feat(build): add build-image script and GitHub Actions workflow for container image build and push

.github/workflows/build-image.sh

@@ -0,0 +1,117 @@
+#!/bin/sh
+set -e
+
+# 配置默认值
+REGISTRY="${REGISTRY:-registry.hub.docker.com}"
+REPO_PREFIX="${REPO_PREFIX:-devcm}"
+
+echo "========================================="
+echo "Building Docker Image with Buildah"
+echo "========================================="
+
+# 验证必需的环境变量
+if [ -z "${GIT_TAG}" ]; then
+  echo "Error: GIT_TAG is not set!"
+  exit 1
+fi
+
+if [ -z "${REGISTRY_USERNAME}" ] || [ -z "${REGISTRY_PASSWORD}" ]; then
+  echo "Error: Registry credentials not set!"
+  exit 1
+fi
+
+# 从 GIT_TAG 解析镜像目录和版本
+IMAGE_DIR=$(echo ${GIT_TAG} | rev | cut -d'-' -f2- | rev)
+VERSION=$(echo ${GIT_TAG} | rev | cut -d'-' -f1 | rev)
+
+# 验证解析结果
+if [ -z "${IMAGE_DIR}" ] || [ -z "${VERSION}" ]; then
+  echo "Error: Failed to parse GIT_TAG: ${GIT_TAG}"
+  exit 1
+fi
+
+# 构建路径
+CONTEXT_PATH="images/${IMAGE_DIR}"
+DOCKERFILE_PATH="${CONTEXT_PATH}/Dockerfile"
+
+echo ""
+echo "Build Configuration:"
+echo "  Tag:           ${GIT_TAG}"
+echo "  Image Dir:     ${IMAGE_DIR}"
+echo "  Version:       ${VERSION}"
+echo "  Context:       ${CONTEXT_PATH}"
+echo "  Dockerfile:    ${DOCKERFILE_PATH}"
+echo "  Registry:      ${REGISTRY}"
+echo "  Repository:    ${REGISTRY}/${REPO_PREFIX}/${IMAGE_DIR}"
+echo ""
+
+# 验证 Dockerfile 存在
+if [ ! -f "${DOCKERFILE_PATH}" ]; then
+  echo "Error: Dockerfile not found at ${DOCKERFILE_PATH}"
+  exit 1
+fi
+
+# 登录镜像仓库
+echo "Logging in to registry..."
+buildah login --username "${REGISTRY_USERNAME}" --password "${REGISTRY_PASSWORD}" --tls-verify=false "${REGISTRY}"
+
+# 配置镜像源（如果设置了 IMAGE_MIRROR）
+if [ -n "${IMAGE_MIRROR}" ]; then
+  echo ""
+  echo "Configuring registry mirror: ${IMAGE_MIRROR}"
+  mkdir -p /etc/containers
+  cat > /etc/containers/registries.conf <<EOF
+unqualified-search-registries = ["docker.io"]
+
+[[registry]]
+prefix = "docker.io"
+location = "${IMAGE_MIRROR}"
+insecure = false
+EOF
+fi
+
+# 构建镜像目标
+IMAGE_WITH_VERSION="${REGISTRY}/${REPO_PREFIX}/${IMAGE_DIR}:${VERSION}"
+IMAGE_WITH_LATEST="${REGISTRY}/${REPO_PREFIX}/${IMAGE_DIR}:latest"
+
+echo ""
+echo "Building image..."
+echo "  Version tag: ${IMAGE_WITH_VERSION}"
+echo "  Latest tag:  ${IMAGE_WITH_LATEST}"
+if [ -n "${IMAGE_MIRROR}" ]; then
+  echo "  Image mirror: ${IMAGE_MIRROR}"
+fi
+if [ -n "${APT_MIRROR}" ]; then
+  echo "  APT mirror:   ${APT_MIRROR}"
+fi
+echo ""
+
+# 执行 Buildah 构建
+buildah bud \
+  --format docker \
+  --platform linux/amd64 \
+  --build-arg VERSION="${VERSION}" \
+  --build-arg APT_MIRROR="${APT_MIRROR}" \
+  --tag "${IMAGE_WITH_VERSION}" \
+  --tag "${IMAGE_WITH_LATEST}" \
+  --tls-verify=false \
+  -f "${DOCKERFILE_PATH}" \
+  "${CONTEXT_PATH}"
+
+echo ""
+echo "Pushing images to registry..."
+
+buildah push --tls-verify=false "${IMAGE_WITH_VERSION}"
+echo "  Pushed: ${IMAGE_WITH_VERSION}"
+
+buildah push --tls-verify=false "${IMAGE_WITH_LATEST}"
+echo "  Pushed: ${IMAGE_WITH_LATEST}"
+
+echo ""
+echo "========================================="
+echo "Build Completed Successfully!"
+echo "========================================="
+echo "Published Images:"
+echo "  - ${IMAGE_WITH_VERSION}"
+echo "  - ${IMAGE_WITH_LATEST}"
+echo ""

.github/workflows/build-image.yml

@@ -0,0 +1,32 @@
+name: Build and Push Container Image
+
+on:
+  push:
+    tags:
+      - '*'  # 触发所有 tag 推送
+
+env:
+  REGISTRY: xhj-prod-registry-vpc.cn-hangzhou.cr.aliyuncs.com
+  REPO_PREFIX: xhj-image
+  IMAGE_MIRROR: docker.1ms.run
+  APT_MIRROR: mirrors.aliyun.com
+
+jobs:
+  build-and-push:
+    name: Build and Push Image
+    runs-on: ubuntu-latest
+    container:
+      image: quay.io/buildah/stable:latest
+      options: --privileged
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Build and push image
+        env:
+          DRONE_TAG: ${{ github.ref_name }}
+          REGISTRY_USERNAME: ${{ secrets.REGISTRY_USERNAME }}
+          REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }}
+        run: |
+          sh deploy/build-image.sh

.github/workflows/release.yml

@@ -1,35 +0,0 @@
-name: Release Charts
-
-on:
-  push:
-     tags:        
-      - release-*
-
-jobs:
-  release:
-    permissions:
-      contents: write
-    runs-on: ubuntu-latest
-    steps:
-      - name: Check out the repo
-        uses: actions/checkout@v3
-    
-      - name: Log in to Docker Hub
-        uses: docker/login-action@v2
-        with:
-          username: ${{ secrets.DOCKERHUB_USERNAME }} 
-          password: ${{ secrets.DOCKERHUB_TOKEN }}
-        
-      - name: Extract metadata (tags, labels) for Docker
-        id: meta
-        uses: docker/metadata-action@v3
-        with:
-          images: devcm/
-        
-      - name: Build and push Docker image
-        uses: docker/build-push-action@v4
-        with:
-          context: .
-          push: true
-          tags: ${{ steps.meta.outputs.tags }}
-          labels: ${{ steps.meta.outputs.labels }}

README.md

@@ -1,6 +1,2 @@
-## images
+## Devcm images
 https://hub.docker.com/u/devcm
-
-```shell
-docker build --no-cache --platform="linux/amd64" ./ -t ${IMAGE_TAG}:latest -t ${IMAGE_TAG}:${VERSION} --build-arg VERSION="${VERSION}"
-```

images/node-base/Dockerfile

@@ -1,11 +0,0 @@
-# node 业务基础镜像
-FROM node:20.17.0-slim
-
-RUN echo "Asia/Shanghai" > /etc/timezone
-RUN echo "ZONE=Asia/Shanghai" >> /etc/timezone && rm -f /etc/localtime && ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
-
-RUN apt-get update && apt-get install -y curl git vim
-
-RUN npm config set registry https://registry.npmmirror.com
-
-RUN npm i pnpm -g

images/node-puppeteer/Dockerfile

@@ -1,21 +0,0 @@
-# node 爬虫镜像
-FROM node:18.16.1-slim
-
-RUN echo "Asia/Shanghai" > /etc/timezone
-RUN echo "ZONE=Asia/Shanghai" >> /etc/timezone && rm -f /etc/localtime && ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
-
-# 更新apt源
-COPY sources.list /etc/apt/sources.list
-
-RUN apt-get update
-
-# 补全chrome依赖
-RUN apt install ca-certificates fonts-liberation libasound2 libatk-bridge2.0-0 libatk1.0-0 libc6 libcairo2 libcups2 libdbus-1-3 libexpat1 libfontconfig1 libgbm1 libgcc1 libglib2.0-0 libgtk-3-0 libnspr4 libnss3 libpango-1.0-0 libpangocairo-1.0-0 libstdc++6 libx11-6 libx11-xcb1 libxcb1 libxcomposite1 libxcursor1 libxdamage1 libxext6 libxfixes3 libxi6 libxrandr2 libxrender1 libxss1 libxtst6 lsb-release wget xdg-utils -y
-
-RUN apt install curl -y
-
-# 更新npm源
-RUN npm config set registry https://registry.npmmirror.com
-
-# 安装pnpm
-RUN npm i pnpm -g

images/node-puppeteer/sources.list

@@ -1,15 +0,0 @@
-# 默认注释了源码镜像以提高 apt update 速度，如有需要可自行取消注释
-deb https://mirrors.aliyun.com/debian/ bookworm main contrib non-free non-free-firmware
-# deb-src https://mirrors.aliyun.com/debian/ bookworm main contrib non-free non-free-firmware
-
-deb https://mirrors.aliyun.com/debian/ bookworm-updates main contrib non-free non-free-firmware
-# deb-src https://mirrors.aliyun.com/debian/ bookworm-updates main contrib non-free non-free-firmware
-
-deb https://mirrors.aliyun.com/debian/ bookworm-backports main contrib non-free non-free-firmware
-# deb-src https://mirrors.aliyun.com/debian/ bookworm-backports main contrib non-free non-free-firmware
-
-deb https://mirrors.aliyun.com/debian-security bookworm-security main contrib non-free non-free-firmware
-# deb-src https://mirrors.aliyun.com/debian-security bookworm-security main contrib non-free non-free-firmware
-
-# deb https://security.debian.org/debian-security bookworm-security main contrib non-free non-free-firmware
-# # deb-src https://security.debian.org/debian-security bookworm-security main contrib non-free non-free-firmware