From 436d65d784876248585edb94be9cf397a874caba Mon Sep 17 00:00:00 2001
From: Vitaliy Potyarkin <v.potyarkin@yadro.com>
Date: Thu, 9 Jan 2025 12:07:17 +0300
Subject: [PATCH] [#1591] Build and host OCI images on our own infra

Similar to https://git.frostfs.info/TrueCloudLab/frostfs-s3-gw/issues/587
this PR introduces a CI pipeline that builds Docker images and pushes them
to our selfhosted registry.

Signed-off-by: Vitaliy Potyarkin <v.potyarkin@yadro.com>
---
 .forgejo/workflows/oci-image.yml | 28 ++++++++++++++++++++++++++++
 Makefile                         |  9 +++++++++
 docs/release-instruction.md      | 12 ++++--------
 3 files changed, 41 insertions(+), 8 deletions(-)
 create mode 100644 .forgejo/workflows/oci-image.yml

diff --git a/.forgejo/workflows/oci-image.yml b/.forgejo/workflows/oci-image.yml
new file mode 100644
index 000000000..fe91d65f9
--- /dev/null
+++ b/.forgejo/workflows/oci-image.yml
@@ -0,0 +1,28 @@
+name: OCI image
+
+on:
+  push:
+  workflow_dispatch:
+
+jobs:
+  image:
+    name: Build container images
+    runs-on: docker
+    container: git.frostfs.info/truecloudlab/env:oci-image-builder-bookworm
+    steps:
+      - name: Clone git repo
+        uses: actions/checkout@v3
+
+      - name: Build OCI image
+        run: make images
+
+      - name: Push image to OCI registry
+        run: |
+          echo "$REGISTRY_PASSWORD" \
+            | docker login --username truecloudlab --password-stdin git.frostfs.info
+          make push-images
+        if: >-
+          startsWith(github.ref, 'refs/tags/v') &&
+          (github.event_name == 'workflow_dispatch' || github.event_name == 'push')
+        env:
+          REGISTRY_PASSWORD: ${{secrets.FORGEJO_OCI_REGISTRY_PUSH_TOKEN}}
diff --git a/Makefile b/Makefile
index f0cdc273c..e9601a87e 100755
--- a/Makefile
+++ b/Makefile
@@ -139,6 +139,15 @@ images: image-storage image-ir image-cli image-adm
 # Build dirty local Docker images
 dirty-images: image-dirty-storage image-dirty-ir image-dirty-cli image-dirty-adm
 
+# Push FrostFS components' docker image to the registry
+push-image-%:
+	@echo "⇒ Publish FrostFS $* docker image "
+	@docker push $(HUB_IMAGE)-$*:$(HUB_TAG)
+
+# Push all Docker images to the registry
+.PHONY: push-images
+push-images: push-image-storage push-image-ir push-image-cli push-image-adm
+
 # Run `make %` in Golang container
 docker/%:
 	docker run --rm -t \
diff --git a/docs/release-instruction.md b/docs/release-instruction.md
index 18659c699..aa867e83c 100644
--- a/docs/release-instruction.md
+++ b/docs/release-instruction.md
@@ -95,19 +95,15 @@ $ git push origin ${FROSTFS_TAG_PREFIX}${FROSTFS_REVISION}
 
 ## Post-release
 
-### Prepare and push images to a Docker Hub (if not automated)
+### Prepare and push images to a Docker registry (automated)
 
-Create Docker images for all applications and push them into Docker Hub
-(requires [organization](https://hub.docker.com/u/truecloudlab) privileges)
+Create Docker images for all applications and push them into container registry
+(executed automatically in Forgejo Actions upon pushing a release tag):
 
 ```shell
 $ git checkout ${FROSTFS_TAG_PREFIX}${FROSTFS_REVISION}
 $ make images
-$ docker push truecloudlab/frostfs-storage:${FROSTFS_REVISION}
-$ docker push truecloudlab/frostfs-storage-testnet:${FROSTFS_REVISION}
-$ docker push truecloudlab/frostfs-ir:${FROSTFS_REVISION}
-$ docker push truecloudlab/frostfs-cli:${FROSTFS_REVISION}
-$ docker push truecloudlab/frostfs-adm:${FROSTFS_REVISION}
+$ make push-images
 ```
 
 ### Make a proper release (if not automated)