.github/workflows/docker.yml

name: Publish Docker Image

on:
  workflow_dispatch:
  push:
    branches:
      - master

# 仅取消针对当前工作流正在进行的作业或运行
concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true

jobs:
  test:
    name: Test
    runs-on: ubuntu-latest
    timeout-minutes: 10
    steps:
      - uses: actions/checkout@v4
      - name: Setup pnpm
        uses: pnpm/action-setup@v4
        with:
          version: "latest"
      - name: Setup Node.js@lts environment
        uses: actions/setup-node@v4
        with:
          node-version: "lts/*"
          cache: "pnpm"
      - name: Cache Dependency
        uses: actions/cache@v4
        with:
          path: |
            ~/.npm
            ~/.yarn
            ~/.cache/pnpm
            ~/cache
            !~/cache/exclude
            **/node_modules
          key: pnpm-${{ runner.os }}-${{ hashFiles('package.json') }}
          restore-keys: pnpm-${{ runner.os }}
      - run: pnpm i --frozen-lockfile
      - run: pnpm run lint
      - run: pnpm run lint:md
      - run: pnpm run build
      - run: pnpm run test
      - run: pnpm run test:e2e
  build:
    needs: test # 等待 test 执行成功
    runs-on: ubuntu-latest
    timeout-minutes: 30
    permissions:
      packages: write
      contents: read
    steps:
      - uses: actions/checkout@v4
        with:
          persist-credentials: false
      - name: Lowercase the repo name
        run: echo "REPO=${GITHUB_REPOSITORY,,}" >>${GITHUB_ENV}
      - name: Get short commit hash
        run: echo "TAG=sha-${GITHUB_SHA::7}" >>${GITHUB_ENV}
      - name: Get git info
        run: |
          chmod +x scripts/git.sh
          scripts/git.sh
      - name: Set up QEMU
        uses: docker/setup-qemu-action@v3
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
      - name: Login to GitHub Container Registry
        uses: docker/login-action@v3
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}
      - name: Login to Docker Hub
        uses: docker/login-action@v3
        with:
          username: ${{ secrets.DOCKER_USERNAME }}
          password: ${{ secrets.DOCKER_PASSWORD }}
      - name: Login to Alibaba Cloud Container Registry
        uses: docker/login-action@v3
        with:
          registry: registry.cn-hangzhou.aliyuncs.com
          username: ${{ secrets.ALIYUN_USERNAME }}
          password: ${{ secrets.ALIYUN_PASSWORD }}
      - name: Extract Docker metadata
        id: metadata
        uses: docker/metadata-action@v5
        with:
          # 发布到 docker.io / ghcr.io / registry.cn-hangzhou.aliyuncs.com
          images: |
            ${{ github.repository }}
            ghcr.io/${{ github.repository }}
            registry.cn-hangzhou.aliyuncs.com/${{ github.repository }}
          tags: |
            type=raw,value=latest,enable=true
            type=raw,value={{date 'YYYY-MM-DD' tz='Asia/Shanghai'}},enable=true
            type=sha,format=short,prefix=sha-,enable=true
          flavor: latest=false
      - name: Build and push Docker images
        uses: docker/build-push-action@v5
        with:
          context: .
          file: ./Dockerfile
          push: true
          tags: ${{ steps.metadata.outputs.tags }}
          labels: ${{ steps.metadata.outputs.labels }}
          platforms: linux/amd64,linux/arm64
          build-args: |
            VITE_BAIDU_STATISTICS=${{ secrets.VITE_BAIDU_STATISTICS }}
            VITE_DOMAIN=${{ secrets.VITE_DOMAIN }}
            VITE_SENTRY_DSN=${{ secrets.VITE_SENTRY_DSN }}
      - name: Docker Hub README & description sync
        uses: meeDamian/sync-readme@v1.0.6
        with:
          user: ${{ secrets.DOCKER_USERNAME }}
          pass: ${{ secrets.DOCKER_PASSWORD }}
          slug: ${{ github.repository }}
          description: "一个支持 Hook 的 RSS 订阅工具。本项目为后端部分。"
      - name: Deploy demo
        run: curl -X GET -L --user ${{ secrets.JENKINS_DEMO_TOKEN }} "${{ secrets.JENKINS_DEMO_URL }}/buildWithParameters?token=${{ secrets.JENKINS_DEMO_JOB_TOKEN }}&DOCKER_IMAGE=registry.cn-hangzhou.aliyuncs.com/${{ env.REPO }}:${{ env.TAG }}"
      - name: Deploy to Jenkins
        run: curl -X GET -L --user ${{ secrets.JENKINS_TOKEN }} "${{ secrets.JENKINS_URL }}/buildWithParameters?token=${{ secrets.JENKINS_JOB_TOKEN }}&DOCKER_IMAGE=registry.cn-hangzhou.aliyuncs.com/${{ env.REPO }}:${{ env.TAG }}"