Configure D1 database UUID: 6d580637-1f87-4ddf-8b4d-3d97254b4c33 #177

Workflow file for this run

.github/workflows/docker-image.yml at d83e2c6

	name: Build & Push Docker image
	on:
	push:
	branches:
	- main
	paths-ignore:
	- '**.md'
	pull_request:
	branches:
	- main
	paths-ignore:
	- '**.md'
	workflow_dispatch:
	concurrency:
	group: ${{ github.workflow }}-${{ github.ref }}
	cancel-in-progress: true
	env:
	REGISTRY: ghcr.io
	IMAGE_NAME: katelya77/katelyatv
	jobs:
	build-and-push:
	runs-on: ubuntu-latest
	env:
	IMAGE_NAME: ${{ github.repository }}
	permissions:
	contents: read
	packages: write
	attestations: write
	id-token: write
	strategy:
	fail-fast: false
	matrix:
	platform:
	- linux/amd64
	- linux/arm64
	- linux/arm/v7
	steps:
	- name: Checkout repository
	uses: actions/checkout@v4
	- name: Set image name to lowercase
	id: image_name
	run: echo "name=$(echo '${{ github.repository }}' \| tr '[:upper:]' '[:lower:]')" >> $GITHUB_OUTPUT
	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3
	with:
	version: latest
	driver-opts: image=moby/buildkit:buildx-stable-1
	- name: Log in to Container Registry
	if: github.event_name != 'pull_request'
	uses: docker/login-action@v3
	with:
	registry: ${{ env.REGISTRY }}
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}
	- name: Extract metadata
	id: meta
	uses: docker/metadata-action@v5
	with:
	images: ${{ env.REGISTRY }}/${{ steps.image_name.outputs.name }}
	tags: \|
	type=ref,event=branch
	type=ref,event=pr
	type=sha,prefix={{branch}}-
	type=raw,value=latest,enable={{is_default_branch}}
	labels: \|
	org.opencontainers.image.title=${{ github.repository }}
	org.opencontainers.image.description=katelyatv - A modern streaming platform
	org.opencontainers.image.url=${{ github.server_url }}/${{ github.repository }}
	org.opencontainers.image.source=${{ github.server_url }}/${{ github.repository }}
	org.opencontainers.image.revision=${{ github.sha }}
	org.opencontainers.image.licenses=MIT
	- name: Build Docker image
	id: build
	uses: docker/build-push-action@v5
	with:
	context: .
	file: ./Dockerfile
	platforms: ${{ matrix.platform }}
	labels: ${{ steps.meta.outputs.labels }}
	cache-from: type=gha,scope=${{ github.ref_name }}-${{ matrix.platform }}
	cache-to: type=gha,mode=max,scope=${{ github.ref_name }}-${{ matrix.platform }}
	outputs: \|
	type=image,name=${{ env.REGISTRY }}/${{ steps.image_name.outputs.name }},push-by-digest=true,name-canonical=true,push=${{ github.event_name != 'pull_request' }}
	provenance: false
	sbom: false
	- name: Export digest
	if: github.event_name != 'pull_request'
	run: \|
	mkdir -p /tmp/digests
	digest="${{ steps.build.outputs.digest }}"
	touch "/tmp/digests/${digest#sha256:}"
	- name: Upload digest
	if: github.event_name != 'pull_request'
	uses: actions/upload-artifact@v4
	with:
	name: digests-${{ strategy.job-index }}
	path: /tmp/digests/*
	if-no-files-found: error
	retention-days: 1
	merge-images:
	runs-on: ubuntu-latest
	permissions:
	contents: read
	packages: write
	attestations: write
	id-token: write
	needs:
	- build-and-push
	if: github.event_name != 'pull_request'
	env:
	REGISTRY: ghcr.io
	steps:
	- name: Set image name to lowercase
	id: image_name
	run: echo "name=$(echo '${{ github.repository }}' \| tr '[:upper:]' '[:lower:]')" >> $GITHUB_OUTPUT
	- name: Download digests
	uses: actions/download-artifact@v4
	with:
	path: /tmp/digests
	pattern: digests-*
	merge-multiple: true
	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3
	- name: Log in to Container Registry
	uses: docker/login-action@v3
	with:
	registry: ${{ env.REGISTRY }}
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}
	- name: Extract metadata
	id: meta
	uses: docker/metadata-action@v5
	with:
	images: ${{ env.REGISTRY }}/${{ steps.image_name.outputs.name }}
	tags: \|
	type=ref,event=branch
	type=sha,prefix={{branch}}-
	type=raw,value=latest,enable={{is_default_branch}}
	- name: Create manifest list and push
	working-directory: /tmp/digests
	run: \|
	docker buildx imagetools create $(jq -cr '.tags \| map("-t " + .) \| join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
	$(printf '${{ env.REGISTRY }}/${{ steps.image_name.outputs.name }}@sha256:%s ' *)
	- name: Get multi-arch digest
	id: get_digest
	run: \|
	# 直接从 docker pull 获取 digest，这是最可靠的方法
	digest=$(docker pull ${{ env.REGISTRY }}/${{ steps.image_name.outputs.name }}:${{ steps.meta.outputs.version }} 2>&1 \| grep "Digest:" \| cut -d' ' -f2 \|\| echo "")
	if [ -z "$digest" ]; then
	# 备选方案：使用 crane 风格的检查（如果支持的话）
	digest=$(docker buildx imagetools inspect ${{ env.REGISTRY }}/${{ steps.image_name.outputs.name }}:${{ steps.meta.outputs.version }} \| grep "Digest:" \| head -1 \| cut -d' ' -f2 \|\| echo "")
	fi
	if [ -z "$digest" ]; then
	# 最后备选：从 raw manifest 计算
	digest=$(docker buildx imagetools inspect ${{ env.REGISTRY }}/${{ steps.image_name.outputs.name }}:${{ steps.meta.outputs.version }} --raw \| sha256sum \| awk '{print "sha256:"$1}')
	fi
	echo "digest=$digest" >> $GITHUB_OUTPUT
	- name: Inspect image
	run: \|
	docker buildx imagetools inspect ${{ env.REGISTRY }}/${{ steps.image_name.outputs.name }}:${{ steps.meta.outputs.version }}
	- name: Generate artifact attestation
	if: github.event_name != 'pull_request'
	uses: actions/attest-build-provenance@v1
	with:
	subject-name: ${{ env.REGISTRY }}/${{ steps.image_name.outputs.name}}
	subject-digest: ${{ steps.get_digest.outputs.digest }}
	push-to-registry: true

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Configure D1 database UUID: 6d580637-1f87-4ddf-8b4d-3d97254b4c33 #177

Workflow file

Configure D1 database UUID: 6d580637-1f87-4ddf-8b4d-3d97254b4c33 #177

Uh oh!

Workflow file for this run