清理文件,减少一层的大小 #7
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build Docker image and Deploy Pages | |
| on: | |
| push: | |
| branches: | |
| - main | |
| workflow_dispatch: | |
| permissions: | |
| contents: read | |
| packages: write | |
| concurrency: | |
| group: build-and-deploy-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| docker: | |
| name: Build & Push Image | |
| runs-on: ubuntu-latest | |
| outputs: | |
| image: ${{ steps.vars.outputs.image }} | |
| version: ${{ steps.vars.outputs.version }} | |
| iteration: ${{ steps.vars.outputs.iteration }} | |
| base_image_ref: ${{ steps.vars.outputs.base_image_ref }} | |
| build_image_ref: ${{ steps.vars.outputs.build_image_ref }} | |
| run_image_ref: ${{ steps.vars.outputs.run_image_ref }} | |
| env: | |
| REGISTRY: ${{ secrets.REGISTRY || 'ghcr.io' }} | |
| IMAGE_NAME: ${{ secrets.IMAGE_NAME || github.repository }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Compute image refs | |
| id: vars | |
| shell: bash | |
| run: | | |
| set -euo pipefail | |
| registry="${REGISTRY}" | |
| image_name="${IMAGE_NAME}" | |
| # GHCR requires lowercase image names | |
| image_name_lc="${image_name,,}" | |
| # Version source: `vsersion` (repo file). Fallback keeps workflow usable. | |
| if [[ -f vsersion ]]; then | |
| version="$(tr -d '\r\n' < vsersion)" | |
| else | |
| version="v0.0.0" | |
| fi | |
| iteration="${GITHUB_RUN_NUMBER}" | |
| echo "image=${registry}/${image_name_lc}" >> "$GITHUB_OUTPUT" | |
| echo "version=${version}" >> "$GITHUB_OUTPUT" | |
| echo "iteration=${iteration}" >> "$GITHUB_OUTPUT" | |
| echo "base_tag=base-${version}-${iteration}" >> "$GITHUB_OUTPUT" | |
| echo "build_tag=build-${version}-${iteration}" >> "$GITHUB_OUTPUT" | |
| echo "run_tag=run-${version}-${iteration}" >> "$GITHUB_OUTPUT" | |
| echo "base_image_ref=${registry}/${image_name_lc}:base-${version}-${iteration}" >> "$GITHUB_OUTPUT" | |
| echo "build_image_ref=${registry}/${image_name_lc}:build-${version}-${iteration}" >> "$GITHUB_OUTPUT" | |
| echo "run_image_ref=${registry}/${image_name_lc}:run-${version}-${iteration}" >> "$GITHUB_OUTPUT" | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Login to custom registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ secrets.REGISTRY_USERNAME }} | |
| password: ${{ secrets.REGISTRY_PASSWORD }} | |
| - name: Build & push base image | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| file: Dockerfile-base | |
| push: true | |
| tags: | | |
| ${{ steps.vars.outputs.base_image_ref }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| - name: Build & push build image | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| file: Dockerfile-build | |
| push: true | |
| build-args: | | |
| BASE_IMAGE=${{ steps.vars.outputs.base_image_ref }} | |
| tags: | | |
| ${{ steps.vars.outputs.build_image_ref }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| - name: Build & push run image | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| file: Dockerfile | |
| push: true | |
| build-args: | | |
| BASE_IMAGE=${{ steps.vars.outputs.build_image_ref }} | |
| tags: | | |
| ${{ steps.vars.outputs.run_image_ref }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| - name: Upload Pages content | |
| shell: bash | |
| run: | | |
| set -euo pipefail | |
| mkdir -p _site | |
| image_ref="${{ steps.vars.outputs.build_image_ref }}" | |
| echo "Using build image: ${image_ref}" | |
| docker pull "${image_ref}" | |
| cid="$(docker create "$image_ref")" | |
| trap 'docker rm -f "$cid" >/dev/null 2>&1 || true' EXIT | |
| docker cp "$cid":/app/public/. _site/ | |
| - name: Upload Pages artifact | |
| uses: actions/upload-pages-artifact@v3 | |
| with: | |
| path: _site | |
| pages_deploy: | |
| name: Deploy to GitHub Pages | |
| runs-on: ubuntu-latest | |
| needs: docker | |
| permissions: | |
| pages: write | |
| id-token: write | |
| environment: | |
| name: github-pages | |
| url: ${{ steps.deployment.outputs.page_url }} | |
| steps: | |
| - name: Deploy | |
| id: deployment | |
| uses: actions/deploy-pages@v4 | |
| cloudflare_deploy: | |
| name: Deploy to Cloudflare Pages | |
| runs-on: ubuntu-latest | |
| needs: | |
| - docker | |
| steps: | |
| - name: Download Pages artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: github-pages | |
| path: _site | |
| - name: Extract Pages artifact | |
| shell: bash | |
| run: | | |
| set -euo pipefail | |
| # `actions/upload-pages-artifact` produces an artifact that contains a tarball | |
| # (commonly `_site/artifact.tar`). Cloudflare Pages needs the extracted files. | |
| if [[ -f "_site/artifact.tar" ]]; then | |
| tar -xf "_site/artifact.tar" -C _site | |
| rm -f "_site/artifact.tar" | |
| else | |
| shopt -s nullglob | |
| archives=( _site/*.tar _site/*.tar.gz _site/*.tgz ) | |
| if (( ${#archives[@]} > 0 )); then | |
| for a in "${archives[@]}"; do | |
| tar -xf "$a" -C _site | |
| rm -f "$a" | |
| done | |
| fi | |
| fi | |
| - name: Deploy | |
| uses: cloudflare/pages-action@v1 | |
| with: | |
| apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }} | |
| accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }} | |
| projectName: ${{ secrets.CLOUDFLARE_PAGES_PROJECT_NAME }} | |
| directory: _site | |
| branch: main | |