enricobuehler
47a69a0063
ci / web (push) Failing after 51s
ci / docs-site (push) Failing after 34s
docker / build-push (., web/Dockerfile, punktfunk-web) (push) Successful in 15s
docker / build-push (ci, ci/rust-ci.Dockerfile, punktfunk-rust-ci) (push) Successful in 2m8s
docker / build-push (docs-site, docs-site/Dockerfile, punktfunk-docs) (push) Successful in 20s
ci / rust (push) Successful in 6m23s
apple / swift (push) Successful in 1m24s
runs-on: ubuntu-24.04 (the label the existing Linux runner actually
advertises — ubuntu-latest queued forever). Mac runner: strip the
docker:// default labels generate-config seeds (they override the
host-mode registration labels and make the daemon demand a Docker
engine), and ship the service as a root LaunchDaemon — macOS Local
Network privacy silently blocks LAN dials from unbundled CLI binaries
in gui/user launchd domains ("no route to host"), system daemons are
exempt. Without sudo the script leaves an interim nohup daemon. CI
surface documented in CLAUDE.md + docs-site ci.md.
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
62 lines
2.0 KiB
YAML
62 lines
2.0 KiB
YAML
# Build + push the dockerized pieces to the Gitea container registry:
|
|
# punktfunk-web — management console (web/Dockerfile, repo-root context)
|
|
# punktfunk-docs — documentation site (docs-site/Dockerfile)
|
|
# punktfunk-rust-ci — Rust CI builder image consumed by ci.yml
|
|
# Host and clients are intentionally NOT containerized (see CLAUDE.md "What's left").
|
|
#
|
|
# REGISTRY_TOKEN: repo Actions secret, a PAT with write:package scope.
|
|
#
|
|
# Bootstrap note: ci.yml's rust job pulls punktfunk-rust-ci:latest from the registry, so
|
|
# this workflow (or a manual push) must have succeeded once before that job can run; on
|
|
# the same push, ci.yml builds against the PREVIOUS image. All three were seeded manually
|
|
# on 2026-06-12.
|
|
name: docker
|
|
|
|
on:
|
|
push:
|
|
branches: [main]
|
|
tags: ['v*']
|
|
workflow_dispatch:
|
|
|
|
env:
|
|
REGISTRY: git.unom.io
|
|
OWNER: unom
|
|
|
|
jobs:
|
|
build-push:
|
|
runs-on: ubuntu-24.04
|
|
timeout-minutes: 45
|
|
strategy:
|
|
matrix:
|
|
include:
|
|
- image: punktfunk-web
|
|
dockerfile: web/Dockerfile
|
|
context: .
|
|
- image: punktfunk-docs
|
|
dockerfile: docs-site/Dockerfile
|
|
context: docs-site
|
|
- image: punktfunk-rust-ci
|
|
dockerfile: ci/rust-ci.Dockerfile
|
|
context: ci
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- name: Login to registry
|
|
# Username must be the owner of the REGISTRY_TOKEN PAT, not the push actor.
|
|
run: |
|
|
echo "${{ secrets.REGISTRY_TOKEN }}" \
|
|
| docker login "$REGISTRY" -u enricobuehler --password-stdin
|
|
|
|
- name: Build
|
|
run: |
|
|
docker build --pull \
|
|
-f "${{ matrix.dockerfile }}" \
|
|
-t "$REGISTRY/$OWNER/${{ matrix.image }}:latest" \
|
|
-t "$REGISTRY/$OWNER/${{ matrix.image }}:sha-${GITHUB_SHA::8}" \
|
|
"${{ matrix.context }}"
|
|
|
|
- name: Push
|
|
run: |
|
|
docker push "$REGISTRY/$OWNER/${{ matrix.image }}:sha-${GITHUB_SHA::8}"
|
|
docker push "$REGISTRY/$OWNER/${{ matrix.image }}:latest"
|