podman rootless build
This commit is contained in:
Foat Akhmadeev
parent
74ac786fcb
commit
fcb356d992
2 changed files with 19 additions and 14 deletions
16
action.yml
16
action.yml
|
|
@ -40,12 +40,6 @@ inputs:
|
|||
description: Whether to push the image after building.
|
||||
default: 'false'
|
||||
required: false
|
||||
shared_path:
|
||||
description: |
|
||||
Path to container shared folder for different cache files on the host filesystem.
|
||||
Useful for self-hosted runners.
|
||||
default: '/tmp/shared'
|
||||
required: false
|
||||
security:
|
||||
description: Security flags that are used for an intermediate container. New line separated.
|
||||
default: '--network=host'
|
||||
|
|
@ -55,16 +49,16 @@ runs:
|
|||
using: composite
|
||||
steps:
|
||||
- name: Run container steps
|
||||
uses: frozen-tapestry/docker-run-action@v5p
|
||||
uses: frozen-tapestry/docker-run-action@0c2c7831e29d4389f7521909b92e8097d1eecc88
|
||||
with:
|
||||
image: quay.io/podman/stable:latest
|
||||
mount_ws: true
|
||||
options: |
|
||||
${{ inputs.security }}
|
||||
-v=${{ inputs.shared_path }}/auth:/etc/containers/auth
|
||||
-v=${{ inputs.shared_path }}/storage:/var/lib/containers/storage
|
||||
-v=${{ github.action_path }}/scripts:/scripts
|
||||
-e=REGISTRY_AUTH_FILE=/etc/containers/auth/auth.json
|
||||
-v=${{ env.CACHE_SHARED_PATH }}/podman-auth:/home/podman/auth:rw
|
||||
-v=${{ env.CACHE_SHARED_PATH }}/podman-storage:/home/podman/.local/share/containers/storage:rw
|
||||
-v=${{ github.action_path }}/scripts:/scripts:ro
|
||||
-e=REGISTRY_AUTH_FILE=/home/podman/auth/auth.json
|
||||
-e=REGISTRY=${{ inputs.login_registry }}
|
||||
-e=USERNAME=${{ inputs.login_username }}
|
||||
-e=PASSWORD=${{ inputs.login_password }}
|
||||
|
|
|
|||
|
|
@ -8,9 +8,17 @@ PASSWORD=${PASSWORD:-}
|
|||
DOCKERFILE=${DOCKERFILE:-}
|
||||
PUSH=${PUSH:-}
|
||||
|
||||
PODMAN_USER="podman"
|
||||
|
||||
chown $PODMAN_USER:$PODMAN_USER /home/$PODMAN_USER/auth
|
||||
chown $PODMAN_USER:$PODMAN_USER /home/$PODMAN_USER/.local/share/containers/storage
|
||||
|
||||
### LOGIN
|
||||
if [[ -n "$REGISTRY" && -n "$USERNAME" && -n "$PASSWORD" ]]; then
|
||||
podman login --storage-driver=overlay "$REGISTRY" -u "$USERNAME" -p "$PASSWORD"
|
||||
sudo -u $PODMAN_USER podman login \
|
||||
--storage-driver=overlay \
|
||||
--authfile="$REGISTRY_AUTH_FILE" \
|
||||
"$REGISTRY" -u "$USERNAME" -p "$PASSWORD"
|
||||
fi
|
||||
|
||||
generate_args() {
|
||||
|
|
@ -42,8 +50,9 @@ if [[ -n "$DOCKERFILE" ]]; then
|
|||
EXTRA_ARGS=$(generate_args "$ACTION_EXTRA_ARGS" "")
|
||||
echo "Extra args: $EXTRA_ARGS"
|
||||
|
||||
podman build --platform="linux/amd64" \
|
||||
sudo -u $PODMAN_USER podman build --platform="linux/amd64" \
|
||||
--storage-driver=overlay \
|
||||
--authfile="$REGISTRY_AUTH_FILE" \
|
||||
--pull=true \
|
||||
--label image.created="$CREATED" \
|
||||
--label image.revision="$REVISION" \
|
||||
|
|
@ -60,5 +69,7 @@ if [[ -n "$PUSH" && "$PUSH" == "true" ]]; then
|
|||
TAGS=$(generate_args "$ACTION_TAGS" "")
|
||||
echo "Tags: $TAGS"
|
||||
|
||||
podman push --storage-driver=overlay $TAGS
|
||||
sudo -u $PODMAN_USER podman push \
|
||||
--storage-driver=overlay \
|
||||
--authfile="$REGISTRY_AUTH_FILE" $TAGS
|
||||
fi
|
||||
Loading…
Add table
Add a link
Reference in a new issue