diff --git a/.gitea/workflows/build-and-push.yaml b/.gitea/workflows/build-and-push.yaml new file mode 100644 index 0000000..a15088e --- /dev/null +++ b/.gitea/workflows/build-and-push.yaml @@ -0,0 +1,46 @@ +name: Publish Builder Image +on: + push: + +jobs: + build-and-push: + runs-on: ubuntu-latest + + # 1. Define the container for the ENTIRE job + container: + image: quay.io/buildah/stable + # 2. IMPORTANT: We must pass the privileged flag here for Buildah to work + options: --privileged + + steps: + - name: Checkout + uses: actions/checkout@v3 + + # 3. Now you can use the standard 'run' keyword! + - name: Build and Push + env: + USERNAME: ${{ gitea.actor }} + PASSWORD: ${{ secrets.USER_PACKAGE_PASSWORD }} + REGISTRY: gitea.212.63.210.91.nip.io + IMAGE: ${{ gitea.repository_owner }}/godot-builder + TAG: ${{ gitea.sha }} + run: | + # Now comments are safe because 'run' uses a script file, not a one-liner. + + # 1. Login to the registry + # We use --tls-verify=false for your internal Traefik certs + buildah login -u $USERNAME -p $PASSWORD --tls-verify=false --storage-driver=vfs $REGISTRY + + # 2. Build the image + # Using the 'vfs' driver is slower but more stable for nested containers + buildah build \ + --tls-verify=false \ + --storage-driver=vfs \ + -f Dockerfile \ + -t $REGISTRY/$IMAGE:$TAG \ + -t $REGISTRY/$IMAGE:latest \ + . + + # 3. Push the tags + buildah push --tls-verify=false --storage-driver=vfs $REGISTRY/$IMAGE:$TAG + buildah push --tls-verify=false --storage-driver=vfs $REGISTRY/$IMAGE:latest \ No newline at end of file diff --git a/.gitea/workflows/publish-image.yaml b/.gitea/workflows/publish-image.yaml index b53d891..4c3392d 100644 --- a/.gitea/workflows/publish-image.yaml +++ b/.gitea/workflows/publish-image.yaml @@ -28,4 +28,5 @@ jobs: buildah push --tls-verify=false --storage-driver=vfs $REGISTRY/$IMAGE:$TAG && buildah push --tls-verify=false --storage-driver=vfs $REGISTRY/$IMAGE:latest - " \ No newline at end of file + " +