build container images - buildkit

.gitea/limbo_actions/buildkit-build-push/action.yaml

@@ -0,0 +1,65 @@
+name: BuildKit Build and Deploys
+description: "Build and deploy images"
+
+inputs:
+  registry_addr: 
+    description: registry address
+    required: true
+  registry_username:
+    description: "registry username"
+    required: true
+  registry_password:
+    description: "registry password"
+    required: true
+  buildkit_addr:
+    description: "buildkit address"
+    required: true
+  tags:
+    description: "image tags / buildctl image name"
+    required: true
+  context:
+    description: "buildctl build context"
+    required: false
+    default: "."
+  dockerfile:
+    description: "buildctl build dockerfile/folder"
+    required: true
+    default: "."       
+runs:
+  using: "composite"
+  steps:
+    - name: run buildctl built and push
+      shell: bash
+      run: |
+
+        # create docker config temp folder
+        DOCKER_CONFIG_DIR="${RUNNER_TEMP}/.buildctl_docker"
+        mkdir -p "$DOCKER_CONFIG_DIR"
+
+        # clean up
+        trap 'rm -rf "$DOCKER_CONFIG_DIR"' EXIT
+
+
+        # setup file docker config (auth) temp file
+        AUTH=$(printf "%s" "${{ inputs.registry_username }}:${{ inputs.registry_password }}" | base64 -w 0)
+        cat > "$DOCKER_CONFIG_DIR/config.json" <<EOF
+        {
+          "auths": {
+            "${{ inputs.registry_addr }}": {
+              "auth": "$AUTH"
+            }
+          }
+        }
+        EOF
+
+        # Run BuildKit build, set DOCKER_CONFIG to DOCKER_CONFIG_DIR so auth works on push 
+        DOCKER_CONFIG=$DOCKER_CONFIG_DIR buildctl \
+          --addr ${{ inputs.buildkit_addr }} \
+          build \
+          --frontend=dockerfile.v0 \
+          --local context=${{ inputs.context }} \
+          --local dockerfile=${{ inputs.dockerfile }} \
+          --opt filename=Dockerfile \
+          --output type=image,name=${{ inputs.tags }},push=true
+
+              

.gitea/limbo_actions/kubectl-setup/action.yaml

@@ -0,0 +1,54 @@
+name: Setup kubectl
+description: "Reads kube config from inputs and sets kube config"
+
+inputs:
+  kube_server:
+    description: "Kubernetes server address"
+    required: true
+  kube_ca_base64:
+    description: "Base64 encoded CA cert"
+    required: true
+  kube_token:
+    description: "Kubernetes token"
+    required: true
+  test_connection:
+    description: "If 'true', a curl is executed to test connection"
+    required: false
+    default: "false"
+runs:
+  using: "composite"
+  steps:
+    - name: Create kubeconfig
+      shell: bash
+      run: |
+        mkdir -p "${GITHUB_TEMP}/.kube"
+        cat > "${GITHUB_TEMP}/.kube/config" <<EOF
+        apiVersion: v1
+        kind: Config
+        clusters:
+        - cluster:
+            server: ${{ inputs.kube_server }}
+            certificate-authority-data: ${{ inputs.kube_ca_base64 }}
+          name: default
+        contexts:
+        - context:
+            cluster: default
+            user: default
+          name: default
+        current-context: default
+        users:
+        - name: default
+          user:
+            token: ${{ inputs.kube_token }}
+        EOF
+        echo "KUBECONFIG=${GITHUB_TEMP}/.kube/config" >> "${GITHUB_ENV}"
+
+    - name: Test connection
+      if: ${{ inputs.test_connection == 'true' }}
+      shell: bash
+      run: |
+        echo "Testing connection to cluster..."
+        curl -ksS \
+          --cacert <(echo "${{ inputs.kube_ca_base64 }}" | base64 -d) \
+          -H "Authorization: Bearer ${{ inputs.kube_token }}" \
+          ${{ inputs.kube_server }}/version