124 lines
3.7 KiB
YAML
124 lines
3.7 KiB
YAML
name: Podman Build And Publish
|
|
description: Build and optionally push OCI images with Podman to registry.noctrl.eu.
|
|
|
|
inputs:
|
|
image-name:
|
|
description: Repository/image name path, for example noctrl/gitea-runner
|
|
required: true
|
|
tags:
|
|
description: |
|
|
Tags to apply and push. Supports newline, comma, or space separated values.
|
|
Example: "latest\nsha-abc123"
|
|
required: true
|
|
registry-username:
|
|
description: Registry username for login.
|
|
required: true
|
|
registry-password:
|
|
description: Registry password for login.
|
|
required: true
|
|
context:
|
|
description: Build context path.
|
|
required: false
|
|
default: .
|
|
containerfile:
|
|
description: Containerfile or Dockerfile path.
|
|
required: false
|
|
default: Containerfile
|
|
build-args:
|
|
description: |
|
|
Optional build args as newline-separated KEY=VALUE entries.
|
|
Example: "ACT_RUNNER_VERSION=0.2.11"
|
|
required: false
|
|
default: ""
|
|
push:
|
|
description: |
|
|
Whether to push tags to the registry after build.
|
|
Set to "false" for build-only verification workflows.
|
|
required: false
|
|
default: "true"
|
|
|
|
runs:
|
|
using: composite
|
|
steps:
|
|
- id: initialize
|
|
shell: bash
|
|
run: |
|
|
set -euo pipefail
|
|
|
|
rm -rf "${RUNNER_TEMP}/podman-root" "${RUNNER_TEMP}/podman-runroot"
|
|
mkdir -p "${RUNNER_TEMP}/podman-root" "${RUNNER_TEMP}/podman-runroot"
|
|
|
|
# Validate tags early so failures are caught before build starts
|
|
mapfile -t tags < <(printf '%s\n' "${{ inputs.tags }}" | tr ', ' '\n\n' | sed '/^$/d')
|
|
if [[ ${#tags[@]} -eq 0 ]]; then
|
|
echo "ERROR: no tags resolved from inputs.tags" >&2
|
|
exit 1
|
|
fi
|
|
|
|
- id: login
|
|
if: ${{ inputs.push != 'false' }}
|
|
shell: bash
|
|
run: |
|
|
set -euo pipefail
|
|
|
|
podman_args=(
|
|
--root "${RUNNER_TEMP}/podman-root"
|
|
--runroot "${RUNNER_TEMP}/podman-runroot"
|
|
--storage-driver vfs
|
|
)
|
|
|
|
echo "Logging in to registry: registry.noctrl.eu"
|
|
echo "${{ inputs.registry-password }}" | podman "${podman_args[@]}" login registry.noctrl.eu -u "${{ inputs.registry-username }}" --password-stdin
|
|
|
|
- id: build
|
|
shell: bash
|
|
run: |
|
|
set -euo pipefail
|
|
|
|
podman_args=(
|
|
--root "${RUNNER_TEMP}/podman-root"
|
|
--runroot "${RUNNER_TEMP}/podman-runroot"
|
|
--storage-driver vfs
|
|
)
|
|
|
|
image_base="registry.noctrl.eu/${{ inputs.image-name }}"
|
|
build_cmd=(podman "${podman_args[@]}" build --isolation chroot -f "${{ inputs.containerfile }}")
|
|
|
|
# Add build args
|
|
while IFS= read -r build_arg; do
|
|
[[ -z "${build_arg}" ]] && continue
|
|
build_cmd+=(--build-arg "${build_arg}")
|
|
done <<< "${{ inputs.build-args }}"
|
|
|
|
# Add tags
|
|
echo "Building image with tags:"
|
|
while IFS= read -r tag; do
|
|
[[ -z "${tag}" ]] && continue
|
|
echo " ${image_base}:${tag}"
|
|
build_cmd+=(-t "${image_base}:${tag}")
|
|
done < <(printf '%s\n' "${{ inputs.tags }}" | tr ', ' '\n\n' | sed '/^$/d')
|
|
|
|
build_cmd+=("${{ inputs.context }}")
|
|
"${build_cmd[@]}"
|
|
|
|
- if: ${{ inputs.push != 'false' }}
|
|
id: push
|
|
shell: bash
|
|
run: |
|
|
set -euo pipefail
|
|
|
|
podman_args=(
|
|
--root "${RUNNER_TEMP}/podman-root"
|
|
--runroot "${RUNNER_TEMP}/podman-runroot"
|
|
--storage-driver vfs
|
|
)
|
|
|
|
image_base="registry.noctrl.eu/${{ inputs.image-name }}"
|
|
|
|
echo "Pushing image tags:"
|
|
while IFS= read -r tag; do
|
|
[[ -z "${tag}" ]] && continue
|
|
echo " ${image_base}:${tag}"
|
|
podman "${podman_args[@]}" push "${image_base}:${tag}"
|
|
done < <(printf '%s\n' "${{ inputs.tags }}" | tr ', ' '\n\n' | sed '/^$/d')
|