From 621379e1b8a5c68acf23420fdb433817aeb4897b Mon Sep 17 00:00:00 2001 From: gitea_admin Date: Thu, 18 Dec 2025 07:21:36 +0000 Subject: [PATCH] =?UTF-8?q?=E6=9B=B4=E6=96=B0=20.github/workflows/buidl=5F?= =?UTF-8?q?and=5Fpush=5Fghcr.yml?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/buidl_and_push_ghcr.yml | 67 +++++++++-------------- 1 file changed, 27 insertions(+), 40 deletions(-) diff --git a/.github/workflows/buidl_and_push_ghcr.yml b/.github/workflows/buidl_and_push_ghcr.yml index 5a24b63..4717b6c 100644 --- a/.github/workflows/buidl_and_push_ghcr.yml +++ b/.github/workflows/buidl_and_push_ghcr.yml @@ -1,53 +1,40 @@ -name: Gitea Docker Image CI -run-name: Build and Push to Gitea Registry +name: Docker Image CI on: - workflow_dispatch: push: branches: - main -# 关键修正 1:显式声明 Actions Token 的权限 -# 这会让 Gitea 自动生成的 GITHUB_TOKEN 拥有上传 Package 的能力 -permissions: - packages: write - contents: read - jobs: build: runs-on: ubuntu-latest + steps: - - name: Checkout code - uses: actions/checkout@v4 + - name: Checkout code + uses: actions/checkout@v4 - - name: Prepare Variables - id: prep - run: | - CLEAN_HOST=$(echo "${{ gitea.server_url }}" | sed 's~http[s]*://~~g') - LOWER_REPO=$(echo "${{ gitea.repository }}" | tr '[:upper:]' '[:lower:]') - echo "registry_host=$CLEAN_HOST" >> $GITHUB_OUTPUT - echo "image_repo=$LOWER_REPO" >> $GITHUB_OUTPUT + # 设置 Docker Buildx + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 - - name: Create Kaniko Credentials - run: | - mkdir -p $HOME/.docker - HOST="${{ steps.prep.outputs.registry_host }}" - - # 关键修正 2:回归标准 GITHUB_TOKEN + gitea.actor - # 配合上面的 permissions 配置,这是最不会出错的组合 - echo "{\"auths\":{\"$HOST\":{\"username\":\"${{ "gitea_admin" }}\",\"password\":\"${{ secrets.PACKAGES_TOKEN }}\"}}}" > $HOME/.docker/config.json + # 登录 Gitea 容器镜像库 + - name: Log in to Gitea Container Registry + uses: docker/login-action@v3 + with: + # 您的 Gitea 实例地址,请在 Gitea 仓库的 Secrets 中设置 GITEA_REGISTRY_URL + registry: ${{ secrets.GITEA_REGISTRY_URL }} + username: ${{ gitea.actor }} + # 请在 Gitea 仓库的 Secrets 中创建一个具有包读写权限的 GITEA_TOKEN + password: ${{ secrets.GITEA_TOKEN }} - - name: Build and Push with Kaniko - uses: docker://gcr.io/kaniko-project/executor:debug - env: - DOCKER_CONFIG: /github/home/.docker - with: - args: >- - --context . - --dockerfile ./Dockerfile - --destination ${{ steps.prep.outputs.registry_host }}/${{ steps.prep.outputs.image_repo }}:latest - --destination ${{ steps.prep.outputs.registry_host }}/${{ steps.prep.outputs.image_repo }}:${{ gitea.sha }} - --force - --cache=true - --insecure - --skip-tls-verify \ No newline at end of file + # 构建并推送 Docker 镜像 + - name: Build and push Docker image + run: | + # 镜像名格式为:/<所有者>/<仓库名> + IMAGE_NAME="${{ secrets.GITEA_REGISTRY_URL }}/${{ gitea.repository_owner }}/my-docs" + echo "Pushing to: $IMAGE_NAME" + docker build . --file Dockerfile \ + --tag "$IMAGE_NAME:latest" \ + --tag "$IMAGE_NAME:${{ gitea.sha }}" + docker push "$IMAGE_NAME:latest" + docker push "$IMAGE_NAME:${{ gitea.sha }}"