Publish image #145
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Publish image | |
| on: | |
| schedule: | |
| - cron: "0 0 * * *" | |
| push: | |
| tags: ["v*.*.*-rev.*"] | |
| workflow_dispatch: | |
| env: | |
| IMAGE_NAME: jks15satoshi/nekobox | |
| jobs: | |
| push-image: | |
| name: Push image to registry | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| tag_variant: [latest, unstable] | |
| registry: [ghcr.io, docker.io] | |
| permissions: | |
| contents: write | |
| packages: write | |
| attestations: write | |
| id-token: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Log in to the Container registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ matrix.registry }} | |
| username: ${{ github.repository_owner }} | |
| password: ${{ matrix.registry == 'ghcr.io' && secrets.GITHUB_TOKEN || secrets.DOCKERHUB_TOKEN }} | |
| - name: Fetch version info of NekoBox | |
| id: fetch_version | |
| uses: nick-fields/retry@v3 | |
| with: | |
| timeout_minutes: 10 | |
| max_attempts: 3 | |
| command: | | |
| sudo apt-get install curl jq perl-base | |
| base_version=$(curl -sf https://pypi.org/pypi/nekobox/json | jq -r ".info.version") | |
| if [[ "${{ matrix.tag_variant }}" == "unstable" ]]; then | |
| commit_sha=$(curl -sf https://api.github.com/repos/wyapx/nekobox/commits/main | jq -r ".sha") | |
| tag_name="${base_version}-${commit_sha:0:7}" | |
| base_version="${commit_sha}" | |
| else | |
| tag_name="${base_version}" | |
| fi | |
| rev_parsed=$(curl -sf "https://api.github.com/repos/${{ github.repository }}/releases/latest" | jq -r ".tag_name" | perl -pe '$_ = /.*-(rev\.[0-9]+)/ ? $1 : ""') | |
| if [[ ! -z "${rev_parsed}" ]]; then | |
| tag_name="${tag_name}-${rev_parsed}" | |
| fi | |
| if [[ "${base_version}" == "null" ]] || [[ "${tag_name}" == "null" ]]; then | |
| echo "Error: null detected" | |
| exit 1 | |
| else | |
| echo "base_version=${base_version}" >>$GITHUB_OUTPUT | |
| echo "tag_name=${tag_name}" >>$GITHUB_OUTPUT | |
| fi | |
| - name: Check if image tag exists | |
| id: check_image_tag | |
| uses: tyriis/docker-image-tag-exists@v2.1.0 | |
| with: | |
| registry: ${{ matrix.registry }} | |
| repository: ${{ env.IMAGE_NAME }} | |
| tag: ${{ steps.fetch_version.outputs.tag_name }} | |
| - name: Build and push Docker image | |
| id: push_image | |
| uses: docker/build-push-action@v6 | |
| if: ${{ steps.check_image_tag.outputs.tag == 'not found' }} | |
| with: | |
| context: . | |
| build-args: | | |
| "NEKOBOX_VERSION=${{ steps.fetch_version.outputs.base_version }}" | |
| "NEKOBOX_UNSTABLE=${{ matrix.tag_variant == 'unstable' && true || false }}" | |
| push: true | |
| tags: | | |
| ${{ matrix.registry }}/${{ env.IMAGE_NAME }}:${{ steps.fetch_version.outputs.tag_name }} | |
| ${{ matrix.registry }}/${{ env.IMAGE_NAME }}:${{ matrix.tag_variant }} | |
| - name: Generate artifact attestation | |
| uses: actions/attest-build-provenance@v2 | |
| if: ${{ steps.push_image.outcome == 'success' }} | |
| with: | |
| subject-name: ${{ matrix.registry }}/${{ env.IMAGE_NAME }} | |
| subject-digest: ${{ steps.push_image.outputs.digest }} | |
| push-to-registry: true | |
| - name: Sync README to Docker Hub | |
| uses: meeDamian/sync-readme@v1.0.6 | |
| if: ${{ matrix.registry == 'docker.io' }} | |
| with: | |
| user: ${{ github.repository_owner }} | |
| pass: ${{ secrets.DOCKERHUB_PASS }} | |
| slug: ${{ env.IMAGE_NAME }} | |
| description: true | |
| - name: Create release | |
| uses: ncipollo/release-action@v1 | |
| if: ${{ matrix.tag_variant == 'latest' && matrix.registry == 'ghcr.io' && steps.push_image.outcome == 'success' && github.event_name != 'push' }} | |
| with: | |
| tag: "v${{ steps.fetch_version.outputs.base_version }}" | |
| body: | | |
| ## 上游版本更新 | |
| NekoBox 版本更新至 v${{ steps.fetch_version.outputs.base_version }}。 |