210 lines
8 KiB
YAML
210 lines
8 KiB
YAML
on:
|
|
push:
|
|
paths:
|
|
- 'containers/**'
|
|
- '.forgejo/workflows/build-image.yaml'
|
|
schedule:
|
|
- cron: '0 5 * * *'
|
|
jobs:
|
|
build-kde:
|
|
name: 'Build onc-kde:main'
|
|
runs-on: oci-builder
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- run: cd ${{ env.GITHUB_WORKSPACE }}
|
|
|
|
- name: 'Log in to registry'
|
|
run: >
|
|
buildah login
|
|
-u ${{ vars.REGISTRY_USERNAME }}
|
|
-p ${{ secrets.REGISTRY_PASSWORD }}
|
|
${{ vars.REGISTRY_DOMAIN }}
|
|
|
|
- name: 'Build image - onc-kde:main'
|
|
run: >
|
|
buildah bud
|
|
-f Dockerfile.kde
|
|
-t ${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/onc-kde:main
|
|
--userns=container
|
|
--security-opt=no-new-privileges
|
|
--annotation=quay.expires-after=
|
|
--build-arg REGISTRY_DOMAIN=${{ vars.REGISTRY_DOMAIN }}
|
|
--build-arg NAMESPACE=${{ vars.NAMESPACE }}
|
|
|
|
- name: 'Push image - onc-kde:main'
|
|
run: >
|
|
buildah push
|
|
--compression-format=zstd
|
|
--compression-level=${{ vars.COMPRESSION_LEVEL }}
|
|
${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/onc-kde:main
|
|
|
|
- name: 'Make expiring image - onc-kde:main'
|
|
run: >
|
|
buildah bud
|
|
-f <(echo FROM scratch)
|
|
--from ${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/onc-kde:main
|
|
-t ${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/onc-kde:main.expiring
|
|
--label quay.expires-after=4w
|
|
--annotation quay.expires-after=4w
|
|
|
|
- name: 'Push dated (expiring) image - onc-kde:main'
|
|
run: >
|
|
buildah push
|
|
--compression-format=zstd
|
|
--compression-level=${{ vars.COMPRESSION_LEVEL }}
|
|
${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/onc-kde:main.expiring
|
|
${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/onc-kde:$(buildah inspect -t image -f '{{ index .OCIv1.Config.Labels "org.opencontainers.image.version" }}' ${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/onc-kde:main)
|
|
|
|
|
|
build-kde-ver4a:
|
|
name: 'Build onc-kde:main-ver4a'
|
|
runs-on: oci-builder
|
|
needs: 'build-kde'
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- run: cd ${{ env.GITHUB_WORKSPACE }}
|
|
|
|
- name: 'Log in to registry'
|
|
run: >
|
|
buildah login
|
|
-u ${{ vars.REGISTRY_USERNAME }}
|
|
-p ${{ secrets.REGISTRY_PASSWORD }}
|
|
${{ vars.REGISTRY_DOMAIN }}
|
|
|
|
- name: 'Build image - onc-kde:main-ver4a'
|
|
run: >
|
|
buildah bud
|
|
-f Dockerfile.kde-ver4a
|
|
-t ${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/onc-kde:main-ver4a
|
|
--userns=container
|
|
--security-opt=no-new-privileges
|
|
--annotation=quay.expires-after=
|
|
--build-arg REGISTRY_DOMAIN=${{ vars.REGISTRY_DOMAIN }}
|
|
--build-arg NAMESPACE=${{ vars.NAMESPACE }}
|
|
|
|
- name: 'Push image - onc-kde:main-ver4a'
|
|
run: >
|
|
buildah push
|
|
--compression-format=zstd
|
|
--compression-level=${{ vars.COMPRESSION_LEVEL }}
|
|
${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/onc-kde:main-ver4a
|
|
|
|
- name: 'Make expiring image - onc-kde:main-ver4a'
|
|
run: >
|
|
buildah bud
|
|
-f <(echo FROM scratch)
|
|
--from ${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/onc-kde:main-ver4a
|
|
-t ${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/onc-kde:main-ver4a.expiring
|
|
--label quay.expires-after=4w
|
|
--annotation quay.expires-after=4w
|
|
|
|
- name: 'Push dated (expiring) image - onc-kde:main-ver4a'
|
|
run: >
|
|
buildah push
|
|
--compression-format=zstd
|
|
--compression-level=${{ vars.COMPRESSION_LEVEL }}
|
|
${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/onc-kde:main-ver4a.expiring
|
|
${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/onc-kde:$(buildah inspect -t image -f '{{ index .OCIv1.Config.Labels "org.opencontainers.image.version" }}' ${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/onc-kde:main-ver4a)-ver4a
|
|
|
|
|
|
build-kde-nvidia:
|
|
name: 'Build onc-kde:main-nvidia'
|
|
runs-on: oci-builder
|
|
needs: 'build-kde'
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- run: cd ${{ env.GITHUB_WORKSPACE }}
|
|
|
|
- name: 'Log in to registry'
|
|
run: >
|
|
buildah login
|
|
-u ${{ vars.REGISTRY_USERNAME }}
|
|
-p ${{ secrets.REGISTRY_PASSWORD }}
|
|
${{ vars.REGISTRY_DOMAIN }}
|
|
|
|
- name: 'Build image - onc-kde:main-nvidia'
|
|
run: >
|
|
buildah bud
|
|
-f Dockerfile.kde-nvidia
|
|
-t ${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/onc-kde:main-nvidia
|
|
--userns=container
|
|
--security-opt=no-new-privileges
|
|
--annotation=quay.expires-after=
|
|
--build-arg REGISTRY_DOMAIN=${{ vars.REGISTRY_DOMAIN }}
|
|
--build-arg NAMESPACE=${{ vars.NAMESPACE }}
|
|
|
|
- name: 'Push image - onc-kde:main-nvidia'
|
|
run: >
|
|
buildah push
|
|
--compression-format=zstd
|
|
--compression-level=${{ vars.COMPRESSION_LEVEL }}
|
|
${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/onc-kde:main-nvidia
|
|
|
|
- name: 'Make expiring image - onc-kde:main-nvidia'
|
|
run: >
|
|
buildah bud
|
|
-f <(echo FROM scratch)
|
|
--from ${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/onc-kde:main-nvidia
|
|
-t ${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/onc-kde:main-nvidia.expiring
|
|
--label quay.expires-after=4w
|
|
--annotation quay.expires-after=4w
|
|
|
|
- name: 'Push dated (expiring) image - onc-kde:main-nvidia'
|
|
run: >
|
|
buildah push
|
|
--compression-format=zstd
|
|
--compression-level=${{ vars.COMPRESSION_LEVEL }}
|
|
${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/onc-kde:main-nvidia.expiring
|
|
${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/onc-kde:$(buildah inspect -t image -f '{{ index .OCIv1.Config.Labels "org.opencontainers.image.version" }}' ${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/onc-kde:main-nvidia)-nvidia
|
|
|
|
|
|
build-kde-nvidia-ver4a:
|
|
name: 'Build onc-kde:main-nvidia-ver4a'
|
|
runs-on: oci-builder
|
|
needs: 'build-kde-nvidia'
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- run: cd ${{ env.GITHUB_WORKSPACE }}
|
|
- name: 'Log in to registry'
|
|
run: >
|
|
buildah login
|
|
-u ${{ vars.REGISTRY_USERNAME }}
|
|
-p ${{ secrets.REGISTRY_PASSWORD }}
|
|
${{ vars.REGISTRY_DOMAIN }}
|
|
- name: 'Build image - onc-kde:main-nvidia-ver4a'
|
|
run: >
|
|
buildah bud
|
|
-f Dockerfile.kde-nvidia-ver4a
|
|
-t ${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/onc-kde:main-nvidia-ver4a
|
|
--userns=container
|
|
--security-opt=no-new-privileges
|
|
--annotation=quay.expires-after=
|
|
--build-arg REGISTRY_DOMAIN=${{ vars.REGISTRY_DOMAIN }}
|
|
--build-arg NAMESPACE=${{ vars.NAMESPACE }}
|
|
|
|
- name: 'Push image - onc-kde:main-nvidia-ver4a'
|
|
run: >
|
|
buildah push
|
|
--compression-format=zstd
|
|
--compression-level=${{ vars.COMPRESSION_LEVEL }}
|
|
${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/onc-kde:main-nvidia-ver4a
|
|
|
|
- name: 'Make expiring image - onc-kde:main-nvidia-ver4a'
|
|
run: >
|
|
buildah bud
|
|
-f <(echo FROM scratch)
|
|
--from ${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/onc-kde:main-nvidia-ver4a
|
|
-t ${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/onc-kde:main-nvidia-ver4a.expiring
|
|
--label quay.expires-after=4w
|
|
--annotation quay.expires-after=4w
|
|
|
|
- name: 'Push dated (expiring) image - onc-kde:main-nvidia-ver4a'
|
|
run: >
|
|
buildah push
|
|
--compression-format=zstd
|
|
--compression-level=${{ vars.COMPRESSION_LEVEL }}
|
|
${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/onc-kde:main-nvidia-ver4a.expiring
|
|
${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/onc-kde:$(buildah inspect -t image -f '{{ index .OCIv1.Config.Labels "org.opencontainers.image.version" }}' ${{ vars.REGISTRY_DOMAIN }}/${{ vars.NAMESPACE }}/onc-kde:main-nvidia-ver4a)-nvidia-ver4a
|