diff --git a/.forgejo/workflows/build-image.yaml b/.forgejo/workflows/build-image.yaml index 6cd36ab..ab35662 100644 --- a/.forgejo/workflows/build-image.yaml +++ b/.forgejo/workflows/build-image.yaml @@ -16,31 +16,35 @@ jobs: uses: 'actions/checkout@v4' - name: 'Build image' - run: > - buildah bud - -f oci-builder/Containerfile - -t '${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/oci-builder:ci-dev' - --userns=container - --security-opt=no-new-privileges - --annotation=quay.expires-after= - --build-arg REGISTRY_DOMAIN='${{ vars.REGISTRY_DOMAIN }}' - --build-arg NAMESPACE='${{ vars.NAMESPACE }}' - --build-arg GITHUB_RUN_ID='${{ env.GITHUB_RUN_ID }}' - oci-builder + uses: 'https://git.uncontrol.me/ver4a-actions/buildah-build@v2-compat' + with: + image: 'registry.uncontrol.me/ver4a/oci-builder' + tags: 'ci-dev' + context: 'oci-builder' + containerfiles: 'oci-builder/Containerfile' + oci: true + extra-args: | + --userns=container + --security-opt=no-new-privileges + --annotation=quay.expires-after= + build-args: | + REGISTRY_DOMAIN=${{ vars.REGISTRY_DOMAIN }} + NAMESPACE=${{ vars.NAMESPACE }} + GITHUB_RUN_ID=${{ env.GITHUB_RUN_ID }} - name: 'Log in to registry' - run: > - buildah login - -u '${{ vars.REGISTRY_USERNAME }}' - -p '${{ secrets.REGISTRY_PASSWORD }}' - '${{ vars.REGISTRY_DOMAIN }}' + uses: 'actions/podman-login@v1' + with: + registry: ${{ vars.REGISTRY_DOMAIN }} + username: ${{ vars.REGISTRY_USERNAME }} + password: ${{ secrets.REGISTRY_PASSWORD }} - name: 'Push :ci-dev to registry' - run: > - buildah push - --compression-format=zstd - --compression-level='${{ vars.COMPRESSION_LEVEL }}' - '${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/oci-builder:ci-dev' + uses: 'actions/push-to-registry@v2' + with: + image: 'ver4a/oci-builder' + tags: 'ci-dev' + registry: 'registry.uncontrol.me' test-oci-builder: name: 'Test oci-builder' @@ -55,17 +59,21 @@ jobs: uses: 'actions/checkout@v4' - name: 'Build image' - run: > - buildah bud - -f oci-builder/Containerfile - -t '${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/oci-builder:throwaway' - --userns=container - --security-opt=no-new-privileges - --annotation=quay.expires-after= - --build-arg REGISTRY_DOMAIN='${{ vars.REGISTRY_DOMAIN }}' - --build-arg NAMESPACE='${{ vars.NAMESPACE }}' - --build-arg GITHUB_RUN_ID='${{ env.GITHUB_RUN_ID }}' - oci-builder + uses: 'https://git.uncontrol.me/ver4a-actions/buildah-build@v2-compat' + with: + image: 'registry.uncontrol.me/ver4a/oci-builder' + tags: 'throwaway' + context: 'oci-builder' + containerfiles: 'oci-builder/Containerfile' + oci: true + extra-args: | + --userns=container + --security-opt=no-new-privileges + --annotation=quay.expires-after= + build-args: | + REGISTRY_DOMAIN=${{ vars.REGISTRY_DOMAIN }} + NAMESPACE=${{ vars.NAMESPACE }} + GITHUB_RUN_ID=${{ env.GITHUB_RUN_ID }} release-oci-builder: name: 'Release oci-builder' @@ -77,11 +85,11 @@ jobs: run: 'diff <(echo $GITHUB_RUN_ID) /.github_run_id' - name: 'Log in to registry' - run: > - buildah login - -u '${{ vars.REGISTRY_USERNAME }}' - -p '${{ secrets.REGISTRY_PASSWORD }}' - '${{ vars.REGISTRY_DOMAIN }}' + uses: 'actions/podman-login@v1' + with: + registry: '${{ vars.REGISTRY_DOMAIN }}' + username: '${{ vars.REGISTRY_USERNAME }}' + password: '${{ secrets.REGISTRY_PASSWORD }}' - name: 'Move :ci-dev to :stable' - run: 'skopeo copy docker://${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/oci-builder:ci-dev docker://${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/oci-builder:stable' + run: 'skopeo copy docker://registry.uncontrol.me/ver4a/oci-builder:ci-dev docker://registry.uncontrol.me/ver4a/oci-builder:stable'