Merge pull request #7 from jim380/jay/refine-build-publish-flow

ci: refine build-publish
jim380 · Jul 13, 2024 · f060dff · f060dff
2 parents ffafe75 + ebf975b
commit f060dff
Showing 1 changed file with 47 additions and 23 deletions.
diff --git a/.github/workflows/build-and-publish.yml b/.github/workflows/build-and-publish.yml
@@ -1,22 +1,30 @@
 name: Build and Publish
 
 on:
-  # run it on push to the default repository branch
   push:
     branches: [main, dev]
-  # run it during pull request
-  pull_request:
-  # Allows you to run this workflow manually from the Actions tab
+    tags:
+      - "v[0-9]+.[0-9]+.[0-9]+"
+      - "v[0-9]+.[0-9]+.[0-9]+-dev.[0-9]+"
+      - "[v]?[0-9]+.[0-9]+.[0-9]+(-rc|-alpha|-beta)?[0-9]*"
   workflow_dispatch:
 
+permissions:
+  contents: read
+  repository-projects: read
+  packages: write
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
 env:
   REGISTRY: ghcr.io
   IMAGE_NAME: ${{ github.repository }}
 
 jobs:
-  docker:
-    name: Build Docker image and push to repositories
-    # run only when code is compiling and tests are passing
+  publish:
+    name: Build and Publish
     runs-on: ubuntu-latest
     permissions:
       contents: read
@@ -25,39 +33,55 @@ jobs:
     # steps to perform in job
     steps:
       - name: Checkout code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
 
-      # setup Docker buld action
       - name: Set up Docker Buildx
         id: buildx
-        uses: docker/setup-buildx-action@v1
+        uses: docker/setup-buildx-action@v3
 
       - name: Login to Github Packages
-        uses: docker/login-action@v1
+        uses: docker/login-action@v3
         with:
           registry: ${{ env.REGISTRY }}
           username: ${{ github.actor }}
-          password: ${{ github.token }}
+          password: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Extract metadata (tags, labels) for Docker
         id: meta
-        uses: docker/metadata-action@v2
+        uses: docker/metadata-action@v5
         with:
           images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
-          tags: |
-            type=semver,pattern=v{{version}}
-            type=sha
-            type=ref,event=branch
-            type=ref,event=pr
-            type=ref,event=tag
+
+      - name: Sanitize GitHub ref name
+        id: sanitize
+        run: echo "::set-output name=ref_name::$(echo ${{ github.ref_name }} | sed 's/[^a-zA-Z0-9_.-]/-/g' | tr '[:upper:]' '[:lower:]')"
+
+      - name: Sanitize repository name
+        id: sanitize_repo
+        run: echo "::set-output name=repo_name::$(echo ${{ github.repository }} | tr '[:upper:]' '[:lower:]')"
 
       - name: Build image and push to GitHub Container Registry
-        uses: docker/build-push-action@v2
+        uses: docker/build-push-action@v5
         with:
-          # Note: tags has to be all lower-case
-          tags: ${{ steps.meta.outputs.tags }}
-          # build on feature branches, push only on master
+          labels: ${{ steps.meta.outputs.labels }}
+          tags: |
+            ${{ env.REGISTRY }}/${{ steps.sanitize_repo.outputs.repo_name }}:${{ steps.sanitize.outputs.ref_name }}
+            ${{ env.REGISTRY }}/${{ steps.sanitize_repo.outputs.repo_name }}:latest
           push: true
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+          outputs: type=image,name=${{ env.REGISTRY }}/${{ steps.sanitize_repo.outputs.repo_name }},name-canonical=true,push=true
 
       - name: Image digest
         run: echo ${{ steps.docker_build.outputs.digest }}
+
+      - name: Create GitHub Release
+        uses: ncipollo/release-action@v1
+        with:
+          allowUpdates: true
+          generateReleaseNotes: true
+          body: ${{ steps.changelog.outputs.clean_changelog }}
+          artifacts: ""