astra/container-action
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge pull request #5 from Frozen-Tapestry/develop

Browse source 
New release with permission fix
This commit is contained in:
Foat 2025-02-28 16:42:45 +03:00 committed by GitHub
commit 09c93ff653
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
4 changed files with 48 additions and 20 deletions
Download patch file Download diff file Expand all files Collapse all files

3
.github/pull_request_template.md vendored Normal file
View file

@ -0,0 +1,3 @@
### Base branch for this PR
Please target the `develop` branch for this Pull Request.

6
README.md
View file

@ -46,13 +46,17 @@ jobs:
uses: actions/checkout@v4 uses: actions/checkout@v4
- name: Use Podman Build and Push Action - name: Use Podman Build and Push Action
uses: frozen-tapestry/podman-build-push-action@v1 uses: Frozen-Tapestry/container-action@v1
with: with:
login_registry: ghcr.io login_registry: ghcr.io
login_username: ${{ secrets.REGISTRY_USERNAME }} login_username: ${{ secrets.REGISTRY_USERNAME }}
login_password: ${{ secrets.REGISTRY_PASSWORD }} login_password: ${{ secrets.REGISTRY_PASSWORD }}
tags: ghcr.io/your-namespace/your-image:latest tags: ghcr.io/your-namespace/your-image:latest
dockerfile: path/to/Dockerfile dockerfile: path/to/Dockerfile
# Use those security flags if using GitHub Action. Keep the defaults, if using Gitea.
security: |
--security-opt=seccomp=unconfined
--security-opt=apparmor=unconfined
push: true push: true
``` ```

7
RELEASES.md
View file

@ -2,4 +2,9 @@
### v1.0.0 ### v1.0.0
- Initial release - Initial release
### v1.1.0
- Permission error fix
- Readme updates

52
scripts/run.sh
View file

@ -13,12 +13,23 @@ PODMAN_USER="podman"
chown $PODMAN_USER:$PODMAN_USER /home/$PODMAN_USER/auth chown $PODMAN_USER:$PODMAN_USER /home/$PODMAN_USER/auth
chown $PODMAN_USER:$PODMAN_USER /home/$PODMAN_USER/.local/share/containers/storage chown $PODMAN_USER:$PODMAN_USER /home/$PODMAN_USER/.local/share/containers/storage
run_cmd() {
local build_cmd=("$@")
cmd=$(printf "%q\t" "${build_cmd[@]}")
echo "Running: $cmd"
su "$PODMAN_USER" -c "$cmd"
}
### LOGIN ### LOGIN
if [[ -n "$REGISTRY" && -n "$USERNAME" && -n "$PASSWORD" ]]; then if [[ -n "$REGISTRY" && -n "$USERNAME" && -n "$PASSWORD" ]]; then
sudo -u $PODMAN_USER podman login \ build_cmd=(podman login
--storage-driver=overlay \ --storage-driver=overlay
--authfile="$REGISTRY_AUTH_FILE" \ --authfile="$REGISTRY_AUTH_FILE"
"$REGISTRY" -u "$USERNAME" -p "$PASSWORD" "$REGISTRY"
-username="$USERNAME"
--password="$PASSWORD"
)
run_cmd "${build_cmd[@]}"
fi fi
generate_args() { generate_args() {
@ -50,26 +61,31 @@ if [[ -n "$DOCKERFILE" ]]; then
EXTRA_ARGS=$(generate_args "$ACTION_EXTRA_ARGS" "") EXTRA_ARGS=$(generate_args "$ACTION_EXTRA_ARGS" "")
echo "Extra args: $EXTRA_ARGS" echo "Extra args: $EXTRA_ARGS"
sudo -u $PODMAN_USER podman build --platform="linux/amd64" \ build_cmd=(podman build
--storage-driver=overlay \ --platform="linux/amd64"
--authfile="$REGISTRY_AUTH_FILE" \ --storage-driver=overlay
--pull=true \ --authfile="$REGISTRY_AUTH_FILE"
--label image.created="$CREATED" \ --pull=true
--label image.revision="$REVISION" \ --label=image.created="$CREATED"
--label image.source="$SOURCE" \ --label=image.revision="$REVISION"
$TAGS \ --label=image.source="$SOURCE"
$LABELS \ $TAGS
$BUILD_ARGS \ $LABELS
$EXTRA_ARGS \ $BUILD_ARGS
-f "$DOCKERFILE" \ $EXTRA_ARGS
--file="$DOCKERFILE"
. .
)
run_cmd "${build_cmd[@]}"
fi fi
if [[ -n "$PUSH" && "$PUSH" == "true" ]]; then if [[ -n "$PUSH" && "$PUSH" == "true" ]]; then
TAGS=$(generate_args "$ACTION_TAGS" "") TAGS=$(generate_args "$ACTION_TAGS" "")
echo "Tags: $TAGS" echo "Tags: $TAGS"
sudo -u $PODMAN_USER podman push \ build_cmd=(podman push
--storage-driver=overlay \ --storage-driver=overlay
--authfile="$REGISTRY_AUTH_FILE" $TAGS --authfile="$REGISTRY_AUTH_FILE" $TAGS
)
run_cmd "${build_cmd[@]}"
fi fi