name: build-ci-image on: push: paths: - Dockerfile - .dockerignore - .gitea/workflows/build-ci-image.yml workflow_dispatch: env: REGISTRY_HOST: git.neosisyphus.com REGISTRY_IMAGE: git.neosisyphus.com/evol3d/evol-testbed # Optional. If this secret is not set, the workflow uses GITHUB_ACTOR. REGISTRY_USERNAME: ${{ secrets.REGISTRY_USERNAME }} jobs: image: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Log in to container registry run: | set -eu username="${REGISTRY_USERNAME:-${GITHUB_ACTOR:-}}" if [ -z "$username" ]; then echo "REGISTRY_USERNAME secret is empty and GITHUB_ACTOR is not set" >&2 exit 1 fi if [ -z "${{ secrets.REGISTRY_PASSWORD }}" ]; then echo "REGISTRY_PASSWORD secret is empty. Set it to a Gitea access token with package write permission." >&2 exit 1 fi echo "${{ secrets.REGISTRY_PASSWORD }}" | docker login "$REGISTRY_HOST" \ -u "$username" \ --password-stdin - name: Build and push CI image env: DOCKER_BUILDKIT: 1 run: | if docker buildx version >/dev/null 2>&1; then docker buildx create --use --name evol-testbed-builder || docker buildx use evol-testbed-builder docker buildx build \ --build-arg BASE_IMAGE=catthehacker/ubuntu:act-latest \ --build-arg LLVM_VERSION=22 \ --build-arg MESON_VERSION=latest \ --cache-from type=registry,ref="$REGISTRY_IMAGE:buildcache" \ --cache-to type=registry,ref="$REGISTRY_IMAGE:buildcache",mode=max \ --tag "$REGISTRY_IMAGE:latest" \ --file Dockerfile \ --push \ . else echo "docker buildx is unavailable; falling back to uncached docker build" docker build \ --build-arg BASE_IMAGE=catthehacker/ubuntu:act-latest \ --build-arg LLVM_VERSION=22 \ --build-arg MESON_VERSION=latest \ --tag "$REGISTRY_IMAGE:latest" \ --file Dockerfile \ . docker push "$REGISTRY_IMAGE:latest" fi