Vitaliy Potyarkin
f37c89b1fd
Some checks are pending
/ build-dotnet-8.0 (pull_request) Successful in 5m45s
/ build-oci-image-builder-bookworm (pull_request) Successful in 3m20s
/ build-openjdk-11-maven-3.8.6 (pull_request) Successful in 5m40s
/ build-python-3.11 (pull_request) Successful in 1m24s
/ build-python-3.13 (pull_request) Successful in 5m58s
/ build-dotnet-8.0 (push) Successful in 5m30s
/ build-oci-image-builder-bookworm (push) Successful in 4m6s
/ build-openjdk-11-maven-3.8.6 (push) Successful in 1m25s
/ build-python-3.11 (push) Successful in 5m39s
/ build-python-3.13 (push) Has started running
This saves some workflow time previously spent on installing Debian packages and also allows for easier reuse of Buildah in other repos' actions. Signed-off-by: Vitaliy Potyarkin <v.potyarkin@yadro.com>
1.2 KiB
1.2 KiB
Forgejo Actions environment for building OCI container images
Building OCI container images inside Forgejo Actions is somewhat non-trivial. We need to execute Buildah inside of a rootless Podman container, which eventually leads to a podman-in-podman scenario. Thankfully, this is not as complex as docker-in-docker.
This image contains everything we need for executing make image
in our
Golang repos:
- Go toolchain (for helper scripts called by Makefile)
- Docker wrapper (for abstracting Buildah away from human Makefile users)
- Podman configuration files
Usage
Referencing this container from .forgejo/workflows/workflow.yml
:
jobs:
oci-image:
runs-on: docker
container: git.frostfs.info/truecloudlab/env:oci-image-builder-bookworm
See full live example in action in this repo.
Initial Forgejo setup
We use this image to build all images in this repo. To avoid chicken-and-egg situation in case of disaster recovery, the first version of this image must be pushed from outside of Forgejo Actions, e.g. from sysadmin laptop:
$ make oci-image-builder-bookworm
$ make push-oci-image-builder-bookworm