forgejo/forgejo-build-publish: An action to build and publish Forgejo releases

An action to build and publish Forgejo releases

Go to file

earl-warren 8bcc130986 All checks were successful / build-test (push) Successful in 6m23s Details Merge pull request 'build: the status variable is in a subshell' (#15 ) from earl-warren/forgejo-build-publish:wip-verify-labels into main Reviewed-on: #15		2024-04-17 14:42:45 +00:00
.forgejo/workflows	move tests to a script for local debug	2024-01-20 00:37:30 +00:00
build	build: the status variable is in a subshell	2024-04-17 16:14:57 +02:00
publish	publish OCI with tags for the minor version as well	2024-04-12 11:34:42 +02:00
testdata	feat(build): optionally verify the built image has a set of labels	2024-04-16 16:59:41 +02:00
.gitignore	initial implementation	2023-08-25 10:35:35 +02:00
LICENSE	initial implementation	2023-08-25 10:35:35 +02:00
README.md	feat(build): optionally verify the built image has a set of labels	2024-04-16 16:59:41 +02:00
test.sh	add verbosity control on OCI label verification	2024-04-17 15:13:17 +02:00

README.md

forgejo-build-publish

This repository contains two actions that can be used together.

This action is not designed to be used in an application container (Docker, podman), it needs to run on an actual machine or a system container (LXC). See the Forgejo runner documentation for more information.

The forgejo-build-publish/build action will build multi-architecture binaries and OCI images and upload them to a Forgejo user/organization.

The forgejo-build-publish/publish action will copy and optionally sign binaries and OCI images from one user/organization to another.

Example

      - uses: https://code.forgejo.org/forgejo/forgejo-build-publish/build@v1
        with:
          forgejo: "${{ env.GITHUB_SERVER_URL }}"
          owner: "${{ env.GITHUB_REPOSITORY_OWNER }}"
          repository: "${{ steps.repository.outputs.value }}"
          doer: "release-team"
          tag-version: "${{ steps.tag-version.outputs.value }}"
          token: "FORGEJO_TOKEN"
          platforms: linux/amd64,linux/arm64
          release-notes: "RELEASE-NOTES"
          binary-name: software
          binary-path: /bin/software
          dockerfile: Dockerfile

      - uses: https://code.forgejo.org/forgejo/forgejo-build-publish/publish@v1
        with:
          from-forgejo: "${{ env.GITHUB_SERVER_URL }}"
          from-owner: "${{ env.GITHUB_REPOSITORY_OWNER }}"
          to-forgejo: "${{ env.GITHUB_SERVER_URL }}"
          to-owner: "forgejo-experimental"
          to-doer: "releaes-team"
          to-token: "FORGEJO_TOKEN"
	  repo: myrepo
          ref-name: ${{ github.ref_name }}
          container-suffixes: " "

Hacking

docker and sudo must be installed with insecure registries allowed in /etc/docker/daemon.json for the IP that will be used for forgejo such as:

{
  "insecure-registries": [ "10.0.0.0/8" ]
}

Requires LXC

git clone https://code.forgejo.org/actions/setup-forgejo
export PATH=$(pwd)/setup-forgejo:$PATH
git clone https://code.forgejo.org/actions/forgejo-build-publish
cd forgejo-build-publish
export DIR=/tmp/forgejo-build-publish

Run the test

Will call firefox on the Forgejo instance running the tests. It can build only for one target architecture if the debugging is not about that. Setting up binfmt properly is not for the faint of heart.

ADM64_ONLY=true ./test.sh run

Teardown

./test.sh teardown

Update the README from the actions file with https://github.com/npalm/action-docs action-docs --update-readme