Mayne0213/jovies
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
2a92a9095ea3f517e6b0414902c660355065113a
jovies/.gitea/workflows/build-push.yaml
Mayne0213 2a92a9095e
All checks were successful
Build and Push to Zot / build-and-push (push) Successful in 5m40s
Details
REFACTOR(ci): migrate from Kaniko to Buildah 
- Replace Kaniko with Buildah for OCI-native builds
- Add --format oci flag for Zot compatibility
- Use privileged container for Buildah operations
2026-01-10 23:19:37 +09:00

95 lines
3.0 KiB
YAML
Raw Blame History

name: Build and Push to Zot
on:
push:
branches: [main]
workflow_dispatch:
env:
REGISTRY: zot0213.kro.kr
IMAGE_NAME: jovies
jobs:
build-and-push:
runs-on: k3s-home
steps:
- name: Create Build Job
run: |
JOB_NAME="buildah-jovies-$(echo $GITHUB_SHA | cut -c1-7)"
echo "Creating Buildah Job: $JOB_NAME"
cat <<EOF | kubectl apply -f -
apiVersion: batch/v1
kind: Job
metadata:
name: $JOB_NAME
namespace: gitea
spec:
ttlSecondsAfterFinished: 600
backoffLimit: 0
template:
spec:
containers:
- name: buildah
image: quay.io/buildah/stable:latest
securityContext:
privileged: true
command: ["/bin/bash", "-c"]
args:
- |
set -ex
echo "Cloning repository..."
dnf install -y git
git clone https://github0213.com/Mayne0213/jovies.git /workspace
cd /workspace/nextjs
echo "Logging in to registry..."
buildah login -u \$(cat /secrets/username) -p \$(cat /secrets/password) ${REGISTRY}
echo "Building image..."
buildah build --format oci -t ${REGISTRY}/${IMAGE_NAME}:latest .
echo "Tagging with commit SHA..."
buildah tag ${REGISTRY}/${IMAGE_NAME}:latest ${REGISTRY}/${IMAGE_NAME}:${GITHUB_SHA}
echo "Pushing images..."
buildah push ${REGISTRY}/${IMAGE_NAME}:latest
buildah push ${REGISTRY}/${IMAGE_NAME}:${GITHUB_SHA}
echo "Done!"
env:
- name: REGISTRY
value: "${REGISTRY}"
- name: IMAGE_NAME
value: "${IMAGE_NAME}"
- name: GITHUB_SHA
value: "${GITHUB_SHA}"
volumeMounts:
- name: zot-creds
mountPath: /secrets
volumes:
- name: zot-creds
secret:
secretName: zot-registry-credentials-plain
restartPolicy: Never
EOF
- name: Wait for Build Job
run: |
JOB_NAME="buildah-jovies-$(echo $GITHUB_SHA | cut -c1-7)"
echo "Waiting for Job: $JOB_NAME"
if ! kubectl wait --for=condition=complete job/$JOB_NAME -n gitea --timeout=900s; then
echo "Job failed. Logs:"
kubectl logs job/$JOB_NAME -n gitea --all-containers
exit 1
fi
echo "Build and push completed successfully!"
- name: Cleanup
if: always()
run: |
JOB_NAME="buildah-jovies-$(echo $GITHUB_SHA | cut -c1-7)"
kubectl delete job $JOB_NAME -n gitea --ignore-not-found
Reference in New Issue View Git Blame Copy Permalink