refactor(github-actions): 使用yq-action替换直接wget和优化依赖图提交

- 在docker-publish.yml中使用mikefarah/yq-action直接替换繁琐的wget和chmod命令，用于更新manifest。
-通过精确的路径监听在maven.yml中优化依赖图提交动作，以响应pom.xml和src/更改，提高效率。

.github/workflows/docker-publish.yml

@@ -100,14 +100,11 @@ jobs:
         uses: actions/checkout@v4
         with:
           ref: manifest
-
       - name: Update manifest
         if: github.event_name == 'push'
-        run: |
+        uses: mikefarah/yq@master
-          echo "Updating manifest"
+        with:
-          wget https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64 -O /usr/bin/yq
+          cmd: yq eval '.image.tag = "${{ steps.meta.outputs.tags }}"' -i values.yaml
-          chmod +x /usr/bin/yq
-          yq eval '.image.tag = "${{ steps.meta.outputs.tags }}"' -i values.yaml
       - name: Git Auto Commit
         uses: stefanzweifel/git-auto-commit-action@v5.0.1
         with:

.github/workflows/maven.yml

@@ -11,8 +11,14 @@ name: Java CI with Maven
 on:
   push:
     branches: [ "main" ]
+    paths:
+      - 'pom.xml'
+      - 'src/**'
   pull_request:
     branches: [ "main" ]
+    paths:
+      - 'pom.xml'
+      - 'src/**'
 
 jobs:
   build:
@@ -34,5 +40,5 @@ jobs:
 
 
     # Optional: Uploads the full dependency graph to GitHub to improve the quality of Dependabot alerts this repository can receive
-#    - name: Update dependency graph
+    - name: Update dependency graph
-#      uses: advanced-security/maven-dependency-submission-action@571e99aab1055c2e71a1e2309b9691de18d6b7d6
+      uses: advanced-security/maven-dependency-submission-action@571e99aab1055c2e71a1e2309b9691de18d6b7d6