88 lines
2.9 KiB
YAML
88 lines
2.9 KiB
YAML
# yaml-language-server: $schema=https://raw.githubusercontent.com/SchemaStore/schemastore/master/src/schemas/json/github-action.json
|
|
name: "publish-container"
|
|
description: "Publishes a Container to a Gitea-hosted Container registry."
|
|
inputs:
|
|
project:
|
|
description: "Name of the project to containerize eg. fvcomkit"
|
|
required: true
|
|
container-token:
|
|
description: "Token with which to authenticate to the Container registry."
|
|
required: true
|
|
registry:
|
|
description: "Gitea registry domain, e.g. git.oceanbox.io"
|
|
required: true
|
|
default: "git.oceanbox.io"
|
|
registry-owner:
|
|
description: "Registry owner/organization name, e.g. oceanbox."
|
|
required: true
|
|
default: "oceanbox"
|
|
runs:
|
|
using: "composite"
|
|
steps:
|
|
- name: Set image metadata
|
|
id: envvars
|
|
shell: bash
|
|
run: |
|
|
SHA="${{ github.sha }}"
|
|
REPO="${{ github.repository }}"
|
|
# To lowercase
|
|
REPO_NAME="${REPO,,}"
|
|
|
|
if [ "${{ github.ref_type }}" == "tag" ]; then
|
|
IMAGE_TAG="${{ github.ref_name }}"
|
|
ENV="Release"
|
|
else
|
|
IMAGE_TAG="${SHA:0:8}-debug"
|
|
ENV="Debug"
|
|
fi
|
|
|
|
IMAGE_NAME="${{ inputs.registry }}/$REPO_NAME/${{ inputs.project }}:$IMAGE_TAG"
|
|
|
|
echo "IMAGE_TAG=$IMAGE_TAG" >> "$GITHUB_OUTPUT"
|
|
echo "IMAGE_NAME=$IMAGE_NAME" >> "$GITHUB_OUTPUT"
|
|
echo "ENV=$ENV" >> "$GITHUB_OUTPUT"
|
|
- name: Build and push container
|
|
if: github.event_name != 'pull_request'
|
|
shell: bash
|
|
run: |
|
|
# Configure container policy to accept insecure registry
|
|
mkdir -p ~/.config/containers
|
|
echo '{"default":[{"type":"insecureAcceptAnything"}]}' > ~/.config/containers/policy.json
|
|
|
|
# Skopeo temp dirs
|
|
mkdir -p /tmp/skopeo
|
|
chmod 755 /tmp/skopeo || true
|
|
|
|
export TMPDIR=/tmp/skopeo
|
|
export TMP=/tmp/skopeo
|
|
export TEMP=/tmp/skopeo
|
|
export XDG_RUNTIME_DIR=/tmp/skopeo
|
|
|
|
# Login to registry
|
|
skopeo login \
|
|
--username "${{ github.actor }}" \
|
|
--password "${{ inputs.container-token }}" \
|
|
"${{ inputs.REGISTRY }}"
|
|
|
|
# Build container
|
|
nix-build -A containers."${{ inputs.project }}" \
|
|
--argstr env "${{ steps.envvars.outputs.ENV }}"
|
|
|
|
# The Nix build creates a compressed tar.gz file, we need to extract it first
|
|
IMAGE_TAR="$(readlink -f result)"
|
|
cd /tmp/skopeo
|
|
if file "${IMAGE_TAR}" | grep -qi gzip; then
|
|
echo "Detected gzip-compressed image"
|
|
cp "${IMAGE_TAR}" docker-image.tar.gz
|
|
gunzip docker-image.tar.gz
|
|
else
|
|
echo "Detected uncompressed image"
|
|
cp "${IMAGE_TAR}" docker-image.tar
|
|
fi
|
|
|
|
echo "Pushing image: ${{ steps.envvars.outputs.IMAGE_NAME }}"
|
|
skopeo copy \
|
|
--tmpdir /tmp/skopeo \
|
|
docker-archive:/tmp/skopeo/docker-image.tar \
|
|
docker://${{ steps.envvars.outputs.IMAGE_NAME }}
|