From ce78f33fe341200a2e9eba277944e2267ef8ef9c Mon Sep 17 00:00:00 2001 From: ver4a Date: Tue, 29 Apr 2025 11:36:54 +0200 Subject: [PATCH 1/2] ci: Remove dnf cache sharing This approach isn't scalable and doesn't fit with upcoming change. It may be replaced by a different mechanism in the future. --- .forgejo/workflows/build-image.yaml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/.forgejo/workflows/build-image.yaml b/.forgejo/workflows/build-image.yaml index d5ffd53..391f16a 100644 --- a/.forgejo/workflows/build-image.yaml +++ b/.forgejo/workflows/build-image.yaml @@ -15,8 +15,6 @@ jobs: -p ${{ secrets.REGISTRY_PASSWORD }} ${{ vars.REGISTRY_DOMAIN }} # base - - run: mkdir cache - - name: 'Build image - onc-kde:main' run: > buildah bud @@ -25,7 +23,6 @@ jobs: --userns=container --security-opt=no-new-privileges --annotation=quay.expires-after= - -v ${{ env.GITHUB_WORKSPACE }}/cache:/var/cache/libdnf5:Z --build-arg REGISTRY_DOMAIN=${{ vars.REGISTRY_DOMAIN }} --build-arg NAMESPACE=${{ vars.NAMESPACE }} @@ -62,7 +59,6 @@ jobs: --userns=container --security-opt=no-new-privileges --annotation=quay.expires-after= - -v ${{ env.GITHUB_WORKSPACE }}/cache:/var/cache/libdnf5:Z --build-arg REGISTRY_DOMAIN=${{ vars.REGISTRY_DOMAIN }} --build-arg NAMESPACE=${{ vars.NAMESPACE }} @@ -99,7 +95,6 @@ jobs: --userns=container --security-opt=no-new-privileges --annotation=quay.expires-after= - -v ${{ env.GITHUB_WORKSPACE }}/cache:/var/cache/libdnf5:Z --build-arg REGISTRY_DOMAIN=${{ vars.REGISTRY_DOMAIN }} --build-arg NAMESPACE=${{ vars.NAMESPACE }} @@ -135,7 +130,6 @@ jobs: --userns=container --security-opt=no-new-privileges --annotation=quay.expires-after= - -v ${{ env.GITHUB_WORKSPACE }}/cache:/var/cache/libdnf5:Z --build-arg REGISTRY_DOMAIN=${{ vars.REGISTRY_DOMAIN }} --build-arg NAMESPACE=${{ vars.NAMESPACE }} From dba72902be476170b1f769ef44b230618d236e66 Mon Sep 17 00:00:00 2001 From: ver4a Date: Tue, 29 Apr 2025 11:51:26 +0200 Subject: [PATCH 2/2] ci: Split each image/layer into a separate job --- .forgejo/workflows/build-image.yaml | 59 ++++++++++++++++++++++++++--- 1 file changed, 54 insertions(+), 5 deletions(-) diff --git a/.forgejo/workflows/build-image.yaml b/.forgejo/workflows/build-image.yaml index 391f16a..d5fbc43 100644 --- a/.forgejo/workflows/build-image.yaml +++ b/.forgejo/workflows/build-image.yaml @@ -4,17 +4,20 @@ on: - cron: '0 5 * * *' jobs: build-kde: + name: 'Build onc-kde:main' runs-on: oci-builder steps: - uses: actions/checkout@v4 - - run: cd ${{ env.GITHUB_WORKSPACE }} + + - run: cd ${{ env.GITHUB_WORKSPACE }} + - name: 'Log in to registry' run: > buildah login -u ${{ vars.REGISTRY_USERNAME }} -p ${{ secrets.REGISTRY_PASSWORD }} ${{ vars.REGISTRY_DOMAIN }} - # base + - name: 'Build image - onc-kde:main' run: > buildah bud @@ -50,7 +53,23 @@ jobs: ${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/onc-kde:main.expiring ${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/onc-kde:$(buildah inspect -t image -f '{{ index .OCIv1.Config.Labels "org.opencontainers.image.version" }}' ${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/onc-kde:main) - # base + ver4a's configuration + + build-kde-ver4a: + name: 'Build onc-kde:main-ver4a' + runs-on: oci-builder + needs: 'build-kde' + steps: + - uses: actions/checkout@v4 + + - run: cd ${{ env.GITHUB_WORKSPACE }} + + - name: 'Log in to registry' + run: > + buildah login + -u ${{ vars.REGISTRY_USERNAME }} + -p ${{ secrets.REGISTRY_PASSWORD }} + ${{ vars.REGISTRY_DOMAIN }} + - name: 'Build image - onc-kde:main-ver4a' run: > buildah bud @@ -86,7 +105,23 @@ jobs: ${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/onc-kde:main-ver4a.expiring ${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/onc-kde:$(buildah inspect -t image -f '{{ index .OCIv1.Config.Labels "org.opencontainers.image.version" }}' ${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/onc-kde:main-ver4a)-ver4a - # base + nvidia + + build-kde-nvidia: + name: 'Build onc-kde:main-nvidia' + runs-on: oci-builder + needs: 'build-kde' + steps: + - uses: actions/checkout@v4 + + - run: cd ${{ env.GITHUB_WORKSPACE }} + + - name: 'Log in to registry' + run: > + buildah login + -u ${{ vars.REGISTRY_USERNAME }} + -p ${{ secrets.REGISTRY_PASSWORD }} + ${{ vars.REGISTRY_DOMAIN }} + - name: 'Build image - onc-kde:main-nvidia' run: > buildah bud @@ -121,7 +156,21 @@ jobs: --compression-level=${{ vars.COMPRESSION_LEVEL }} ${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/onc-kde:main-nvidia.expiring ${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/onc-kde:$(buildah inspect -t image -f '{{ index .OCIv1.Config.Labels "org.opencontainers.image.version" }}' ${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/onc-kde:main-nvidia)-nvidia - # base + nvidia + ver4a's configuration + + + build-kde-nvidia-ver4a: + name: 'Build onc-kde:main-nvidia-ver4a' + runs-on: oci-builder + needs: 'build-kde-nvidia' + steps: + - uses: actions/checkout@v4 + - run: cd ${{ env.GITHUB_WORKSPACE }} + - name: 'Log in to registry' + run: > + buildah login + -u ${{ vars.REGISTRY_USERNAME }} + -p ${{ secrets.REGISTRY_PASSWORD }} + ${{ vars.REGISTRY_DOMAIN }} - name: 'Build image - onc-kde:main-nvidia-ver4a' run: > buildah bud