Hornwitser
402bc210aa
All checks were successful
/ build (push) Successful in 2m28s
Replace Docker buildx based container building with buildah configured for running in a Forgejo runner that's inside a rootless Podman deployment. This also removes kubectl and ansible as my infrastructure is not going to target these technologies for deployment.
43 lines
1.4 KiB
YAML
43 lines
1.4 KiB
YAML
on:
|
|
push:
|
|
env:
|
|
REGISTRY_IMAGE: ${{ vars.REGISTRY }}/${{ github.repository }}:${{ github.ref_name }}
|
|
|
|
jobs:
|
|
build:
|
|
runs-on: debian
|
|
steps:
|
|
-
|
|
name: Install and configure dependencies
|
|
run: |
|
|
apt-get update
|
|
apt-get install -y --no-install-recommends \
|
|
buildah \
|
|
ca-certificates \
|
|
containers-storage \
|
|
crun \
|
|
git \
|
|
netavark \
|
|
;
|
|
shared=/var/lib/shared/storage
|
|
sed /usr/share/containers/storage.conf \
|
|
-e "/^additionalimagestores/a"'\
|
|
'"\"$shared\"" \
|
|
> /etc/containers/storage.conf
|
|
-
|
|
name: Checkout repository
|
|
run: |
|
|
git config --global credential.helper store
|
|
echo "https://runner:${{ secrets.GITHUB_TOKEN }}@$(echo "${{ github.server_url }}" | cut -b 9-)" > ~/.git-credentials
|
|
git clone --branch ${{ github.ref_name }} ${{ github.server_url }}/${{ github.repository }} ${{ github.workspace }}
|
|
-
|
|
name: Authenticate with registry
|
|
run: |
|
|
echo "${{ secrets.REGISTRY_TOKEN }}" | buildah login ${{ vars.REGISTRY }} --username runner --password-stdin
|
|
-
|
|
name: Build and push
|
|
run: |
|
|
export BUILDAH_ISOLATION=chroot
|
|
export _BUILDAH_STARTED_IN_USERNS=""
|
|
${{ github.workspace }}/builder.sh ${{ env.REGISTRY_IMAGE }}
|
|
buildah push ${{ env.REGISTRY_IMAGE }}
|