: aquasecurity/[email protected] | ||
| with: | ||
| image-ref: telepace/voiceflow:${{ steps.metadata.outputs.version }} | ||
| format: 'table' | ||
| exit-code: '0' | ||
| # 8. 可选:安全扫描(例如 Trivy) | ||
| - name: Scan Docker image for vulnerabilities | ||
| uses: aquasecurity/[email protected] | ||
| with: | ||
| image-ref: telepace/voiceflow:${{ steps.metadata.outputs.version }} | ||
| format: 'table' | ||
| exit-code: '0' | ||
|
|
||
| # 9. 清理未使用的 Docker 镜像 | ||
| - name: Clean up Docker | ||
| run: docker system prune -f | ||
| # 9. 清理未使用的 Docker 镜像 | ||
| - name: Clean up Docker | ||
| run: docker system prune -f | ||