name: Backend CI/CD on: push: tags: - "v[0-9]+.[0-9]+.[0-9]+*" paths: - 'backend/**' - '.github/workflows/backend-ci-cd.yml' pull_request: branches: - main paths: - 'backend/**' - '.github/workflows/backend-ci-cd.yml' workflow_dispatch: # 添加手动触发 inputs: build_scanner: description: '是否构建 Scanner 镜像' required: false default: 'false' type: choice options: - 'true' - 'false' env: REGISTRY: chaitin-registry.cn-hangzhou.cr.aliyuncs.com/monkeycode jobs: test: runs-on: ubuntu-latest defaults: run: working-directory: ./backend steps: - name: Checkout code uses: actions/checkout@v4 - name: Set up Go uses: actions/setup-go@v4 with: go-version: '1.25' - name: Download dependencies run: go mod download - name: Generate Swagger.json run: | touch docs/swagger.json build: needs: test runs-on: ubuntu-latest if: github.event_name != 'pull_request' defaults: run: working-directory: ./backend outputs: version: ${{ steps.get_version.outputs.VERSION }} steps: - name: Checkout code uses: actions/checkout@v4 with: submodules: true token: ${{ secrets.PRO_TOKEN }} - name: Get version id: get_version run: | VERSION=${GITHUB_REF#refs/tags/} echo "VERSION=${VERSION}" >> $GITHUB_OUTPUT - name: Get build time id: get_build_time run: | BUILD_TIME=$(date -u +'%Y-%m-%dT%H:%M:%SZ') echo "BUILD_TIME=${BUILD_TIME}" >> $GITHUB_OUTPUT - name: Get git commit id: get_git_commit run: | GIT_COMMIT=$(git rev-parse HEAD) echo "GIT_COMMIT=${GIT_COMMIT}" >> $GITHUB_OUTPUT - name: Prepare assets for all architectures run: | # 创建架构特定的目录 mkdir -p assets-amd64/sgp mkdir -p assets-arm64/sgp mkdir -p assets/vsix mkdir tarballs touch docs/swagger.json # 下载 xdb wget -O pkg/ipdb/ip2region.xdb https://baizhiyun.oss-cn-hangzhou.aliyuncs.com/monkeycode/ip2region.xdb # 下载 VSIX (架构无关) VERSION_NO_V=${{ steps.get_version.outputs.VERSION }} VERSION_NO_V=${VERSION_NO_V#v} wget -O assets/vsix/monkeycode-${VERSION_NO_V}.vsix https://baizhiyun.oss-cn-hangzhou.aliyuncs.com/monkeycode/vsix/monkeycode-${VERSION_NO_V}.vsix # 下载 x86_64 SGP wget -O tarballs/sgp.tgz https://baizhiyun.oss-cn-hangzhou.aliyuncs.com/monkeycode/sgp/x86_64/sgp.tgz tar -xzvf tarballs/sgp.tgz -C assets-amd64 chmod +x assets-amd64/sgp/sgp # 下载 aarch64 SGP wget -O assets-arm64/sgp/sgp https://baizhiyun.oss-cn-hangzhou.aliyuncs.com/monkeycode/sgp/aarch64/sgp wget -O assets-arm64/sgp/sgp-rules https://baizhiyun.oss-cn-hangzhou.aliyuncs.com/monkeycode/sgp/aarch64/sgp-rules chmod +x assets-arm64/sgp/sgp - name: Set up QEMU uses: docker/setup-qemu-action@v3 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: Login to Aliyun Container Registry uses: docker/login-action@v3 with: registry: ${{ env.REGISTRY }} username: ${{ secrets.CT_ALIYUN_USER }} password: ${{ secrets.CT_ALIYUN_PASS }} - name: Build and push multi-arch backend image uses: docker/build-push-action@v5 with: context: ./backend file: ./backend/build/Dockerfile platforms: linux/amd64,linux/arm64 push: true tags: | ${{ env.REGISTRY }}/backend:${{ steps.get_version.outputs.VERSION }} ${{ env.REGISTRY }}/backend:latest build-args: | GOCACHE=/tmp/go-build GOMODCACHE=/tmp/go-mod REPO_COMMIT=${{ github.sha }} VERSION=${{ steps.get_version.outputs.VERSION }} BUILD_TIME=${{ steps.get_build_time.outputs.BUILD_TIME }} GIT_COMMIT=${{ steps.get_git_commit.outputs.GIT_COMMIT }} cache-from: type=gha cache-to: type=gha,mode=max - name: Build and push multi-arch scanner image if: github.event.inputs.build_scanner == 'true' uses: docker/build-push-action@v5 with: context: ./backend file: ./backend/build/Dockerfile.scanner platforms: linux/amd64,linux/arm64 push: true tags: | ${{ env.REGISTRY }}/scanner:${{ steps.get_version.outputs.VERSION }} ${{ env.REGISTRY }}/scanner:latest build-args: | GOCACHE=/tmp/go-build GOMODCACHE=/tmp/go-mod REPO_COMMIT=${{ github.sha }} VERSION=${{ steps.get_version.outputs.VERSION }} BUILD_TIME=${{ steps.get_build_time.outputs.BUILD_TIME }} GIT_COMMIT=${{ steps.get_git_commit.outputs.GIT_COMMIT }} cache-from: type=gha cache-to: type=gha,mode=max