podman manifest action

2026-05-26 19:25:25 +02:00
parent b0ceee7e9b
commit 316a41d231
3 changed files with 107 additions and 53 deletions
@@ -0,0 +1,87 @@
+name: Podman Manifest Publish
+description: Create and push OCI multi-arch manifests with Podman to registry.noctrl.eu.
+
+inputs:
+  image-name:
+    description: Repository/image name path, for example noctrl/gitea-runner
+    required: true
+  manifest-tag:
+    description: Final manifest tag to publish, for example v1.2.3
+    required: true
+  source-tags:
+    description: |
+      Source image tags to include in the manifest.
+      Supports newline, comma, or space separated values.
+      Example: "v1.2.3-tmp-123-amd64\nv1.2.3-tmp-123-arm64"
+    required: true
+  registry-username:
+    description: Registry username for login.
+    required: true
+  registry-password:
+    description: Registry password for login.
+    required: true
+
+runs:
+  using: composite
+  steps:
+    - id: initialize
+      shell: bash
+      run: |
+        set -euo pipefail
+
+        rm -rf "${RUNNER_TEMP}/podman-root" "${RUNNER_TEMP}/podman-runroot"
+        mkdir -p "${RUNNER_TEMP}/podman-root" "${RUNNER_TEMP}/podman-runroot"
+
+        mapfile -t source_tags < <(printf '%s\n' "${{ inputs.source-tags }}" | tr ', ' '\n\n' | sed '/^$/d')
+        if [[ ${#source_tags[@]} -eq 0 ]]; then
+          echo "ERROR: no tags resolved from inputs.source-tags" >&2
+          exit 1
+        fi
+
+    - id: login
+      shell: bash
+      run: |
+        set -euo pipefail
+
+        podman_args=(
+          --root "${RUNNER_TEMP}/podman-root"
+          --runroot "${RUNNER_TEMP}/podman-runroot"
+          --storage-driver vfs
+        )
+
+        echo "Logging in to registry: registry.noctrl.eu"
+        echo "${{ inputs.registry-password }}" | podman "${podman_args[@]}" login registry.noctrl.eu -u "${{ inputs.registry-username }}" --password-stdin
+
+    - id: publish-manifest
+      shell: bash
+      run: |
+        set -euo pipefail
+
+        podman_args=(
+          --root "${RUNNER_TEMP}/podman-root"
+          --runroot "${RUNNER_TEMP}/podman-runroot"
+          --storage-driver vfs
+        )
+
+        image_base="registry.noctrl.eu/${{ inputs.image-name }}"
+        target_ref="docker://${image_base}:${{ inputs.manifest-tag }}"
+        manifest_name="manifest-${{ github.run_id }}-${{ github.job }}"
+
+        cleanup() {
+          podman "${podman_args[@]}" manifest rm "${manifest_name}" >/dev/null 2>&1 || true
+        }
+        trap cleanup EXIT
+
+        echo "Creating manifest ${target_ref} from tags:"
+        podman "${podman_args[@]}" manifest create "${manifest_name}"
+
+        while IFS= read -r tag; do
+          [[ -z "${tag}" ]] && continue
+          source_ref="docker://${image_base}:${tag}"
+          echo "  ${source_ref}"
+          podman "${podman_args[@]}" manifest add "${manifest_name}" "${source_ref}"
+        done < <(printf '%s\n' "${{ inputs.source-tags }}" | tr ', ' '\n\n' | sed '/^$/d')
+
+        podman "${podman_args[@]}" manifest push --all "${manifest_name}" "${target_ref}"
+        podman "${podman_args[@]}" manifest rm "${manifest_name}"
+        trap - EXIT