ci(release): added rabbitmq building to docker-release.yaml

AH-dark · AH-dark · commit ab1cbe7afb2d · 2023-09-11T01:18:11.000+08:00
diff --git a/.github/workflows/docker-rabbitmq.yaml b/.github/workflows/docker-rabbitmq.yaml
@@ -30,16 +30,6 @@ jobs:
       - name: Checkout repository
         uses: actions/checkout@v3
 
-      - name: Authenticate with Google Cloud
-        id: auth
-        uses: google-github-actions/auth@v1
-        if: github.event_name != 'pull_request'
-        with:
-          token_format: access_token
-          workload_identity_provider: ${{ secrets.GCP_AHDARK_PROVIDER_ID }}
-          service_account: ${{ secrets.GCP_AHDARK_SERVICE_ACCOUNT }}@${{ secrets.GCP_AHDARK_PROJECT_ID }}.iam.gserviceaccount.com
-          access_token_lifetime: 1200s
-
       # Workaround: https://github.com/docker/build-push-action/issues/461
       - name: Setup Docker buildx
         uses: docker/setup-buildx-action@v2
@@ -54,14 +44,6 @@ jobs:
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
 
-      - name: Login to Google Artifact Registry
-        if: github.event_name != 'pull_request'
-        uses: docker/login-action@v2
-        with:
-          registry: ${{ secrets.GCP_AHDARK_REGISTRY_REGION }}-docker.pkg.dev
-          username: oauth2accesstoken
-          password: ${{ steps.auth.outputs.access_token }}
-
       # Extract metadata (tags, labels) for Docker
       # https://github.com/docker/metadata-action
       - name: Extract Docker metadata
@@ -70,7 +52,6 @@ jobs:
         with:
           images: |
             ghcr.io/${{ github.repository }}-rabbitmq
-            ${{ secrets.GCP_AHDARK_REGISTRY_REGION }}-docker.pkg.dev/${{ secrets.GCP_AHDARK_PROJECT_ID }}/${{ secrets.GCP_AHDARK_REGISTRY_ID }}/rabbitmq
 
       # Build and push Docker image with Buildx (don't push on PR)
       # https://github.com/docker/build-push-action
diff --git a/.github/workflows/docker-release.yaml b/.github/workflows/docker-release.yaml
@@ -17,6 +17,7 @@ jobs:
 
     outputs:
       matrix: ${{ steps.set-matrix.outputs.matrix }}
+
     steps:
       - name: Checkout Code
         uses: actions/checkout@v2
@@ -238,3 +239,54 @@ jobs:
           cache-to: type=gha,mode=max
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
+
+  build-rabbitmq:
+    name: Build RabbitMQ
+    runs-on: ubuntu-latest
+
+    env:
+      TZ: Asia/Shanghai
+
+    permissions:
+      contents: 'read'
+      id-token: 'write'
+
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@v2
+
+      - name: Authenticate with Google Cloud
+        id: auth
+        uses: google-github-actions/auth@v1
+        with:
+          token_format: access_token
+          workload_identity_provider: ${{ secrets.GCP_PROVIDER_ID }}
+          service_account: ${{ secrets.GCP_SERVICE_ACCOUNT }}@${{ secrets.GCP_PROJECT_ID }}.iam.gserviceaccount.com
+          access_token_lifetime: 1200s
+
+      - name: Set up Docker BuildX
+        uses: docker/setup-buildx-action@v2
+
+      - name: Login to Artifact Registry
+        uses: docker/login-action@v2
+        with:
+          registry: ${{ secrets.GCP_REGISTRY_REGION }}-docker.pkg.dev
+          username: oauth2accesstoken
+          password: ${{ steps.auth.outputs.access_token }}
+
+      - name: Extract Docker metadata
+        id: meta
+        uses: docker/metadata-action@v4
+        with:
+          images: ${{ secrets.GCP_REGISTRY_REGION }}-docker.pkg.dev/${{ secrets.GCP_PROJECT_ID }}/${{ secrets.GCP_REGISTRY_ID }}/rabbitmq
+
+      - id: docker-push-tagged
+        name: Tag Docker image and push to Google Artifact Registry
+        uses: docker/build-push-action@v4
+        with:
+          context: docker/rabbitmq
+          push: true
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
