From 1e9c3ad37b7dd7d9a5e0701185f244c9b2e0b89e Mon Sep 17 00:00:00 2001
From: coolxitech <admin@kuxi.tech>
Date: Sat, 13 Dec 2025 10:28:57 +0800
Subject: [PATCH] =?UTF-8?q?ci(docker):=20=E9=87=8D=E6=9E=84=E5=A4=9A?=
 =?UTF-8?q?=E6=9E=B6=E6=9E=84=E9=95=9C=E5=83=8F=E6=9E=84=E5=BB=BA=E6=B5=81?=
 =?UTF-8?q?=E7=A8=8B?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- 合并原有分离的 amd64 和 arm64 构建任务为统一的多架构构建任务
- 使用 docker/setup-qemu-action 和 docker/setup-buildx-action 支持多架构构建
- 更新 GitHub Actions 的依赖版本至最新（checkout@v4、login-action@v3、build-push-action@v6）
- 修改平台配置为 linux/amd64,linux/arm64 实现一键双架构构建
- 改用 GITHUB_TOKEN 进行 GHCR 认证，提高安全性
- 优化 Docker Hub 登录逻辑，仅在配置凭据时执行
- 移除手动创建 manifest 步骤，由 build-push-action 自动处理多架构标签
- 增加对 git tag 触发的支持，实现版本化镜像推送
- 添加构建缓存支持以提升后续构建速度
- 更新镜像标签策略，同时推送 latest 和 commit SHA 标签到 GHCR 与 Docker Hub
---
 .github/workflows/ogame-vue-ts.yml | 121 +++++++++--------------------
 1 file changed, 37 insertions(+), 84 deletions(-)

diff --git a/.github/workflows/ogame-vue-ts.yml b/.github/workflows/ogame-vue-ts.yml
index e3225b4..9a8b698 100644
--- a/.github/workflows/ogame-vue-ts.yml
+++ b/.github/workflows/ogame-vue-ts.yml
@@ -1,106 +1,59 @@
-name: 自动化创建Docker镜像
+name: Docker 多架构构建并发布
 
 on:
   push:
-    branches:
-      - main
+    branches: [ main ]
+    tags: [ 'v*.*.*' ]          # 打 tag 时也触发
   workflow_dispatch:
 
+permissions:
+  contents: read
+  packages: write
+
 jobs:
-  build-amd64:
+  build-and-push:
     runs-on: ubuntu-latest
-    permissions:
-      contents: read
-      packages: write
     steps:
-      - name: 检查代码
-        uses: actions/checkout@v2
+      - name: 检出代码
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
 
+      # QEMU 用于支持多架构构建（必须）
+      - name: 设置 QEMU
+        uses: docker/setup-qemu-action@v3
+
+      # Buildx 是目前官方唯一推荐的多架构构建方式
+      - name: 设置 Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      # 登录 GHCR
       - name: 登录 GitHub Container Registry
-        uses: docker/login-action@v2
+        uses: docker/login-action@v3
         with:
           registry: ghcr.io
           username: ${{ github.actor }}
-          password: ${{ secrets.GHCR_TOKEN }}
+          password: ${{ secrets.GITHUB_TOKEN }}   # 强烈建议直接用 GITHUB_TOKEN，不需要手动建 GHCR_TOKEN！
 
+      # 登录 Docker Hub（如果你还要推）
       - name: 登录 Docker Hub
-        uses: docker/login-action@v2
+        if: vars.DOCKERHUB_USERNAME != '' && secrets.DOCKERHUB_TOKEN != ''
+        uses: docker/login-action@v3
         with:
-          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          username: ${{ vars.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}
 
-      - name: 构建并推送 amd64 Docker镜像
-        uses: docker/build-push-action@v3
+      # 真正一键构建 + 推送多架构镜像（amd64 + arm64）
+      - name: 构建并推送多架构镜像
+        uses: docker/build-push-action@v6
         with:
           context: .
-          platforms: linux/amd64
+          platforms: linux/amd64,linux/arm64
           push: true
           tags: |
-            ghcr.io/${{ github.repository_owner }}/ogame-vue-ts:amd64
-            ${{ secrets.DOCKERHUB_USERNAME }}/ogame-vue-ts:amd64
-
-  build-arm64:
-    runs-on: ubuntu-22.04-arm
-    permissions:
-      contents: read
-      packages: write
-    steps:
-      - name: 检查代码
-        uses: actions/checkout@v2
-
-      - name: 登录 GitHub Container Registry
-        uses: docker/login-action@v2
-        with:
-          registry: ghcr.io
-          username: ${{ github.actor }}
-          password: ${{ secrets.GHCR_TOKEN }}
-
-      - name: 登录 Docker Hub
-        uses: docker/login-action@v2
-        with:
-          username: ${{ secrets.DOCKERHUB_USERNAME }}
-          password: ${{ secrets.DOCKERHUB_TOKEN }}
-
-      - name: 构建并推送 arm64 Docker镜像
-        uses: docker/build-push-action@v3
-        with:
-          context: .
-          platforms: linux/arm64
-          push: true
-          tags: |
-            ghcr.io/${{ github.repository_owner }}/ogame-vue-ts:arm64
-            ${{ secrets.DOCKERHUB_USERNAME }}/ogame-vue-ts:arm64
-
-  create-manifest:
-    needs: [build-amd64, build-arm64]
-    runs-on: ubuntu-latest
-    permissions:
-      contents: read
-      packages: write
-    steps:
-      - name: 登录 GitHub Container Registry
-        uses: docker/login-action@v2
-        with:
-          registry: ghcr.io
-          username: ${{ github.actor }}
-          password: ${{ secrets.GHCR_TOKEN }}
-
-      - name: 登录 Docker Hub
-        uses: docker/login-action@v2
-        with:
-          username: ${{ secrets.DOCKERHUB_USERNAME }}
-          password: ${{ secrets.DOCKERHUB_TOKEN }}
-
-      - name: 创建并推送多架构清单
-        run: |
-          # GitHub Container Registry
-          docker manifest create ghcr.io/${{ github.repository_owner }}/ogame-vue-ts:latest \
-            ghcr.io/${{ github.repository_owner }}/ogame-vue-ts:amd64 \
-            ghcr.io/${{ github.repository_owner }}/ogame-vue-ts:arm64
-          docker manifest push ghcr.io/${{ github.repository_owner }}/ogame-vue-ts:latest
-
-          # Docker Hub
-          docker manifest create ${{ secrets.DOCKERHUB_USERNAME }}/ogame-vue-ts:latest \
-            ${{ secrets.DOCKERHUB_USERNAME }}/ogame-vue-ts:amd64 \
-            ${{ secrets.DOCKERHUB_USERNAME }}/ogame-vue-ts:arm64
-          docker manifest push ${{ secrets.DOCKERHUB_USERNAME }}/ogame-vue-ts:latest
\ No newline at end of file
+            ghcr.io/${{ github.repository_owner }}/ogame-vue-ts:latest
+            ghcr.io/${{ github.repository_owner }}/ogame-vue-ts:${{ github.sha }}
+            ${{ vars.DOCKERHUB_USERNAME != '' && format('{0}/ogame-vue-ts:latest', vars.DOCKERHUB_USERNAME) || '' }}
+            ${{ vars.DOCKERHUB_USERNAME != '' && format('{0}/ogame-vue-ts:{1}', vars.DOCKERHUB_USERNAME, github.sha) || '' }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
\ No newline at end of file