diff --git a/.gitea/workflows/garm-image.yml b/.gitea/workflows/garm-image.yml new file mode 100644 index 0000000..626b4cf --- /dev/null +++ b/.gitea/workflows/garm-image.yml @@ -0,0 +1,66 @@ +name: Build garm image + +on: + schedule: + - cron: "13 3 * * *" + push: + branches: + - main + paths: + - .gitea/workflows/garm-image.yml + - apps/garm/image-source.env + - docker/garm/** + workflow_dispatch: + +jobs: + build-and-push: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Load pin data + shell: bash + run: | + set -euo pipefail + source apps/garm/image-source.env + echo "GARM_COMMIT=${GARM_COMMIT}" >> "$GITHUB_ENV" + echo "GARM_COMMIT_NUMBER=${GARM_COMMIT_NUMBER}" >> "$GITHUB_ENV" + echo "GARM_IMAGE=${GARM_IMAGE}" >> "$GITHUB_ENV" + + - name: Verify commit number + shell: bash + run: | + set -euo pipefail + tmpdir="$(mktemp -d)" + trap 'rm -rf "$tmpdir"' EXIT + git clone --filter=blob:none https://github.com/cloudbase/garm.git "$tmpdir" + expected="$(git -C "$tmpdir" rev-list --count "$GARM_COMMIT")" + if [ "$expected" != "$GARM_COMMIT_NUMBER" ]; then + echo "Pin mismatch: expected r${expected}, got r${GARM_COMMIT_NUMBER}" >&2 + exit 1 + fi + + - name: Set up Buildx + uses: docker/setup-buildx-action@v3 + + - name: Login to gitea registry + uses: docker/login-action@v3 + with: + registry: gitea.lumpiasty.xyz + username: ${{ secrets.REGISTRY_USERNAME }} + password: ${{ secrets.REGISTRY_PASSWORD }} + + - name: Build and push + uses: docker/build-push-action@v6 + with: + context: . + file: docker/garm/Dockerfile + push: true + build-args: | + GARM_COMMIT=${{ env.GARM_COMMIT }} + tags: | + ${{ env.GARM_IMAGE }} + labels: | + org.opencontainers.image.source=https://github.com/cloudbase/garm + org.opencontainers.image.revision=${{ env.GARM_COMMIT }}