From 76043e587bf9a81dcf80d79864bc4bffe201d5cc Mon Sep 17 00:00:00 2001 From: Zhengchen Tao Date: Sat, 2 May 2026 17:08:34 +0800 Subject: [PATCH] =?UTF-8?q?build-image=20workflow=20=E5=8A=A0=20OCI=20?= =?UTF-8?q?=E6=A0=87=E7=AD=BE=E5=AE=9E=E7=8E=B0=E5=8C=85=E4=BB=93=E5=BA=93?= =?UTF-8?q?=E8=87=AA=E5=8A=A8=E5=85=B3=E8=81=94?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 加两个 OCI 标签到镜像 manifest: - org.opencontainers.image.source= Gitea 收包时检测此标签若指向自家 repo URL,自动把包链接到 repo 的 Packages tab,不再需要手动去 "包设置 → 链接仓库" - org.opencontainers.image.revision= 把构建时的源码 commit SHA 烙进 manifest,docker inspect 可反推回 代码版本,配合 image_tag(commit short hash)形成两层冗余 Co-Authored-By: Claude Opus 4.7 (1M context) --- .gitea/workflows/build-image.yml | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/.gitea/workflows/build-image.yml b/.gitea/workflows/build-image.yml index cb389031..9e859a28 100644 --- a/.gitea/workflows/build-image.yml +++ b/.gitea/workflows/build-image.yml @@ -37,7 +37,7 @@ jobs: username: ${{ gitea.actor }} password: ${{ secrets.PACKAGES_TOKEN }} - - name: Determine image tag + - name: Determine image tag and revision id: meta run: | if [ -n "${{ inputs.tag }}" ]; then @@ -46,6 +46,7 @@ jobs: IMAGE_TAG="$(git rev-parse --short HEAD)" fi echo "image_tag=$IMAGE_TAG" >> $GITHUB_OUTPUT + echo "full_sha=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT echo "==> Image tag: $IMAGE_TAG" - name: Build and push @@ -59,6 +60,14 @@ jobs: # CHECK_3RD_API 留空 → 三方 API 测试不跑;想跑设 "1" build-args: | BUILD_PIPELINE=1 + # OCI 标签: + # - source 让 Gitea 收包时自动把镜像关联到对应 repo(不再需要手动去 + # "包设置 → 链接到仓库") + # - revision 把构建时的 commit full SHA 烙进镜像 manifest, + # docker inspect 能反推回源码版本 + labels: | + org.opencontainers.image.source=https://git.zhengchentao.win/dev/ezbookkeeping + org.opencontainers.image.revision=${{ steps.meta.outputs.full_sha }} tags: | git.zhengchentao.win/dev/ezbookkeeping:${{ steps.meta.outputs.image_tag }} git.zhengchentao.win/dev/ezbookkeeping:latest \ No newline at end of file