Refactor release workflow to improve Docker image handling and streamline build steps
CI / Go Tests (push) Successful in 17s
CI / Build (push) Successful in 18s
Format / gofmt (push) Successful in 10s
Release Artifacts / Validate release tag (push) Successful in 1s
Release Artifacts / Build and release executables (push) Successful in 17s
Release Artifacts / Build and release Docker image (push) Successful in 1m38s
CI / Go Tests (push) Successful in 17s
CI / Build (push) Successful in 18s
Format / gofmt (push) Successful in 10s
Release Artifacts / Validate release tag (push) Successful in 1s
Release Artifacts / Build and release executables (push) Successful in 17s
Release Artifacts / Build and release Docker image (push) Successful in 1m38s
- Updated the image resolution step to clarify registry and image name handling. - Replaced the manual Docker login process with the docker/login-action for enhanced security. - Introduced Docker metadata extraction and updated the build and push steps to utilize the latest actions for better efficiency.
This commit is contained in:
@@ -162,7 +162,7 @@ jobs:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Resolve image coordinates
|
||||
- name: Resolve registry and image names
|
||||
id: image
|
||||
shell: bash
|
||||
run: |
|
||||
@@ -172,34 +172,36 @@ jobs:
|
||||
host="${host#https://}"
|
||||
host="${host%%/*}"
|
||||
repo="$(printf '%s' "${{ gitea.repository }}" | tr '[:upper:]' '[:lower:]')"
|
||||
image="${host}/${repo}"
|
||||
echo "registry_host=${host}" >> "${GITHUB_OUTPUT}"
|
||||
echo "image=${host}/${repo}" >> "${GITHUB_OUTPUT}"
|
||||
echo "repository_lower=${repo}" >> "${GITHUB_OUTPUT}"
|
||||
echo "image=${image}" >> "${GITHUB_OUTPUT}"
|
||||
|
||||
- name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v3
|
||||
|
||||
- name: Login to registry
|
||||
env:
|
||||
REGISTRY_HOST: ${{ steps.image.outputs.registry_host }}
|
||||
REGISTRY_USER: ${{ secrets.REGISTRY_USERNAME }}
|
||||
REGISTRY_PASS: ${{ secrets.REGISTRY_PASSWORD }}
|
||||
FALLBACK_USER: ${{ gitea.actor }}
|
||||
FALLBACK_PASS: ${{ secrets.GITEA_TOKEN }}
|
||||
shell: bash
|
||||
run: |
|
||||
set -eu
|
||||
user="${REGISTRY_USER:-${FALLBACK_USER}}"
|
||||
pass="${REGISTRY_PASS:-${FALLBACK_PASS}}"
|
||||
if [ -z "${pass}" ]; then
|
||||
echo "No registry password available. Set REGISTRY_PASSWORD secret."
|
||||
exit 1
|
||||
fi
|
||||
printf '%s' "${pass}" | docker login "${REGISTRY_HOST}" --username "${user}" --password-stdin
|
||||
uses: docker/login-action@v3
|
||||
with:
|
||||
registry: ${{ secrets.GIT_REGISTRY || steps.image.outputs.registry_host }}
|
||||
username: ${{ secrets.GIT_USER || gitea.actor }}
|
||||
password: ${{ secrets.GIT_PACKAGES_TOKEN || secrets.GITEA_TOKEN }}
|
||||
|
||||
- name: Build and push Docker image tags
|
||||
env:
|
||||
IMAGE: ${{ steps.image.outputs.image }}
|
||||
VERSION_TAG: ${{ needs.validate-tag.outputs.tag }}
|
||||
shell: bash
|
||||
run: |
|
||||
set -eu
|
||||
docker build -t "${IMAGE}:${VERSION_TAG}" -t "${IMAGE}:latest" .
|
||||
docker push "${IMAGE}:${VERSION_TAG}"
|
||||
docker push "${IMAGE}:latest"
|
||||
- name: Extract Docker metadata
|
||||
id: meta
|
||||
uses: docker/metadata-action@v5
|
||||
with:
|
||||
images: ${{ secrets.GIT_REGISTRY || steps.image.outputs.registry_host }}/${{ steps.image.outputs.repository_lower }}
|
||||
tags: |
|
||||
type=raw,value=${{ needs.validate-tag.outputs.tag }}
|
||||
type=raw,value=latest
|
||||
|
||||
- name: Build and push Docker image
|
||||
uses: docker/build-push-action@v5
|
||||
with:
|
||||
context: .
|
||||
push: true
|
||||
tags: ${{ steps.meta.outputs.tags }}
|
||||
labels: ${{ steps.meta.outputs.labels }}
|
||||
cache-from: type=gha
|
||||
cache-to: type=gha,mode=max
|
||||
|
||||
Reference in New Issue
Block a user