From 606b89c99b233426d90d3289418eec0476e5e27f Mon Sep 17 00:00:00 2001 From: infinitycat Date: Sat, 10 May 2025 02:37:46 +0800 Subject: [PATCH] =?UTF-8?q?feat:=20=E9=87=8D=E6=9E=84Docker=E9=95=9C?= =?UTF-8?q?=E5=83=8F=E6=9E=84=E5=BB=BA=E6=B5=81=E7=A8=8B=EF=BC=8C=E6=96=B0?= =?UTF-8?q?=E5=A2=9EAMD64=E5=92=8CARM64=E6=9E=B6=E6=9E=84=E6=94=AF?= =?UTF-8?q?=E6=8C=81=EF=BC=8C=E5=B9=B6=E4=BC=98=E5=8C=96=E5=A4=9A=E6=9E=B6?= =?UTF-8?q?=E6=9E=84=E6=B8=85=E5=8D=95=E5=88=9B=E5=BB=BA=E9=80=BB=E8=BE=91?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/docker-image.yml | 217 +++++++++++++++-------------- 1 file changed, 109 insertions(+), 108 deletions(-) diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-image.yml index a2e4cfc83..ba56b0c24 100644 --- a/.github/workflows/docker-image.yml +++ b/.github/workflows/docker-image.yml @@ -10,50 +10,13 @@ on: - "v*.*.*" - "v*" -env: - REGISTRY_IMAGE: ${{ secrets.DOCKERHUB_USERNAME }}/maibot - jobs: - prepare: + build-amd64: + name: Build AMD64 Image runs-on: ubuntu-latest - outputs: - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} - bake-file: ${{ steps.meta.outputs.bake-file }} + env: + DOCKERHUB_USER: ${{ secrets.DOCKERHUB_USERNAME }} steps: - - name: Checkout code - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - - name: Docker meta - id: meta - uses: docker/metadata-action@v5 - with: - images: ${{ env.REGISTRY_IMAGE }} - tags: | - type=ref,event=branch - type=ref,event=tag - type=semver,pattern={{version}} - type=semver,pattern={{major}}.{{minor}} - type=semver,pattern={{major}} - type=sha - - build: - runs-on: ubuntu-latest - needs: prepare - strategy: - fail-fast: false - matrix: - platform: - - linux/amd64 - - linux/arm64 - steps: - - name: Prepare - run: | - platform=${{ matrix.platform }} - echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV - - name: Checkout code uses: actions/checkout@v4 with: @@ -65,9 +28,6 @@ jobs: - name: Clone lpmm run: git clone https://github.com/MaiM-with-u/MaiMBot-LPMM.git MaiMBot-LPMM - - name: Set up QEMU - uses: docker/setup-qemu-action@v3 - - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 with: @@ -79,50 +39,61 @@ jobs: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - - name: Build and push by digest - id: build + - name: Docker meta + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ secrets.DOCKERHUB_USERNAME }}/maibot + tags: | + type=ref,event=branch + type=ref,event=tag + type=semver,pattern={{version}} + type=semver,pattern={{major}}.{{minor}} + type=semver,pattern={{major}} + type=sha + + - name: Build and Push AMD64 Docker Image uses: docker/build-push-action@v5 with: context: . file: ./Dockerfile - platforms: ${{ matrix.platform }} - labels: ${{ needs.prepare.outputs.labels }} - tags: ${{ env.REGISTRY_IMAGE }} - cache-from: type=registry,ref=${{ env.REGISTRY_IMAGE }}:buildcache-${{ env.PLATFORM_PAIR }} - cache-to: type=registry,ref=${{ env.REGISTRY_IMAGE }}:buildcache-${{ env.PLATFORM_PAIR }},mode=max + platforms: linux/amd64 + tags: ${{ secrets.DOCKERHUB_USERNAME }}/maibot:amd64-${{ github.sha }} + push: true + cache-from: type=registry,ref=${{ secrets.DOCKERHUB_USERNAME }}/maibot:amd64-buildcache + cache-to: type=registry,ref=${{ secrets.DOCKERHUB_USERNAME }}/maibot:amd64-buildcache,mode=max + labels: ${{ steps.meta.outputs.labels }} provenance: true sbom: true build-args: | BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ') VCS_REF=${{ github.sha }} - outputs: type=image,push-by-digest=true,name-canonical=true,push=true + outputs: type=image,push=true - - name: Export digest - run: | - mkdir -p ${{ runner.temp }}/digests - digest="${{ steps.build.outputs.digest }}" - touch "${{ runner.temp }}/digests/${digest#sha256:}" - - - name: Upload digest - uses: actions/upload-artifact@v4 - with: - name: digests-${{ env.PLATFORM_PAIR }} - path: ${{ runner.temp }}/digests/* - if-no-files-found: error - retention-days: 1 - - merge: + build-arm64: + name: Build ARM64 Image runs-on: ubuntu-latest - needs: - - prepare - - build + env: + DOCKERHUB_USER: ${{ secrets.DOCKERHUB_USERNAME }} steps: - - name: Download digests - uses: actions/download-artifact@v4 + - name: Checkout code + uses: actions/checkout@v4 with: - path: ${{ runner.temp }}/digests - pattern: digests-* - merge-multiple: true + fetch-depth: 0 + + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + + - name: Clone maim_message + run: git clone https://github.com/MaiM-with-u/maim_message maim_message + + - name: Clone lpmm + run: git clone https://github.com/MaiM-with-u/MaiMBot-LPMM.git MaiMBot-LPMM + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + with: + buildkitd-flags: --debug - name: Login to Docker Hub uses: docker/login-action@v3 @@ -130,39 +101,69 @@ jobs: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 + - name: Docker meta + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ secrets.DOCKERHUB_USERNAME }}/maibot + tags: | + type=ref,event=branch + type=ref,event=tag + type=semver,pattern={{version}} + type=semver,pattern={{major}}.{{minor}} + type=semver,pattern={{major}} + type=sha - - name: Create manifest list and push - working-directory: ${{ runner.temp }}/digests - run: | - # 确保至少有一个默认标签 - TAGS="-t ${{ env.REGISTRY_IMAGE }}:latest" - - # 如果 meta 输出的标签不为空,则使用它们 - if [ -n "${{ needs.prepare.outputs.tags }}" ]; then - TAGS=$(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "${{ needs.prepare.outputs.tags }}") - fi - - echo "Using tags: ${TAGS}" - docker buildx imagetools create ${TAGS} $(printf '${{ env.REGISTRY_IMAGE }}@sha256:%s ' *) + - name: Build and Push ARM64 Docker Image + uses: docker/build-push-action@v5 + with: + context: . + file: ./Dockerfile + platforms: linux/arm64 + tags: ${{ secrets.DOCKERHUB_USERNAME }}/maibot:arm64-${{ github.sha }} + push: true + cache-from: type=registry,ref=${{ secrets.DOCKERHUB_USERNAME }}/maibot:arm64-buildcache + cache-to: type=registry,ref=${{ secrets.DOCKERHUB_USERNAME }}/maibot:arm64-buildcache,mode=max + labels: ${{ steps.meta.outputs.labels }} + provenance: true + sbom: true + build-args: | + BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ') + VCS_REF=${{ github.sha }} + outputs: type=image,push=true - - name: Inspect image + create-manifest: + name: Create Multi-Arch Manifest + runs-on: ubuntu-latest + needs: + - build-amd64 + - build-arm64 + steps: + - name: Login to Docker Hub + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: Docker meta + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ secrets.DOCKERHUB_USERNAME }}/maibot + tags: | + type=ref,event=branch + type=ref,event=tag + type=semver,pattern={{version}} + type=semver,pattern={{major}}.{{minor}} + type=semver,pattern={{major}} + type=sha + + - name: Create and Push Manifest run: | - # 使用默认标签 - DEFAULT_TAG="${{ env.REGISTRY_IMAGE }}:latest" - - # 尝试从 prepare 输出中获取标签 - if [ -n "${{ needs.prepare.outputs.tags }}" ]; then - TAGS_JSON='${{ needs.prepare.outputs.tags }}' - FIRST_TAG=$(echo $TAGS_JSON | jq -r '.tags[0]') - if [ -n "$FIRST_TAG" ] && [ "$FIRST_TAG" != "null" ]; then - echo "使用从 metadata 获取的标签: $FIRST_TAG" - docker buildx imagetools inspect $FIRST_TAG - exit 0 - fi - fi - - # 如果没有标签或提取失败,使用默认标签 - echo "使用默认标签: $DEFAULT_TAG" - docker buildx imagetools inspect $DEFAULT_TAG \ No newline at end of file + # 为每个标签创建多架构镜像 + for tag in $(echo "${{ steps.meta.outputs.tags }}" | tr '\n' ' '); do + echo "Creating manifest for $tag" + docker buildx imagetools create -t $tag \ + ${{ secrets.DOCKERHUB_USERNAME }}/maibot:amd64-${{ github.sha }} \ + ${{ secrets.DOCKERHUB_USERNAME }}/maibot:arm64-${{ github.sha }} + done \ No newline at end of file