-
Notifications
You must be signed in to change notification settings - Fork 0
79 lines (69 loc) · 2.54 KB
/
build_rhel_bootc.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
name: Build RHEL bootc image with GHA
on:
workflow_dispatch:
push:
paths:
- 'rhel/**'
branches:
- main
jobs:
subs:
name: Build RHEL bootc image with repo access
runs-on: ubuntu-latest
env:
IMAGE_NAME: rhel9-cicd-bootc
REGISTRY: ghcr.io/nzwulfin
container:
image: registry.access.redhat.com/ubi9/ubi
options: --privileged
steps:
- name: Clone the repository
uses: actions/checkout@v4
- name: Get container tools in UBI builder
run: dnf -y install --disablerepo=* --enablerepo=ubi-9-appstream-rpms --enablerepo=ubi-9-baseos-rpms podman buildah skopeo
- name: Access a subscription via activation key
env:
SMDEV_CONTAINER_OFF: 1
orgid: ${{ secrets.RHT_ORGID }}
activation_key: ${{ secrets.RHT_ACT_KEY }}
run: subscription-manager register --org=$orgid --activationkey=$activation_key
# workaround for https://github.com/redhat-actions/podman-login/issues/42 since the docker config from the host doesn't come up to the container
- name: Workaround open podman-login action issue
env:
auth: "{ \"auths\": {} }"
run: |
mkdir -p $HOME/.docker
echo $auth > $HOME/.docker/config.json
- name: Log in to the RHT terms based registry
uses: redhat-actions/podman-login@v1
with:
registry: registry.redhat.io
username: ${{ vars.RHT_REG_SVCUSER }}
password: ${{ secrets.RHT_REG_SVCPASS }}
auth_file_path: /run/containers/0/auth.json
- name: Use buildah bud to create the image
id: build-image
uses: redhat-actions/buildah-build@v2
with:
image: ${{ env.IMAGE_NAME }}
tags: latest ${{ github.sha }}
containerfiles: |
./rhel/Containerfile
- name: Log in to the GitHub Container registry
uses: redhat-actions/podman-login@v1
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
auth_file_path: /run/containers/0/auth.json
- name: Push to GitHub Container Repository
id: push-to-ghcr
uses: redhat-actions/push-to-registry@v2
with:
image: ${{ steps.build-image.outputs.image }}
tags: ${{ steps.build-image.outputs.tags }}
registry: ${{ env.REGISTRY }}
- name: Clean up the subscription
env:
SMDEV_CONTAINER_OFF: 1
run: subscription-manager unregister