name: CI Workflow on: push: branches: - "*" # 所有分支触发 workflow_dispatch: env: TEST_TAG: ${{ secrets.DOCKERHUB_USERNAME }}/xiaomusic:${{ github.ref_name }} LATEST_TAG: ${{ secrets.DOCKERHUB_USERNAME }}/xiaomusic:latest STABLE_TAG: ${{ secrets.DOCKERHUB_USERNAME }}/xiaomusic:stable permissions: contents: write id-token: write jobs: # Job 构建镜像 build: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Set up QEMU uses: docker/setup-qemu-action@v3 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: Login to Docker Hub uses: docker/login-action@v3 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Build Docker image (linux/amd64) id: build_amd64 uses: docker/build-push-action@v6 with: platforms: linux/amd64 context: . push: false load: true tags: ${{ env.TEST_TAG }}-linux-amd64 cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache-new - name: Build Docker image (linux/arm64) id: build_arm64 uses: docker/build-push-action@v6 with: platforms: linux/arm64 context: . push: false load: true tags: ${{ env.TEST_TAG }}-linux-arm64 cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache-new - name: Build Docker image (linux/arm/v7) id: build_armv7 uses: docker/build-push-action@v6 with: platforms: linux/arm/v7 context: . push: false load: true tags: ${{ env.TEST_TAG }}-linux-arm-v7 cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache-new - name: List Docker images run: docker images - name: Test amd64 image run: | docker run --rm ${{ env.TEST_TAG }}-linux-amd64 /app/.venv/bin/python3 /app/xiaomusic.py -h - name: Test arm64 image run: | docker run --rm ${{ env.TEST_TAG }}-linux-arm64 /app/.venv/bin/python3 /app/xiaomusic.py -h - name: Test armv7 image run: | docker run --rm ${{ env.TEST_TAG }}-linux-arm-v7 /app/.venv/bin/python3 /app/xiaomusic.py -h - name: Docker Hub Description if: github.ref == 'refs/heads/main' uses: peter-evans/dockerhub-description@v4 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} repository: hanxi/xiaomusic # 发布 PyPI 版本 # 仅在 ref 为以 v 开头的标签时执行 - uses: actions/setup-node@v4 if: startsWith(github.ref, 'refs/tags/v') with: registry-url: https://registry.npmjs.org/ node-version: lts/* - run: npx changelogithub if: startsWith(github.ref, 'refs/tags/v') continue-on-error: true env: GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} - uses: pdm-project/setup-pdm@v3 if: startsWith(github.ref, 'refs/tags/v') - name: Publish package distributions to PyPI if: startsWith(github.ref, 'refs/tags/v') run: pdm publish # Job 打包应用, 发布镜像和 Release # 仅在 main 分支或以 v 开头的标签运行 - name: Package /app for amd64 if: github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v') run: | docker run --rm -v $PWD:/workspace ${{ env.TEST_TAG }}-linux-amd64 tar czf /workspace/app-amd64.tar.gz -C / app - name: Package /app (lite) for amd64 if: github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v') run: | docker run --rm -v $PWD:/workspace ${{ env.TEST_TAG }}-linux-amd64 bash -c \ "cd /app && tar --exclude='ffmpeg' -czf /workspace/app-amd64-lite.tar.gz .[!.]* *" - name: Package /app for arm64 if: github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v') run: | docker run --rm -v $PWD:/workspace ${{ env.TEST_TAG }}-linux-arm64 tar czf /workspace/app-arm64.tar.gz -C / app - name: Package /app (lite) for arm64 if: github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v') run: | docker run --rm -v $PWD:/workspace ${{ env.TEST_TAG }}-linux-arm64 bash -c \ "cd /app && tar --exclude='ffmpeg' -czf /workspace/app-arm64-lite.tar.gz .[!.]* *" - name: Package /app for arm/v7 if: github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v') run: | docker run --rm -v $PWD:/workspace ${{ env.TEST_TAG }}-linux-arm-v7 tar czf /workspace/app-arm-v7.tar.gz -C / app - name: Package /app (lite) for arm/v7 if: github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v') run: | docker run --rm -v $PWD:/workspace ${{ env.TEST_TAG }}-linux-arm-v7 bash -c \ "cd /app && tar --exclude='ffmpeg' -czf /workspace/app-arm-v7-lite.tar.gz .[!.]* *" - name: Publish to Docker Hub main if: github.ref == 'refs/heads/main' uses: docker/build-push-action@v6 with: platforms: linux/amd64,linux/arm64,linux/arm/v7 context: . push: true tags: ${{ env.TEST_TAG }} cache-from: type=local,src=/tmp/.buildx-cache-new cache-to: type=local,dest=/tmp/.buildx-cache-new # 仅在 ref 为以 v 开头的标签时执行 - name: Publish to Docker Hub latest and stable if: startsWith(github.ref, 'refs/tags/v') run: | # Define the commands to push latest and stable tags echo "Pushing latest and stable tags..." docker tag ${{ env.TEST_TAG }} ${{ env.LATEST_TAG }} docker tag ${{ env.TEST_TAG }} ${{ env.STABLE_TAG }} docker push ${{ env.LATEST_TAG }} docker push ${{ env.STABLE_TAG }} - name: Move cache to limit growth run: | rm -rf /tmp/.buildx-cache mv /tmp/.buildx-cache-new /tmp/.buildx-cache # 上传文件到 release 页面 - name: Install GitHub CLI if: github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v') run: | sudo apt update sudo apt install -y gh - name: Create or update Release if: github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v') env: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | RELEASE_NAME=${{ github.ref_name }} gh release view "$RELEASE_NAME" > /dev/null 2>&1 if [ $? -ne 0 ]; then gh release create "$RELEASE_NAME" \ ./app-amd64.tar.gz \ ./app-amd64-lite.tar.gz \ ./app-arm64.tar.gz \ ./app-arm64-lite.tar.gz \ ./app-arm-v7.tar.gz \ ./app-arm-v7-lite.tar.gz \ --title "$RELEASE_NAME" \ --notes "Automated release for $RELEASE_NAME" else gh release upload "$RELEASE_NAME" \ ./app-amd64.tar.gz \ ./app-amd64-lite.tar.gz \ ./app-arm64.tar.gz \ ./app-arm64-lite.tar.gz \ ./app-arm-v7.tar.gz \ ./app-arm-v7-lite.tar.gz \ --clobber