From b2544cf2678875b108c82c6c10ced3458bc1c69d Mon Sep 17 00:00:00 2001 From: Vincent Mahnke Date: Wed, 17 Jun 2026 17:02:05 +0200 Subject: [PATCH] refactor: Uses kaniko builder --- .forgejo/workflows/images.yml | 68 ++++++++++++++--------------------- 1 file changed, 27 insertions(+), 41 deletions(-) diff --git a/.forgejo/workflows/images.yml b/.forgejo/workflows/images.yml index bc48a98..cb999c5 100644 --- a/.forgejo/workflows/images.yml +++ b/.forgejo/workflows/images.yml @@ -7,61 +7,47 @@ on: jobs: build: runs-on: docker + container: + image: ghcr.io/osscontainertools/kaniko:alpine steps: + - name: Install required system packages + run: apk add --no-cache nodejs git + - name: Checkout repository uses: actions/checkout@v4 - - - name: Check Docker CLI and daemon - run: | - if ! command -v docker >/dev/null 2>&1; then - echo "::error::docker CLI not found in PATH on this runner" - exit 1 - fi - - if ! docker info >/dev/null 2>&1; then - echo "::error::docker daemon is not reachable (check /var/run/docker.sock or DOCKER_HOST)" - docker version || true - env | grep '^DOCKER' || true - ls -l /var/run/docker.sock || true - exit 1 - fi - - - name: Login to Container Registry - if: github.event_name == 'push' - run: | - echo "${{ secrets.REGISTRY_TOKEN }}" | docker login git.hamburg.ccc.de -u "${{ secrets.REGISTRY_USERNAME }}" --password-stdin - name: Set image tags id: vars run: | - if [ "${{ github.ref_name }}" = "main" ] && [ "${{ github.event_name }}" = "push" ]; then + if [ "${{ forgejo.ref_name }}" = "main" ] && [ "${{ forgejo.event_name }}" = "push" ]; then echo "tag=latest" >> $GITHUB_OUTPUT else # renovate creates sub branches with `/`; these break the tagging in the build process - echo tag=$(echo "${{ github.ref_name }}" | sed 's/[^a-zA-Z0-9._-]/_/g') >> $GITHUB_OUTPUT + echo tag=$(echo "${{ forgejo.ref_name }}" | sed 's/[^a-zA-Z0-9._-]/_/g') >> $GITHUB_OUTPUT fi - name: Build web image + env: + KANIKO_NO_PUSH: ${{ forgejo.event_name != 'push' }} + KANIKO_GIT_HAMBURG_CCC_DE_USER: ${{ secrets.REGISTRY_USERNAME }} + KANIKO_GIT_HAMBURG_CCC_DE_PASSWORD: ${{ secrets.REGISTRY_TOKEN }} run: | - docker build -f ./Containerfile -t git.hamburg.ccc.de/ccchh/sunders/web:${{ steps.vars.outputs.tag }} . - working-directory: ./web + /kaniko/executor \ + --dockerfile="${{ forgejo.workspace }}/web/Containerfile" \ + --context="dir://${{ forgejo.workspace }}/web" \ + --destination=git.hamburg.ccc.de/ccchh/sunders/web:${{ steps.vars.outputs.tag }} \ + --no-push-cache \ + --credential-helpers=env - name: Build data_handler image + env: + KANIKO_NO_PUSH: ${{ forgejo.event_name != 'push' }} + KANIKO_GIT_HAMBURG_CCC_DE_USER: ${{ secrets.REGISTRY_USERNAME }} + KANIKO_GIT_HAMBURG_CCC_DE_PASSWORD: ${{ secrets.REGISTRY_TOKEN }} run: | - docker build -f ./Containerfile -t git.hamburg.ccc.de/ccchh/sunders/data_handler:${{ steps.vars.outputs.tag }} . - working-directory: ./data_handler - - - name: Push images to Container Registry - run: | - docker push git.hamburg.ccc.de/ccchh/sunders/web:${{ steps.vars.outputs.tag }} - docker push git.hamburg.ccc.de/ccchh/sunders/data_handler:${{ steps.vars.outputs.tag }} - if: github.event_name == 'push' - - - name: Update docker-compose.yml image tags - run: | - sed -i "s/:latest/:${{ steps.vars.outputs.tag }}/g" docker-compose.yml - - - name: Start Docker Compose services - run: | - docker compose up -d --wait - docker compose down \ No newline at end of file + /kaniko/executor \ + --dockerfile="${{ forgejo.workspace }}/data_handler/Containerfile" \ + --context="dir://${{ forgejo.workspace }}/data_handler" \ + --destination=git.hamburg.ccc.de/ccchh/sunders/data_handler:${{ steps.vars.outputs.tag }} \ + --no-push-cache \ + --credential-helpers=env \ No newline at end of file