更新 .github/workflows/buidl_and_push_ghcr.yml
Some checks failed
Docker Image CI / build (push) Failing after 8s
Some checks failed
Docker Image CI / build (push) Failing after 8s
This commit is contained in:
63
.github/workflows/buidl_and_push_ghcr.yml
vendored
63
.github/workflows/buidl_and_push_ghcr.yml
vendored
@@ -1,53 +1,40 @@
|
|||||||
name: Gitea Docker Image CI
|
name: Docker Image CI
|
||||||
run-name: Build and Push to Gitea Registry
|
|
||||||
|
|
||||||
on:
|
on:
|
||||||
workflow_dispatch:
|
|
||||||
push:
|
push:
|
||||||
branches:
|
branches:
|
||||||
- main
|
- main
|
||||||
|
|
||||||
# 关键修正 1:显式声明 Actions Token 的权限
|
|
||||||
# 这会让 Gitea 自动生成的 GITHUB_TOKEN 拥有上传 Package 的能力
|
|
||||||
permissions:
|
|
||||||
packages: write
|
|
||||||
contents: read
|
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
build:
|
build:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
|
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout code
|
- name: Checkout code
|
||||||
uses: actions/checkout@v4
|
uses: actions/checkout@v4
|
||||||
|
|
||||||
- name: Prepare Variables
|
# 设置 Docker Buildx
|
||||||
id: prep
|
- name: Set up Docker Buildx
|
||||||
run: |
|
uses: docker/setup-buildx-action@v3
|
||||||
CLEAN_HOST=$(echo "${{ gitea.server_url }}" | sed 's~http[s]*://~~g')
|
|
||||||
LOWER_REPO=$(echo "${{ gitea.repository }}" | tr '[:upper:]' '[:lower:]')
|
|
||||||
echo "registry_host=$CLEAN_HOST" >> $GITHUB_OUTPUT
|
|
||||||
echo "image_repo=$LOWER_REPO" >> $GITHUB_OUTPUT
|
|
||||||
|
|
||||||
- name: Create Kaniko Credentials
|
# 登录 Gitea 容器镜像库
|
||||||
run: |
|
- name: Log in to Gitea Container Registry
|
||||||
mkdir -p $HOME/.docker
|
uses: docker/login-action@v3
|
||||||
HOST="${{ steps.prep.outputs.registry_host }}"
|
|
||||||
|
|
||||||
# 关键修正 2:回归标准 GITHUB_TOKEN + gitea.actor
|
|
||||||
# 配合上面的 permissions 配置,这是最不会出错的组合
|
|
||||||
echo "{\"auths\":{\"$HOST\":{\"username\":\"${{ "gitea_admin" }}\",\"password\":\"${{ secrets.PACKAGES_TOKEN }}\"}}}" > $HOME/.docker/config.json
|
|
||||||
|
|
||||||
- name: Build and Push with Kaniko
|
|
||||||
uses: docker://gcr.io/kaniko-project/executor:debug
|
|
||||||
env:
|
|
||||||
DOCKER_CONFIG: /github/home/.docker
|
|
||||||
with:
|
with:
|
||||||
args: >-
|
# 您的 Gitea 实例地址,请在 Gitea 仓库的 Secrets 中设置 GITEA_REGISTRY_URL
|
||||||
--context .
|
registry: ${{ secrets.GITEA_REGISTRY_URL }}
|
||||||
--dockerfile ./Dockerfile
|
username: ${{ gitea.actor }}
|
||||||
--destination ${{ steps.prep.outputs.registry_host }}/${{ steps.prep.outputs.image_repo }}:latest
|
# 请在 Gitea 仓库的 Secrets 中创建一个具有包读写权限的 GITEA_TOKEN
|
||||||
--destination ${{ steps.prep.outputs.registry_host }}/${{ steps.prep.outputs.image_repo }}:${{ gitea.sha }}
|
password: ${{ secrets.GITEA_TOKEN }}
|
||||||
--force
|
|
||||||
--cache=true
|
# 构建并推送 Docker 镜像
|
||||||
--insecure
|
- name: Build and push Docker image
|
||||||
--skip-tls-verify
|
run: |
|
||||||
|
# 镜像名格式为:<Gitea 实例地址>/<所有者>/<仓库名>
|
||||||
|
IMAGE_NAME="${{ secrets.GITEA_REGISTRY_URL }}/${{ gitea.repository_owner }}/my-docs"
|
||||||
|
echo "Pushing to: $IMAGE_NAME"
|
||||||
|
docker build . --file Dockerfile \
|
||||||
|
--tag "$IMAGE_NAME:latest" \
|
||||||
|
--tag "$IMAGE_NAME:${{ gitea.sha }}"
|
||||||
|
docker push "$IMAGE_NAME:latest"
|
||||||
|
docker push "$IMAGE_NAME:${{ gitea.sha }}"
|
||||||
|
|||||||
Reference in New Issue
Block a user