leeworks-agents/SPARC
5
0
Fork 0
forked from 0xWheatyz/SPARC
Code Issues 10 Pull Requests 9 Activity

feat: replace Kaniko with buildah for container builds

Browse Source 
- Switch from archived Kaniko to actively maintained buildah
- Use buildah from Alpine repos (no manual binary downloads)
- Replace bash syntax with POSIX sh (case instead of [[ ]])
- buildah works better in unprivileged containerized environments
- Simpler setup: just apk add buildah, no extra configuration

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
0xWheatyz
2026-03-06 03:07:47 +00:00
parent 7b61be1a4a
commit 08444b41a8
1 changed files with 34 additions and 47 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.gitea/workflows/build.yaml
+22 -35
View File
@@ -15,13 +15,7 @@ jobs:
- name: Install dependencies - name: Install dependencies
shell: sh shell: sh
run: | run: |
apk add --no-cache git wget ca-certificates apk add --no-cache git buildah fuse-overlayfs
- name: Install Kaniko
shell: sh
run: |
wget -O /usr/local/bin/executor https://github.com/GoogleContainerTools/kaniko/releases/download/v1.23.2/executor-linux-amd64
chmod +x /usr/local/bin/executor
- name: Checkout code - name: Checkout code
shell: sh shell: sh
@@ -48,54 +42,47 @@ jobs:
IMAGE_BASE="${REGISTRY}/${REPO_OWNER_LOWER}/${REPO_NAME_LOWER}" IMAGE_BASE="${REGISTRY}/${REPO_OWNER_LOWER}/${REPO_NAME_LOWER}"
# Determine tag based on ref # Determine tag based on ref
if [[ "${{ gitea.ref }}" == refs/tags/* ]]; then case "${{ gitea.ref }}" in
refs/tags/*)
# Tag push - use the tag name # Tag push - use the tag name
TAG_NAME="${{ gitea.ref_name }}" TAG_NAME="${{ gitea.ref_name }}"
echo "IMAGE_TAG=${IMAGE_BASE}:${TAG_NAME}" >> $GITHUB_OUTPUT echo "IMAGE_TAG=${IMAGE_BASE}:${TAG_NAME}" >> $GITHUB_OUTPUT
echo "PUSH_LATEST=true" >> $GITHUB_OUTPUT echo "PUSH_LATEST=true" >> $GITHUB_OUTPUT
elif [[ "${{ gitea.ref_name }}" == "main" ]]; then ;;
refs/heads/main)
# Main branch - use commit SHA (shortened to 7 chars) and latest # Main branch - use commit SHA (shortened to 7 chars) and latest
SHORT_SHA=$(echo "${{ gitea.sha }}" | cut -c1-7) SHORT_SHA=$(echo "${{ gitea.sha }}" | cut -c1-7)
echo "IMAGE_TAG=${IMAGE_BASE}:${SHORT_SHA}" >> $GITHUB_OUTPUT echo "IMAGE_TAG=${IMAGE_BASE}:${SHORT_SHA}" >> $GITHUB_OUTPUT
echo "PUSH_LATEST=true" >> $GITHUB_OUTPUT echo "PUSH_LATEST=true" >> $GITHUB_OUTPUT
else ;;
*)
# Other branches - use branch name # Other branches - use branch name
BRANCH_TAG=$(echo "${{ gitea.ref_name }}" | sed 's/\//-/g') BRANCH_TAG=$(echo "${{ gitea.ref_name }}" | sed 's/\//-/g')
echo "IMAGE_TAG=${IMAGE_BASE}:${BRANCH_TAG}" >> $GITHUB_OUTPUT echo "IMAGE_TAG=${IMAGE_BASE}:${BRANCH_TAG}" >> $GITHUB_OUTPUT
echo "PUSH_LATEST=false" >> $GITHUB_OUTPUT echo "PUSH_LATEST=false" >> $GITHUB_OUTPUT
fi ;;
esac
echo "IMAGE_LATEST=${IMAGE_BASE}:latest" >> $GITHUB_OUTPUT echo "IMAGE_LATEST=${IMAGE_BASE}:latest" >> $GITHUB_OUTPUT
- name: Setup Kaniko config - name: Login to registry
shell: sh shell: sh
run: | run: |
mkdir -p /kaniko/.docker echo "${{ secrets.PERSONAL_TOKEN }}" | buildah login --username "${{ gitea.actor }}" --password-stdin gitea.leeworks.dev
cat > /kaniko/.docker/config.json <<EOF
{
"auths": {
"gitea.leeworks.dev": {
"auth": "$(echo -n "${{ gitea.actor }}:${{ secrets.PERSONAL_TOKEN }}" | base64)"
}
}
}
EOF
- name: Build and push with Kaniko - name: Build and push with buildah
shell: sh shell: sh
run: | run: |
echo "Building and pushing image with Kaniko..." echo "Building image with buildah..."
if [[ "${{ steps.tags.outputs.PUSH_LATEST }}" == "true" ]]; then buildah bud -t ${{ steps.tags.outputs.IMAGE_TAG }} .
/usr/local/bin/executor \
--context=/workspace/${{ gitea.repository }} \ echo "Pushing image..."
--dockerfile=Dockerfile \ buildah push ${{ steps.tags.outputs.IMAGE_TAG }}
--destination=${{ steps.tags.outputs.IMAGE_TAG }} \
--destination=${{ steps.tags.outputs.IMAGE_LATEST }} if [ "${{ steps.tags.outputs.PUSH_LATEST }}" = "true" ]; then
else echo "Tagging and pushing latest..."
/usr/local/bin/executor \ buildah tag ${{ steps.tags.outputs.IMAGE_TAG }} ${{ steps.tags.outputs.IMAGE_LATEST }}
--context=/workspace/${{ gitea.repository }} \ buildah push ${{ steps.tags.outputs.IMAGE_LATEST }}
--dockerfile=Dockerfile \
--destination=${{ steps.tags.outputs.IMAGE_TAG }}
fi fi
echo "Build and push completed successfully!" echo "Build and push completed successfully!"