Refactor release workflow to improve Docker image handling and streamline build steps
CI / Go Tests (push) Successful in 17s
CI / Build (push) Successful in 18s
Format / gofmt (push) Successful in 10s
Release Artifacts / Validate release tag (push) Successful in 1s
Release Artifacts / Build and release executables (push) Successful in 17s
Release Artifacts / Build and release Docker image (push) Successful in 1m38s

- Updated the image resolution step to clarify registry and image name handling.
- Replaced the manual Docker login process with the docker/login-action for enhanced security.
- Introduced Docker metadata extraction and updated the build and push steps to utilize the latest actions for better efficiency.
This commit is contained in:
2026-06-01 03:26:36 -05:00
parent cc240ae9db
commit fd12b940a7
+30 -28
View File
@@ -162,7 +162,7 @@ jobs:
- name: Checkout - name: Checkout
uses: actions/checkout@v4 uses: actions/checkout@v4
- name: Resolve image coordinates - name: Resolve registry and image names
id: image id: image
shell: bash shell: bash
run: | run: |
@@ -172,34 +172,36 @@ jobs:
host="${host#https://}" host="${host#https://}"
host="${host%%/*}" host="${host%%/*}"
repo="$(printf '%s' "${{ gitea.repository }}" | tr '[:upper:]' '[:lower:]')" repo="$(printf '%s' "${{ gitea.repository }}" | tr '[:upper:]' '[:lower:]')"
image="${host}/${repo}"
echo "registry_host=${host}" >> "${GITHUB_OUTPUT}" echo "registry_host=${host}" >> "${GITHUB_OUTPUT}"
echo "image=${host}/${repo}" >> "${GITHUB_OUTPUT}" echo "repository_lower=${repo}" >> "${GITHUB_OUTPUT}"
echo "image=${image}" >> "${GITHUB_OUTPUT}"
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to registry - name: Login to registry
env: uses: docker/login-action@v3
REGISTRY_HOST: ${{ steps.image.outputs.registry_host }} with:
REGISTRY_USER: ${{ secrets.REGISTRY_USERNAME }} registry: ${{ secrets.GIT_REGISTRY || steps.image.outputs.registry_host }}
REGISTRY_PASS: ${{ secrets.REGISTRY_PASSWORD }} username: ${{ secrets.GIT_USER || gitea.actor }}
FALLBACK_USER: ${{ gitea.actor }} password: ${{ secrets.GIT_PACKAGES_TOKEN || secrets.GITEA_TOKEN }}
FALLBACK_PASS: ${{ secrets.GITEA_TOKEN }}
shell: bash
run: |
set -eu
user="${REGISTRY_USER:-${FALLBACK_USER}}"
pass="${REGISTRY_PASS:-${FALLBACK_PASS}}"
if [ -z "${pass}" ]; then
echo "No registry password available. Set REGISTRY_PASSWORD secret."
exit 1
fi
printf '%s' "${pass}" | docker login "${REGISTRY_HOST}" --username "${user}" --password-stdin
- name: Build and push Docker image tags - name: Extract Docker metadata
env: id: meta
IMAGE: ${{ steps.image.outputs.image }} uses: docker/metadata-action@v5
VERSION_TAG: ${{ needs.validate-tag.outputs.tag }} with:
shell: bash images: ${{ secrets.GIT_REGISTRY || steps.image.outputs.registry_host }}/${{ steps.image.outputs.repository_lower }}
run: | tags: |
set -eu type=raw,value=${{ needs.validate-tag.outputs.tag }}
docker build -t "${IMAGE}:${VERSION_TAG}" -t "${IMAGE}:latest" . type=raw,value=latest
docker push "${IMAGE}:${VERSION_TAG}"
docker push "${IMAGE}:latest" - name: Build and push Docker image
uses: docker/build-push-action@v5
with:
context: .
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max