Skip to content
.github/workflows/build-pve-ico.yml

Sb docker #1

Sign in to view logs

Sb docker

Sb docker #1

Workflow file for this run

.github/workflows/build-pve-ico.yml at 642214a
# GitHub Actions 工作流:构建 PVE CT 可用的 ICO 镜像(优化版)
name: Build PVE CT ICO Image
on:
push:
branches:
- sb-docker
paths:
- 'Dockerfile'
- '.github/workflows/build-pve-ico.yml'
pull_request:
branches:
- sb-docker
workflow_dispatch:
inputs:
build_type:
description: 'Build type (full/quick)'
required: true
default: 'full'
type: choice
options:
- full
- quick
env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}
ICO_VERSION: 1.0
jobs:
build:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Set up QEMU for multi-architecture
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Log in to Container Registry
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: |
type=ref,event=branch
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=sha,prefix={{branch}}-
type=raw,value=latest,enable={{is_default_branch}}
- name: Build and push Docker image
uses: docker/build-push-action@v5
with:
context: .
platforms: linux/amd64,linux/arm64
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max
create-ico-image:
needs: build
runs-on: ubuntu-latest
if: github.event_name == 'push' && github.ref == 'refs/heads/sb-docker'
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Install dependencies
run: |
sudo apt-get update
sudo apt-get install -y \
qemu-utils \
qemu-system-x86 \
debootstrap \
schroot \
curl \
wget \
jq
- name: Create workspace
run: |
mkdir -p ${{ github.workspace }}/workspace/{root,output}
cd ${{ github.workspace }}/workspace
echo "Workspace created at: $(pwd)"
- name: Download base ICO image
run: |
cd ${{ github.workspace }}/workspace/root
# 从 Proxmox 官方源下载基础镜像(Debian 12)
echo "Downloading Debian 12 base image..."
wget -q --timeout=300 --tries=3 -O debian-12-base.tar.zst \
https://download.proxmox.com/images/system/debian-12-standard_12.2-1_amd64.tar.zst || \
wget -q --timeout=300 --tries=3 -O debian-12-base.tar.zst \
http://download.proxmox.com/images/system/debian-12-standard_12.2-1_amd64.tar.zst
if [ -f debian-12-base.tar.zst ]; then
echo "✅ Base image downloaded successfully"
tar -tzf debian-12-base.tar.zst | head -20
else
echo "⚠️ Download failed, using debootstrap instead"
fi
- name: Prepare container rootfs
run: |
cd ${{ github.workspace }}/workspace/root
# 如果下载失败,使用 debootstrap 创建
if [ ! -f debian-12-base.tar.zst ]; then
echo "Creating rootfs with debootstrap..."
sudo mkdir -p rootfs
sudo debootstrap --variant=minbase --no-check-gpg \
bookworm ./rootfs http://deb.debian.org/debian
else
# 解压基础镜像
echo "Extracting base image..."
mkdir -p rootfs
sudo tar -xf debian-12-base.tar.zst -C rootfs
fi
echo "✅ Rootfs prepared"
sudo ls -la rootfs/ | head -10
- name: Customize container
run: |
ROOTFS="${{ github.workspace }}/workspace/root/rootfs"
# 使用提供的脚本进行定制(如果存在)
if [ -f .github/scripts/customize-container.sh ]; then
echo "Running customization script..."
chmod +x .github/scripts/customize-container.sh
sudo bash .github/scripts/customize-container.sh "$ROOTFS"
else
echo "No customize script found, using defaults"
# 基础包安装
sudo chroot "$ROOTFS" bash -c '
apt-get update
apt-get install -y --no-install-recommends \
ca-certificates \
curl \
wget \
procps \
systemd \
openssh-server
apt-get clean
rm -rf /var/lib/apt/lists/*
'
fi
echo "✅ Container customization completed"
- name: Create TAR archive for PVE
run: |
OUTPUT_DIR="${{ github.workspace }}/workspace/output"
ROOTFS="${{ github.workspace }}/workspace/root/rootfs"
echo "Creating TAR.ZST archive for PVE CT..."
cd "$ROOTFS"
# 尝试使用 zstd 压缩
sudo tar --numeric-owner --xattrs -cf - . 2>/dev/null | \
zstd -10 -o "$OUTPUT_DIR/sing-box-subscribe-ct.tar.zst" || \
# 如果失败,使用 gzip 备选方案
sudo tar --numeric-owner -czf "$OUTPUT_DIR/sing-box-subscribe-ct.tar.gz" .
echo "✅ TAR archive created successfully"
ls -lh "$OUTPUT_DIR/"
- name: Create metadata file
run: |
OUTPUT_DIR="${{ github.workspace }}/workspace/output"
METADATA_FILE="$OUTPUT_DIR/metadata.json"
# 获取文件大小和哈希
if [ -f "$OUTPUT_DIR/sing-box-subscribe-ct.tar.zst" ]; then
TAR_FILE="$OUTPUT_DIR/sing-box-subscribe-ct.tar.zst"
else
TAR_FILE="$OUTPUT_DIR/sing-box-subscribe-ct.tar.gz"
fi
CONTENT_HASH=$(sha256sum "$TAR_FILE" | cut -d' ' -f1)
FILE_SIZE=$(du -b "$TAR_FILE" | cut -f1)
cat > "$METADATA_FILE" << EOF
{

Check failure on line 204 in .github/workflows/build-pve-ico.yml

View workflow run for this annotation

GitHub Actions / .github/workflows/build-pve-ico.yml

Invalid workflow file 

You have an error in your yaml syntax on line 204
"name": "sing-box-subscribe",
"version": "${{ env.ICO_VERSION }}",
"type": "lxc",
"arch": "amd64",
"created": "$(date -u +%Y-%m-%dT%H:%M:%SZ)",
"os": "debian",
"os-version": "12",
"description": "Sing-Box Subscription Container for Proxmox VE",
"source": "https://github.com/libre0404/sing-box-subscribe/tree/sb-docker",
"content-hash": "$CONTENT_HASH",
"fingerprint": "$(date +%s)",
"size": $FILE_SIZE,
"build-info": {
"builder": "GitHub Actions",
"base-image": "Debian 12 Bookworm",
"timestamp": "$(date -u +%Y-%m-%dT%H:%M:%SZ)",
"commit": "${{ github.sha }}",
"branch": "${{ github.ref }}"
}
}
EOF
echo "✅ Metadata file created"
cat "$METADATA_FILE"
- name: Create checksums
run: |
OUTPUT_DIR="${{ github.workspace }}/workspace/output"
cd "$OUTPUT_DIR"
echo "Generating checksums..."
for file in sing-box-subscribe-ct.tar.*; do
if [ -f "$file" ]; then
sha256sum "$file" > "$file.sha256"
echo "✅ Checksum created for $file"
cat "$file.sha256"
fi
done
- name: Create GitHub Release
uses: softprops/action-gh-release@v1
if: startsWith(github.ref, 'refs/tags/')
with:
files: |
${{ github.workspace }}/workspace/output/sing-box-subscribe-ct.tar.*
${{ github.workspace }}/workspace/output/sing-box-subscribe-ct.tar.*.sha256
${{ github.workspace }}/workspace/output/metadata.json
draft: false
prerelease: false
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Upload artifacts
uses: actions/upload-artifact@v3
with:
name: pve-ico-images
path: ${{ github.workspace }}/workspace/output/
retention-days: 30
if-no-files-found: warn
- name: Generate build summary
if: always()
run: |
OUTPUT_DIR="${{ github.workspace }}/workspace/output"
echo "## ✅ PVE ICO Image Build Summary" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "**Build Date:** $(date -u +%Y-%m-%d\ %H:%M:%S\ UTC)" >> $GITHUB_STEP_SUMMARY
echo "**Branch:** ${{ github.ref }}" >> $GITHUB_STEP_SUMMARY
echo "**Commit:** ${{ github.sha }}" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "### Generated Files:" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
if [ -d "$OUTPUT_DIR" ]; then
ls -lh "$OUTPUT_DIR/" | awk 'NR>1 {print "- **" $9 "**: " $5}' >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "### File Integrity:" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
for sha_file in "$OUTPUT_DIR"/*.sha256; do
if [ -f "$sha_file" ]; then
echo "- \`$(basename $sha_file)\`: $(cat $sha_file)" >> $GITHUB_STEP_SUMMARY
fi
done
fi
- name: Print status
run: |
echo "✅ PVE CT ICO image build completed successfully"
echo "📦 Output directory: ${{ github.workspace }}/workspace/output/"
ls -lh ${{ github.workspace }}/workspace/output/
echo ""
echo "📝 Build info:"
echo " - Only TAR.ZST container image (no QCOW2)"
echo " - Ready to import into Proxmox VE"
echo " - All files available in Artifacts for 30 days"