diff --git a/.github/workflows/sync-build-release.yml b/.github/workflows/sync-build-release.yml index 50d437c22..b31f95d93 100644 --- a/.github/workflows/sync-build-release.yml +++ b/.github/workflows/sync-build-release.yml @@ -58,12 +58,10 @@ jobs: with: fetch-depth: 0 fetch-tags: true - - name: Set Git Config run: | git config --global user.name "GitHub Actions" git config --global user.email "actions@github.com" - - name: Sync with Upstream (idempotent) run: | set -euo pipefail @@ -80,12 +78,10 @@ jobs: git add README.md git commit -m "Merge upstream/master, keep local README.md" || true git push origin master - - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 with: cleanup: true - - name: Check CR_PAT secret id: crpat shell: bash @@ -95,7 +91,6 @@ jobs: else echo "present=false" >> "$GITHUB_OUTPUT" fi - - name: Login to GHCR with GITHUB_TOKEN if: ${{ steps.crpat.outputs.present == 'false' }} uses: docker/login-action@v3 @@ -103,7 +98,6 @@ jobs: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - - name: Login to GHCR with CR_PAT if: ${{ steps.crpat.outputs.present == 'true' }} uses: docker/login-action@v3 @@ -111,7 +105,6 @@ jobs: registry: ghcr.io username: ${{ github.repository_owner }} password: ${{ secrets.CR_PAT }} - - name: Free disk space (best effort) continue-on-error: true run: | @@ -119,7 +112,6 @@ jobs: sudo rm -rf /usr/local/lib/android || true sudo rm -rf /opt/ghc || true sudo rm -rf /opt/hostedtoolcache/CodeQL || true - - name: Build and Push (GH runner) uses: docker/build-push-action@v6 with: @@ -140,12 +132,10 @@ jobs: with: fetch-depth: 0 fetch-tags: true - - name: Set Git Config run: | git config --global user.name "GitHub Actions" git config --global user.email "actions@github.com" - - name: Sync with Upstream (idempotent) run: | set -euo pipefail @@ -162,12 +152,10 @@ jobs: git add README.md git commit -m "Merge upstream/master, keep local README.md" || true git push origin master - - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 with: cleanup: true - - name: Check CR_PAT secret id: crpat shell: bash @@ -177,7 +165,6 @@ jobs: else echo "present=false" >> "$GITHUB_OUTPUT" fi - - name: Login to GHCR with GITHUB_TOKEN if: ${{ steps.crpat.outputs.present == 'false' }} uses: docker/login-action@v3 @@ -185,7 +172,6 @@ jobs: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - - name: Login to GHCR with CR_PAT if: ${{ steps.crpat.outputs.present == 'true' }} uses: docker/login-action@v3 @@ -193,7 +179,6 @@ jobs: registry: ghcr.io username: ${{ github.repository_owner }} password: ${{ secrets.CR_PAT }} - - name: Build and Push (self-hosted) uses: docker/build-push-action@v6 with: @@ -203,14 +188,12 @@ jobs: tags: | ${{ env.IMAGE_NAME }}:${{ needs.check-upstream.outputs.new_version }} ${{ env.IMAGE_NAME }}:latest - - name: Remove BuildKit image (moby/buildkit) if: ${{ always() }} shell: bash run: | set -euxo pipefail docker image rm -f $(docker images 'moby/buildkit*' -q) 2>/dev/null || true - - name: Cleanup (always, scoped) if: ${{ always() }} run: | @@ -220,7 +203,7 @@ jobs: rm -rf "${GITHUB_WORKSPACE:?}/"* "${GITHUB_WORKSPACE:?}/."[!.]* 2>/dev/null || true publish: - name: Publish Release and Cleanup + name: Publish Release needs: [check-upstream, build-gh, build-self] if: | needs.check-upstream.outputs.new_version != 'none' && @@ -239,26 +222,6 @@ jobs: draft: false prerelease: false - - name: Select package cleanup token - id: pkg_token - shell: bash - run: | - if [ -n "${{ secrets.CR_PAT }}" ]; then - echo "token=${{ secrets.CR_PAT }}" >> "$GITHUB_OUTPUT" - else - echo "token=${{ secrets.GITHUB_TOKEN }}" >> "$GITHUB_OUTPUT" - fi - - - name: Prune untagged GHCR versions (multi-arch safe) - uses: dataaxiom/ghcr-cleanup-action@v1 - with: - token: ${{ steps.pkg_token.outputs.token }} - owner: ${{ github.repository_owner }} - repository: ${{ github.event.repository.name }} - package: comfyui-docker - delete-untagged: true - dry-run: false - finalize: name: Finalize Outcome needs: [check-upstream, build-gh, build-self, publish]