All checks were successful
CI / preflight (push) Successful in 5s
CI / typecheck (push) Successful in 15s
ecosystem-selftest / semantic-release-bumptest (push) Successful in 13s
ecosystem-selftest / eslint-gate (push) Successful in 3s
ecosystem-selftest / yamllint-gate (push) Successful in 3s
pulumi-preview / preview (push) Successful in 16s
Forgejo 11.0.15 does NOT support reusable workflows (job-level `uses:` / `workflow_call`): the call is silently dropped and no run is scheduled (verified live — a same-repo and a cross-repo reusable call both produced zero runs, while an equivalent inline job ran green). The working cross-repo reuse primitive here is the COMPOSITE ACTION referenced by FULL URL (a short-form `uses: olsitec/foundation/...@master` resolves against the runner's DEFAULT_ACTIONS_URL = data.forgejo.org, not the local instance, and 404s; the full-URL form `uses: https://forge.olsitec.net/olsitec/foundation/actions/<x>@master` was verified green). - Replace the four reusable-*.yml with composite actions under actions/: node-build, docker-build, lint, semantic-release-version (same logic + inputs). - actions/README.md documents the pattern, the Forgejo-11 limitation, and the 999_testing candidate coverage (C2/C3/C4 self-contained; C1/C5 blocked on the not-yet-published @olsitec package registry). - ecosystem-selftest paths filter: actions/** (was reusable-*.yml). The capabilities that need no external repo (semantic-release bump sequence, eslint/yamllint gates) keep running green via ecosystem-selftest's inline jobs. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
56 lines
2 KiB
YAML
56 lines
2 KiB
YAML
# docker-build — build a Docker image (999_testing candidates C1/C5). Composite
|
|
# action (see actions/node-build). Builds against the HOST Docker daemon via the
|
|
# mounted socket, so the CALLER's job MUST mount it:
|
|
#
|
|
# jobs:
|
|
# image:
|
|
# runs-on: docker
|
|
# container:
|
|
# image: foundation-ci:latest
|
|
# volumes: [ /var/run/docker.sock:/var/run/docker.sock ]
|
|
# steps:
|
|
# - uses: actions/checkout@v4
|
|
# - uses: https://forge.olsitec.net/olsitec/foundation/actions/docker-build@master
|
|
# with: { image: "olsitec/token-service:ci" }
|
|
#
|
|
# R5: the host socket is root-equivalent on the forge VM — trusted first-party repos
|
|
# only until the runner is fenced. Candidates C1 (seaspots-homepage) and C5
|
|
# (token-service) also need @olsitec packages from a registry that is not published
|
|
# yet (Stage-2); their real builds need an npmrc via `build-args` once it exists.
|
|
name: docker-build
|
|
description: Build (optionally push) a Docker image via the host daemon.
|
|
inputs:
|
|
context:
|
|
default: "."
|
|
dockerfile:
|
|
default: "Dockerfile"
|
|
image:
|
|
description: "image ref to tag, e.g. name:tag"
|
|
required: true
|
|
build-args:
|
|
description: "newline-separated KEY=VALUE docker --build-arg pairs"
|
|
default: ""
|
|
push:
|
|
description: "push after build (true/false; registry must exist)"
|
|
default: "false"
|
|
runs:
|
|
using: composite
|
|
steps:
|
|
- name: Docker build
|
|
shell: bash
|
|
run: |
|
|
args=""
|
|
if [ -n "${{ inputs.build-args }}" ]; then
|
|
while IFS= read -r kv; do
|
|
[ -z "$kv" ] && continue
|
|
args="$args --build-arg $kv"
|
|
done <<'EOF'
|
|
${{ inputs.build-args }}
|
|
EOF
|
|
fi
|
|
echo "+ docker build -f ${{ inputs.dockerfile }} -t ${{ inputs.image }} $args ${{ inputs.context }}"
|
|
docker build -f "${{ inputs.dockerfile }}" -t "${{ inputs.image }}" $args "${{ inputs.context }}"
|
|
- name: Push
|
|
if: ${{ inputs.push == 'true' }}
|
|
shell: bash
|
|
run: docker push "${{ inputs.image }}"
|