modified: .gitea/workflows/ docker-image.deploy.yml

.gitea/actions/buildkit-build-push/action.yaml

@@ -0,0 +1,57 @@
+name: BuildKit Build and Deploys
+description: "Build and deploy images"
+
+inputs:
+  registry_addr: 
+    description: registry address
+    required: true
+  registry_username:
+    description: "registry username"
+    required: true
+  registry_password:
+    description: "registry password"
+    required: true
+  buildkit_addr:
+    description: "buildkit address"
+    required: true
+  tags:
+    description: "image tags / buildctl image name"
+    required: true
+  context:
+    description: "buildctl build context"
+    required: false
+    default: "."
+  dockerfile:
+    description: "buildctl build dockerfile/folder"
+    required: true
+    default: "."       
+runs:
+  using: "composite"
+  steps:
+    - name: Authenticate to Gitea registry
+      shell: bash
+      run: |
+        # Create a temporary file inside GITHUB_TEMP
+        DOCKER_CONFIG_FILE="${RUNNER_TEMP}/docker_config.json"
+
+        # Ensure cleanup ALWAYS happens
+        trap 'rm -f "$DOCKER_CONFIG_FILE"' EXIT
+
+        # Generate auth entry
+        AUTH=$(printf "%s" "${{ inputs.registry_username }}:${{ inputs.registry_password }}" | base64 -w 0)
+
+        printf '{"auths":{"%s":{"auth":"%s"}}}' \
+          "${{ inputs.registry_addr }}" \
+          "$AUTH" \
+          > "$DOCKER_CONFIG_FILE"
+
+        # Run BuildKit build
+        buildctl \
+          --addr ${{ inputs.buildkit_addr }} \
+          build \
+          --frontend=dockerfile.v0 \
+          --local context=${{ inputs.context }} \
+          --local dockerfile=${{ inputs.dockerfile }} \
+          --opt filename=Dockerfile \
+          --output type=image,name=${{ inputs.tags }},push=true,registry.config=$RUNNER_TEMP
+              

.gitea/actions/kubectl-setup/action.yaml

@@ -0,0 +1,54 @@
+name: Setup kubectl
+description: "Reads kube config from inputs and sets kube config"
+
+inputs:
+  kube_server:
+    description: "Kubernetes server address"
+    required: true
+  kube_ca_base64:
+    description: "Base64 encoded CA cert"
+    required: true
+  kube_token:
+    description: "Kubernetes token"
+    required: true
+  test_connection:
+    description: "If 'true', a curl is executed to test connection"
+    required: false
+    default: "false"
+runs:
+  using: "composite"
+  steps:
+    - name: Create kubeconfig
+      shell: bash
+      run: |
+        mkdir -p "${GITHUB_TEMP}/.kube"
+        cat > "${GITHUB_TEMP}/.kube/config" <<EOF
+        apiVersion: v1
+        kind: Config
+        clusters:
+        - cluster:
+            server: ${{ inputs.kube_server }}
+            certificate-authority-data: ${{ inputs.kube_ca_base64 }}
+          name: default
+        contexts:
+        - context:
+            cluster: default
+            user: default
+          name: default
+        current-context: default
+        users:
+        - name: default
+          user:
+            token: ${{ inputs.kube_token }}
+        EOF
+        echo "KUBECONFIG=${GITHUB_TEMP}/.kube/config" >> "${GITHUB_ENV}"
+
+    - name: Test connection
+      if: ${{ inputs.test_connection == 'true' }}
+      shell: bash
+      run: |
+        echo "Testing connection to cluster..."
+        curl -ksS \
+          --cacert <(echo "${{ inputs.kube_ca_base64 }}" | base64 -d) \
+          -H "Authorization: Bearer ${{ inputs.kube_token }}" \
+          ${{ inputs.kube_server }}/version

.gitea/workflows/ docker-image.deploy.yml

@@ -23,7 +23,7 @@ jobs:
         curl -fsSL https://git.limbosolutions.com/kb/gitea/raw/branch/main/cloud-scripts/setup-limbo-actions.sh | bash 2>&1
 
     - name: Build and Push Image
-      uses: ./.gitea/limbo_actions/buildkit-build-push
+      uses: ./.gitea/actions/buildkit-build-push
       with:
         registry_addr: git.limbosolutions.com
         registry_username: ${{ secrets.GITLIMBO_DOCKER_REGISTRY_USERNAME }}