Erich Blume
c098199f8b
Remove the DinD-based k8s runner and add a native systemd Forgejo Actions runner on ringtail for building containers with nix build and pushing via skopeo. The runner uses the NixOS services.gitea-actions-runner module with host execution (no containers), and Ansible provisions the registration token from 1Password. Adds a new build-container-nix workflow for -nix- tags and updates mise tasks to support both Dockerfile and Nix builds. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
77 lines
2 KiB
Bash
Executable file
77 lines
2 KiB
Bash
Executable file
#!/usr/bin/env bash
|
|
#MISE description="Release a container image by creating a git tag"
|
|
|
|
set -euo pipefail
|
|
|
|
CONTAINER="${1:-}"
|
|
VERSION="${2:-}"
|
|
|
|
if [[ -z "$CONTAINER" || -z "$VERSION" ]]; then
|
|
echo "Usage: mise run container-tag-and-release <container> <version>"
|
|
echo ""
|
|
echo "Run 'mise run container-list' to see available containers and recent tags."
|
|
exit 1
|
|
fi
|
|
|
|
# Validate version format
|
|
if [[ ! "$VERSION" =~ ^v[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
|
|
echo "Error: Version must be in format vX.Y.Z (e.g. v1.0.0)"
|
|
exit 1
|
|
fi
|
|
|
|
# Determine build type: Nix or Dockerfile
|
|
CONTAINER_DIR="containers/${CONTAINER}"
|
|
if [[ -f "$CONTAINER_DIR/default.nix" ]]; then
|
|
BUILD_TYPE="nix"
|
|
TAG="${CONTAINER}-nix-${VERSION}"
|
|
elif [[ -f "$CONTAINER_DIR/Dockerfile" ]]; then
|
|
BUILD_TYPE="dockerfile"
|
|
TAG="${CONTAINER}-${VERSION}"
|
|
else
|
|
echo "Error: No Dockerfile or default.nix found in '$CONTAINER_DIR'"
|
|
echo ""
|
|
echo "Available containers:"
|
|
for dir in containers/*/; do
|
|
[[ -d "$dir" ]] || continue
|
|
name=$(basename "$dir")
|
|
if [[ -f "$dir/default.nix" ]]; then
|
|
echo " - $name (nix)"
|
|
elif [[ -f "$dir/Dockerfile" ]]; then
|
|
echo " - $name (dockerfile)"
|
|
fi
|
|
done
|
|
exit 1
|
|
fi
|
|
|
|
echo "Creating release tag: $TAG"
|
|
echo "Build type: $BUILD_TYPE"
|
|
echo ""
|
|
|
|
# Check if tag already exists
|
|
if git rev-parse "$TAG" >/dev/null 2>&1; then
|
|
echo "Error: Tag '$TAG' already exists"
|
|
echo "Existing tags for $CONTAINER:"
|
|
git tag -l "${CONTAINER}-*v*" | sort -V | tail -5
|
|
exit 1
|
|
fi
|
|
|
|
# Image name follows convention: blumeops/<container>
|
|
IMAGE="blumeops/${CONTAINER}"
|
|
|
|
echo "Container: $CONTAINER"
|
|
echo "Directory: $CONTAINER_DIR"
|
|
echo "Image: registry.ops.eblu.me/$IMAGE:$VERSION"
|
|
echo ""
|
|
|
|
# Create and push tag
|
|
git tag "$TAG"
|
|
git push origin "$TAG"
|
|
|
|
echo ""
|
|
echo "Tag '$TAG' created and pushed"
|
|
echo ""
|
|
echo "The workflow will now build and push:"
|
|
echo " registry.ops.eblu.me/$IMAGE:$VERSION"
|
|
echo ""
|
|
echo "Monitor the build at:"
|
|
echo " https://forge.ops.eblu.me/eblume/blumeops/actions"
|