Build & Push Docker image #47
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build & Push Docker image | |
| on: | |
| pull_request_target: | |
| branches: | |
| - main | |
| paths-ignore: | |
| - '**.md' | |
| - '.github/**' | |
| types: | |
| - labeled | |
| - synchronize | |
| workflow_run: | |
| workflows: ['Release'] | |
| types: | |
| - completed | |
| workflow_dispatch: | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| permissions: | |
| contents: write | |
| packages: write | |
| actions: write | |
| pull-requests: write | |
| jobs: | |
| build: | |
| strategy: | |
| matrix: | |
| include: | |
| - platform: linux/amd64 | |
| os: ubuntu-latest | |
| - platform: linux/arm64 | |
| os: ubuntu-24.04-arm | |
| runs-on: ${{ matrix.os }} | |
| steps: | |
| - name: Prepare platform name | |
| run: | | |
| echo "PLATFORM_NAME=${{ matrix.platform }}" | sed 's|/|-|g' >> $GITHUB_ENV | |
| - name: Checkout source code | |
| uses: actions/checkout@v4 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Set lowercase repository owner | |
| id: lowercase | |
| run: echo "owner=$(echo '${{ github.repository_owner }}' | tr '[:upper:]' '[:lower:]')" >> "$GITHUB_OUTPUT" | |
| - name: Extract metadata | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ghcr.io/${{ steps.lowercase.outputs.owner }}/moontv | |
| tags: | | |
| type=ref,event=pr | |
| type=raw,value=latest,enable={{is_default_branch}} | |
| - name: Get latest tag | |
| run: | | |
| echo "latest_tag=$(curl -s https://api.github.com/repos/${{ github.repository }}/tags | jq -r '.[0].name // "latest"' | sed 's/^v//')" >> $GITHUB_ENV | |
| - name: Build and push by digest | |
| id: build | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| file: ./Dockerfile | |
| platforms: ${{ matrix.platform }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| tags: ${{ github.event_name == 'pull_request_target' && format('ghcr.io/{0}/moontv:pr-{1}', steps.lowercase.outputs.owner, github.event.number) || format('ghcr.io/{0}/moontv:{1}', steps.lowercase.outputs.owner, env.latest_tag) }} | |
| outputs: type=image,name=ghcr.io/${{ steps.lowercase.outputs.owner }}/moontv,name-canonical=true,push=true | |
| - name: Export digest | |
| run: | | |
| mkdir -p /tmp/digests | |
| digest="${{ steps.build.outputs.digest }}" | |
| touch "/tmp/digests/${digest#sha256:}" | |
| - name: Upload digest | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: digests-${{ env.PLATFORM_NAME }} | |
| path: /tmp/digests/* | |
| if-no-files-found: error | |
| retention-days: 1 | |
| merge-pr: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - build | |
| if: github.event_name == 'pull_request_target' | |
| steps: | |
| - name: Download digests | |
| uses: actions/download-artifact@v4 | |
| with: | |
| path: /tmp/digests | |
| pattern: digests-* | |
| merge-multiple: true | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Set lowercase repository owner | |
| id: lowercase | |
| run: echo "owner=$(echo '${{ github.repository_owner }}' | tr '[:upper:]' '[:lower:]')" >> "$GITHUB_OUTPUT" | |
| - name: Create manifest list and push | |
| working-directory: /tmp/digests | |
| run: | | |
| docker buildx imagetools create -t ghcr.io/${{ steps.lowercase.outputs.owner }}/moontv:pr-${{ github.event.number }} \ | |
| $(printf 'ghcr.io/${{ steps.lowercase.outputs.owner }}/moontv@sha256:%s ' *) | |
| merge: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - build | |
| if: github.event_name != 'pull_request_target' | |
| steps: | |
| - name: Download digests | |
| uses: actions/download-artifact@v4 | |
| with: | |
| path: /tmp/digests | |
| pattern: digests-* | |
| merge-multiple: true | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Set lowercase repository owner | |
| id: lowercase | |
| run: echo "owner=$(echo '${{ github.repository_owner }}' | tr '[:upper:]' '[:lower:]')" >> "$GITHUB_OUTPUT" | |
| - name: Get latest tag | |
| run: | | |
| echo "latest_tag=$(curl -s https://api.github.com/repos/${{ github.repository }}/tags | jq -r '.[0].name // "latest"' | sed 's/^v//')" >> $GITHUB_ENV | |
| - name: Extract metadata | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ghcr.io/${{ steps.lowercase.outputs.owner }}/moontv | |
| tags: | | |
| type=raw,value=latest,enable={{is_default_branch}} | |
| type=raw,value=${{ env.latest_tag }},enable=true | |
| - name: Create manifest list and push | |
| working-directory: /tmp/digests | |
| run: | | |
| docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \ | |
| $(printf 'ghcr.io/${{ steps.lowercase.outputs.owner }}/moontv@sha256:%s ' *) | |
| - name: Inspect image | |
| run: | | |
| docker buildx imagetools inspect ghcr.io/${{ steps.lowercase.outputs.owner }}/moontv:${{ steps.meta.outputs.version }} | |
| pr-comment: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - merge-pr | |
| if: github.event_name == 'pull_request_target' | |
| steps: | |
| - name: Set lowercase repository owner | |
| id: lowercase | |
| run: echo "owner=$(echo '${{ github.repository_owner }}' | tr '[:upper:]' '[:lower:]')" >> "$GITHUB_OUTPUT" | |
| - name: Comment on PR | |
| uses: actions/github-script@v7 | |
| with: | |
| script: | | |
| github.rest.issues.createComment({ | |
| issue_number: context.issue.number, | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| body: `🎉 您的 PR 已构建完成! | |
| Docker 镜像已成功构建并推送到 GitHub Container Registry。 | |
| **拉取命令:** | |
| \`\`\`bash | |
| docker pull ghcr.io/${{ steps.lowercase.outputs.owner }}/moontv:pr-${{ github.event.number }} | |
| \`\`\` | |
| **标签:** \`pr-${{ github.event.number }}\` | |
| 构建完成时间:${new Date().toLocaleString('zh-CN', { timeZone: 'Asia/Shanghai' })}` | |
| }); | |
| cleanup-refresh: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - merge | |
| if: always() && github.event_name != 'pull_request_target' | |
| steps: | |
| - name: Delete workflow runs | |
| uses: Mattraks/delete-workflow-runs@main | |
| with: | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| repository: ${{ github.repository }} | |
| retain_days: 0 | |
| keep_minimum_runs: 2 | |
| - name: Refresh VERSION.txt cache | |
| run: | | |
| echo "Refreshing VERSION.txt cache..." | |
| curl -s https://purge.jsdelivr.net/gh/LunaTechLab/moontv/VERSION.txt | |
| echo "" | |
| echo "VERSION.txt cache refreshed successfully" |