Added readme and fixed credential refral

Added initial version for building a golang artifact and a container from an artifact
2025-10-01 16:49:28 -04:00 · 2025-10-01 16:26:52 -04:00
4 changed files with 259 additions and 18 deletions
--- a/.gitea/workflows/container-from-artifact.yaml
+++ b/.gitea/workflows/container-from-artifact.yaml
@@ -0,0 +1,99 @@
 # This workflow builds a container image from a specified artifact and a given
 # Dockerfile using Buildah and pushes it to a container registry.
 name: Build a container from an artifact
 on:
  workflow_call:
    inputs:
      artifact_name:
        description: "Name of the artifact to download"
        required: true
        type: string
      package-name:
        description: "Name of the package to build"
        required: true
        type: string
      package-label:
        description: "Label to use for the package" 
        required: true
        type: string
      builder-image:
        description: "Container image to use for the build"
        required: false
        type: string
        default: gitea.ampenberger.com/campenbe/img-builder:3.21-1.24
      dockerfile:
        description: "Dockerfile to use for the build"
        required: false
        type: string
        default: Dockerfile
      version:
        description: "Version string passed to the Docker build as build-arg"
        required: false
        type: string
        default: development
      git_user:
        description: "Git user to use for checkout and the container registry"  
        required: false
        type: string
        default: campenbe
    secrets:
      # Password to log into the container registry
      PASSWORD:
        required: true
      # Token to access the git repository
      GIT_TOKEN:
        required: true
 env:
  PACKAGE_NAME: ${{ inputs.package-name }}
  PACKAGE_LABEL: ${{ inputs.package-label }}
  VERSION: ${{ inputs.version }}
  LABEL: ${{ inputs.package-label }}
  ARTIFACT_UPLOAD: ${{ env.ACT_EXEC == 'true' && 'actions/upload-artifact@v2' || 'actions/upload-artifact@v3' }}
  ARTIFACT_DOWNLOAD: ${{ env.ACT_EXEC == 'true' && 'actions/download-artifact@v2' || 'actions/download-artifact@v3' }}
 jobs:
    container:
      runs-on: ubuntu-latest
      container:
        image: ${{inputs.builder-image}}
        credentials:
          username: ${{inputs.git_user}}
          password: ${{secrets.PASSWORD}}
      steps:
      - name: Install tools
        run : |
          gitea_addr.sh
          env | sort
      - name: Fix git access
        run: |
          git config --global url."https://git:${{secrets.GIT_TOKEN}}@gitea.ampenberger.com/${{inputs.git_user}}/.insteadOf" git://git.ampenberger.com/
      - uses: actions/checkout@v4
        with:
          submodules: false
      - name: Download the artifact
        uses: "${{env.ARTIFACT_DOWNLOAD}}"
        with: 
          name: ${{inputs.artifact_name}}
          path: build/
      - name: Build container
        run: |
          find build
          set -x
          buildah build -f ${{inputs.dockerfile}} --build-arg GIT_TOKEN=${{secrets.GIT_TOKEN}} --build-arg VERSION=${VERSION} -t gitea.ampenberger.com/${{inputs.git_user}}/${PACKAGE_NAME}:${LABEL} .
          echo "Built ${PACKAGE_NAME}:${LABEL}"
          buildah images
      - name: Publish the container to the registry
        run: |  
          buildah login -u ${{inputs.git_user}} -p ${{secrets.GIT_TOKEN}} gitea.ampenberger.com 
          buildah push  gitea.ampenberger.com/${{inputs.git_user}}/${PACKAGE_NAME}:${LABEL}
--- a/.gitea/workflows/go-binary.yaml
+++ b/.gitea/workflows/go-binary.yaml
@@ -0,0 +1,102 @@
 # This is a shared workflow that will build a go binary by executing
 # the following steps:
 #
 # - checkout the code
 # - download the go modules
 # - run go vet
 # - run the unit tests and generate a coverage report
 # - build the binary
 # - upload the binary as an artifact
 #
 # A number of input params are used to customize the build.
 name: Build a go binary
 on: 
  workflow_call:
    inputs:
      package-name:
        description: "Name of the package/binary that will be built"
        required: true
        type: string
      builder-image:
        description: "Container image to use for the build"
        required: false
        type: string
        default: gitea.ampenberger.com/campenbe/img-builder:3.22-1.24
      version:
        description: "Version string to embed in the binary"
        required: false
        type: string
        default: development
      git_user:
        description: "Git user to use for checkout and the container registry"
        required: false
        type: string
        default: campenbe
    secrets:
      # Password to log into the container registry
      PASSWORD:
        required: true
      # Token to access the git repository
      GIT_TOKEN:
        required: true
 env:
  PACKAGE_NAME: ${{ inputs.package-name }}
  ARTIFACT_UPLOAD: ${{ env.ACT_EXEC == 'true' && 'actions/upload-artifact@v2' || 'actions/upload-artifact@v3' }}
  ARTIFACT_DOWNLOAD: ${{ env.ACT_EXEC == 'true' && 'actions/download-artifact@v2' || 'actions/download-artifact@v3' }}
  VERSION: ${{ inputs.version }}
 jobs: 
  go:
    runs-on: ubuntu-latest
    container:
      image: ${{inputs.builder-image}}
      credentials:
        username: ${{inputs.git_user}}
        password: ${{secrets.PASSWORD}}
    steps:
    - name: Install tools
      run : |
        apk add vips-dev
        gitea_addr.sh
        env | sort
    - name: Fix git access
      run: |
        git config --global url."https://git:${{secrets.GIT_TOKEN}}@gitea.ampenberger.com/${{inputs.git_user}}/.insteadOf" git://git.ampenberger.com/
    - uses: actions/checkout@v4
      with:
        submodules: false
    - name: Download modules
      run: |
        git config --global url."https://git:${{secrets.GIT_TOKEN}}@gitea.ampenberger.com/${{inputs.git_user}}/.insteadOf" ssh://git.ampenberger.com/
        go mod download -x
    - name: vet the code
      run: mage -v vet
    - name: unit tests and coverage
      run: mage -v coverReport
    - name: coverage artifact
      uses: "${{env.ARTIFACT_UPLOAD}}"
      with:
        name: coverage
        path: build/coverage.html
    - name: build the binary
      run: |
        [ -d build ] || mkdir build
        go build -v -o build/${PACKAGE_NAME} -ldflags "-X main.Version=${VERSION:-development}" .
        echo "Built binary: ${PACKAGE_NAME}"
    - name: Upload artifact
      uses: "${{env.ARTIFACT_UPLOAD}}"
      with:
        name: ${{env.PACKAGE_NAME}}
        path: build/
--- a/.gitea/workflows/simple-container.yaml
+++ b/.gitea/workflows/simple-container.yaml
@@ -3,17 +3,31 @@ name: Build and Publisch a Simple Container
 on:
  workflow_call:
    inputs:
      dockerfile:
        description: "Dockerfile to use for the build"
        required: true
        type: string
        default: Dockerfile
      git_user:
        description: "Git user to use for checkout and the container registry"
        required: true
        type: string
        default: campenbe
      package-name:
        description: "Name of the package to build"
        required: true
        type: string
      package-label:
        description: "Label to use for the package"
        required: true
        type: string
      builder-image:
        description: "Container image to use for the build" 
        required: false
        type: string
        default: gitea.ampenberger.com/campenbe/img-builder:3.21-1.24
      version:
        description: "Version string passed to the Docker build as build-arg"
        required: false
        type: string
        default: development
@@ -37,7 +51,7 @@ jobs:
      container:
        image: ${{inputs.builder-image}}
        credentials:
-          username: campenbe
+          username: ${{inputs.git_user}}
          password: ${{secrets.PASSWORD}}
      steps:
@@ -49,7 +63,7 @@ jobs:
      - name: Fix git access
        run: |
-          git config --global url."https://git:${{secrets.GIT_TOKEN}}@gitea.ampenberger.com/campenbe/.insteadOf" git://git.ampenberger.com/ 
+          git config --global url."https://git:${{secrets.GIT_TOKEN}}@gitea.ampenberger.com/${{inputs.git_user}}/.insteadOf" git://git.ampenberger.com/
      - uses: actions/checkout@v4
        with:
@@ -57,25 +71,12 @@ jobs:
      - name: Build container
        run: |
-          buildah build -f Dockerfile --build-arg GIT_TOKEN=${{secrets.GIT_TOKEN}} --build-arg VERSION=${{inputs.version}} -t gitea.ampenberger.com/campenbe/${PACKAGE_NAME}:${LABEL}
+          buildah build -f ${{inputs.dockerfile}} --build-arg GIT_TOKEN=${{secrets.GIT_TOKEN}} --build-arg VERSION=${{inputs.version}} -t gitea.ampenberger.com/${{inputs.git_user}}/${PACKAGE_NAME}:${LABEL}
          echo "Built ${PACKAGE_NAME}:${LABEL}"
          buildah images
      - name: export the image
        run: |
          buildah push --format docker gitea.ampenberger.com/campenbe/${PACKAGE_NAME}:${LABEL} docker-archive:${PACKAGE_NAME}-${LABEL}.tar
          echo "Exported gitea.ampenberger.com/campenbe/${PACKAGE_NAME}:${LABEL} to ${PACKAGE_NAME}-${LABEL}.tar"
      - name: Upload container image
        uses: "${{env.ARTIFACT_UPLOAD}}"
        with:
          name: ${{env.PACKAGE_NAME}}-${{ env.LABEL }}
          path: "${{env.PACKAGE_NAME}}-${{ env.LABEL }}.tar"
          if-no-files-found: error
          compression-level: 0
      - name: Publish the container to the registry
        run: |  
-          buildah login -u campenbe -p ${{secrets.GIT_TOKEN}} gitea.ampenberger.com 
+          buildah login -u ${{inputs.git_user}} -p ${{secrets.GIT_TOKEN}} gitea.ampenberger.com 
-          buildah push  gitea.ampenberger.com/campenbe/${PACKAGE_NAME}:${LABEL}
+          buildah push  gitea.ampenberger.com/${{inputs.git_user}}/${PACKAGE_NAME}:${LABEL}
--- a/README.md
+++ b/README.md
@@ -0,0 +1,39 @@
 This repository is public and contains shared workflows that are used
 in other builds. Each workflow takes a number of parameters and
 secrets as inputs. Parameters and secrets are documented in the
 respective workflows.
 At this point the the following workflows are available:
 - ```simple-container.yaml``` - One shot of build of a container through
  a given Dockerfile.
 - ```go-binary.yaml``` - Builds a golang binary and uploads the binary
  as artifact.
 - ```container-from-artifact.yaml``` - Builds and uploads a container from
  a given artifact and a given Dockerfile.
 ## Usage
 The workflows are used with in a master workflow through a workflow
 call, like below. Also see [build.yaml](https://gitea.ampenberger.com/campenbe/synauth/src/branch/main/.gitea/workflows/build.yaml)
 for an example
  ```
    ....
    build-container:
      uses: https://gitea.ampenberger.com/campenbe/workflows/.gitea/workflows/container-from-artifact.yaml@2025-10-01-1
      with:
        artifact_name: my_source_artifact
        dockerfile: Dockerfile.small
        package-name: cool-project
        package-label: v1
        version: v1-r1
      secrets:
        PASSWORD: ${{ secrets.PASSWORD }}
        GIT_TOKEN: ${{ secrets.GIT_TOKEN }}
  ```
 ## Development
 To avoid caching issues always tag a new version and refer to the respective
 version with the tag in the consuming workflow.
Author	SHA1	Message	Date
Ampenberger, Chris	45b69d5b8d	Added readme and fixed credential refral	2025-10-01 16:49:28 -04:00
Ampenberger, Chris	7a244ff662	Added initial version for building a golang artifact and a container from an artifact	2025-10-01 16:26:52 -04:00