open-im-server/.github/workflows/docker-build-and-release-services-images.yml
dsx137 de0f1eec8a
ci: action matrix release (#3761)
* ci: serialize release image workflows

* feat(build): add single-service Docker build script

* chore(ci): remove draft release publishing step

# Conflicts:
#	.github/workflows/update-version-file-on-release.yml
2026-07-07 03:27:14 +00:00

155 lines
4.5 KiB
YAML

name: Build and release services Docker Images
on:
push:
branches:
- release-*
workflow_dispatch:
inputs:
tag:
description: "Tag version to be used for Docker image"
required: true
default: "v3.8.3"
workflow_call:
inputs:
tag:
description: "Tag version to be used for Docker image"
required: true
type: string
checkout_sha:
description: "Commit SHA to checkout"
required: true
type: string
checkout_short_sha:
description: "Short commit SHA for image tags"
required: true
type: string
jobs:
services:
runs-on: ubuntu-latest
outputs:
services: ${{ steps.services.outputs.services }}
steps:
- name: Checkout repository
uses: actions/checkout@v7.0.0
with:
ref: ${{ inputs.checkout_sha || inputs.tag || github.event.inputs.tag }}
- name: Resolve service matrix
id: services
run: |
set -euo pipefail
services=$(docker compose -f build/images/openim-server/docker-compose.build.yml config --services | jq -R -s -c 'split("\n") | map(select(length > 0))')
echo "services=$services" >> "$GITHUB_OUTPUT"
build-and-push:
needs: services
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
service: ${{ fromJson(needs.services.outputs.services) }}
permissions:
contents: read
packages: write
steps:
- name: Checkout repository
uses: actions/checkout@v7.0.0
with:
ref: ${{ inputs.checkout_sha || inputs.tag || github.event.inputs.tag }}
- name: Set up QEMU
uses: docker/setup-qemu-action@v4.1.0
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v4.1.0
- name: Log in to Docker Hub
uses: docker/login-action@v4.2.0
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Log in to GitHub Container Registry
uses: docker/login-action@v4.2.0
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Log in to Aliyun Container Registry
uses: docker/login-action@v4.2.0
with:
registry: registry.cn-hangzhou.aliyuncs.com
username: ${{ secrets.ALIREGISTRY_USERNAME }}
password: ${{ secrets.ALIREGISTRY_TOKEN }}
- name: Resolve Docker image tags
id: tags
env:
INPUT_TAG: ${{ inputs.tag || github.event.inputs.tag }}
RELEASE_TAG: ${{ github.event.release.tag_name }}
CHECKOUT_SHORT_SHA: ${{ inputs.checkout_short_sha }}
run: |
set -euo pipefail
tags=()
declare -A seen=()
add_tag() {
local tag="$1"
[[ -n "$tag" ]] || return 0
tag="${tag//\//-}"
if [[ -z "${seen[$tag]+x}" ]]; then
tags+=("$tag")
seen["$tag"]=1
fi
}
add_tag_with_semver_alias() {
local tag="$1"
add_tag "$tag"
if [[ "$tag" =~ ^v([0-9]+\.[0-9]+\.[0-9]+.*)$ ]]; then
add_tag "${BASH_REMATCH[1]}"
add_tag "release-$tag"
fi
}
add_tag_with_semver_alias "${INPUT_TAG:-}"
add_tag_with_semver_alias "${RELEASE_TAG:-}"
if [[ "${GITHUB_EVENT_NAME:-}" == "release" && "${{ github.event.release.prerelease }}" != "true" ]]; then
add_tag "latest"
fi
if [[ "${GITHUB_REF_TYPE:-}" == "tag" ]]; then
add_tag_with_semver_alias "${GITHUB_REF_NAME}"
elif [[ "${GITHUB_REF_TYPE:-}" == "branch" ]]; then
add_tag "${GITHUB_REF_NAME}"
fi
add_tag "sha-${CHECKOUT_SHORT_SHA:-${GITHUB_SHA::7}}"
{
echo "tags<<EOF"
printf '%s\n' "${tags[@]}"
echo "EOF"
} >> "$GITHUB_OUTPUT"
- name: Build and push Docker images
env:
RELEASE: "true"
PUSH: "true"
SERVICE: ${{ matrix.service }}
PLATFORMS: linux/amd64,linux/arm64
IMAGE_TAGS: ${{ steps.tags.outputs.tags }}
IMAGE_REGISTRIES: |
${{ secrets.DOCKER_USERNAME }}
ghcr.io/${{ github.repository_owner }}
registry.cn-hangzhou.aliyuncs.com/openimsdk
run: |
bash build/build_single.sh