lingyuzeng/rustfs-s3-toolkit
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
952202139bc24be9b96579d7c4fd061990dcb913
rustfs-s3-toolkit/.gitea/workflows/build-and-push.yml
hotwa 952202139b
Some checks failed
Build and Push to ACR / docker (push) Failing after 2s
Details
use buildx host mode
2025-09-30 18:10:46 +08:00

91 lines
3.2 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
name: Build and Push to ACR
on:
push:
branches: [ main ]
release:
types: [ published ]
workflow_dispatch:
inputs:
image_tag:
description: "Tag to push (leave empty to use 'latest')"
required: false
default: ""
jobs:
docker:
runs-on: [buildx] # 你的 runner 标签;如不需要可改成 ubuntu-latest 等
steps:
- name: Checkout
uses: actions/checkout@v3
# 只两级:手动输入 > latest
- name: Resolve TAG
id: meta
env:
INPUT_TAG: ${{ github.event.inputs.image_tag || '' }}
run: |
set -euo pipefail
TAG="${INPUT_TAG:-latest}"
# 规范化,避免无效字符
TAG="$(printf '%s' "$TAG" | tr '[:upper:]' '[:lower:]' | sed -E 's#[^a-z0-9._-]#-#g; s#/+#-#g; s#^[.-]+##; s#[.-]+$##')"
TAG="${TAG:0:128}"
echo "tag=$TAG" >> "$GITHUB_OUTPUT"
echo "Resolved TAG: $TAG"
- name: Login to Aliyun ACR
env:
ACR_REGISTRY: ${{ secrets.ACR_REGISTRY }}
ACR_USERNAME: ${{ secrets.ACR_USERNAME }}
ACR_PASSWORD: ${{ secrets.ACR_PASSWORD }}
run: |
set -euo pipefail
docker logout "$ACR_REGISTRY" || true
echo "$ACR_PASSWORD" | docker login "$ACR_REGISTRY" --username "$ACR_USERNAME" --password-stdin
- name: Build Docker Image (host network; no Dockerfile change)
env:
IMAGE: ${{ secrets.ACR_REGISTRY }}/${{ secrets.ACR_NAMESPACE }}/${{ vars.IMAGE_NAME }}
TAG: ${{ steps.meta.outputs.tag }}
run: |
set -euo pipefail
# 1) 重新创建并启用 buildx builder共享宿主机网络 + 注入代理环境
docker buildx rm ci-builder >/dev/null 2>&1 || true
docker buildx create \
--name ci-builder --use \
--driver docker-container \
--driver-opt network=host \
--driver-opt env.http_proxy=http://127.0.0.1:7890,env.https_proxy=http://127.0.0.1:7890 \
--buildkitd-flags '--allow-insecure-entitlement network.host' \
>/dev/null
# 2) 构建:允许 host 网络,让 RUN 阶段可直接访问 127.0.0.1:7890
# 用 --load 让镜像回到本地 daemon便于下一步 docker push
echo "Building ${IMAGE}:${TAG}"
docker buildx build \
--builder ci-builder \
--network=host \
--progress=plain \
--load \
-t "${IMAGE}:${TAG}" -f docker/Dockerfile .
# 可选main 分支或 release 时也打 latest
if [ "${{ github.event_name }}" = "release" ] || [ "${{ github.ref_name }}" = "main" ]; then
docker tag "${IMAGE}:${TAG}" "${IMAGE}:latest"
fi
- name: Push Docker Image
env:
IMAGE: ${{ secrets.ACR_REGISTRY }}/${{ secrets.ACR_NAMESPACE }}/${{ vars.IMAGE_NAME }}
TAG: ${{ steps.meta.outputs.tag }}
run: |
set -euo pipefail
echo "Pushing ${IMAGE}:${TAG}"
docker push "${IMAGE}:${TAG}"
if docker image inspect "${IMAGE}:latest" > /dev/null 2>&1; then
echo "Pushing ${IMAGE}:latest"
docker push "${IMAGE}:latest"
fi
Reference in New Issue View Git Blame Copy Permalink