From 901e2110e1f754aaf5906b98b810632ecb97bafa Mon Sep 17 00:00:00 2001 From: estebanthi Date: Sun, 4 Jan 2026 12:29:00 +0100 Subject: [PATCH] updated workflow location --- .../workflows/docker-build-publish.yml | 0 workflows/docker-build-publish/README.md | 90 ------------------- 2 files changed, 90 deletions(-) rename workflows/docker-build-publish/workflow.yml => .github/workflows/docker-build-publish.yml (100%) delete mode 100644 workflows/docker-build-publish/README.md diff --git a/workflows/docker-build-publish/workflow.yml b/.github/workflows/docker-build-publish.yml similarity index 100% rename from workflows/docker-build-publish/workflow.yml rename to .github/workflows/docker-build-publish.yml diff --git a/workflows/docker-build-publish/README.md b/workflows/docker-build-publish/README.md deleted file mode 100644 index 5b7b96a..0000000 --- a/workflows/docker-build-publish/README.md +++ /dev/null @@ -1,90 +0,0 @@ -# docker-build-push - -This GitHub Actions workflow builds and pushes Docker images to a container registry. -It serves as a base workflow and is usable this way, but it may be customized depending on the exact use case. - -## Use cases - -### Build and push Docker images for CI/CD - -This workflow can be used in CI/CD pipelines to automate the process of building and pushing Docker images whenever code is pushed to the repository or a pull request is created. - -I use it with [watchtower](https://github.com/containrrr/watchtower) to automatically update running containers with the latest images. - -### Build an upstream - -You may want to build an upstream image from another repository and push it to your own container registry. -You can do this this by modifying the checkout step to pull from the external repository and pass the correct build context to the Docker build step. - -```yaml - - name: Checkout external repository to ./external-src - uses: actions/checkout@v5 - with: - repository: owner/repo-name - ref: main - server-url: ${{ github.server_url }} - path: external-src - fetch-depth: 0 # Fetch all history for all branches and tags - - # ... - - - name: Build and push Docker image - uses: docker/build-push-action@v5 - with: - context: ./external-src - - # ... - -``` - -### When SSH access is needed during build - -If your Docker build process requires SSH access (for example, to clone private repositories), you can enable SSH agent, and configure the Docker build step to use it. -You will also need to change the Dockerfile to use the SSH mount. - -```yaml - - name: Start ssh-agent - uses: https://github.com/webfactory/ssh-agent@v0.9.0 - with: - ssh-private-key: ${{ secrets.CI_SSH_PRIVATE_KEY }} - - # ... - - - name: Build & push - uses: docker/build-push-action@v5 - with: - ssh: default - build-args: | - GITEA_HOSTKEY=${{ secrets.SSH_GITEA_HOSTKEY }} # Pass host key as build-arg -``` - -And modify your Dockerfile like this: - -```Dockerfile -# Install dependencies -RUN apt-get update && \ - apt-get install -y --no-install-recommends \ - git \ - openssh-client \ - ca-certificates \ - libnss3 \ - nss-plugin-pem \ - libbrotli1 && \ - rm -rf /var/lib/apt/lists/* - -# Add Gitea host key to known_hosts -ARG GITEA_HOSTKEY -RUN set -eux; \ - mkdir -p /etc/ssh; \ - printf '%s\n' "$GITEA_HOSTKEY" > /etc/ssh/ssh_known_hosts; \ - chmod 644 /etc/ssh/ssh_known_hosts; \ - ssh-keygen -l -E sha256 -f /etc/ssh/ssh_known_hosts - -# Clone private repository using SSH during build -RUN --mount=type=ssh git clone git@your-gitea-server:your-repo.git /path/to/destination - -# You can do whatever you need with SSH by using the --mount=type=ssh flag -# RUN --mount=type=ssh \ -# GIT_SSH_COMMAND='ssh -o StrictHostKeyChecking=yes -o UserKnownHostsFile=/etc/ssh/ssh_known_hosts' \ -# pip install --no-cache-dir -r requirements.txt -``` \ No newline at end of file