From 97eede39f76a5c5303686135ab1215a08e487435 Mon Sep 17 00:00:00 2001 From: Olof Pettersson Date: Mon, 1 Dec 2025 21:11:56 +0100 Subject: [PATCH] Add bash script instead of inline --- .gitea/workflows/build-and-push.yaml | 46 ---------------------------- .gitea/workflows/publish-image.yaml | 11 ++----- build.sh | 25 +++++++++++++++ 3 files changed, 27 insertions(+), 55 deletions(-) delete mode 100644 .gitea/workflows/build-and-push.yaml create mode 100644 build.sh diff --git a/.gitea/workflows/build-and-push.yaml b/.gitea/workflows/build-and-push.yaml deleted file mode 100644 index a15088e..0000000 --- a/.gitea/workflows/build-and-push.yaml +++ /dev/null @@ -1,46 +0,0 @@ -name: Publish Builder Image -on: - push: - -jobs: - build-and-push: - runs-on: ubuntu-latest - - # 1. Define the container for the ENTIRE job - container: - image: quay.io/buildah/stable - # 2. IMPORTANT: We must pass the privileged flag here for Buildah to work - options: --privileged - - steps: - - name: Checkout - uses: actions/checkout@v3 - - # 3. Now you can use the standard 'run' keyword! - - name: Build and Push - env: - USERNAME: ${{ gitea.actor }} - PASSWORD: ${{ secrets.USER_PACKAGE_PASSWORD }} - REGISTRY: gitea.212.63.210.91.nip.io - IMAGE: ${{ gitea.repository_owner }}/godot-builder - TAG: ${{ gitea.sha }} - run: | - # Now comments are safe because 'run' uses a script file, not a one-liner. - - # 1. Login to the registry - # We use --tls-verify=false for your internal Traefik certs - buildah login -u $USERNAME -p $PASSWORD --tls-verify=false --storage-driver=vfs $REGISTRY - - # 2. Build the image - # Using the 'vfs' driver is slower but more stable for nested containers - buildah build \ - --tls-verify=false \ - --storage-driver=vfs \ - -f Dockerfile \ - -t $REGISTRY/$IMAGE:$TAG \ - -t $REGISTRY/$IMAGE:latest \ - . - - # 3. Push the tags - buildah push --tls-verify=false --storage-driver=vfs $REGISTRY/$IMAGE:$TAG - buildah push --tls-verify=false --storage-driver=vfs $REGISTRY/$IMAGE:latest \ No newline at end of file diff --git a/.gitea/workflows/publish-image.yaml b/.gitea/workflows/publish-image.yaml index 4c3392d..5b42d07 100644 --- a/.gitea/workflows/publish-image.yaml +++ b/.gitea/workflows/publish-image.yaml @@ -20,13 +20,6 @@ jobs: TAG: ${{ gitea.sha }} with: entrypoint: /bin/sh - args: -c " - buildah login -u $USERNAME -p $PASSWORD --tls-verify=false --storage-driver=vfs $REGISTRY && - - buildah build --tls-verify=false --storage-driver=vfs -t $REGISTRY/$IMAGE:$TAG -t $REGISTRY/$IMAGE:latest . && - - buildah push --tls-verify=false --storage-driver=vfs $REGISTRY/$IMAGE:$TAG && - - buildah push --tls-verify=false --storage-driver=vfs $REGISTRY/$IMAGE:latest - " + # We just tell it to run the script we checked out + args: ./build.sh diff --git a/build.sh b/build.sh new file mode 100644 index 0000000..eaf4af1 --- /dev/null +++ b/build.sh @@ -0,0 +1,25 @@ +#!/bin/sh +set -e # Exit immediately if a command fails + +# 1. Login to Gitea Registry +# We use the environment variables passed from the workflow +echo "Logging in to $REGISTRY..." +buildah login -u "$USERNAME" -p "$PASSWORD" --tls-verify=false --storage-driver=vfs "$REGISTRY" + +# 2. Build the Image +# We build both the specific SHA tag and the 'latest' tag +echo "Building image $IMAGE..." +buildah build \ + --tls-verify=false \ + --storage-driver=vfs \ + -f Dockerfile \ + -t "$REGISTRY/$IMAGE:$TAG" \ + -t "$REGISTRY/$IMAGE:latest" \ + . + +# 3. Push the Images +echo "Pushing images..." +buildah push --tls-verify=false --storage-driver=vfs "$REGISTRY/$IMAGE:$TAG" +buildah push --tls-verify=false --storage-driver=vfs "$REGISTRY/$IMAGE:latest" + +echo "Done!" \ No newline at end of file