Files
WechatOnCloud/.github/workflows/release.yml
T
Gloridust c37588617e ci: optional Docker Hub mirror in release workflow
- release.yml: dual-push to GHCR + Docker Hub when vars.DOCKERHUB_USERNAME
  is set; falls back to GHCR-only when unset (no behavior change for forks).
- .env.example: surface docker.io as a first-class WOC_IMAGE_PREFIX option.
- doc/发布到GHCR.md: document the one-time Variable + Secret setup and the
  prerequisite of pre-creating the public repos on hub.docker.com.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-06-04 18:18:21 +08:00

93 lines
3.4 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
name: release
# 推送 vX.Y.Z 标签或在 GitHub 上发布 Release 时,构建并推送多架构镜像到 GHCR。
# 也可手动触发(workflow_dispatch)只打 latest,便于验证流水线。
on:
push:
tags:
- 'v*.*.*'
release:
types: [published]
workflow_dispatch:
env:
REGISTRY: ghcr.io
WECHAT_IMAGE: ${{ github.repository_owner }}/wechat-on-cloud
PANEL_IMAGE: ${{ github.repository_owner }}/woc-panel
jobs:
build:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
strategy:
fail-fast: false
matrix:
include:
- name: wechat
image: wechat-on-cloud
context: ./docker
dockerfile: ./docker/Dockerfile
- name: panel
image: woc-panel
context: ./panel
dockerfile: ./panel/Dockerfile
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Log in to GHCR
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
# 可选:同时推 Docker Hub。仅当仓库设置里加了 vars.DOCKERHUB_USERNAME 时启用,
# 让 fork 用户开箱即可走 GHCR;想加 Docker Hub 双推只需配 1 个 Variable + 1 个 Secret。
# 配置方法:repo Settings → Secrets and variables → Actions
# · Variables → DOCKERHUB_USERNAME = 你的 Docker Hub 用户名
# · Secrets → DOCKERHUB_TOKEN = Docker Hub Access Tokenhub.docker.com → Account Settings → Personal access tokens
- name: Log in to Docker Hub
if: vars.DOCKERHUB_USERNAME != ''
uses: docker/login-action@v3
with:
username: ${{ vars.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Docker metadata (tags + labels)
id: meta
uses: docker/metadata-action@v5
with:
# metadata-action 接受多行 images:每行一个目标 registrybuild-push-action 会同时推。
# Docker Hub 那行只在配了 DOCKERHUB_USERNAME 时出现;否则只剩 GHCR 一行(与旧行为一致)。
images: |
${{ env.REGISTRY }}/${{ github.repository_owner }}/${{ matrix.image }}
${{ vars.DOCKERHUB_USERNAME != '' && format('docker.io/{0}/{1}', vars.DOCKERHUB_USERNAME, matrix.image) || '' }}
# 语义化标签:vX.Y.Z → X.Y.Z / X.Y / X;默认分支额外打 latest
tags: |
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=raw,value=latest,enable={{is_default_branch}}
type=raw,value=latest,enable=${{ github.event_name == 'release' }}
- name: Build and push (amd64 + arm64)
uses: docker/build-push-action@v6
with:
context: ${{ matrix.context }}
file: ${{ matrix.dockerfile }}
platforms: linux/amd64,linux/arm64
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha,scope=${{ matrix.name }}
cache-to: type=gha,mode=max,scope=${{ matrix.name }}