diff --git a/.forgejo/workflows/build-image.yaml b/.forgejo/workflows/build-image.yaml index ab35662..6cd36ab 100644 --- a/.forgejo/workflows/build-image.yaml +++ b/.forgejo/workflows/build-image.yaml @@ -16,35 +16,31 @@ jobs: uses: 'actions/checkout@v4' - name: 'Build image' - uses: 'https://git.uncontrol.me/ver4a-actions/buildah-build@v2-compat' - with: - image: 'registry.uncontrol.me/ver4a/oci-builder' - tags: 'ci-dev' - context: 'oci-builder' - containerfiles: 'oci-builder/Containerfile' - oci: true - extra-args: | - --userns=container - --security-opt=no-new-privileges - --annotation=quay.expires-after= - build-args: | - REGISTRY_DOMAIN=${{ vars.REGISTRY_DOMAIN }} - NAMESPACE=${{ vars.NAMESPACE }} - GITHUB_RUN_ID=${{ env.GITHUB_RUN_ID }} + run: > + buildah bud + -f oci-builder/Containerfile + -t '${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/oci-builder:ci-dev' + --userns=container + --security-opt=no-new-privileges + --annotation=quay.expires-after= + --build-arg REGISTRY_DOMAIN='${{ vars.REGISTRY_DOMAIN }}' + --build-arg NAMESPACE='${{ vars.NAMESPACE }}' + --build-arg GITHUB_RUN_ID='${{ env.GITHUB_RUN_ID }}' + oci-builder - name: 'Log in to registry' - uses: 'actions/podman-login@v1' - with: - registry: ${{ vars.REGISTRY_DOMAIN }} - username: ${{ vars.REGISTRY_USERNAME }} - password: ${{ secrets.REGISTRY_PASSWORD }} + run: > + buildah login + -u '${{ vars.REGISTRY_USERNAME }}' + -p '${{ secrets.REGISTRY_PASSWORD }}' + '${{ vars.REGISTRY_DOMAIN }}' - name: 'Push :ci-dev to registry' - uses: 'actions/push-to-registry@v2' - with: - image: 'ver4a/oci-builder' - tags: 'ci-dev' - registry: 'registry.uncontrol.me' + run: > + buildah push + --compression-format=zstd + --compression-level='${{ vars.COMPRESSION_LEVEL }}' + '${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/oci-builder:ci-dev' test-oci-builder: name: 'Test oci-builder' @@ -59,21 +55,17 @@ jobs: uses: 'actions/checkout@v4' - name: 'Build image' - uses: 'https://git.uncontrol.me/ver4a-actions/buildah-build@v2-compat' - with: - image: 'registry.uncontrol.me/ver4a/oci-builder' - tags: 'throwaway' - context: 'oci-builder' - containerfiles: 'oci-builder/Containerfile' - oci: true - extra-args: | - --userns=container - --security-opt=no-new-privileges - --annotation=quay.expires-after= - build-args: | - REGISTRY_DOMAIN=${{ vars.REGISTRY_DOMAIN }} - NAMESPACE=${{ vars.NAMESPACE }} - GITHUB_RUN_ID=${{ env.GITHUB_RUN_ID }} + run: > + buildah bud + -f oci-builder/Containerfile + -t '${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/oci-builder:throwaway' + --userns=container + --security-opt=no-new-privileges + --annotation=quay.expires-after= + --build-arg REGISTRY_DOMAIN='${{ vars.REGISTRY_DOMAIN }}' + --build-arg NAMESPACE='${{ vars.NAMESPACE }}' + --build-arg GITHUB_RUN_ID='${{ env.GITHUB_RUN_ID }}' + oci-builder release-oci-builder: name: 'Release oci-builder' @@ -85,11 +77,11 @@ jobs: run: 'diff <(echo $GITHUB_RUN_ID) /.github_run_id' - name: 'Log in to registry' - uses: 'actions/podman-login@v1' - with: - registry: '${{ vars.REGISTRY_DOMAIN }}' - username: '${{ vars.REGISTRY_USERNAME }}' - password: '${{ secrets.REGISTRY_PASSWORD }}' + run: > + buildah login + -u '${{ vars.REGISTRY_USERNAME }}' + -p '${{ secrets.REGISTRY_PASSWORD }}' + '${{ vars.REGISTRY_DOMAIN }}' - name: 'Move :ci-dev to :stable' - run: 'skopeo copy docker://registry.uncontrol.me/ver4a/oci-builder:ci-dev docker://registry.uncontrol.me/ver4a/oci-builder:stable' + run: 'skopeo copy docker://${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/oci-builder:ci-dev docker://${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/oci-builder:stable'