Build and Push Docker Image #456
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and Push Docker Image | |
| on: | |
| # 手动触发 | |
| workflow_dispatch: | |
| # 每小时检查基础镜像更新 | |
| schedule: | |
| - cron: '0 * * * *' | |
| env: | |
| REGISTRY: docker.io | |
| IMAGE_NAME: jimboo7339/openclaw-python | |
| BASE_IMAGE: ghcr.io/openclaw/openclaw:latest | |
| jobs: | |
| check-and-build: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Restore base image digest cache | |
| id: cache-restore | |
| uses: actions/cache/restore@v3 | |
| with: | |
| path: .last_base_digest | |
| key: base-digest-${{ runner.os }}-v1- | |
| restore-keys: | | |
| base-digest-${{ runner.os }}-v1- | |
| - name: Check base image update | |
| id: check | |
| run: | | |
| # 获取上次记录的 digest | |
| LOCAL_DIGEST="" | |
| if [ -f .last_base_digest ]; then | |
| LOCAL_DIGEST=$(cat .last_base_digest) | |
| fi | |
| echo "Local digest: $LOCAL_DIGEST" | |
| # 获取远程基础镜像的 digest | |
| echo "Checking base image: ${{ env.BASE_IMAGE }}" | |
| docker pull ${{ env.BASE_IMAGE }} >/dev/null 2>&1 || true | |
| REMOTE_DIGEST=$(docker inspect --format='{{index .RepoDigests 0}}' ${{ env.BASE_IMAGE }} 2>/dev/null | cut -d'@' -f2) | |
| # 如果获取失败,使用 manifest 方式 | |
| if [ -z "$REMOTE_DIGEST" ]; then | |
| echo "Trying manifest inspect..." | |
| REMOTE_DIGEST=$(docker manifest inspect ${{ env.BASE_IMAGE }} 2>/dev/null | sha256sum | awk '{print $1}') | |
| fi | |
| echo "Remote digest: $REMOTE_DIGEST" | |
| echo "base_digest=$REMOTE_DIGEST" >> $GITHUB_OUTPUT | |
| if [ "$LOCAL_DIGEST" = "$REMOTE_DIGEST" ] && [ -n "$LOCAL_DIGEST" ]; then | |
| echo "Base image not changed, skipping build" | |
| echo "changed=false" >> $GITHUB_OUTPUT | |
| else | |
| echo "Base image changed or first run, will build" | |
| echo "changed=true" >> $GITHUB_OUTPUT | |
| # 保存新的 digest | |
| echo "$REMOTE_DIGEST" > .last_base_digest | |
| fi | |
| - name: Save base image digest cache | |
| if: steps.check.outputs.changed == 'true' | |
| uses: actions/cache/save@v3 | |
| with: | |
| path: .last_base_digest | |
| key: base-digest-${{ runner.os }}-v1-${{ steps.check.outputs.base_digest }} | |
| - name: Set up Docker Buildx | |
| if: steps.check.outputs.changed == 'true' | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Log in to Docker Hub | |
| if: steps.check.outputs.changed == 'true' | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - name: Extract metadata | |
| if: steps.check.outputs.changed == 'true' | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | |
| tags: | | |
| type=ref,event=tag | |
| type=schedule,pattern={{date 'YYYYMMDD'}} | |
| type=raw,value=latest,enable={{is_default_branch}} | |
| - name: Build and push Docker image | |
| if: steps.check.outputs.changed == 'true' | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| push: true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| platforms: linux/amd64 | |
| - name: Update Docker Hub README | |
| if: steps.check.outputs.changed == 'true' | |
| uses: peter-evans/dockerhub-description@v3 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| repository: ${{ env.IMAGE_NAME }} | |
| readme-filepath: ./README.md |