ci: refactor build pipeline to use standard docker commands

Updates the image building workflow to improve reliability and readability. Changes: - Replaced the complex `moby/buildkit` container-in-container execution with standard Docker build and push steps. - Added explicit checkout, login, and build steps to the job matrix. - Improved the change detection logic: - Added input sanitization (whitespace trimming) for manually triggered builds. - Added comments explaining the directory diff logic. - Updated job titles and comments to English for consistency (e.g., "Detect modified images" instead of "Détection des images modifiées"). - Added `fail-fast: false` to the matrix strategy so one failed build doesn't stop others.
2025-12-07 20:40:56 +01:00
parent 0a490015d2
commit 2241f39e50
1 changed files with 46 additions and 50 deletions
--- a/.gitea/workflows/build-images.yml
+++ b/.gitea/workflows/build-images.yml
@@ -16,7 +16,7 @@ env:

 jobs:
  # ============================================================================
-  # Job 1 : Détection des images modifiées
+  # Job 1 : Detect modified images
  # ============================================================================
  detect-changes:
    runs-on: docker
@@ -38,14 +38,25 @@ jobs:
        id: changes
        run: |
          if [ -n "${{ inputs.image }}" ]; then
-            echo "matrix=[\"${{ inputs.image }}\"]" >> $GITHUB_OUTPUT
-            echo "has_changes=true" >> $GITHUB_OUTPUT
+            # Clean input to remove potential whitespace
+            IMAGE=$(echo "${{ inputs.image }}" | xargs)
+            if [ -n "$IMAGE" ]; then
+              echo "matrix=[\"$IMAGE\"]" >> $GITHUB_OUTPUT
+              echo "has_changes=true" >> $GITHUB_OUTPUT
+            else
+               echo "has_changes=false" >> $GITHUB_OUTPUT
+               echo "matrix=[]" >> $GITHUB_OUTPUT
+            fi
          else
+            # Find changed directories in images/
+            # We look for changes in images/ subdirectory between the previous commit and current commit
            CHANGED=$(git diff --name-only HEAD~1 HEAD -- images/ 2>/dev/null | cut -d'/' -f2 | sort -u | grep -v '^$' || true)
+            
            if [ -z "$CHANGED" ]; then
              echo "has_changes=false" >> $GITHUB_OUTPUT
              echo "matrix=[]" >> $GITHUB_OUTPUT
            else
+              # Convert to JSON array, filtering out empty strings
              JSON=$(echo "$CHANGED" | jq -R -s -c 'split("\n") | map(select(length > 0))')
              echo "matrix=$JSON" >> $GITHUB_OUTPUT
              echo "has_changes=true" >> $GITHUB_OUTPUT
@@ -58,7 +69,7 @@ jobs:
          echo "Has changes: ${{ steps.changes.outputs.has_changes }}"

  # ============================================================================
-  # Job 2 : Build avec Buildkit (tout dans un seul container)
+  # Job 2 : Build and Push (Standard Docker)
  # ============================================================================
  build:
    needs: detect-changes
@@ -69,54 +80,39 @@ jobs:
    strategy:
      matrix:
        image: ${{ fromJson(needs.detect-changes.outputs.matrix) }}
+      fail-fast: false
    steps:
-      - name: Build and push with Buildkit
-        env:
-          REGISTRY_TOKEN: ${{ secrets.REGISTRY_TOKEN }}
-          REGISTRY_USER: ${{ gitea.actor }}
+      - name: Install dependencies
+        run: apk add --no-cache git
+
+      - name: Checkout repository
        run: |
-          IMAGE_NAME="${{ env.REGISTRY }}/damien/${{ matrix.image }}"
-          REPO_URL="https://gitea.arnodo.fr/${{ gitea.repository }}.git"
-          IMAGE_PATH="images/${{ matrix.image }}"
+          git clone --depth 2 https://gitea.arnodo.fr/${{ gitea.repository }}.git .
+          git checkout ${{ gitea.sha }}
+
+      - name: Login to Registry
+        run: |
+          echo "${{ secrets.REGISTRY_TOKEN }}" | docker login ${{ env.REGISTRY }} -u ${{ gitea.actor }} --password-stdin
+
+      - name: Build and Push
+        env:
+          IMAGE_NAME: ${{ env.REGISTRY }}/damien/${{ matrix.image }}
+          IMAGE_PATH: images/${{ matrix.image }}
+        run: |
+          echo "Building $IMAGE_NAME:latest from $IMAGE_PATH ..."
          
-          echo "Building ${IMAGE_NAME}:latest ..."
+          if [ ! -d "$IMAGE_PATH" ]; then
+            echo "Error: Directory $IMAGE_PATH does not exist."
+            exit 1
+          fi
          
-          # Tout se passe dans le container buildkit : clone + build + push
-          docker run --rm --privileged \
-            --entrypoint sh \
-            moby/buildkit:master \
-            -c "
-              set -e
-              
-              # Install git
-              apk add --no-cache git
-              
-              # Clone repo
-              git clone --depth 1 ${REPO_URL} /src
-              
-              # Setup registry auth
-              mkdir -p /root/.docker
-              AUTH=\$(echo -n '${REGISTRY_USER}:${REGISTRY_TOKEN}' | base64 | tr -d '\n')
-              cat > /root/.docker/config.json <<EOF
-          {
-            \"auths\": {
-              \"${{ env.REGISTRY }}\": {
-                \"auth\": \"\${AUTH}\"
-              }
-            }
-          }
-          EOF
-              
-              # Debug
-              echo 'Context content:'
-              ls -la /src/${IMAGE_PATH}/
-              
-              # Build and push
-              buildctl-daemonless.sh build \
-                --frontend dockerfile.v0 \
-                --local context=/src/${IMAGE_PATH} \
-                --local dockerfile=/src/${IMAGE_PATH} \
-                --output type=image,name=${IMAGE_NAME}:latest,push=true
-            "
+          if [ ! -f "$IMAGE_PATH/Dockerfile" ]; then
+            echo "Error: Dockerfile not found in $IMAGE_PATH."
+            exit 1
+          fi
+
+          # Use standard docker build
+          docker build -t "$IMAGE_NAME:latest" "$IMAGE_PATH"
+          docker push "$IMAGE_NAME:latest"
          
-          echo "✅ Pushed ${IMAGE_NAME}:latest"
+          echo "✅ Pushed $IMAGE_NAME:latest"