This commit is contained in:
parent
466c9ef7be
commit
a8d4b11132
3 changed files with 73 additions and 45 deletions
|
|
@ -1,56 +1,38 @@
|
|||
on: [push]
|
||||
env:
|
||||
REGISTRY: forgejo.sbox.hornwitser.no
|
||||
REGISTRY_IMAGE: forgejo.sbox.hornwitser.no/furnavia/builder
|
||||
REGISTRY: forge.hornwitser.no
|
||||
REGISTRY_IMAGE: forge.hornwitser.no/furnavia/builder
|
||||
|
||||
jobs:
|
||||
build:
|
||||
runs-on: docker
|
||||
container:
|
||||
image: node:20-bookworm
|
||||
runs-on: alpine
|
||||
steps:
|
||||
-
|
||||
name: Install docker
|
||||
name: Install buildah
|
||||
run: |
|
||||
apt-get update
|
||||
apt-get install -y --no-install-recommends ca-certificates curl git
|
||||
install -m 0755 -d /etc/apt/keyrings
|
||||
curl -sSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc
|
||||
chmod a+r /etc/apt/keyrings/docker.asc
|
||||
echo \
|
||||
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] \
|
||||
https://download.docker.com/linux/debian \
|
||||
bookworm stable" \
|
||||
> /etc/apt/sources.list.d/docker.list
|
||||
apt-get update
|
||||
apt-get install -y --no-install-recommends docker-ce-cli docker-buildx-plugin docker-compose-plugin
|
||||
apk add buildah
|
||||
-
|
||||
name: Get image tags
|
||||
name: Compute image tags
|
||||
id: info
|
||||
shell: bash
|
||||
run: |
|
||||
tee -a ${GITHUB_OUTPUT} <<EOF
|
||||
TAGS<<EOT
|
||||
$(
|
||||
echo ${{ env.REGISTRY_IMAGE }}:${{ github.ref_name }}
|
||||
if [[ "${{ github.ref_name }}" =~ ^r[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
|
||||
echo ${{ env.REGISTRY_IMAGE }}:latest
|
||||
elif [[ "${{ github.ref_name }}" == forgejo ]]; then
|
||||
echo ${{ env.REGISTRY_IMAGE }}:development
|
||||
fi
|
||||
)
|
||||
EOT
|
||||
TAGS=${{ env.REGISTRY_IMAGE }}:${{ github.ref_name }}
|
||||
EOF
|
||||
-
|
||||
name: Authenticate
|
||||
uses: docker/login-action@v3
|
||||
with:
|
||||
username: ${{ secrets.REGISTRY_USERNAME }}
|
||||
password: ${{ secrets.REGISTRY_TOKEN }}
|
||||
registry: ${{ env.REGISTRY }}
|
||||
name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
-
|
||||
name: Build and push
|
||||
uses: docker/build-push-action@v6
|
||||
name: Build
|
||||
run: |
|
||||
id
|
||||
$GITHUB_WORKSPACE/builder.sh ${{ steps.info.outputs.TAGS }}
|
||||
-
|
||||
name: Authenticate with registry
|
||||
run: |
|
||||
echo "${{ secrets.REGISTRY_TOKEN }}" | buildah login ${{ env.REGISTRY }} --username "${{ secrets.REGISTRY_USERNAME }}" --password-stdin
|
||||
-
|
||||
name: Push
|
||||
with:
|
||||
push: true
|
||||
tags: ${{ steps.info.outputs.TAGS }}
|
||||
|
|
|
|||
13
Readme.md
13
Readme.md
|
|
@ -4,13 +4,10 @@ Common docker image used for running application builds, CI pipelines, and deplo
|
|||
|
||||
## Tools included
|
||||
|
||||
- `ansible` latest - https://www.ansible.com/
|
||||
- `docker` latest - https://www.docker.com/
|
||||
- `curl` bookworm - https://packages.debian.org/bookworm/curl
|
||||
- `git` bookworm - https://packages.debian.org/bookworm/git
|
||||
- `gpg` bookworm - https://packages.debian.org/bookworm/gpg
|
||||
- `kubectl` v1.30.2 - https://kubectl.docs.kubernetes.io/
|
||||
- `node` v20.x - https://nodejs.org/
|
||||
- `buildah` trixie - https://packages.debian.org/trixie/buildah
|
||||
- `curl` trixie - https://packages.debian.org/trixie/curl
|
||||
- `git` trixie - https://packages.debian.org/trixie/git
|
||||
- `node` v22.15.1 - https://nodejs.org/
|
||||
- `pnpm` v9.5.0 - https://pnpm.io/
|
||||
- `ssh` bookworm - https://packages.debian.org/bookworm/openssh-client
|
||||
- `ssh` trixie - https://packages.debian.org/trixie/openssh-client
|
||||
- `yq` v4.44.2 - https://github.com/mikefarah/yq
|
||||
|
|
|
|||
49
builder.sh
Executable file
49
builder.sh
Executable file
|
|
@ -0,0 +1,49 @@
|
|||
#!/usr/bin/env bash
|
||||
set -x
|
||||
|
||||
YQ_VERSION=v4.44.2
|
||||
NODE_VERSION=22.15.1
|
||||
PNPM_VERSION=v9.5.0
|
||||
NODE_VERSION=22.x
|
||||
|
||||
ctr=$(buildah from "docker.io/library/debian:trixie-20250428")
|
||||
#mnt=$(buildah mount $ctr)
|
||||
|
||||
buildah run $ctr -- apt-get install -y --no-install-recommends \
|
||||
buildah \
|
||||
curl \
|
||||
git \
|
||||
openssh-client \
|
||||
;
|
||||
#ca-certificates \
|
||||
#gpg \
|
||||
|
||||
# yq https://github.com/mikefarah/yq?tab=readme-ov-file#install
|
||||
buildah run $ctr -- sh -c 'curl --silent --location "https://github.com/mikefarah/yq/releases/download/$YQ_VERSION/yq_linux_amd64.tar.gz" \
|
||||
| tar --extract --gzip --to-stdout ./yq_linux_amd64 \
|
||||
| install --owner=root --group=root --mode=0755 /dev/stdin $mnt/usr/local/bin/yq \
|
||||
;'
|
||||
|
||||
# node https://github.com/nodesource/distributions?tab=readme-ov-file#using-debian-as-root-nodejs-22
|
||||
buildah run $ctr -- sh -c 'curl --silent --location "https://deb.nodesource.com/setup_$NODE_VERSION" | bash'
|
||||
buildah run $ctr -- apt-get install -y --no-install-recommends nodejs
|
||||
# pnpm https://nodejs.org/api/corepack.html#upgrading-the-global-versions
|
||||
buildah run $ctr -- corepack install --global pnpm@$PNPM_VERSION
|
||||
buildah run $ctr -- corepack enable pnpm
|
||||
# Clear caches
|
||||
buildah run $ctr rm -rf /var/lib/apt/lists/*
|
||||
|
||||
buildah commit --rm $ctr $1
|
||||
if [[ $2 ]]; do
|
||||
builda tag "$@"
|
||||
fi
|
||||
|
||||
for image in "$@"; do
|
||||
buildah push $image
|
||||
done
|
||||
|
||||
# apt-get install -y --no-install-recommends \
|
||||
# ca-certificates \
|
||||
## gpg \
|
||||
# ; \
|
||||
# rm -rf /var/lib/apt/lists/*
|
||||
Loading…
Add table
Add a link
Reference in a new issue