From 4cf03ff3616a108ed47ed72d283238042fab92a0 Mon Sep 17 00:00:00 2001 From: HRiggs Date: Sat, 6 Jun 2026 01:35:55 -0400 Subject: [PATCH] add workflow --- .gitea/workflows/docker-publish.yml | 78 +++++++++++++++++++++++++++++ deploy/stack.env.example | 4 +- 2 files changed, 80 insertions(+), 2 deletions(-) create mode 100644 .gitea/workflows/docker-publish.yml diff --git a/.gitea/workflows/docker-publish.yml b/.gitea/workflows/docker-publish.yml new file mode 100644 index 0000000..372c1a3 --- /dev/null +++ b/.gitea/workflows/docker-publish.yml @@ -0,0 +1,78 @@ +name: Build and Publish Containers + +on: + push: + branches: + - main + tags: + - "v*" + paths: + - "backend/**" + - ".gitea/workflows/docker-publish.yml" + workflow_dispatch: + +env: + REGISTRY: ${{ vars.GITEA_REGISTRY || 'git.hudsonriggs.systems' }} + REGISTRY_USERNAME: ${{ github.actor }} + REGISTRY_PASSWORD: ${{ secrets.REGISTRY_TOKEN || secrets.GITHUB_TOKEN }} + IMAGE_NAMESPACE: ${{ vars.GITEA_IMAGE_NAMESPACE || github.repository_owner }} + +jobs: + build-and-push: + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + strategy: + matrix: + include: + - name: backend + context: . + dockerfile: backend/Dockerfile + image: rmtpocketwatcher-backend + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Validate registry settings + shell: bash + run: | + if [ -z "${REGISTRY_PASSWORD}" ]; then + echo "Missing registry credentials. Set REGISTRY_TOKEN or ensure GITHUB_TOKEN has package write access." >&2 + exit 1 + fi + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Login to registry + uses: docker/login-action@v3 + with: + registry: ${{ env.REGISTRY }} + username: ${{ env.REGISTRY_USERNAME }} + password: ${{ env.REGISTRY_PASSWORD }} + + - name: Docker meta + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAMESPACE }}/${{ matrix.image }} + tags: | + type=sha + type=ref,event=branch + type=ref,event=tag + type=semver,pattern={{version}} + type=semver,pattern={{major}}.{{minor}} + type=raw,value=latest,enable={{is_default_branch}} + + - name: Build and push + uses: docker/build-push-action@v6 + with: + context: ${{ matrix.context }} + file: ${{ matrix.dockerfile }} + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ env.IMAGE_NAMESPACE }}/${{ matrix.image }}:buildcache + cache-to: type=registry,ref=${{ env.REGISTRY }}/${{ env.IMAGE_NAMESPACE }}/${{ matrix.image }}:buildcache,mode=max diff --git a/deploy/stack.env.example b/deploy/stack.env.example index d800ad8..a75260f 100644 --- a/deploy/stack.env.example +++ b/deploy/stack.env.example @@ -4,8 +4,8 @@ POSTGRES_PASSWORD=your_secure_password_here POSTGRES_DB=rmtpocketwatcher # Docker Registry Configuration -DOCKER_REGISTRY=ghcr.io -DOCKER_IMAGE=lambdabanking/rmtpocketwatcher-backend +DOCKER_REGISTRY=your-gitea.example.com +DOCKER_IMAGE=your-org-or-user/rmtpocketwatcher-backend IMAGE_TAG=latest # Backend Configuration