From 0eb6f1d6e71321fd20997f30b79952c1d063dd95 Mon Sep 17 00:00:00 2001
From: suyiiyii <suyiiyii@gmail.com>
Date: Tue, 21 Jan 2025 20:16:01 +0800
Subject: [PATCH] =?UTF-8?q?ci:=20=E6=9B=B4=E6=96=B0=20Docker=20=E9=95=9C?=
 =?UTF-8?q?=E5=83=8F=E6=9E=84=E5=BB=BA=E5=92=8C=E5=8F=91=E5=B8=83=E6=B5=81?=
 =?UTF-8?q?=E7=A8=8B?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- 添加日期和提交 ID 环境变量，用于镜像标签
- 在 Docker 元数据提取步骤中添加标签参数
- 更新 Cosign签名步骤的输出
- 新增在推送事件后自动更新 manifest 分支的步骤
---
 .github/workflows/docker-publish.yml | 30 ++++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)

diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml
index 17a2eea..b535d60 100644
--- a/.github/workflows/docker-publish.yml
+++ b/.github/workflows/docker-publish.yml
@@ -63,6 +63,13 @@ jobs:
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
 
+      - name: Get current date and commit ID
+        id: vars
+        run: |
+          echo "DATE=$(date +'%y%m%d')" >> $GITHUB_ENV
+          echo "COMMIT=$(git rev-parse --short HEAD)" >> $GITHUB_ENV
+          
+
       # Extract metadata (tags, labels) for Docker
       # https://github.com/docker/metadata-action
       - name: Extract Docker metadata
@@ -70,6 +77,7 @@ jobs:
         uses: docker/metadata-action@96383f45573cb7f253c731d3b3ab81c87ef81934 # v5.0.0
         with:
           images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}-${{ matrix.service }}
+          tags: ${{ env.DATE }}-${{ env.COMMIT }}
 
       # Build and push Docker image with Buildx (don't push on PR)
       # https://github.com/docker/build-push-action
@@ -102,6 +110,7 @@ jobs:
         uses: docker/metadata-action@96383f45573cb7f253c731d3b3ab81c87ef81934 # v5.0.0
         with:
           images: ${{ env.REGISTRY2 }}/${{ env.IMAGE_NAME }}-${{ matrix.service }}
+          tags: ${{ env.DATE }}-${{ env.COMMIT }}
 
       # Build and push Docker image with Buildx (don't push on PR)
       # https://github.com/docker/build-push-action
@@ -130,3 +139,24 @@ jobs:
         # This step uses the identity token to provision an ephemeral certificate
         # against the sigstore community Fulcio instance.
         run: echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST}
+
+
+      - name: Checkout manifest
+        if: github.event_name == 'push'
+        uses: actions/checkout@v4
+        with:
+          ref: manifest
+      - name: Update manifest
+        if: github.event_name == 'push'
+        uses: mikefarah/yq@master
+        with:
+          cmd: yq eval '.tag = "${{ steps.meta.outputs.version }}"' -i values.yaml
+      - name: Git Auto Commit
+        if: github.event_name == 'push'
+        uses: stefanzweifel/git-auto-commit-action@v5.0.1
+        with:
+          commit_message: "Update deployment image to ${{ steps.meta.outputs.version }}"
+          branch: manifest
+          commit_user_name: "github-actions[bot]"
+          commit_user_email: "github-actions[bot]@users.noreply.github.com"
+          commit_author: "github-actions[bot] <github-actions[bot]@users.noreply.github.com>"