From bfdea41bd1f435c854b2c5f476ed505e50706084 Mon Sep 17 00:00:00 2001 From: Ashwin Kumar Sivakumar Date: Fri, 12 Jun 2026 22:07:26 +0530 Subject: [PATCH] fix: install docker cli in forgejo workflow namespace --- .forgejo/workflows/build.yaml | 119 ++++++++++++++++++++++++++++++++++ 1 file changed, 119 insertions(+) create mode 100644 .forgejo/workflows/build.yaml diff --git a/.forgejo/workflows/build.yaml b/.forgejo/workflows/build.yaml new file mode 100644 index 0000000..35b0531 --- /dev/null +++ b/.forgejo/workflows/build.yaml @@ -0,0 +1,119 @@ +name: build-and-push + +on: + push: + branches: + - main + - high-performance + +jobs: + build: + runs-on: ubuntu-latest + env: + DOCKER_HOST: unix:///var/run/docker.sock + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Install Docker CLI + run: | + apt-get update + apt-get install -y docker.io + + - name: Set up Docker Buildx + run: | + export DOCKER_HOST=unix:///var/run/docker.sock + docker version + docker buildx create --use || true + docker buildx inspect --bootstrap + + - name: Login to Registry + env: + REGISTRY_HOSTPORT: ${{ secrets.REGISTRY_HOSTPORT }} + REGISTRY_USERNAME: ${{ secrets.REGISTRY_USERNAME }} + REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }} + run: | + set -euo pipefail + export DOCKER_HOST=unix:///var/run/docker.sock + SHA="$(git rev-parse HEAD)" + test -n "$REGISTRY_HOSTPORT" + echo "$REGISTRY_PASSWORD" | docker login "$REGISTRY_HOSTPORT" -u "$REGISTRY_USERNAME" --password-stdin + + - name: Build and push + env: + REGISTRY_HOSTPORT: ${{ secrets.REGISTRY_HOSTPORT }} + run: | + set -euo pipefail + export DOCKER_HOST=unix:///var/run/docker.sock + SHA="$(git rev-parse HEAD)" + + build_and_push() { + docker buildx build --push \ + -f Dockerfile \ + -t "$REGISTRY_HOSTPORT/nxtgauge-frontend-solid:${SHA}" \ + -t "$REGISTRY_HOSTPORT/nxtgauge-frontend-solid:high-performance-latest" \ + . + } + + for attempt in 1 2 3; do + echo "Build attempt $attempt" + if build_and_push; then + exit 0 + fi + echo "Build attempt $attempt failed; recreating builder and retrying" + docker buildx rm --all-inactive --force || true + docker buildx create --use || true + docker buildx inspect --bootstrap + sleep $((attempt * 10)) + done + + echo "Build failed after retries" + exit 1 + + - name: Prune old image tags (keep latest 1 SHA) + if: success() + continue-on-error: true + env: + REGISTRY_HOST: ${{ secrets.REGISTRY_HOSTPORT }} + REGISTRY_USERNAME: ${{ secrets.REGISTRY_USERNAME }} + REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }} + run: | + set -euo pipefail + python3 .forgejo/scripts/registry_prune.py \ + --registry "$REGISTRY_HOST" \ + --repo "nxtgauge-frontend-solid" \ + --username "$REGISTRY_USERNAME" \ + --password "$REGISTRY_PASSWORD" \ + --keep 1 + + - name: Update GitOps and trigger deployment + if: success() + continue-on-error: true + env: + GITEOPS_REPO: ${{ secrets.GITEOPS_REPO }} + GITEOPS_SSH_KEY: ${{ secrets.GITEOPS_SSH_KEY }} + run: | + set -euo pipefail + SHA="$(git rev-parse HEAD)" + + if [ -z "$GITEOPS_REPO" ]; then + echo "GITEOPS_REPO secret not set, skipping GitOps update" + exit 0 + fi + + GITEOPS_DIR=$(mktemp -d) + git clone "$GITEOPS_REPO" "$GITEOPS_DIR" + cd "$GITEOPS_DIR" + + mkdir -p ~/.ssh + echo "$GITEOPS_SSH_KEY" > ~/.ssh/id_ed25519 + chmod 600 ~/.ssh/id_ed25519 + ssh-keyscan github.com >> ~/.ssh/known_hosts 2>/dev/null + + python3 .forgejo/scripts/update-gitops.py \ + --repo "$GITEOPS_DIR" \ + --service "frontend-solid" \ + --sha "${SHA}" \ + --message "chore: deploy frontend-solid@${SHA}" + + rm -rf "$GITEOPS_DIR"