pi-farm/docker-baseimage-alpine
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

alpine 3.23
All checks were successful
/ release-and-build (push) Successful in 1m23s
Details

Browse Source
This commit is contained in:
info@pi-farm.de
2026-02-17 23:20:03 +01:00
parent 98d7b53c1a
commit 092e2b8279
1 changed files with 20 additions and 56 deletions
Download Patch File Download Diff File Expand all files Collapse all files

76
.gitea/workflows/build-and-push.yaml
View File

@@ -23,19 +23,15 @@ jobs:
run: |
export TZ=Europe/Berlin
# 1. Env laden
set -a
source <(grep -v '^#' buildargs.env | sed 's/\r$//')
set +a
# WICHTIG: PUSH Variable für nachfolgende Steps verfügbar machen
echo "push_targets=$PUSH" >> $GITHUB_OUTPUT
# 2. Hash der BUILD_ Variablen berechnen
ARGS_HASH=$(grep "^BUILD_" buildargs.env | sha256sum | cut -d' ' -f1)
echo "build_args_hash=$ARGS_HASH" >> $GITHUB_OUTPUT
# ... (Tags & Repo Logic) ...
echo "event_name=${{ gitea.event_name }}" >> $GITHUB_OUTPUT
if [[ "${{ gitea.ref }}" == refs/tags/* ]]; then
@@ -67,29 +63,29 @@ jobs:
BASE="${{ steps.prep.outputs.base_image }}"
LOCAL_ARGS_HASH="${{ steps.prep.outputs.build_args_hash }}"
echo "🔍 Prüfe Remote-Registry..."
echo "🔍 Check Remote-Registry..."
if [[ "${{ steps.prep.outputs.event_name }}" != "schedule" ]]; then
echo "🚀 Manueller Start: Build erzwungen."
echo "🚀 Start: Build forced."
else
REMOTE_BASE_SHA=$(docker buildx imagetools inspect "$BASE" --format '{{json .Manifest.Digest}}' 2>/dev/null | tr -d '"' || echo "")
if [ -z "$REMOTE_BASE_SHA" ]; then
echo "⚠️ Base-Image SHA nicht lesbar. Build wird gestartet."
echo "⚠️ Base-Image SHA not readable. Build process started."
else
RAW_INDEX=$(docker buildx imagetools inspect "$IMAGE:$TAG" --raw 2>/dev/null || echo "")
if [ -z "$RAW_INDEX" ]; then
echo "🆕 Image existiert noch nicht. Build erforderlich."
echo "🆕 Image doesn't exist. Build required."
else
USED_BASE_SHA=$(echo "$RAW_INDEX" | grep "\"pi_farm.base_digest\":" | sed -E 's/.*: "([^"]+)".*/\1/' || echo "none")
USED_ARGS_HASH=$(echo "$RAW_INDEX" | grep "\"pi_farm.args_hash\":" | sed -E 's/.*: "([^"]+)".*/\1/' || echo "none")
if [ "$REMOTE_BASE_SHA" == "$USED_BASE_SHA" ] && [ "$LOCAL_ARGS_HASH" == "$USED_ARGS_HASH" ]; then
echo "😴 Alles identisch. Kein Build nötig."
echo "😴 All identic. Build not neccessary."
SHOULD_BUILD="false"
else
echo "✅ Update nötig."
echo "✅ Build neccessary."
SHOULD_BUILD="true"
fi
fi
@@ -106,7 +102,6 @@ jobs:
uses: docker/setup-buildx-action@v3
- name: Login to Docker Hub
# Login immer versuchen, falls Push aktiv ist
if: contains(steps.prep.outputs.push_targets, 'dockerhub')
uses: https://github.com/docker/login-action@v3
with:
@@ -151,12 +146,10 @@ jobs:
--pull --platform linux/arm64 -f Dockerfile.aarch64 \
--label "pi_farm.base_digest=$BASE_SHA" --label "pi_farm.args_hash=$ARGS_HASH" --push .
# Gitea Manifest
docker buildx imagetools create \
--annotation "index:pi_farm.base_digest=$BASE_SHA" --annotation "index:pi_farm.args_hash=$ARGS_HASH" \
-t $IMAGE_GITEA:$TAG -t $IMAGE_GITEA:latest $IMAGE_GITEA:tmp-amd64 $IMAGE_GITEA:tmp-arm64
# Docker Hub Manifest
if [[ "$PUSH" == *"dockerhub"* ]]; then
DOCKERHUB_REPO="${{ secrets.DOCKERHUB_USERNAME }}/$REPO_PURE"
docker buildx imagetools create \
@@ -168,9 +161,8 @@ jobs:
id: update_doc
if: steps.check_changes.outputs.should_build == 'true'
run: |
set -x # Aktiviert Debug-Modus, um den Fehler genau zu sehen
set -x
# --- 1. VARIABLEN VORBEREITEN ---
export TZ=Europe/Berlin
CURRENT_TIME=$(date '+%d.%m.%Y %H:%M')
BUILD_TAG="${{ steps.prep.outputs.docker_tag }}"
@@ -179,10 +171,8 @@ jobs:
BASE_IMAGE="${{ steps.prep.outputs.base_image }}"
REPO_URL="https://git.pi-farm.de/${{ gitea.repository }}"
# Sicherstellen, dass buildargs.env da ist
if [ ! -f "buildargs.env" ]; then echo "❌ buildargs.env fehlt!"; exit 1; fi
# Env sauber laden (ohne Subshell-Source)
grep -v '^#' buildargs.env | sed 's/\r$//' > cleaned_env.sh
set -a
source ./cleaned_env.sh
@@ -190,17 +180,14 @@ jobs:
if [ -f "Dockerfile.aarch64" ]; then ARM_STATUS="✅ Aktiv (eigenes Dockerfile)"; else ARM_STATUS="❌ Nicht unterstützt"; fi
# COMMIT_MSG sicher abfangen (verhindert Fehler durch Sonderzeichen)
cat << 'EOF' > commit_msg.txt
${{ gitea.event.head_commit.message }}
EOF
COMMIT_MSG=$(sed 's/\[skip ci\]//g' commit_msg.txt | xargs)
# --- 2. TEMPLATES LADEN ---
wget -q https://git.pi-farm.de/pi-farm/templates/raw/branch/main/README.template -O README.template || echo "Templates konnten nicht geladen werden"
wget -q https://git.pi-farm.de/pi-farm/templates/raw/branch/main/docker-compose.template -O docker-compose.template || echo "Templates konnten nicht geladen werden"
# --- 3. VERSION HISTORY UPDATE ---
NEW_ROW="| **$BUILD_TAG** | $CURRENT_TIME | $COMMIT_MSG ✅ |"
if [ -f "VERSION.history" ]; then
grep -v "| **$BUILD_TAG** |" VERSION.history > VERSION.history.tmp || true
@@ -212,7 +199,6 @@ jobs:
fi
HISTORY_CONTENT=$(cat VERSION.history)
# --- 4. ENV / PORTS / VOL BLÖCKE GENERIEREN ---
ENV_BLOCK_CONTENT=""
env_vars=$(grep '^ENV_' buildargs.env | grep -v '^#' | tr -d '\r' || true)
if [ -n "$env_vars" ]; then
@@ -244,7 +230,6 @@ jobs:
done <<< "$vol_vars"
fi
# --- 5. DOCKER RUN BEFEHL ---
RUN_CMD="docker run -d \\ \n --name $REPO_PURE \\ \n --restart unless-stopped"
all_params=$(grep -E '^(PORT_|ENV_|VOL_)' buildargs.env | grep -v '^#' | sed 's/\r$//' || true)
if [ -n "$all_params" ]; then
@@ -262,20 +247,16 @@ jobs:
RUN_CMD="${RUN_CMD} \\ \n $FULL_URL:$BUILD_TAG"
DOCKER_RUN_FINAL=$(echo -e "$RUN_CMD")
# --- 6. DOCKER HUB LINK ---
DOCKERHUB_LINK_CONTENT=""
if [[ "${{ steps.prep.outputs.push_targets }}" == *"dockerhub"* ]]; then
DH_USER="${{ secrets.DOCKERHUB_USERNAME }}"
DOCKERHUB_LINK_CONTENT="[![Docker Hub](https://img.shields.io/badge/docker-hub-blue?logo=docker&logoColor=white)](https://hub.docker.com/r/${DH_USER}/${REPO_PURE})"
fi
# --- 7. TEMPLATE ENGINE ---
# Wir nutzen einen temp-Ordner für die Ersetzungen, um Sonderzeichen-Probleme zu vermeiden
process_template() {
local template=$1; local output=$2
[ ! -f "$template" ] && return
cp "$template" "$output"
# Einfache Ersetzungen
sed -i "s|__REPO_NAME__|$REPO_PURE|g" "$output"
sed -i "s|__FULL_URL__|$FULL_URL|g" "$output"
sed -i "s|__BUILD_TAG__|$BUILD_TAG|g" "$output"
@@ -284,23 +265,20 @@ jobs:
sed -i "s|__CURRENT_DATE__|$CURRENT_TIME|g" "$output"
sed -i "s|__REPO_URL__|$REPO_URL|g" "$output"
# Komplexe Blöcke über ein temporäres File einfügen (verhindert Shell-Interpretationsfehler)
awk -v r="$HISTORY_CONTENT" '{gsub(/__HISTORY_CONTENT__/, r)}1' "$output" > "$output.tmp" && mv "$output.tmp" "$output"
awk -v r="$DOCKER_RUN_FINAL" '{gsub(/__DOCKER_RUN__/, r)}1' "$output" > "$output.tmp" && mv "$output.tmp" "$output"
awk -v r="$DOCKERHUB_LINK_CONTENT" '{gsub(/__DOCKERHUB_LINK__/, r)}1' "$output" > "$output.tmp" && mv "$output.tmp" "$output"
# Multiline DESCRIPTION & Blocks
if grep -q "__DESCRIPTION__" "$output"; then
awk -v r="$(echo -e "${DESCRIPTION:-Keine Beschreibung.}")" '{gsub(/__DESCRIPTION__/, r)}1' "$output" > "$output.tmp" && mv "$output.tmp" "$output"
awk -v r="$(echo -e "${DESCRIPTION:-No Description.}")" '{gsub(/__DESCRIPTION__/, r)}1' "$output" > "$output.tmp" && mv "$output.tmp" "$output"
fi
if grep -q "__ENV_BLOCK__" "$output"; then
awk -v r="$(echo -e "$ENV_BLOCK_CONTENT")" '{gsub(/__ENV_BLOCK__/, r)}1' "$output" > "$output.tmp" && mv "$output.tmp" "$output"
fi
# ... analog für Ports und Volumes ...
awk -v r="$(echo -e "$PORTS_BLOCK_CONTENT")" '{gsub(/__PORTS_BLOCK__/, r)}1' "$output" > "$output.tmp" && mv "$output.tmp" "$output"
awk -v r="$(echo -e "$VOL_BLOCK_CONTENT")" '{gsub(/__VOL_BLOCK__/, r)}1' "$output" > "$output.tmp" && mv "$output.tmp" "$output"
# Compose-Inhalt am Ende einfügen, falls das Tag da ist
if grep -q "__COMPOSE_BLOCK__" "$output" && [ -f "docker-compose.yml" ]; then
sed -e '/__COMPOSE_BLOCK__/{r docker-compose.yml' -e 'd;}' "$output" > "$output.tmp" && mv "$output.tmp" "$output"
fi
@@ -309,7 +287,6 @@ jobs:
process_template "docker-compose.template" "docker-compose.yml"
process_template "README.template" "README.md"
# --- 8. EXPORTS ---
echo "FINAL_MSG=$COMMIT_MSG" >> $GITHUB_ENV
echo "DESCRIPTION<<EOF" >> $GITHUB_ENV
echo -e "$DESCRIPTION" >> $GITHUB_ENV
@@ -318,57 +295,49 @@ jobs:
- name: Push README to Docker Hub
if: steps.check_changes.outputs.should_build == 'true' && contains(steps.prep.outputs.push_targets, 'dockerhub')
run: |
# 1. Sicherstellen, dass jq da ist
if ! command -v jq &> /dev/null; then
apt-get update && apt-get install -y jq || apk add --no-cache jq || true
fi
echo "🚀 Starte README Update auf Docker Hub..."
echo "🚀 Starting update README on Docker Hub..."
# 2. Login Token holen
TOKEN=$(curl -s -X POST "https://hub.docker.com/v2/users/login/" \
-H "Content-Type: application/json" \
-d "{\"username\": \"${{ secrets.DOCKERHUB_USERNAME }}\", \"password\": \"${{ secrets.DOCKERHUB_TOKEN }}\"}" | jq -r .token)
if [ "$TOKEN" == "null" ] || [ -z "$TOKEN" ]; then
echo "❌ Fehler: Konnte kein Login-Token abrufen. Prüfe die Credentials!"
echo "❌ Error: No login-token available. Check your credentials!"
exit 1
fi
# 3. Variablen vorbereiten
REPO_PURE="${{ steps.prep.outputs.repo_pure }}"
DH_USER="${{ secrets.DOCKERHUB_USERNAME }}"
# Kurzbeschreibung aus ENV oder Fallback
SHORT_DESC=$(echo -e "${{ env.DESCRIPTION }}" | head -n 1 | cut -c 1-100)
[ -z "$SHORT_DESC" ] && SHORT_DESC="Docker Image für $REPO_PURE"
[ -z "$SHORT_DESC" ] && SHORT_DESC="Docker Image for $REPO_PURE"
echo "📦 Verarbeite README.md (${REPO_PURE})..."
echo "📦 Processing README.md (${REPO_PURE})..."
# 4. JSON Payload sicher bauen
# --rawfile lädt die Datei direkt in eine Variable, was Escaping-Fehler verhindert
jq -n \
--arg desc "$SHORT_DESC" \
--rawfile full_desc README.md \
'{description: $desc, full_description: $full_desc}' > payload.json
# 5. API Request mit detaillierter Ausgabe
echo "📤 Sende Daten an Docker Hub API..."
echo "📤 Sending data to Docker Hub API..."
RESPONSE=$(curl -s -w "\n%{http_code}" -X PATCH \
"https://hub.docker.com/v2/repositories/${DH_USER}/${REPO_PURE}/" \
-H "Authorization: JWT ${TOKEN}" \
-H "Content-Type: application/json" \
-d @payload.json)
# Antwort auswerten
HTTP_STATUS=$(echo "$RESPONSE" | tail -n 1)
BODY=$(echo "$RESPONSE" | head -n -1)
if [ "$HTTP_STATUS" -eq 200 ]; then
echo "✅ README erfolgreich aktualisiert (HTTP 200)."
echo "✅ README update successfull (HTTP 200)."
else
echo "❌ Fehler beim Update! HTTP Status: $HTTP_STATUS"
echo "Antwort von Docker Hub: $BODY"
echo "❌ Error on update! HTTP Status: $HTTP_STATUS"
echo "Answer from Docker Hub: $BODY"
exit 1
fi
@@ -390,7 +359,7 @@ jobs:
(apt-get update && apt-get install -y jq) || (apk add --no-cache jq) || true
fi
echo "🧹 Aufräumen temporärer Docker Hub Tags..."
echo "🧹 Cleanup temp. Docker Hub tags..."
TOKEN=$(curl -s -X POST "https://hub.docker.com/v2/users/login/" \
-H "Content-Type: application/json" \
@@ -401,29 +370,24 @@ jobs:
DH_USER="${{ secrets.DOCKERHUB_USERNAME }}"
for t in tmp-amd64 tmp-arm64; do
echo "Lösche Tag $t..."
echo "Deleting tag $t..."
STATUS=$(curl -s -o /dev/null -w "%{http_code}" -X DELETE \
"https://hub.docker.com/v2/repositories/${DH_USER}/${REPO_PURE}/tags/$t/" \
-H "Authorization: JWT ${TOKEN}")
echo "Status: $STATUS"
done
echo "✅ Temporäre Tags entfernt."
echo "✅ Temp. tags deleted."
fi
- name: Cleanup Temporary Registry Tags (Gitea)
if: steps.check_changes.outputs.should_build == 'true'
run: |
# (Dein bestehender Gitea Cleanup Code...)
# Ich habe ihn hier gekürzt, da er in deinem Original schon korrekt war.
# Kopiere einfach deinen "Cleanup Temporary Registry Tags" Block von oben hier hin.
TOKEN="${{ secrets.GIT_TOKEN }}"
ORG_NAME=$(echo "${{ gitea.repository }}" | cut -d'/' -f1)
REPO_NAME=$(echo "${{ gitea.repository }}" | cut -d'/' -f2)
for t in tmp-amd64 tmp-arm64; do
# Versuch 1
curl -s -X DELETE "https://git.pi-farm.de/api/v1/packages/$ORG_NAME/container/$REPO_NAME/$t" -H "Authorization: token $TOKEN"
# Versuch 2 (lowercase)
curl -s -X DELETE "https://git.pi-farm.de/api/v1/packages/${ORG_NAME,,}/container/${REPO_NAME,,}/$t" -H "Authorization: token $TOKEN"
done