Damien/docker-images
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor: run git clone + build inside single buildkit container

Browse Source
This commit is contained in:
Damien Arnodo
2025-12-07 18:20:21 +00:00
parent 10ff5e5a4e
commit e930f2dea6
1 changed files with 33 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files

65
.gitea/workflows/build-images.yml
View File

@@ -58,7 +58,7 @@ jobs:
echo "Has changes: ${{ steps.changes.outputs.has_changes }}" echo "Has changes: ${{ steps.changes.outputs.has_changes }}"
# ============================================================================ # ============================================================================
# Job 2 : Build avec Buildkit via Docker socket # Job 2 : Build avec Buildkit (tout dans un seul container)
# ============================================================================ # ============================================================================
build: build:
needs: detect-changes needs: detect-changes
@@ -70,59 +70,52 @@ jobs:
matrix: matrix:
image: ${{ fromJson(needs.detect-changes.outputs.matrix) }} image: ${{ fromJson(needs.detect-changes.outputs.matrix) }}
steps: steps:
- name: Install git and checkout
run: |
apk add --no-cache git
git clone --depth 1 https://gitea.arnodo.fr/${{ gitea.repository }}.git /src
- name: Build and push with Buildkit - name: Build and push with Buildkit
env: env:
REGISTRY_TOKEN: ${{ secrets.REGISTRY_TOKEN }} REGISTRY_TOKEN: ${{ secrets.REGISTRY_TOKEN }}
REGISTRY_USER: ${{ gitea.actor }} REGISTRY_USER: ${{ gitea.actor }}
run: | run: |
IMAGE_NAME="${{ env.REGISTRY }}/damien/${{ matrix.image }}" IMAGE_NAME="${{ env.REGISTRY }}/damien/${{ matrix.image }}"
REPO_URL="https://gitea.arnodo.fr/${{ gitea.repository }}.git"
IMAGE_PATH="images/${{ matrix.image }}"
echo "Building ${IMAGE_NAME}:latest ..." echo "Building ${IMAGE_NAME}:latest ..."
# Create a unique volume name for this build # Tout se passe dans le container buildkit : clone + build + push
VOLUME_NAME="buildkit-ctx-$$" docker run --rm --privileged \
moby/buildkit:master \
sh -c "
set -e
# Create a docker volume and copy source into it # Install git
docker volume create ${VOLUME_NAME} apk add --no-cache git
docker run --rm -v ${VOLUME_NAME}:/context -v /src/images/${{ matrix.image }}:/src:ro alpine sh -c "cp -r /src/* /context/"
# Create auth config in another volume # Clone repo
AUTH_VOLUME="buildkit-auth-$$" git clone --depth 1 ${REPO_URL} /src
docker volume create ${AUTH_VOLUME}
AUTH=$(echo -n "${REGISTRY_USER}:${REGISTRY_TOKEN}" | base64 | tr -d '\n') # Setup registry auth
docker run --rm -v ${AUTH_VOLUME}:/auth alpine sh -c "mkdir -p /auth && cat > /auth/config.json << 'AUTHEOF' mkdir -p /root/.docker
AUTH=\$(echo -n '${REGISTRY_USER}:${REGISTRY_TOKEN}' | base64 | tr -d '\n')
cat > /root/.docker/config.json <<EOF
{ {
\"auths\": { \"auths\": {
\"${{ env.REGISTRY }}\": { \"${{ env.REGISTRY }}\": {
\"auth\": \"${AUTH}\" \"auth\": \"\${AUTH}\"
} }
} }
} }
AUTHEOF" EOF
# Debug: show context content # Debug
echo "Context content:" echo 'Context content:'
docker run --rm -v ${VOLUME_NAME}:/context alpine ls -la /context/ ls -la /src/${IMAGE_PATH}/
# Run buildkit in daemonless mode # Build and push
docker run --rm \ buildctl-daemonless.sh build \
--privileged \ --frontend dockerfile.v0 \
-v ${VOLUME_NAME}:/context:ro \ --local context=/src/${IMAGE_PATH} \
-v ${AUTH_VOLUME}:/root/.docker:ro \ --local dockerfile=/src/${IMAGE_PATH} \
--entrypoint buildctl-daemonless.sh \ --output type=image,name=${IMAGE_NAME}:latest,push=true
moby/buildkit:master \ "
build \
--frontend dockerfile.v0 \
--local context=/context \
--local dockerfile=/context \
--output type=image,name=${IMAGE_NAME}:latest,push=true
# Cleanup volumes
docker volume rm ${VOLUME_NAME} ${AUTH_VOLUME} || true
echo "✅ Pushed ${IMAGE_NAME}:latest" echo "✅ Pushed ${IMAGE_NAME}:latest"