Try using werf

Signed-off-by: maksim.nabokikh <max.nabokih@gmail.com>
2025-12-15 04:56:15 -08:00 · 2025-03-03 20:33:57 +01:00 · 2025-03-03 20:33:57 +01:00 · 1fae52e85c
commit 1fae52e85c
parent 31ba1607ab
3 changed files with 14 additions and 22 deletions
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@ -12,7 +12,7 @@ updates:
    schedule:
      interval: "weekly"

-  # Dependencies listed in Dockerfile.ovpn-admin
+  # Dependencies listed in Dockerfile
  - package-ecosystem: "docker"
    directory: "/"
    schedule:
--- a/.github/workflows/publish-tag.yaml
+++ b/.github/workflows/publish-tag.yaml
@ -9,16 +9,13 @@ on:
    branches:
      - master

+env:
+  WERF_STAGED_DOCKERFILE_VERSION: v2
+
 jobs:
  build:
    name: build images for tag
    runs-on: ubuntu-latest
-    strategy:
-      fail-fast: false
-      matrix:
-        include:
-        - name: ovpn-admin
-        - name: openvpn

    steps:
      - name: Checkout code
@ -30,18 +27,11 @@ jobs:
        id: get_version
        run: echo ::set-output name=VERSION::${GITHUB_REF/refs\/tags\//}

-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
+      - uses: werf/actions/install@v1.2

-      # Login against a Docker registry except on PR
-      # https://github.com/docker/login-action
-      - name: Log into registry ${{ env.REGISTRY }}
-        if: github.event_name != 'pull_request'
-        uses: docker/login-action@v3.3.0
-        with:
-          registry: ${{ env.REGISTRY }}
-          username: ${{ secrets.DECKHOUSE_REGISTRY_USER }}
-          password: ${{ secrets.DECKHOUSE_REGISTRY_PASSWORD }}
+      - name: Login into ghcr.io
+        shell: bash
+        run: werf cr login -u ${{ github.actor }} -p ${{ github.token }} ghcr.io/${{ github.repository }}

      # Extract metadata (tags, labels) for Docker
      # https://github.com/docker/metadata-action
@ -53,10 +43,12 @@ jobs:

      # Build and push Docker image with Buildx (don't push on PR)
      # https://github.com/docker/build-push-action
-      - name: Push Image
-        uses: docker/build-push-action@v4
+      - name: Build Image
+        run: |
+          . <(echo "$DOCKER_METADATA_OUTPUT_LABELS" | awk '{print "export WERF_EXPORT_ADD_LABEL_" NR "=" $0}')
+          werf build
        with:
-          push: ${{ github.event_name != 'pull_request' }}
+          push: ${{ github.event_name == 'pull_request' }}
          tags: ${{ steps.meta.outputs.tags }}
          labels: ${{ steps.meta.outputs.labels }}
          build-args: |
--- a/Dockerfile.ovpn-admin
+++ b/Dockerfile.ovpn-admin
@ -17,4 +17,4 @@ RUN apk add --update bash easy-rsa openssl openvpn coreutils  && \
    ln -s /usr/share/easy-rsa/easyrsa /usr/local/bin && \
    wget https://github.com/pashcovich/openvpn-user/releases/download/v1.0.4/openvpn-user-linux-${TARGETARCH}.tar.gz -O - | tar xz -C /usr/local/bin && \
    rm -rf /tmp/* /var/tmp/* /var/cache/apk/* /var/cache/distfiles/*
-RUN if [ -f "/usr/local/bin/openvpn-user-${TARGETARCH}" ]; then ln -s /usr/local/bin/openvpn-user-${TARGETARCH} /usr/local/bin/openvpn-user; fi
+RUN if [ -f "/usr/local/bin/openvpn-user-${TARGETARCH}" ]; then ln -s /usr/local/bin/openvpn-user-${TARGETARCH} /usr/local/bin/openvpn-user; fi