pi-farm/old-baseimage-alpine
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

changed workflow for testing

Browse Source
This commit is contained in:
info@pi-farm.de
2026-02-10 13:59:21 +01:00
parent 3703949b50
commit d372508648
1 changed files with 60 additions and 148 deletions
Download Patch File Download Diff File Expand all files Collapse all files

204
.gitea/workflows/docker-builder.yml
View File

@@ -8,7 +8,6 @@ on:
- 'v*'
workflow_dispatch:
env:
REGISTRY_HOST: git.pi-farm.de
IMAGE_BASE: ${{ gitea.repository }}
@@ -19,28 +18,17 @@ jobs:
runs-on: buildx-multiarch
steps:
- name: Checkout repository
uses: http://git.pi-farm.de/pi-farm/checkout@v4
with:
fetch-depth: 0
fetch-tags: true
- name: Dump context
run: env | sort
- name: Show ref info
run: |
echo "REF=$GITHUB_REF"
echo "REF_TYPE=$GITHUB_REF_TYPE"
echo "REF_NAME=$GITHUB_REF_NAME"
- name: Dynamic Template Fix
id: template_fix
run: |
if grep -q "{{.RepoName}}" README.md 2>/dev/null; then
echo "Ersetze Platzhalter in README, docker-compose und LICENSE..."
echo "Ersetze Platzhalter..."
REPO_NAME=$(echo "${{ gitea.repository }}" | cut -d'/' -f2)
OWNER_NAME=$(echo "${{ gitea.repository }}" | cut -d'/' -f1)
BRANCH_NAME="${{ gitea.ref_name }}"
@@ -52,198 +40,122 @@ jobs:
git config user.name "Gitea Bot"
git config user.email "bot@gitea.local"
git add README.md docker-compose.yml LICENSE
if git diff --staged --quiet; then
echo "Keine Änderungen zum Committen."
else
if ! git diff --staged --quiet; then
git commit -m "docs: fix template placeholders [skip ci]"
git push origin HEAD:${{ gitea.ref_name }}
fi
else
echo "Platzhalter bereits ersetzt."
fi
- name: Detect version
id: detect_version
- name: Detect version and Prepare Files
id: prepare
run: |
echo "== Detect version =="
# Prüfen, ob wir auf einem Tag oder main-Branch sind
# Versionierung
if [ "$GITHUB_REF_TYPE" = "tag" ]; then
VERSION="$GITHUB_REF_NAME"
CLEAN_VERSION="${VERSION#v}" # entfernt führendes 'v'
IS_TAG=true
else
VERSION="main"
CLEAN_VERSION="main"
IS_TAG=false
fi
echo "VERSION=$VERSION"
echo "CLEAN_VERSION=$CLEAN_VERSION"
echo "IS_TAG=$IS_TAG"
# Env für alle weiteren Steps exportieren
echo "VERSION=$VERSION" >> $GITHUB_ENV
echo "CLEAN_VERSION=$CLEAN_VERSION" >> $GITHUB_ENV
echo "IS_TAG=$IS_TAG" >> $GITHUB_ENV
- name: Set dynamic variables and check Dockerfiles
id: check_files
run: |
if [ -s "Dockerfile" ]; then
echo "Dockerfile gefunden und nicht leer. Build wird vorbereitet."
echo "should_build=true" >> $GITEA_OUTPUT
else
echo "Dockerfile ist leer oder fehlt. Build wird übersprungen."
# Dockerfile Auswahl
if [ ! -s "Dockerfile" ]; then
echo "should_build=false" >> $GITEA_OUTPUT
exit 0
fi
echo "should_build=true" >> $GITEA_OUTPUT
AMD64_FILE="Dockerfile"
if [ -s "Dockerfile.aarch64" ]; then
echo "Spezielles Dockerfile.aarch64 erkannt."
ARM64_FILE="Dockerfile.aarch64"
else
ARM64_FILE="Dockerfile"
fi
# Multiarch Files
echo "AMD64_DOCKERFILE=Dockerfile" >> $GITEA_ENV
echo "ARM64_DOCKERFILE=$([ -s Dockerfile.aarch64 ] && echo Dockerfile.aarch64 || echo Dockerfile)" >> $GITEA_ENV
echo "IMAGE_NAME=${{ env.REGISTRY_HOST }}/${{ env.IMAGE_BASE }}" >> $GITEA_ENV
echo "CACHE_IMAGE_NAME=${{ env.REGISTRY_HOST }}/${{ env.IMAGE_BASE }}-cache" >> $GITEA_ENV
echo "AMD64_DOCKERFILE=$AMD64_FILE" >> $GITEA_ENV
echo "ARM64_DOCKERFILE=$ARM64_FILE" >> $GITEA_ENV
# Global Env
echo "VERSION=$VERSION" >> $GITEA_ENV
echo "IS_TAG=$IS_TAG" >> $GITEA_ENV
echo "IMAGE_NAME=${REGISTRY_HOST}/${IMAGE_BASE}" >> $GITEA_ENV
echo "CACHE_IMAGE_NAME=${REGISTRY_HOST}/${IMAGE_BASE}-cache" >> $GITEA_ENV
echo "BUILD_DATE=$(date -u +%Y-%m-%dT%H:%M:%SZ)" >> $GITEA_ENV
- name: Login to registry
if: steps.check_files.outputs.should_build == 'true'
if: steps.prepare.outputs.should_build == 'true'
run: |
echo "${{ secrets.REGISTRY_PASSWORD }}" | docker login \
${{ env.REGISTRY_HOST }} -u ${{ secrets.REGISTRY_USER }} --password-stdin
- name: Setup buildx
if: steps.check_files.outputs.should_build == 'true'
if: steps.prepare.outputs.should_build == 'true'
run: |
docker buildx rm multiarch || true
docker buildx create --name multiarch --driver docker-container --use
docker buildx inspect --bootstrap
- name: Compute Docker tags
- name: Build & push multiarch
if: steps.prepare.outputs.should_build == 'true'
shell: bash
run: |
echo "== Universeller Multiarch Build Start =="
# 1. Dynamisches Laden aller Variablen aus versions.env als Build-Args
BUILD_ARGS=""
while IFS='=' read -r key value || [ -n "$key" ]; do
[[ "$key" =~ ^#.*$ || -z "$key" ]] && continue
clean_value=$(echo "$value" | xargs)
# Exportiere für Script-Nutzung UND baue Build-Args String
export "$key=$clean_value"
BUILD_ARGS="$BUILD_ARGS --build-arg $key=$clean_value"
done < versions.env
# 2. Zusätzliche System-Args hinzufügen
BUILD_ARGS="$BUILD_ARGS --build-arg VERSION=$VERSION --build-arg BUILD_DATE=$BUILD_DATE"
# 3. Tags berechnen
if [[ "$IS_TAG" == "true" ]]; then
DOCKER_TAGS="${IMAGE_NAME}:${VERSION},${IMAGE_NAME}:latest"
DOCKER_TAGS="${IMAGE_NAME}:${VERSION} ${IMAGE_NAME}:latest"
else
DOCKER_TAGS="${IMAGE_NAME}:main"
fi
echo "DOCKER_TAGS=$DOCKER_TAGS" >> $GITEA_ENV
# 4. Builds ausführen
CACHE_REF="${CACHE_IMAGE_NAME}"
- name: Load versions.env safely
shell: bash
run: |
echo "== Load versions.env =="
# Funktion zum sauberen Parsen
parse_env() {
grep -v '^#' versions.env | grep -v '^$' | while IFS='=' read -r key value; do
# Entferne mögliche Whitespaces
key=$(echo $key | xargs)
value=$(echo $value | xargs)
export $key="$value"
done
}
parse_env
# Fixen von Workflow-Variablen
CLEAN_VERSION="${VERSION#v}"
BUILD_DATE=$(date -u +%Y-%m-%dT%H:%M:%SZ)
# Write to Gitea env
echo "BASE_IMAGE=$BASE_IMAGE" >> $GITEA_ENV
echo "APP_VERSION=$APP_VERSION" >> $GITEA_ENV
echo "TARGET_PLATFORMS=$TARGET_PLATFORMS" >> $GITEA_ENV
echo "IMAGE_NAME=${REGISTRY_HOST}/$IMAGE_BASE" >> $GITEA_ENV
echo "CACHE_IMAGE_NAME=${REGISTRY_HOST}/$IMAGE_BASE-cache" >> $GITEA_ENV
echo "VERSION=$VERSION" >> $GITEA_ENV
echo "CLEAN_VERSION=$CLEAN_VERSION" >> $GITEA_ENV
echo "BUILD_DATE=$BUILD_DATE" >> $GITEA_ENV
- name: Build & push multiarch
if: steps.check_files.outputs.should_build == 'true'
shell: bash
run: |
echo "== Multiarch Build Start =="
# versions.env direkt hier laden
BASE_IMAGE=$(grep ^BASE_IMAGE= versions.env | cut -d '=' -f2-)
APP_VERSION=$(grep ^APP_VERSION= versions.env | cut -d '=' -f2-)
echo "BASE_IMAGE=$BASE_IMAGE"
echo "APP_VERSION=$APP_VERSION"
if [ -z "$BASE_IMAGE" ]; then
echo "BASE_IMAGE is empty → abort"
exit 1
fi
# Cache-Definitionen für bessere Übersicht
CACHE_REF="${REGISTRY_HOST}/${IMAGE_BASE}-cache"
# amd64 build mit Registry-Cache (mode=min für weniger Fragmente)
echo "Starte AMD64 Build..."
docker buildx build \
--platform linux/amd64 \
-f ${AMD64_DOCKERFILE} \
--build-arg BASE_IMAGE="$BASE_IMAGE" \
--build-arg APP_VERSION="$APP_VERSION" \
--label org.opencontainers.image.version="$APP_VERSION" \
--label org.opencontainers.image.created="$BUILD_DATE" \
${BUILD_ARGS} \
--cache-from type=registry,ref=${CACHE_REF}:amd64 \
--cache-to type=registry,ref=${CACHE_REF}:amd64,mode=min \
-t ${CACHE_IMAGE_NAME}:${VERSION}-amd64 \
--push .
# arm64 build mit Registry-Cache (mode=min für weniger Fragmente)
#docker buildx build \
# --platform linux/arm64 \
# -f ${ARM64_DOCKERFILE} \
# --build-arg BASE_IMAGE="$BASE_IMAGE" \
# --build-arg APP_VERSION="$APP_VERSION" \
# --label org.opencontainers.image.version="$APP_VERSION" \
# --label org.opencontainers.image.created="$BUILD_DATE" \
# --cache-from type=registry,ref=${CACHE_REF}:arm64 \
# --cache-to type=registry,ref=${CACHE_REF}:arm64,mode=min \
# -t ${CACHE_IMAGE_NAME}:${VERSION}-arm64 \
# --push .
echo "Starte ARM64 Build..."
docker buildx build \
--platform linux/arm64 \
-f ${ARM64_DOCKERFILE} \
${BUILD_ARGS} \
--cache-from type=registry,ref=${CACHE_REF}:arm64 \
--cache-to type=registry,ref=${CACHE_REF}:arm64,mode=min \
-t ${CACHE_IMAGE_NAME}:${VERSION}-arm64 \
--push .
# Manifest-Erstellung (verbindet die Architekturen zu den finalen Tags)
for TAG in $(echo $DOCKER_TAGS | tr ',' ' '); do
echo "Creating manifest for tag: $TAG"
# 5. Manifest Erstellung
for TAG in $DOCKER_TAGS; do
echo "Creating manifest for: $TAG"
docker buildx imagetools create -t $TAG \
${CACHE_IMAGE_NAME}:${VERSION}-amd64 \
${CACHE_IMAGE_NAME}:${VERSION}-arm64
done
echo "== Multiarch Build Complete =="
- name: Install syft
run: |
curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh \
| sh -s -- -b /usr/local/bin
- name: Generate SBOM
if: steps.prepare.outputs.should_build == 'true'
run: |
# Benutze die Build-Variable DOCKER_TAGS oder IMAGE_NAME + VERSION
if [[ "$IS_TAG" == "true" ]]; then
TARGET_IMAGE="${IMAGE_NAME}:${VERSION}"
else
TARGET_IMAGE="${IMAGE_NAME}:main"
fi
curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh -s -- -b /usr/local/bin
TARGET_IMAGE="${IMAGE_NAME}:${VERSION}"
echo "Generating SBOM for $TARGET_IMAGE"
syft $TARGET_IMAGE -o spdx-json > sbom.spdx.json || true
- name: Upload SBOM
if: steps.prepare.outputs.should_build == 'true'
uses: actions/upload-artifact@v3
with:
name: sbom