delete unuse tag #4
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Docker Build and Push | |
| # 这个工作流使用未经 GitHub 认证的操作。 | |
| # 它们由第三方提供,受单独的服务条款、隐私政策和支持文档约束。 | |
| on: | |
| push: | |
| branches: | |
| - main | |
| workflow_dispatch: | |
| inputs: | |
| platform: | |
| description: 'Platform to build' | |
| required: false | |
| default: 'linux/amd64,linux/arm64' | |
| type: choice | |
| options: | |
| - linux/amd64,linux/arm64 | |
| - linux/amd64 | |
| env: | |
| # 使用 docker.io 作为 Docker Hub(如果为空) | |
| REGISTRY: ghcr.io | |
| # github.repository 格式为 <account>/<repo> | |
| IMAGE_NAME: ${{ github.repository }} | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| id-token: write | |
| attestations: write | |
| steps: | |
| - name: Tune GitHub Hosted Runner Network | |
| uses: smorimoto/tune-github-hosted-runner-network@v1 | |
| - uses: actions/checkout@v5 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Log in to Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Generate timestamp | |
| id: timestamp | |
| run: echo "timestamp=$(date -u +'%Y%m%d-%H%M%S')" >> $GITHUB_OUTPUT | |
| - name: Extract metadata | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | |
| tags: | | |
| type=raw,value=latest,priority=500 | |
| type=raw,value=${{ steps.timestamp.outputs.timestamp }},priority=400 | |
| - name: Build and push Docker image | |
| id: build-and-push | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| pull: true | |
| push: true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| secrets: | | |
| GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }} | |
| platforms: ${{ github.event.inputs.platform || 'linux/amd64,linux/arm64' }} | |
| cache-from: type=gha,scope=build | |
| cache-to: type=gha,mode=max,scope=build | |
| - name: Attest Build Provenance | |
| uses: actions/attest-build-provenance@v3 | |
| with: | |
| subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | |
| subject-digest: ${{ steps.build-and-push.outputs.digest }} | |
| push-to-registry: true | |
| cleanup: | |
| runs-on: ubuntu-latest | |
| needs: [build] | |
| if: always() | |
| permissions: | |
| packages: write | |
| steps: | |
| - name: Cleanup old packages | |
| uses: dataaxiom/ghcr-cleanup-action@v1 | |
| with: | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| package-name: ${{ github.repository }} | |
| keep-last: 10 |