Refactor GitHub Actions workflow for Docker builds

2026-04-15 13:02:35 +08:00 · 2025-09-10 21:07:18 -06:00 · 2025-09-10 21:07:18 -06:00 · 764e46efe0
commit 764e46efe0
parent a86c49b5ff
1 changed files with 16 additions and 1 deletions
--- a/.github/workflows/build-release.yml
+++ b/.github/workflows/build-release.yml
@ -53,10 +53,12 @@ jobs:
        with:
          fetch-depth: 0
          fetch-tags: true
+
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
        with:
          cleanup: true
+
      - name: Check CR_PAT secret
        id: crpat
        shell: bash
@ -66,6 +68,7 @@ jobs:
          else
            echo "present=false" >> "$GITHUB_OUTPUT"
          fi
+
      - name: Login to GHCR with GITHUB_TOKEN
        if: ${{ steps.crpat.outputs.present == 'false' }}
        uses: docker/login-action@v3
@ -73,6 +76,7 @@ jobs:
          registry: ghcr.io
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}
+
      - name: Login to GHCR with CR_PAT
        if: ${{ steps.crpat.outputs.present == 'true' }}
        uses: docker/login-action@v3
@ -80,6 +84,7 @@ jobs:
          registry: ghcr.io
          username: ${{ github.repository_owner }}
          password: ${{ secrets.CR_PAT }}
+
      - name: Build and Push (GH runner)
        uses: docker/build-push-action@v6
        with:
@ -100,10 +105,12 @@ jobs:
        with:
          fetch-depth: 0
          fetch-tags: true
+
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
        with:
          cleanup: true
+
      - name: Check CR_PAT secret
        id: crpat
        shell: bash
@ -113,6 +120,7 @@ jobs:
          else
            echo "present=false" >> "$GITHUB_OUTPUT"
          fi
+
      - name: Login to GHCR with GITHUB_TOKEN
        if: ${{ steps.crpat.outputs.present == 'false' }}
        uses: docker/login-action@v3
@ -120,6 +128,7 @@ jobs:
          registry: ghcr.io
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}
+
      - name: Login to GHCR with CR_PAT
        if: ${{ steps.crpat.outputs.present == 'true' }}
        uses: docker/login-action@v3
@ -127,6 +136,7 @@ jobs:
          registry: ghcr.io
          username: ${{ github.repository_owner }}
          password: ${{ secrets.CR_PAT }}
+
      - name: Build and Push (self-hosted)
        uses: docker/build-push-action@v6
        with:
@ -140,7 +150,11 @@ jobs:
  publish:
    name: Update Release
    needs: [check-tag, build-gh, build-self]
-    if: needs.build-gh.result == 'success' || needs.build-self.result == 'success'
+    if: |
+      ${{
+        always() &&
+        (needs.build-gh.result == 'success' || needs.build-self.result == 'success')
+      }}
    runs-on: ubuntu-latest
    steps:
      - name: Update GitHub Release (same tag)
@ -160,6 +174,7 @@ jobs:
  finalize:
    name: Finalize Outcome
    needs: [check-tag, build-gh, build-self, publish]
+    if: ${{ always() }}
    runs-on: ubuntu-latest
    steps:
      - name: Fail if both build paths failed