ver4a/ostree-native-containers
1
0
Fork 0
Code Activity Actions

ci: Start transitioning to actions
Some checks failed
/ build-kde (push) Failing after 10s
Details

Browse source
This commit is contained in:
ver4a 2025-04-28 12:11:39 +02:00
parent 855d1eabab
commit 8e7f710c08
1 changed files with 22 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

26
.forgejo/workflows/build-image.yaml
View file

@ -8,12 +8,30 @@ jobs:
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
- run: cd ${{ env.GITHUB_WORKSPACE }} - run: cd ${{ env.GITHUB_WORKSPACE }}
- run: podman login -u ${{ vars.REGISTRY_USERNAME }} -p ${{ secrets.REGISTRY_PASSWORD }} ${{ vars.REGISTRY_DOMAIN }} - name: 'Log in to registry'
uses: 'actions/podman-login@v1'
with:
registry: ${{ vars.REGISTRY_DOMAIN }}
username: ${{ vars.REGISTRY_USERNAME }}
password: ${{ secrets.REGISTRY_PASSWORD }}
auth_file_path: '$HOME/.config/containers/auth.json'
# base # base
- run: mkdir cache - run: mkdir cache
# Waits for a CI pull lock to be released before starting a new pull - name: 'Build image'
- run: flock -x /tmp/CI-podman-pull-lock -c 'podman pull quay.io/fedora-ostree-desktops/kinoite:42' uses: 'https://git.uncontrol.me/ver4a-actions/buildah-build@v2-compat'
- run: podman build . -f Dockerfile.kde --userns container --security-opt no-new-privileges --no-cache --pull=never -v ${PWD}/cache:/var/cache/libdnf5:Z --squash --build-arg REGISTRY_DOMAIN=${{ vars.REGISTRY_DOMAIN }} --build-arg NAMESPACE=${{ vars.NAMESPACE }} -t ${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/onc-kde:main --annotation quay.expires-after= with:
tags: '${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/onc-kde:main'
containerfiles: 'Dockerfile.kde'
oci: true
extra-args: |
--userns=container
--security-opt=no-new-privileges
--annotation=quay.expires-after=
-v ${PWD}/cache:/var/cache/libdnf5:Z
build-args: |
REGISTRY_DOMAIN=${{ vars.REGISTRY_DOMAIN }}
NAMESPACE=${{ vars.NAMESPACE }}
# - run: podman build . -f Dockerfile.kde --userns container --security-opt no-new-privileges --no-cache --pull=never -v ${PWD}/cache:/var/cache/libdnf5:Z --squash --build-arg REGISTRY_DOMAIN=${{ vars.REGISTRY_DOMAIN }} --build-arg NAMESPACE=${{ vars.NAMESPACE }} -t ${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/onc-kde:main --annotation quay.expires-after=
- run: podman push --compression-format=zstd --compression-level=${{ vars.COMPRESSION_LEVEL }} ${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/onc-kde:main ${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/onc-kde:main - run: podman push --compression-format=zstd --compression-level=${{ vars.COMPRESSION_LEVEL }} ${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/onc-kde:main ${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/onc-kde:main
- run: podman build -f Dockerfile.scratch --from ${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/onc-kde:main -t ${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/onc-kde:main --label quay.expires-after=4w --annotation quay.expires-after=4w - run: podman build -f Dockerfile.scratch --from ${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/onc-kde:main -t ${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/onc-kde:main --label quay.expires-after=4w --annotation quay.expires-after=4w
- run: podman push --compression-format=zstd --compression-level=${{ vars.COMPRESSION_LEVEL }} ${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/onc-kde:main ${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/onc-kde:$(podman image inspect -f '{{ index .Labels "org.opencontainers.image.version" }}' ${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/onc-kde:main) - run: podman push --compression-format=zstd --compression-level=${{ vars.COMPRESSION_LEVEL }} ${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/onc-kde:main ${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/onc-kde:$(podman image inspect -f '{{ index .Labels "org.opencontainers.image.version" }}' ${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/onc-kde:main)