huangxiyun
/
ZLKMedia
1
0
フォーク 0
コード 課題 0 プルリクエスト 0 リリース 0 Wiki アクティビティ
選択できるのは25トピックまでです。 トピックは、先頭が英数字で、英数字とダッシュ('-')を使用した35文字以内のものにしてください。
1 コミット
1 ブランチ
21MB
ツリー: 339c93e477
ブランチ タグ
${ item.name }
ブランチ ${ searchTerm } を作成
'339c93e477' から
${ noResults }
ZLKMedia/.github/workflows/docker.yml

87 行
3.1KB
Raw Blame 履歴 

  1. name: Docker

  2. 

  3. on: [push, pull_request]

  4. 

  5. env:

  6.   # Use docker.io for Docker Hub if empty

  7.   REGISTRY: docker.io

  8.   IMAGE_NAME: zlmediakit/zlmediakit

  9. 

  10. jobs:

  11.   build:

  12. 

  13.     runs-on: ubuntu-latest

  14.     permissions:

  15.       contents: read

  16.       packages: write

  17.       # This is used to complete the identity challenge

  18.       # with sigstore/fulcio when running outside of PRs.

  19.       id-token: write

  20. 

  21.     steps:

  22.       - name: Checkout repository

  23.         uses: actions/checkout@v3

  24. 

  25.       - name: 下载submodule源码

  26.         run: mv -f .gitmodules_github .gitmodules && git submodule sync && git submodule update --init

  27. 

  28.       # Install the cosign tool except on PR

  29.       # https://github.com/sigstore/cosign-installer

  30.       - name: Install cosign

  31.         if: github.event_name != 'pull_request'

  32.         uses: sigstore/cosign-installer@d6a3abf1bdea83574e28d40543793018b6035605

  33.         with:

  34.           cosign-release: 'v1.7.1'

  35. 

  36.       - name: Set up QEMU

  37.         uses: docker/setup-qemu-action@v2

  38. 

  39. 

  40.       # Workaround: https://github.com/docker/build-push-action/issues/461

  41.       - name: Setup Docker buildx

  42.         uses: docker/setup-buildx-action@79abd3f86f79a9d68a23c75a09a9a85889262adf

  43. 

  44.       # Login against a Docker registry except on PR

  45.       # https://github.com/docker/login-action

  46.       - name: Log into registry ${{ env.REGISTRY }}

  47.         if: github.event_name != 'pull_request'

  48.         uses: docker/login-action@28218f9b04b4f3f62068d7b6ce6ca5b26e35336c

  49.         with:

  50.           registry: ${{ env.REGISTRY }}

  51.           username: zlmediakit

  52.           password: ${{ secrets.DOCKER_IO_SECRET }}

  53. 

  54.       # Extract metadata (tags, labels) for Docker

  55.       # https://github.com/docker/metadata-action

  56.       - name: Extract Docker metadata

  57.         id: meta

  58.         uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38

  59.         with:

  60.           images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}

  61. 

  62.       # Build and push Docker image with Buildx (don't push on PR)

  63.       # https://github.com/docker/build-push-action

  64.       - name: Build and push Docker image

  65.         id: build-and-push

  66.         uses: docker/build-push-action@ac9327eae2b366085ac7f6a2d02df8aa8ead720a

  67.         with:

  68.           context: .

  69.           push: ${{ github.event_name != 'pull_request' }}

  70.           tags: ${{ steps.meta.outputs.tags }}

  71.           labels: ${{ steps.meta.outputs.labels }}

  72.           build-args: MODEL=Release

  73.           platforms: linux/amd64,linux/arm64

  74. 

  75.       # Sign the resulting Docker image digest except on PRs.

  76.       # This will only write to the public Rekor transparency log when the Docker

  77.       # repository is public to avoid leaking data.  If you would like to publish

  78.       # transparency data even for private images, pass --force to cosign below.

  79.       # https://github.com/sigstore/cosign

  80. #      - name: Sign the published Docker image

  81. #        if: ${{ github.event_name != 'pull_request' }}

  82. #        env:

  83. #          COSIGN_EXPERIMENTAL: "true"

  84. #        # This step uses the identity token to provision an ephemeral certificate

  85. #        # against the sigstore community Fulcio instance.

  86. #        run: cosign sign ${{ steps.meta.outputs.tags }}@${{ steps.build-and-push.outputs.digest }}