From 1fae52e85c2ca6f393f661021f0f4c4be7c8d723 Mon Sep 17 00:00:00 2001
From: "maksim.nabokikh" <max.nabokih@gmail.com>
Date: Mon, 3 Mar 2025 20:33:57 +0100
Subject: [PATCH] Try using werf

Signed-off-by: maksim.nabokikh <max.nabokih@gmail.com>
---
 .github/dependabot.yml             |  2 +-
 .github/workflows/publish-tag.yaml | 32 +++++++++++-------------------
 Dockerfile.ovpn-admin              |  2 +-
 3 files changed, 14 insertions(+), 22 deletions(-)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index b1d88d3..94c3ffb 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -12,7 +12,7 @@ updates:
     schedule:
       interval: "weekly"
 
-  # Dependencies listed in Dockerfile.ovpn-admin
+  # Dependencies listed in Dockerfile
   - package-ecosystem: "docker"
     directory: "/"
     schedule:
diff --git a/.github/workflows/publish-tag.yaml b/.github/workflows/publish-tag.yaml
index 3aeaa9a..11bd96f 100644
--- a/.github/workflows/publish-tag.yaml
+++ b/.github/workflows/publish-tag.yaml
@@ -9,16 +9,13 @@ on:
     branches:
       - master
 
+env:
+  WERF_STAGED_DOCKERFILE_VERSION: v2
+
 jobs:
   build:
     name: build images for tag
     runs-on: ubuntu-latest
-    strategy:
-      fail-fast: false
-      matrix:
-        include:
-        - name: ovpn-admin
-        - name: openvpn
 
     steps:
       - name: Checkout code
@@ -30,18 +27,11 @@ jobs:
         id: get_version
         run: echo ::set-output name=VERSION::${GITHUB_REF/refs\/tags\//}
 
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
+      - uses: werf/actions/install@v1.2
 
-      # Login against a Docker registry except on PR
-      # https://github.com/docker/login-action
-      - name: Log into registry ${{ env.REGISTRY }}
-        if: github.event_name != 'pull_request'
-        uses: docker/login-action@v3.3.0
-        with:
-          registry: ${{ env.REGISTRY }}
-          username: ${{ secrets.DECKHOUSE_REGISTRY_USER }}
-          password: ${{ secrets.DECKHOUSE_REGISTRY_PASSWORD }}
+      - name: Login into ghcr.io
+        shell: bash
+        run: werf cr login -u ${{ github.actor }} -p ${{ github.token }} ghcr.io/${{ github.repository }}
 
       # Extract metadata (tags, labels) for Docker
       # https://github.com/docker/metadata-action
@@ -53,10 +43,12 @@ jobs:
 
       # Build and push Docker image with Buildx (don't push on PR)
       # https://github.com/docker/build-push-action
-      - name: Push Image
-        uses: docker/build-push-action@v4
+      - name: Build Image
+        run: |
+          . <(echo "$DOCKER_METADATA_OUTPUT_LABELS" | awk '{print "export WERF_EXPORT_ADD_LABEL_" NR "=" $0}')
+          werf build
         with:
-          push: ${{ github.event_name != 'pull_request' }}
+          push: ${{ github.event_name == 'pull_request' }}
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
           build-args: |
diff --git a/Dockerfile.ovpn-admin b/Dockerfile.ovpn-admin
index 87ddf27..06ece2b 100644
--- a/Dockerfile.ovpn-admin
+++ b/Dockerfile.ovpn-admin
@@ -17,4 +17,4 @@ RUN apk add --update bash easy-rsa openssl openvpn coreutils  && \
     ln -s /usr/share/easy-rsa/easyrsa /usr/local/bin && \
     wget https://github.com/pashcovich/openvpn-user/releases/download/v1.0.4/openvpn-user-linux-${TARGETARCH}.tar.gz -O - | tar xz -C /usr/local/bin && \
     rm -rf /tmp/* /var/tmp/* /var/cache/apk/* /var/cache/distfiles/*
-RUN if [ -f "/usr/local/bin/openvpn-user-${TARGETARCH}" ]; then ln -s /usr/local/bin/openvpn-user-${TARGETARCH} /usr/local/bin/openvpn-user; fi
\ No newline at end of file
+RUN if [ -f "/usr/local/bin/openvpn-user-${TARGETARCH}" ]; then ln -s /usr/local/bin/openvpn-user-${TARGETARCH} /usr/local/bin/openvpn-user; fi