171 lines
5.5 KiB
YAML
171 lines
5.5 KiB
YAML
name: Podman Build And Publish
|
|
description: Build and optionally push OCI images with Podman to registry.noctrl.eu.
|
|
|
|
inputs:
|
|
image-name:
|
|
description: Repository/image name path, for example noctrl/gitea-runner
|
|
required: true
|
|
registry-username:
|
|
description: Registry username for login.
|
|
required: true
|
|
registry-password:
|
|
description: Registry password for login.
|
|
required: true
|
|
tags:
|
|
description: |
|
|
Tags to apply and push. Supports newline, comma, or space separated values.
|
|
Example: "latest\nsha-abc123"
|
|
required: false
|
|
default: latest
|
|
context:
|
|
description: Build context path.
|
|
required: false
|
|
default: .
|
|
containerfile:
|
|
description: Containerfile or Dockerfile path.
|
|
required: false
|
|
default: Containerfile
|
|
build-args:
|
|
description: |
|
|
Optional build args as newline-separated KEY=VALUE entries.
|
|
Example: "ACT_RUNNER_VERSION=0.2.11"
|
|
required: false
|
|
default: ""
|
|
push:
|
|
description: |
|
|
Whether to push tags to the registry after build.
|
|
Set to "false" for build-only verification workflows.
|
|
required: false
|
|
default: "true"
|
|
|
|
runs:
|
|
using: composite
|
|
steps:
|
|
- id: initialize
|
|
shell: bash
|
|
run: |
|
|
set -euo pipefail
|
|
|
|
rm -rf "${RUNNER_TEMP}/podman-root" "${RUNNER_TEMP}/podman-runroot"
|
|
mkdir -p "${RUNNER_TEMP}/podman-root" "${RUNNER_TEMP}/podman-runroot"
|
|
|
|
podman_base_args=(
|
|
--root "${RUNNER_TEMP}/podman-root"
|
|
--runroot "${RUNNER_TEMP}/podman-runroot"
|
|
)
|
|
|
|
selected_driver="vfs"
|
|
selected_storage_opt=""
|
|
|
|
# Prefer overlay with fuse-overlayfs when available and functional.
|
|
if [[ -c /dev/fuse ]] && command -v fuse-overlayfs >/dev/null 2>&1; then
|
|
fuse_path="$(command -v fuse-overlayfs)"
|
|
candidate_storage_opt="overlay.mount_program=${fuse_path}"
|
|
if podman "${podman_base_args[@]}" --storage-driver overlay --storage-opt "${candidate_storage_opt}" info >/dev/null 2>&1; then
|
|
selected_driver="overlay"
|
|
selected_storage_opt="${candidate_storage_opt}"
|
|
echo "Using overlay storage driver with fuse-overlayfs (${fuse_path})."
|
|
else
|
|
echo "overlay+fuse-overlayfs probe failed; falling back to vfs."
|
|
fi
|
|
else
|
|
echo "overlay+fuse prerequisites missing; using vfs."
|
|
fi
|
|
|
|
echo "PODMAN_STORAGE_DRIVER=${selected_driver}" >> "${GITHUB_ENV}"
|
|
echo "PODMAN_STORAGE_OPT=${selected_storage_opt}" >> "${GITHUB_ENV}"
|
|
|
|
# Validate tags early so failures are caught before build starts
|
|
mapfile -t tags < <(printf '%s\n' "${{ inputs.tags }}" | tr ', ' '\n\n' | sed '/^$/d')
|
|
if [[ ${#tags[@]} -eq 0 ]]; then
|
|
echo "ERROR: no tags resolved from inputs.tags" >&2
|
|
exit 1
|
|
fi
|
|
|
|
- id: login
|
|
shell: bash
|
|
run: |
|
|
set -euo pipefail
|
|
|
|
: "${PODMAN_STORAGE_DRIVER:=vfs}"
|
|
: "${PODMAN_STORAGE_OPT:=}"
|
|
|
|
podman_args=(
|
|
--root "${RUNNER_TEMP}/podman-root"
|
|
--runroot "${RUNNER_TEMP}/podman-runroot"
|
|
--storage-driver "${PODMAN_STORAGE_DRIVER}"
|
|
)
|
|
|
|
if [[ -n "${PODMAN_STORAGE_OPT}" ]]; then
|
|
podman_args+=(--storage-opt "${PODMAN_STORAGE_OPT}")
|
|
fi
|
|
|
|
echo "Logging in to registry: registry.noctrl.eu"
|
|
echo "${{ inputs.registry-password }}" | podman "${podman_args[@]}" login registry.noctrl.eu -u "${{ inputs.registry-username }}" --password-stdin
|
|
|
|
- id: build
|
|
shell: bash
|
|
run: |
|
|
set -euo pipefail
|
|
|
|
: "${PODMAN_STORAGE_DRIVER:=vfs}"
|
|
: "${PODMAN_STORAGE_OPT:=}"
|
|
|
|
podman_args=(
|
|
--root "${RUNNER_TEMP}/podman-root"
|
|
--runroot "${RUNNER_TEMP}/podman-runroot"
|
|
--storage-driver "${PODMAN_STORAGE_DRIVER}"
|
|
)
|
|
|
|
if [[ -n "${PODMAN_STORAGE_OPT}" ]]; then
|
|
podman_args+=(--storage-opt "${PODMAN_STORAGE_OPT}")
|
|
fi
|
|
|
|
image_base="registry.noctrl.eu/${{ inputs.image-name }}"
|
|
build_cmd=(podman "${podman_args[@]}" build --isolation chroot -f "${{ inputs.containerfile }}")
|
|
|
|
# Add build args
|
|
while IFS= read -r build_arg; do
|
|
[[ -z "${build_arg}" ]] && continue
|
|
build_cmd+=(--build-arg "${build_arg}")
|
|
done <<< "${{ inputs.build-args }}"
|
|
|
|
# Add tags
|
|
echo "Building image with tags:"
|
|
while IFS= read -r tag; do
|
|
[[ -z "${tag}" ]] && continue
|
|
echo " ${image_base}:${tag}"
|
|
build_cmd+=(-t "${image_base}:${tag}")
|
|
done < <(printf '%s\n' "${{ inputs.tags }}" | tr ', ' '\n\n' | sed '/^$/d')
|
|
|
|
build_cmd+=("${{ inputs.context }}")
|
|
"${build_cmd[@]}"
|
|
|
|
- if: ${{ inputs.push != 'false' }}
|
|
id: push
|
|
shell: bash
|
|
run: |
|
|
set -euo pipefail
|
|
|
|
: "${PODMAN_STORAGE_DRIVER:=vfs}"
|
|
: "${PODMAN_STORAGE_OPT:=}"
|
|
|
|
podman_args=(
|
|
--root "${RUNNER_TEMP}/podman-root"
|
|
--runroot "${RUNNER_TEMP}/podman-runroot"
|
|
--storage-driver "${PODMAN_STORAGE_DRIVER}"
|
|
)
|
|
|
|
if [[ -n "${PODMAN_STORAGE_OPT}" ]]; then
|
|
podman_args+=(--storage-opt "${PODMAN_STORAGE_OPT}")
|
|
fi
|
|
|
|
image_base="registry.noctrl.eu/${{ inputs.image-name }}"
|
|
|
|
echo "Pushing image tags:"
|
|
while IFS= read -r tag; do
|
|
[[ -z "${tag}" ]] && continue
|
|
echo " ${image_base}:${tag}"
|
|
podman "${podman_args[@]}" push "${image_base}:${tag}"
|
|
done < <(printf '%s\n' "${{ inputs.tags }}" | tr ', ' '\n\n' | sed '/^$/d')
|