From b8dd7c4d563173349f8ff7a84d286582a4ae347d Mon Sep 17 00:00:00 2001 From: Job79 Date: Sat, 27 Dec 2025 14:52:11 +0100 Subject: [PATCH] feat: use podman for build and better changes checks --- .gitea/workflows/fedora.yaml | 129 +++++++++++++++++++++++------------ 1 file changed, 86 insertions(+), 43 deletions(-) diff --git a/.gitea/workflows/fedora.yaml b/.gitea/workflows/fedora.yaml index 90b73cb..0fa853c 100644 --- a/.gitea/workflows/fedora.yaml +++ b/.gitea/workflows/fedora.yaml @@ -1,60 +1,103 @@ -name: Build container +name: Build containers on: push: branches: ["main"] - paths: - - "containers/fedora/**" - - "containers/go/**" - - "containers/infra/**" - - ".gitea/workflows/fedora.yaml" + paths: ["containers/**", ".gitea/workflows/fedora.yaml"] pull_request: branches: ["main"] - paths: - - "containers/fedora/**" - - "containers/go/**" - - "containers/infra/**" - - ".gitea/workflows/fedora.yaml" + paths: ["containers/**", ".gitea/workflows/fedora.yaml"] schedule: - cron: "0 16 * * FRI" jobs: - fedora-build: - runs-on: job-latest + changes: + runs-on: job-v2 + env: + RUNNER_OS: "Linux" + outputs: + fedora: ${{ steps.filter.outputs.fedora == 'true' }} + infra: ${{ steps.filter.outputs.infra == 'true' || steps.filter.outputs.fedora == 'true' }} + go: ${{ steps.filter.outputs.go == 'true' || steps.filter.outputs.fedora == 'true' }} + any_change: ${{ steps.filter.outputs.workflow == 'true' || github.event_name == 'schedule' }} steps: - - name: Clone repo - uses: actions/checkout@v4 - - name: Setup Docker Buildx - uses: docker/setup-buildx-action@v3 - - name: Login to Registry - uses: docker/login-action@v3 + - uses: actions/checkout@v4 + - uses: https://github.com/dorny/paths-filter@v3 + id: filter + with: + filters: | + workflow: ['.gitea/workflows/fedora.yaml'] + fedora: ['containers/fedora/**'] + infra: ['containers/infra/**'] + go: ['containers/go/**'] + - name: debug + run: | + echo "$RUNNER_OS" + + fedora-base: + needs: [changes] + if: ${{ needs.changes.outputs.fedora == 'true' || needs.changes.outputs.any_change == 'true' }} + runs-on: job-v2 + steps: + - uses: actions/checkout@v4 + - name: Log in + uses: redhat-actions/podman-login@v1 with: registry: git.plabble.org username: ${{ secrets.REGISTRY_USERNAME }} password: ${{ secrets.REGISTRY_TOKEN }} - - name: Build and push fedora container - uses: docker/build-push-action@v5 + - name: Build Fedora + id: build + uses: redhat-actions/buildah-build@v2 with: - context: ./containers/fedora - file: ./containers/fedora/Containerfile - push: true - tags: git.plabble.org/job79/fedora:${{ github.ref_name }} - build-args: TAG=${{ github.ref_name }} - outputs: type=image,oci-mediatypes=true,compression=zstd,compression-level=3,force-compression=true - - name: Build and push go container - uses: docker/build-push-action@v5 + image: ${{ github.actor }}/fedora + tags: ${{ github.ref_name }} + containerfiles: ./containers/fedora/Containerfile + oci: true + - name: Push Fedora + uses: redhat-actions/push-to-registry@v2 with: - context: ./containers/go - file: ./containers/go/Containerfile - push: true - tags: git.plabble.org/job79/go:${{ github.ref_name }} - build-args: TAG=${{ github.ref_name }} - outputs: type=image,oci-mediatypes=true,compression=zstd,compression-level=3,force-compression=true - - name: Build and push infra container - uses: docker/build-push-action@v5 + image: ${{ steps.build.outputs.image }} + tags: ${{ steps.build.outputs.tags }} + registry: git.plabble.org + extra-args: --compression-format=zstd:chunked + + dependent-images: + needs: [changes, fedora-base] + runs-on: job-v2 + strategy: + fail-fast: false + matrix: + container: [infra, go] + steps: + - name: Check if build needed + id: check + run: | + if [[ "${{ matrix.container }}" == "infra" && "${{ needs.changes.outputs.infra }}" == "true" ]]; then echo "run=true" >> $GITHUB_OUTPUT; fi + if [[ "${{ matrix.container }}" == "go" && "${{ needs.changes.outputs.go }}" == "true" ]]; then echo "run=true" >> $GITHUB_OUTPUT; fi + - name: Clone repo + if: steps.check.outputs.run == 'true' + uses: actions/checkout@v4 + - name: Log in + if: steps.check.outputs.run == 'true' + uses: redhat-actions/podman-login@v1 with: - context: ./containers/infra - file: ./containers/infra/Containerfile - push: true - tags: git.plabble.org/job79/infra:${{ github.ref_name }} - build-args: TAG=${{ github.ref_name }} - outputs: type=image,oci-mediatypes=true,compression=zstd,compression-level=3,force-compression=true + registry: git.plabble.org + username: ${{ secrets.REGISTRY_USERNAME }} + password: ${{ secrets.REGISTRY_TOKEN }} + - name: Build ${{ matrix.container }} + if: steps.check.outputs.run == 'true' + id: build + uses: redhat-actions/buildah-build@v2 + with: + image: ${{ github.actor }}/${{ matrix.container }} + tags: ${{ github.ref_name }} + containerfiles: ./containers/${{ matrix.container }}/Containerfile + oci: true + - name: Push ${{ matrix.container }} + if: steps.check.outputs.run == 'true' + uses: redhat-actions/push-to-registry@v2 + with: + image: ${{ steps.build.outputs.image }} + tags: ${{ steps.build.outputs.tags }} + registry: git.plabble.org + extra-args: --compression-format=zstd:chunked