ci: 优化 Docker 镜像发布流程并支持 GHCR

- 修改 Docker 镜像发布流程，同时支持 Docker Hub 和 GitHub Container Registry (GHCR) - 更新手动发布和自动发布工作流，增加版本号和标签处理逻辑 - 调整过时问题和 PR 自动管理策略，缩短处理周期 - 在 README 中添加通过 GHCR 拉取镜像的方式
2025-12-26 04:48:05 +08:00 · 2025-05-16 13:55:12 +08:00 · 2025-05-16 13:55:12 +08:00 · af823116b0
commit af823116b0
parent 92dd28c815
5 changed files with 93 additions and 21 deletions
--- a/.github/workflows/Close_Stale_Issues_and_PRs.yaml
+++ b/.github/workflows/Close_Stale_Issues_and_PRs.yaml
@ -1,7 +1,7 @@
 name: "自动管理过时的问题和PR"
 on:
  schedule:
-    - cron: "0 18 * * *"
+    - cron: "0 0 * * 5"

 permissions:
  issues: write
@ -14,21 +14,21 @@ jobs:
      - uses: actions/stale@v9
        with:
          stale-issue-message: |
-            ⚠️ 此 Issue 已超过一定时间未活动，如果没有进一步更新，将在 30 天后关闭。
-            ⚠️ This issue has been inactive for a certain period of time. If there are no further updates, it will be closed in 30 days.
+            ⚠️ 此 Issue 已超过一定时间未活动，如果没有进一步更新，将在 14 天后关闭。
+            ⚠️ This issue has been inactive for a certain period of time. If there are no further updates, it will be closed in 14 days.
          close-issue-message: |
            🔒 由于长时间未响应，此 Issue 已被自动关闭。如有需要，请重新打开或提交新 issue。
            🔒 Due to prolonged inactivity, this issue has been automatically closed. If needed, please reopen it or submit a new issue.
          stale-pr-message: |
-            ⚠️ 此 PR 已超过一定时间未更新，请更新，否则将在 30 天后关闭。
-            ⚠️ This PR has not been updated for a certain period of time. Please update it, otherwise it will be closed in 30 days.
+            ⚠️ 此 PR 已超过一定时间未更新，请更新，否则将在 14 天后关闭。
+            ⚠️ This PR has not been updated for a certain period of time. Please update it, otherwise it will be closed in 14 days.
          close-pr-message: |
            🔒 此 PR 已因无更新而自动关闭。如仍需合并，请重新打开或提交新 PR。
            🔒 This PR has been automatically closed due to inactivity. If you still wish to merge it, please reopen it or submit a new PR.

-          days-before-issue-stale: 60
-          days-before-pr-stale: 60
-          days-before-close: 30
+          days-before-issue-stale: 28
+          days-before-pr-stale: 28
+          days-before-close: 14

          stale-issue-label: "未跟进问题(Stale)"
          close-issue-label: "自动关闭(Close)"
--- a/.github/workflows/Manually_docker_image.yml
+++ b/.github/workflows/Manually_docker_image.yml
@ -2,6 +2,28 @@ name: 构建并发布 Docker 镜像

 on:
  workflow_dispatch:
+    inputs:
+      is_beta:
+        type: boolean
+        required: true
+        description: "开发版"
+        default: true
+      custom_version:
+        type: string
+        required: false
+        description: "版本号"
+        default: ""
+
+permissions:
+  contents: read
+  packages: write
+  attestations: write
+  id-token: write
+
+env:
+  REGISTRY: ghcr.io
+  DOCKER_REPO: ${{ secrets.DOCKERHUB_USERNAME }}/xhs-downloader
+  GHCR_REPO: ghcr.io/${{ secrets.DOCKERHUB_USERNAME }}/xhs-downloader

 jobs:
  publish-docker:
@ -16,10 +38,17 @@ jobs:
      - name: 获取最新的发布标签
        id: get-latest-release
        run: |
-          LATEST_TAG=$(curl -s \
-            -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \
-            https://api.github.com/repos/${{ github.repository }}/releases/latest \
-            | jq -r '.tag_name')
+          if [ -z "${{ github.event.inputs.custom_version }}" ]; then
+            LATEST_TAG=$(curl -s \
+              -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \
+              https://api.github.com/repos/${{ github.repository }}/releases/latest \
+              | jq -r '.tag_name')
+          else
+            LATEST_TAG=${{ github.event.inputs.custom_version }}
+          fi
+          if [ -z "$LATEST_TAG" ]; then
+            exit 1
+          fi
          echo "LATEST_TAG=$LATEST_TAG" >> $GITHUB_ENV

      - name: 设置 QEMU
@ -28,18 +57,37 @@ jobs:
      - name: 设置 Docker Buildx
        uses: docker/setup-buildx-action@v3

-      - name: 登录到 DockerHub
+      - name: 生成标签
+        id: generate-tags
+        run: |
+          if [ "${{ inputs.is_beta }}" == "true" ]; then
+            LATEST_TAG="${LATEST_TAG%.*}.$(( ${LATEST_TAG##*.} + 1 ))"
+            echo "LATEST_TAG=$LATEST_TAG" >> $GITHUB_ENV
+            TAGS="${{ env.DOCKER_REPO }}:${LATEST_TAG}-dev,${{ env.GHCR_REPO }}:${LATEST_TAG}-dev"
+          else
+            TAGS="${{ env.DOCKER_REPO }}:${LATEST_TAG},${{ env.DOCKER_REPO }}:latest,${{ env.GHCR_REPO }}:${LATEST_TAG},${{ env.GHCR_REPO }}:latest"
+          fi
+          echo "TAGS=$TAGS" >> $GITHUB_ENV
+
+      - name: 登录到 Docker Hub
        uses: docker/login-action@v3
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}

-      - name: 构建和推送 Docker 镜像到 Docker Hub
+      - name: 登录到 GitHub Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: 构建和推送 Docker 镜像到 Docker Hub 和 GHCR
        uses: docker/build-push-action@v6
        with:
          context: .
          platforms: linux/amd64,linux/arm64
          push: true
-          tags: |
-            ${{ secrets.DOCKERHUB_USERNAME }}/xhs-downloader:${{ env.LATEST_TAG }}
-            ${{ secrets.DOCKERHUB_USERNAME }}/xhs-downloader:latest
+          tags: ${{ env.TAGS }}
+          provenance: false
+          sbom: false
--- a/.github/workflows/Release_docker_image.yml
+++ b/.github/workflows/Release_docker_image.yml
@ -4,6 +4,17 @@ on:
  release:
    types: [published]

+permissions:
+  contents: read
+  packages: write
+  attestations: write
+  id-token: write
+
+env:
+  REGISTRY: ghcr.io
+  DOCKER_REPO: ${{ secrets.DOCKERHUB_USERNAME }}/xhs-downloader
+  GHCR_REPO: ghcr.io/${{ secrets.DOCKERHUB_USERNAME }}/xhs-downloader
+
 jobs:
  publish-docker:
    runs-on: ubuntu-latest
@ -20,18 +31,29 @@ jobs:
      - name: 设置 Docker Buildx
        uses: docker/setup-buildx-action@v3

-      - name: 登录到 DockerHub
+      - name: 登录到 Docker Hub
        uses: docker/login-action@v3
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}

-      - name: 构建和推送 Docker hub
+      - name: 登录到 GitHub Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: 构建和推送 Docker 镜像到 Docker Hub 和 GHCR
        uses: docker/build-push-action@v6
        with:
          context: .
          platforms: linux/amd64,linux/arm64
          push: true
          tags: |
-            ${{ secrets.DOCKERHUB_USERNAME }}/xhs-downloader:${{ github.event.release.tag_name }}
-            ${{ secrets.DOCKERHUB_USERNAME }}/xhs-downloader:latest
+            ${{ env.DOCKER_REPO }}:${{ github.event.release.tag_name }}
+            ${{ env.DOCKER_REPO }}:latest
+            ${{ env.GHCR_REPO }}:${{ github.event.release.tag_name }}
+            ${{ env.GHCR_REPO }}:latest
+          provenance: false
+          sbom: false
--- a/README.md
+++ b/README.md
@ -84,6 +84,7 @@
 <ul>
 <li>方式一：使用 <code>Dockerfile</code> 文件构建镜像</li>
 <li>方式二：使用 <code>docker pull joeanamier/xhs-downloader</code> 命令拉取镜像</li>
+<li>方式三：使用 <code>docker pull ghcr.io/joeanamier/xhs-downloader</code> 命令拉取镜像</li>
 </ul>
 <li>创建容器</li>
 <ul>
--- a/README_EN.md
+++ b/README_EN.md
@ -85,6 +85,7 @@
 <ul>
 <li>Method 1: Build the image using the <code>Dockerfile</code></li>
 <li>Method 2: Pull the image using the command <code>docker pull joeanamier/xhs-downloader</code></li>
+<li>Method 3: Pull the image using the command <code>docker pull ghcr.io/joeanamier/xhs-downloader</code></li>
 </ul>
 <li>Create Container</li>
 <ul>