From 70c5367397634e41bf7927cf35fd80cdb353835a Mon Sep 17 00:00:00 2001 From: Sebastian Tobie Date: Sat, 18 Jan 2025 12:39:28 +0100 Subject: [PATCH 01/54] test workflow --- .forgejo/workflows/container-build.yml | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100644 .forgejo/workflows/container-build.yml diff --git a/.forgejo/workflows/container-build.yml b/.forgejo/workflows/container-build.yml new file mode 100644 index 0000000..a26b3f8 --- /dev/null +++ b/.forgejo/workflows/container-build.yml @@ -0,0 +1,22 @@ +--- +on: [push] +jobs: + configuration: + runs-on: docker + container: + image: quay.io/keycloak/keycloak:latest + env: + PATH="/opt/keycloak/bin:/usr/bin:/usr/local/bin" + KC_HEALTH_ENABLED=false + KC_DB=postgres + KC_CACHE_STACK=tcp + KC_HTTPS_CLIENT_AUTH=request + KC_FEATURES=recovery-codes,passkeys,opentelemetry + KC_DB_URL=postgresql://postgres.services.tobie:5432/keycloak + steps: + - run: kc.sh build + working-directory: /opt/keycloak/ + - uses: actions/upload-artifact@v4 + with: + name: keycloak-dir + path: /opt/keycloak/ -- 2.39.2 From 1b98b91b84df5006a630a069713b09a0f9cc01f9 Mon Sep 17 00:00:00 2001 From: Sebastian Tobie Date: Sat, 18 Jan 2025 12:52:18 +0100 Subject: [PATCH 02/54] fixed the env variables and moved to an special runner --- .forgejo/workflows/container-build.yml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/.forgejo/workflows/container-build.yml b/.forgejo/workflows/container-build.yml index a26b3f8..4bdb1f3 100644 --- a/.forgejo/workflows/container-build.yml +++ b/.forgejo/workflows/container-build.yml @@ -2,17 +2,17 @@ on: [push] jobs: configuration: - runs-on: docker + runs-on: private-vault container: image: quay.io/keycloak/keycloak:latest env: - PATH="/opt/keycloak/bin:/usr/bin:/usr/local/bin" - KC_HEALTH_ENABLED=false - KC_DB=postgres - KC_CACHE_STACK=tcp - KC_HTTPS_CLIENT_AUTH=request - KC_FEATURES=recovery-codes,passkeys,opentelemetry - KC_DB_URL=postgresql://postgres.services.tobie:5432/keycloak + PATH: "/opt/keycloak/bin:/usr/bin:/usr/local/bin" + KC_HEALTH_ENABLED: false + KC_DB: postgres + KC_CACHE_STACK: tcp + KC_HTTPS_CLIENT_AUTH: request + KC_FEATURES: recovery-codes,passkeys,opentelemetry + KC_DB_URL: postgresql://postgres.services.tobie:5432/keycloak steps: - run: kc.sh build working-directory: /opt/keycloak/ -- 2.39.2 From 5b54f30e52d5c5a355741044976f2757447a8f5e Mon Sep 17 00:00:00 2001 From: Sebastian Tobie Date: Sat, 18 Jan 2025 14:09:10 +0100 Subject: [PATCH 03/54] removed broken envvars --- .forgejo/workflows/container-build.yml | 3 --- 1 file changed, 3 deletions(-) diff --git a/.forgejo/workflows/container-build.yml b/.forgejo/workflows/container-build.yml index 4bdb1f3..38f5538 100644 --- a/.forgejo/workflows/container-build.yml +++ b/.forgejo/workflows/container-build.yml @@ -7,12 +7,9 @@ jobs: image: quay.io/keycloak/keycloak:latest env: PATH: "/opt/keycloak/bin:/usr/bin:/usr/local/bin" - KC_HEALTH_ENABLED: false KC_DB: postgres - KC_CACHE_STACK: tcp KC_HTTPS_CLIENT_AUTH: request KC_FEATURES: recovery-codes,passkeys,opentelemetry - KC_DB_URL: postgresql://postgres.services.tobie:5432/keycloak steps: - run: kc.sh build working-directory: /opt/keycloak/ -- 2.39.2 From 9407ce382270214ad91f0b989813183520fcd9a2 Mon Sep 17 00:00:00 2001 From: Sebastian Tobie Date: Sat, 18 Jan 2025 14:09:28 +0100 Subject: [PATCH 04/54] downgrade to v3 of upload acrtifact --- .forgejo/workflows/container-build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.forgejo/workflows/container-build.yml b/.forgejo/workflows/container-build.yml index 38f5538..a244a0e 100644 --- a/.forgejo/workflows/container-build.yml +++ b/.forgejo/workflows/container-build.yml @@ -13,7 +13,7 @@ jobs: steps: - run: kc.sh build working-directory: /opt/keycloak/ - - uses: actions/upload-artifact@v4 + - uses: actions/upload-artifact@v3 with: name: keycloak-dir path: /opt/keycloak/ -- 2.39.2 From 0810cd85ac73e0f36821da890b904efe60501d4e Mon Sep 17 00:00:00 2001 From: Sebastian Tobie Date: Sat, 18 Jan 2025 14:42:00 +0100 Subject: [PATCH 05/54] moved to an own action instead of the javascript action --- .forgejo/actions/artifact-upload/action.yml | 15 +++++++++++++++ .forgejo/workflows/container-build.yml | 7 ++++--- 2 files changed, 19 insertions(+), 3 deletions(-) create mode 100644 .forgejo/actions/artifact-upload/action.yml diff --git a/.forgejo/actions/artifact-upload/action.yml b/.forgejo/actions/artifact-upload/action.yml new file mode 100644 index 0000000..1007ae8 --- /dev/null +++ b/.forgejo/actions/artifact-upload/action.yml @@ -0,0 +1,15 @@ +--- +inputs: + name: + default: artifact.tar + description: Artifact name + path: + description: Paths of the file or directory with the data + required: true +runs: + using: composite + steps: + - name: collect + run: true + - name: upload + run: true \ No newline at end of file diff --git a/.forgejo/workflows/container-build.yml b/.forgejo/workflows/container-build.yml index a244a0e..251d444 100644 --- a/.forgejo/workflows/container-build.yml +++ b/.forgejo/workflows/container-build.yml @@ -13,7 +13,8 @@ jobs: steps: - run: kc.sh build working-directory: /opt/keycloak/ - - uses: actions/upload-artifact@v3 + - id: local-upload + uses: ./.forgejo/actions/artifact-upload with: - name: keycloak-dir - path: /opt/keycloak/ + name: keycloak.tar + path: /opt/keycloak \ No newline at end of file -- 2.39.2 From 8e7873e05011e7a4a6655e11f911df6781f84a24 Mon Sep 17 00:00:00 2001 From: Sebastian Tobie Date: Sat, 18 Jan 2025 14:51:51 +0100 Subject: [PATCH 06/54] renamed the action.yml to action.yaml --- .forgejo/actions/artifact-upload/{action.yml => action.yaml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename .forgejo/actions/artifact-upload/{action.yml => action.yaml} (100%) diff --git a/.forgejo/actions/artifact-upload/action.yml b/.forgejo/actions/artifact-upload/action.yaml similarity index 100% rename from .forgejo/actions/artifact-upload/action.yml rename to .forgejo/actions/artifact-upload/action.yaml -- 2.39.2 From ea661930e226dcdb528f685baa8ed74809daca2c Mon Sep 17 00:00:00 2001 From: Sebastian Tobie Date: Sat, 18 Jan 2025 15:01:18 +0100 Subject: [PATCH 07/54] changed back to action.yml --- .forgejo/actions/artifact-upload/{action.yaml => action.yml} | 1 + 1 file changed, 1 insertion(+) rename .forgejo/actions/artifact-upload/{action.yaml => action.yml} (90%) diff --git a/.forgejo/actions/artifact-upload/action.yaml b/.forgejo/actions/artifact-upload/action.yml similarity index 90% rename from .forgejo/actions/artifact-upload/action.yaml rename to .forgejo/actions/artifact-upload/action.yml index 1007ae8..c9bce5c 100644 --- a/.forgejo/actions/artifact-upload/action.yaml +++ b/.forgejo/actions/artifact-upload/action.yml @@ -6,6 +6,7 @@ inputs: path: description: Paths of the file or directory with the data required: true +outputs: {} runs: using: composite steps: -- 2.39.2 From 775c05462e0a25efc10708b7744076b1ce5528a7 Mon Sep 17 00:00:00 2001 From: Sebastian Tobie Date: Sat, 18 Jan 2025 16:07:53 +0100 Subject: [PATCH 08/54] disabled the custom action --- .forgejo/workflows/container-build.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.forgejo/workflows/container-build.yml b/.forgejo/workflows/container-build.yml index 251d444..ffc5cc3 100644 --- a/.forgejo/workflows/container-build.yml +++ b/.forgejo/workflows/container-build.yml @@ -13,8 +13,8 @@ jobs: steps: - run: kc.sh build working-directory: /opt/keycloak/ - - id: local-upload - uses: ./.forgejo/actions/artifact-upload - with: - name: keycloak.tar - path: /opt/keycloak \ No newline at end of file + #- id: local-upload + # uses: ./.forgejo/actions/artifact-upload + # with: + # name: keycloak.tar + # path: /opt/keycloak \ No newline at end of file -- 2.39.2 From 6f7691593abc09c7bda7ed92daae9a68ac9f41b9 Mon Sep 17 00:00:00 2001 From: Sebastian Tobie Date: Sat, 18 Jan 2025 16:14:33 +0100 Subject: [PATCH 09/54] found the error in the custom action --- .forgejo/actions/artifact-upload/action.yml | 6 ++++-- .forgejo/workflows/container-build.yml | 10 +++++----- 2 files changed, 9 insertions(+), 7 deletions(-) diff --git a/.forgejo/actions/artifact-upload/action.yml b/.forgejo/actions/artifact-upload/action.yml index c9bce5c..6043a6b 100644 --- a/.forgejo/actions/artifact-upload/action.yml +++ b/.forgejo/actions/artifact-upload/action.yml @@ -11,6 +11,8 @@ runs: using: composite steps: - name: collect - run: true + shell: sh + run: "true" - name: upload - run: true \ No newline at end of file + shell: sh + run: "true" diff --git a/.forgejo/workflows/container-build.yml b/.forgejo/workflows/container-build.yml index ffc5cc3..bf799c2 100644 --- a/.forgejo/workflows/container-build.yml +++ b/.forgejo/workflows/container-build.yml @@ -13,8 +13,8 @@ jobs: steps: - run: kc.sh build working-directory: /opt/keycloak/ - #- id: local-upload - # uses: ./.forgejo/actions/artifact-upload - # with: - # name: keycloak.tar - # path: /opt/keycloak \ No newline at end of file + - id: local-upload + uses: ./.forgejo/actions/artifact-upload + with: + name: keycloak.tar + path: /opt/keycloak -- 2.39.2 From 72e382ddb2feb3d6072ffc41e730d23db64c543c Mon Sep 17 00:00:00 2001 From: Sebastian Tobie Date: Sat, 18 Jan 2025 16:44:12 +0100 Subject: [PATCH 10/54] added metadata to the action.yml --- .forgejo/actions/artifact-upload/action.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.forgejo/actions/artifact-upload/action.yml b/.forgejo/actions/artifact-upload/action.yml index 6043a6b..1d0b408 100644 --- a/.forgejo/actions/artifact-upload/action.yml +++ b/.forgejo/actions/artifact-upload/action.yml @@ -1,4 +1,7 @@ --- +name: Upload Tar Artifact +author: "Sebastian" +description: Uploads the file or directory as an artifact into github/forgejo inputs: name: default: artifact.tar -- 2.39.2 From eb604cad3751fd09283d12f79ee84224e48a340e Mon Sep 17 00:00:00 2001 From: Sebastian Tobie Date: Sat, 18 Jan 2025 16:54:08 +0100 Subject: [PATCH 11/54] changed the id of the artifact upload --- .forgejo/workflows/container-build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.forgejo/workflows/container-build.yml b/.forgejo/workflows/container-build.yml index bf799c2..8c727d6 100644 --- a/.forgejo/workflows/container-build.yml +++ b/.forgejo/workflows/container-build.yml @@ -13,7 +13,7 @@ jobs: steps: - run: kc.sh build working-directory: /opt/keycloak/ - - id: local-upload + - id: artifact-upload uses: ./.forgejo/actions/artifact-upload with: name: keycloak.tar -- 2.39.2 From 916fb39046fd4860ad4943731083cb90734efc5c Mon Sep 17 00:00:00 2001 From: Sebastian Tobie Date: Sat, 18 Jan 2025 17:52:46 +0100 Subject: [PATCH 12/54] another test --- .forgejo/actions/artifact-upload/action.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.forgejo/actions/artifact-upload/action.yml b/.forgejo/actions/artifact-upload/action.yml index 1d0b408..168beea 100644 --- a/.forgejo/actions/artifact-upload/action.yml +++ b/.forgejo/actions/artifact-upload/action.yml @@ -15,7 +15,7 @@ runs: steps: - name: collect shell: sh - run: "true" + run: "/bin/env" - name: upload shell: sh - run: "true" + run: "/bin/true" -- 2.39.2 From 63be3e5bdf8dcbfe3b6ec95a2acdaeaa4b94c4e7 Mon Sep 17 00:00:00 2001 From: Sebastian Tobie Date: Sun, 19 Jan 2025 10:09:19 +0100 Subject: [PATCH 13/54] none of the inputs is now required --- .forgejo/actions/artifact-upload/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.forgejo/actions/artifact-upload/action.yml b/.forgejo/actions/artifact-upload/action.yml index 168beea..74c5fbc 100644 --- a/.forgejo/actions/artifact-upload/action.yml +++ b/.forgejo/actions/artifact-upload/action.yml @@ -7,8 +7,8 @@ inputs: default: artifact.tar description: Artifact name path: + default: /bin description: Paths of the file or directory with the data - required: true outputs: {} runs: using: composite -- 2.39.2 From 17180c52a677b3e243fcd3e0d39275260677b50f Mon Sep 17 00:00:00 2001 From: Sebastian Tobie Date: Sun, 19 Jan 2025 10:15:45 +0100 Subject: [PATCH 14/54] added sample output --- .forgejo/actions/artifact-upload/action.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.forgejo/actions/artifact-upload/action.yml b/.forgejo/actions/artifact-upload/action.yml index 74c5fbc..76769be 100644 --- a/.forgejo/actions/artifact-upload/action.yml +++ b/.forgejo/actions/artifact-upload/action.yml @@ -9,7 +9,10 @@ inputs: path: default: /bin description: Paths of the file or directory with the data -outputs: {} +outputs: + T: + description: just a sample output + value: TEST runs: using: composite steps: -- 2.39.2 From ab6183f12c49b12e3a7580983857055075c5cc2e Mon Sep 17 00:00:00 2001 From: Sebastian Tobie Date: Sun, 19 Jan 2025 10:21:30 +0100 Subject: [PATCH 15/54] added an ls --- .forgejo/workflows/container-build.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.forgejo/workflows/container-build.yml b/.forgejo/workflows/container-build.yml index 8c727d6..5e266ed 100644 --- a/.forgejo/workflows/container-build.yml +++ b/.forgejo/workflows/container-build.yml @@ -11,6 +11,7 @@ jobs: KC_HTTPS_CLIENT_AUTH: request KC_FEATURES: recovery-codes,passkeys,opentelemetry steps: + - run: ls -la - run: kc.sh build working-directory: /opt/keycloak/ - id: artifact-upload -- 2.39.2 From d3ba58d157557def8a5cadc337e6558168879514 Mon Sep 17 00:00:00 2001 From: Sebastian Tobie Date: Sun, 19 Jan 2025 10:22:46 +0100 Subject: [PATCH 16/54] added an checkout step --- .forgejo/workflows/container-build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.forgejo/workflows/container-build.yml b/.forgejo/workflows/container-build.yml index 5e266ed..a3d296d 100644 --- a/.forgejo/workflows/container-build.yml +++ b/.forgejo/workflows/container-build.yml @@ -11,7 +11,7 @@ jobs: KC_HTTPS_CLIENT_AUTH: request KC_FEATURES: recovery-codes,passkeys,opentelemetry steps: - - run: ls -la + - uses: actions/checkout@v3 - run: kc.sh build working-directory: /opt/keycloak/ - id: artifact-upload -- 2.39.2 From dad86c677e0a5d589a331b397f1293d533577a30 Mon Sep 17 00:00:00 2001 From: Sebastian Tobie Date: Sun, 19 Jan 2025 10:29:27 +0100 Subject: [PATCH 17/54] added a clone step --- .forgejo/workflows/container-build.yml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/.forgejo/workflows/container-build.yml b/.forgejo/workflows/container-build.yml index a3d296d..84a883a 100644 --- a/.forgejo/workflows/container-build.yml +++ b/.forgejo/workflows/container-build.yml @@ -11,7 +11,11 @@ jobs: KC_HTTPS_CLIENT_AUTH: request KC_FEATURES: recovery-codes,passkeys,opentelemetry steps: - - uses: actions/checkout@v3 + - run: | + apt install git + git init + git remote add origin "${{ github.repository }}" + git pull --depth=1 - run: kc.sh build working-directory: /opt/keycloak/ - id: artifact-upload -- 2.39.2 From 8efff905bd168ecbab0847e9c6a28411d96ce404 Mon Sep 17 00:00:00 2001 From: Sebastian Tobie Date: Sun, 19 Jan 2025 10:32:23 +0100 Subject: [PATCH 18/54] added an name and some debugging --- .forgejo/workflows/container-build.yml | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/.forgejo/workflows/container-build.yml b/.forgejo/workflows/container-build.yml index 84a883a..461bde3 100644 --- a/.forgejo/workflows/container-build.yml +++ b/.forgejo/workflows/container-build.yml @@ -11,11 +11,13 @@ jobs: KC_HTTPS_CLIENT_AUTH: request KC_FEATURES: recovery-codes,passkeys,opentelemetry steps: - - run: | - apt install git - git init - git remote add origin "${{ github.repository }}" - git pull --depth=1 + - name: clone + run: | + sleep 300; + apt install git; + git init; + git remote add origin "${{ github.repository }}"; + git pull --depth=1; - run: kc.sh build working-directory: /opt/keycloak/ - id: artifact-upload -- 2.39.2 From 275fa13a27957e27e7061c4d18044bca9aec9738 Mon Sep 17 00:00:00 2001 From: Sebastian Tobie Date: Sun, 19 Jan 2025 10:37:22 +0100 Subject: [PATCH 19/54] seperated the cloning --- .forgejo/workflows/container-build.yml | 21 +++++++++++++-------- 1 file changed, 13 insertions(+), 8 deletions(-) diff --git a/.forgejo/workflows/container-build.yml b/.forgejo/workflows/container-build.yml index 461bde3..fa82ef3 100644 --- a/.forgejo/workflows/container-build.yml +++ b/.forgejo/workflows/container-build.yml @@ -1,15 +1,8 @@ --- on: [push] jobs: - configuration: + clone: runs-on: private-vault - container: - image: quay.io/keycloak/keycloak:latest - env: - PATH: "/opt/keycloak/bin:/usr/bin:/usr/local/bin" - KC_DB: postgres - KC_HTTPS_CLIENT_AUTH: request - KC_FEATURES: recovery-codes,passkeys,opentelemetry steps: - name: clone run: | @@ -18,6 +11,18 @@ jobs: git init; git remote add origin "${{ github.repository }}"; git pull --depth=1; + configuration: + runs-on: private-vault + needs: + - clone + container: + image: quay.io/keycloak/keycloak:latest + env: + PATH: "/opt/keycloak/bin:/usr/bin:/usr/local/bin" + KC_DB: postgres + KC_HTTPS_CLIENT_AUTH: request + KC_FEATURES: recovery-codes,passkeys,opentelemetry + steps: - run: kc.sh build working-directory: /opt/keycloak/ - id: artifact-upload -- 2.39.2 From f6353a44de3defb2d44e04f9163ddde50e78d4d9 Mon Sep 17 00:00:00 2001 From: Sebastian Tobie Date: Sun, 19 Jan 2025 10:39:20 +0100 Subject: [PATCH 20/54] removed the usesless sleep --- .forgejo/workflows/container-build.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.forgejo/workflows/container-build.yml b/.forgejo/workflows/container-build.yml index fa82ef3..d5769aa 100644 --- a/.forgejo/workflows/container-build.yml +++ b/.forgejo/workflows/container-build.yml @@ -6,7 +6,6 @@ jobs: steps: - name: clone run: | - sleep 300; apt install git; git init; git remote add origin "${{ github.repository }}"; -- 2.39.2 From da7dfbeb80425acb193b26d822770234e9ddf233 Mon Sep 17 00:00:00 2001 From: Sebastian Tobie Date: Sun, 19 Jan 2025 10:44:09 +0100 Subject: [PATCH 21/54] fixed the missing indices --- .forgejo/workflows/container-build.yml | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/.forgejo/workflows/container-build.yml b/.forgejo/workflows/container-build.yml index d5769aa..9316b6e 100644 --- a/.forgejo/workflows/container-build.yml +++ b/.forgejo/workflows/container-build.yml @@ -6,10 +6,11 @@ jobs: steps: - name: clone run: | - apt install git; - git init; - git remote add origin "${{ github.repository }}"; - git pull --depth=1; + apt update + apt install git + git init + git remote add origin "${{ github.repository }}" + git pull --depth=1 configuration: runs-on: private-vault needs: -- 2.39.2 From fb83eadc84b141e56a55ae2e3d8a841b101a0c76 Mon Sep 17 00:00:00 2001 From: Sebastian Tobie Date: Sun, 19 Jan 2025 10:49:52 +0100 Subject: [PATCH 22/54] using an nodejs image and the normal checkout --- .forgejo/workflows/container-build.yml | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/.forgejo/workflows/container-build.yml b/.forgejo/workflows/container-build.yml index 9316b6e..7708c20 100644 --- a/.forgejo/workflows/container-build.yml +++ b/.forgejo/workflows/container-build.yml @@ -3,14 +3,10 @@ on: [push] jobs: clone: runs-on: private-vault + container: + image: docker.io/node:lts steps: - - name: clone - run: | - apt update - apt install git - git init - git remote add origin "${{ github.repository }}" - git pull --depth=1 + - uses: actions/checkout@v3 configuration: runs-on: private-vault needs: -- 2.39.2 From 9b0a3f8619aa0ac763198bf97edce7a20fec1d84 Mon Sep 17 00:00:00 2001 From: Sebastian Tobie Date: Sun, 19 Jan 2025 10:58:29 +0100 Subject: [PATCH 23/54] fixed the config --- .forgejo/workflows/container-build.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.forgejo/workflows/container-build.yml b/.forgejo/workflows/container-build.yml index 7708c20..a3d6c32 100644 --- a/.forgejo/workflows/container-build.yml +++ b/.forgejo/workflows/container-build.yml @@ -2,13 +2,13 @@ on: [push] jobs: clone: - runs-on: private-vault + runs-on: nodelts container: image: docker.io/node:lts steps: - uses: actions/checkout@v3 configuration: - runs-on: private-vault + runs-on: docker needs: - clone container: @@ -19,6 +19,7 @@ jobs: KC_HTTPS_CLIENT_AUTH: request KC_FEATURES: recovery-codes,passkeys,opentelemetry steps: + - run: ls -lA - run: kc.sh build working-directory: /opt/keycloak/ - id: artifact-upload -- 2.39.2 From 24f0f872205f9732ad6cb2913fac0958e42cd2ea Mon Sep 17 00:00:00 2001 From: Sebastian Tobie Date: Sun, 19 Jan 2025 21:32:11 +0100 Subject: [PATCH 24/54] replaced the whole workflow with an job running on the host --- .forgejo/actions/artifact-upload/action.yml | 24 -------------- .forgejo/workflows/container-build.yml | 36 ++++++++------------- Containerfile.in => Containerfile | 7 ++-- 3 files changed, 15 insertions(+), 52 deletions(-) delete mode 100644 .forgejo/actions/artifact-upload/action.yml rename Containerfile.in => Containerfile (90%) diff --git a/.forgejo/actions/artifact-upload/action.yml b/.forgejo/actions/artifact-upload/action.yml deleted file mode 100644 index 76769be..0000000 --- a/.forgejo/actions/artifact-upload/action.yml +++ /dev/null @@ -1,24 +0,0 @@ ---- -name: Upload Tar Artifact -author: "Sebastian" -description: Uploads the file or directory as an artifact into github/forgejo -inputs: - name: - default: artifact.tar - description: Artifact name - path: - default: /bin - description: Paths of the file or directory with the data -outputs: - T: - description: just a sample output - value: TEST -runs: - using: composite - steps: - - name: collect - shell: sh - run: "/bin/env" - - name: upload - shell: sh - run: "/bin/true" diff --git a/.forgejo/workflows/container-build.yml b/.forgejo/workflows/container-build.yml index a3d6c32..0eac1ad 100644 --- a/.forgejo/workflows/container-build.yml +++ b/.forgejo/workflows/container-build.yml @@ -1,29 +1,19 @@ --- on: [push] jobs: - clone: - runs-on: nodelts - container: - image: docker.io/node:lts + build-image: + runs-on: host steps: - uses: actions/checkout@v3 - configuration: - runs-on: docker - needs: - - clone - container: - image: quay.io/keycloak/keycloak:latest - env: - PATH: "/opt/keycloak/bin:/usr/bin:/usr/local/bin" - KC_DB: postgres - KC_HTTPS_CLIENT_AUTH: request - KC_FEATURES: recovery-codes,passkeys,opentelemetry - steps: - - run: ls -lA - - run: kc.sh build - working-directory: /opt/keycloak/ - - id: artifact-upload - uses: ./.forgejo/actions/artifact-upload + - uses: https://github.com/redhat-actions/buildah-build@v2 with: - name: keycloak.tar - path: /opt/keycloak + containerfiles: Containerfile + image: ${{ github.repository }} + registry: gitea.sebastian-tobie.de + tags: latest ${{ github.run_number }} + - uses: https://github.com/redhat-actions/push-to-registry@v2.8 + with: + image: ${{ github.repository }} + registry: gitea.sebastian-tobie.de + tags: latest ${{ github.run_number }} + password: ${{ github.token }} \ No newline at end of file diff --git a/Containerfile.in b/Containerfile similarity index 90% rename from Containerfile.in rename to Containerfile index 8a420e0..b57fa7c 100644 --- a/Containerfile.in +++ b/Containerfile @@ -1,7 +1,4 @@ -#ifndef SOURCE -#define SOURCE gitea.sebastian-tobie.de/docker/keycloak:latest-orig -#endif -FROM SOURCE as builder +FROM quay.io/keycloak/keycloak:latest as builder ENV PATH="/opt/keycloak/bin:/usr/bin:/usr/local/bin" ENV KC_HEALTH_ENABLED=false @@ -12,7 +9,7 @@ ENV KC_FEATURES=dynamic-scopes,recovery-codes,preview ENV KC_DB_URL=postgresql://postgres.services.tobie:5432/keycloak RUN kc.sh build -FROM SOURCE +FROM quay.io/keycloak/keycloak:latest ENV PATH="/opt/keycloak/bin:/usr/bin:/usr/local/bin" COPY --from=builder /opt/keycloak/ /opt/keycloak/ -- 2.39.2 From 7bb1ec868d802cfab52d0b73ca6c267b14eaa3e9 Mon Sep 17 00:00:00 2001 From: Sebastian Tobie Date: Sun, 19 Jan 2025 21:46:36 +0100 Subject: [PATCH 25/54] aadded some debugging --- .forgejo/workflows/container-build.yml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/.forgejo/workflows/container-build.yml b/.forgejo/workflows/container-build.yml index 0eac1ad..7e26f6b 100644 --- a/.forgejo/workflows/container-build.yml +++ b/.forgejo/workflows/container-build.yml @@ -4,6 +4,10 @@ jobs: build-image: runs-on: host steps: + - name: Test OS + shell: js + run: | + console.log(process.env.RUNNER_OS) - uses: actions/checkout@v3 - uses: https://github.com/redhat-actions/buildah-build@v2 with: @@ -16,4 +20,4 @@ jobs: image: ${{ github.repository }} registry: gitea.sebastian-tobie.de tags: latest ${{ github.run_number }} - password: ${{ github.token }} \ No newline at end of file + password: ${{ github.token }} -- 2.39.2 From 1d3ade3e238031907c005a62ce87ae410ae7f449 Mon Sep 17 00:00:00 2001 From: Sebastian Tobie Date: Sun, 19 Jan 2025 21:49:15 +0100 Subject: [PATCH 26/54] changed the code to an heredoc --- .forgejo/workflows/container-build.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.forgejo/workflows/container-build.yml b/.forgejo/workflows/container-build.yml index 7e26f6b..6863eb7 100644 --- a/.forgejo/workflows/container-build.yml +++ b/.forgejo/workflows/container-build.yml @@ -5,9 +5,11 @@ jobs: runs-on: host steps: - name: Test OS - shell: js + shell: sh run: | + js < Date: Sun, 19 Jan 2025 21:51:57 +0100 Subject: [PATCH 27/54] added env as comparison --- .forgejo/workflows/container-build.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.forgejo/workflows/container-build.yml b/.forgejo/workflows/container-build.yml index 6863eb7..0e74c1b 100644 --- a/.forgejo/workflows/container-build.yml +++ b/.forgejo/workflows/container-build.yml @@ -10,6 +10,7 @@ jobs: js < Date: Tue, 21 Jan 2025 21:08:59 +0100 Subject: [PATCH 28/54] removed unusable stuff --- .forgejo/workflows/container-build.yml | 15 +-------------- 1 file changed, 1 insertion(+), 14 deletions(-) diff --git a/.forgejo/workflows/container-build.yml b/.forgejo/workflows/container-build.yml index 0e74c1b..f43fb23 100644 --- a/.forgejo/workflows/container-build.yml +++ b/.forgejo/workflows/container-build.yml @@ -10,17 +10,4 @@ jobs: js < Date: Tue, 21 Jan 2025 21:17:47 +0100 Subject: [PATCH 29/54] added two different steps --- .forgejo/workflows/container-build.yml | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/.forgejo/workflows/container-build.yml b/.forgejo/workflows/container-build.yml index f43fb23..08cb512 100644 --- a/.forgejo/workflows/container-build.yml +++ b/.forgejo/workflows/container-build.yml @@ -1,8 +1,18 @@ --- on: [push] jobs: - build-image: + test_1: runs-on: host + steps: + - name: Test OS + shell: sh + run: | + js < Date: Tue, 21 Jan 2025 22:25:56 +0100 Subject: [PATCH 30/54] changed the program to node --- .forgejo/workflows/container-build.yml | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/.forgejo/workflows/container-build.yml b/.forgejo/workflows/container-build.yml index 08cb512..3147b5c 100644 --- a/.forgejo/workflows/container-build.yml +++ b/.forgejo/workflows/container-build.yml @@ -1,5 +1,7 @@ --- -on: [push] +on: + - push + - workflow_dispatch jobs: test_1: runs-on: host @@ -7,7 +9,7 @@ jobs: - name: Test OS shell: sh run: | - js < Date: Sun, 26 Jan 2025 16:00:17 +0100 Subject: [PATCH 31/54] moved the testing to an seperate workflow --- .forgejo/workflows/container-build.yml | 39 ++++++++++++-------------- .forgejo/workflows/testing.yml | 24 ++++++++++++++++ 2 files changed, 42 insertions(+), 21 deletions(-) create mode 100644 .forgejo/workflows/testing.yml diff --git a/.forgejo/workflows/container-build.yml b/.forgejo/workflows/container-build.yml index 3147b5c..9dda17e 100644 --- a/.forgejo/workflows/container-build.yml +++ b/.forgejo/workflows/container-build.yml @@ -1,25 +1,22 @@ --- on: - - push - - workflow_dispatch + push: + workflow_dispatch: + +env: + CONTAINERFILE: Containerfile + + + jobs: - test_1: - runs-on: host + container_build: + runs-on: private-vault steps: - - name: Test OS - shell: sh - run: | - node < Date: Sun, 26 Jan 2025 18:49:43 +0100 Subject: [PATCH 32/54] moved the build to an shellscript --- .forgejo/workflows/container-build.yml | 15 +++++++---- Containerfile | 31 ----------------------- build_container.sh | 35 ++++++++++++++++++++++++++ 3 files changed, 45 insertions(+), 36 deletions(-) delete mode 100644 Containerfile create mode 100755 build_container.sh diff --git a/.forgejo/workflows/container-build.yml b/.forgejo/workflows/container-build.yml index 9dda17e..9ad668e 100644 --- a/.forgejo/workflows/container-build.yml +++ b/.forgejo/workflows/container-build.yml @@ -14,9 +14,14 @@ jobs: steps: - name: Fetch repo uses: actions/checkout@v3 - - name: buildah build - run: "buildah build -t image ${{ env.CONTAINERFILE }}" - - name: skopeo copy image - run: "skopeo copy --dest-precompute-digests --image-parallel-copies 4 --dest-registry-token ${{ env.GITHUB_TOKEN }} containers-storage:image ${{ env.GITHUB_SERVER_URL }}/${{ env.GITHUB_REPOSITORY }}" + - name: Container build + run: "./build_container.sh" + - name: Container push + run: | + skopeo copy --dest-precompute-digests --image-parallel-copies 4 --dest-registry-token ${{ env.GITHUB_TOKEN }} containers-storage:localhost/keycloak:latest docker://${{ env.GITHUB_SERVER_URL }}/${{ env.GITHUB_REPOSITORY }}:latest + skopeo copy --dest-precompute-digests --image-parallel-copies 4 --dest-registry-token ${{ env.GITHUB_TOKEN }} containers-storage:localhost/keycloak:latest docker://${{ env.GITHUB_SERVER_URL }}/${{ env.GITHUB_REPOSITORY }}:${{ env.GITHUB_RUN_NUMBER}} + - name: Cleanup - run: "buildah prune -af" \ No newline at end of file + run: | + buildah rmi -f localhost/keycloak + buildah prune -f \ No newline at end of file diff --git a/Containerfile b/Containerfile deleted file mode 100644 index b57fa7c..0000000 --- a/Containerfile +++ /dev/null @@ -1,31 +0,0 @@ -FROM quay.io/keycloak/keycloak:latest as builder -ENV PATH="/opt/keycloak/bin:/usr/bin:/usr/local/bin" - -ENV KC_HEALTH_ENABLED=false -ENV KC_DB=postgres -ENV KC_CACHE_STACK=tcp -ENV KC_HTTPS_CLIENT_AUTH=request -ENV KC_FEATURES=dynamic-scopes,recovery-codes,preview -ENV KC_DB_URL=postgresql://postgres.services.tobie:5432/keycloak -RUN kc.sh build - -FROM quay.io/keycloak/keycloak:latest -ENV PATH="/opt/keycloak/bin:/usr/bin:/usr/local/bin" - -COPY --from=builder /opt/keycloak/ /opt/keycloak/ - -WORKDIR /opt/keycloak -ENV KC_HOSTNAME_ADMIN_URL="https://admin.sso.sebastian-tobie.de" -ENV KC_HOSTNAME_URL="https://sso.sebastian-tobie.de" -ENV KC_DB_USERNAME=keycloak -ENV KC_DB_PASSWORD=changeme -ENV KC_DB_URL=postgresql://postgres.services.tobie:5432/keycloak - -ENV KEYCLOAK_ADMIN="admin" -ENV KEYCLOAK_ADMIN_PASSWORD="admin" -EXPOSE 8080 -COPY --chown=root:root tobie-ca.crt /etc/pki/ca-trust/source/anchors/tobie-ca.crt -USER root -RUN keytool -importcert -alias tobieca -cacerts -storepass changeit -noprompt -trustcacerts -file /etc/pki/ca-trust/source/anchors/tobie-ca.crt -USER keycloak -ENTRYPOINT ["kc.sh", "start", "--optimized", "--http-enabled", "true", "--proxy", "edge", "--log-console-format", "'%-5p [%c] (%t) %s%e%n'", "--hostname-strict-backchannel=true"] diff --git a/build_container.sh b/build_container.sh new file mode 100755 index 0000000..97920da --- /dev/null +++ b/build_container.sh @@ -0,0 +1,35 @@ +#!/bin/bash +set -e + +both() { + "$@" builder + "$@" final +} + +source=quay.io/keycloak/keycloak:latest +buildah from --name builder --pull=newer $source +buildah from --name final $source + +buildah config -l - -e - -a - -p - final +buildah config \ + -e PATH="/opt/keycloak/bin:/usr/bin:/usr/local/bin" \ + -e KC_HTTPS_CLIENT_AUTH=request \ + builder +buildah config \ + -e KC_HOSTNAME_ADMIN_URL="https://admin.sso.sebastian-tobie.de" \ + -e KC_HOSTNAME_URL="https://sso.sebastian-tobie.de" \ + -e KC_DB_USERNAME=keycloak \ + -e KC_DB_PASSWORD=changeme \ + -e KC_DB_URL=postgresql://postgres.services.tobie:5432/keycloak \ + -e KEYCLOAK_ADMIN="admin" \ + -e KEYCLOAK_ADMIN_PASSWORD="admin" \ + -p 8080/tcp \ + -u keycloak:keycloak \ + --entrypoint "[\"kc.sh\", \"start\", \"--optimized\", \"--http-enabled\", \"true\", \"--proxy\", \"edge\", \"--log-console-format\", \"'%-5p [%c] (%t) %s%e%n'\", \"--hostname-strict-backchannel=true\"]" \ + final +set -x +buildah run -- builder kc.sh build --db=postgres --metrics-enabled=true --https-client-auth request --features web-authn,passkeys,persistent-user-sessions,recovery-codes --features-disabled kerberos,docker,ciba,fips + +buildah copy --from builder --chown root:root final /opt/keycloak/ /opt/keycloak/ +buildah rm builder +buildah commit -f oci --rm final containers-storage:localhost/keycloak:latest \ No newline at end of file -- 2.39.2 From ef7f87025be5da989107067367655500d465bb74 Mon Sep 17 00:00:00 2001 From: Sebastian Tobie Date: Sun, 26 Jan 2025 18:56:13 +0100 Subject: [PATCH 33/54] silenced buildah in some steps --- build_container.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/build_container.sh b/build_container.sh index 97920da..5a0a88c 100755 --- a/build_container.sh +++ b/build_container.sh @@ -7,8 +7,8 @@ both() { } source=quay.io/keycloak/keycloak:latest -buildah from --name builder --pull=newer $source -buildah from --name final $source +buildah from -q --name builder --pull=newer $source +buildah from -q --name final $source buildah config -l - -e - -a - -p - final buildah config \ @@ -32,4 +32,4 @@ buildah run -- builder kc.sh build --db=postgres --metrics-enabled=true --https- buildah copy --from builder --chown root:root final /opt/keycloak/ /opt/keycloak/ buildah rm builder -buildah commit -f oci --rm final containers-storage:localhost/keycloak:latest \ No newline at end of file +buildah commit -q -f oci --rm final containers-storage:localhost/keycloak:latest \ No newline at end of file -- 2.39.2 From d7e174e892ba37a7fbbadfd722c5c44ba99d598f Mon Sep 17 00:00:00 2001 From: Sebastian Tobie Date: Sun, 26 Jan 2025 18:56:25 +0100 Subject: [PATCH 34/54] removed unsupported parameter --- .forgejo/workflows/container-build.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.forgejo/workflows/container-build.yml b/.forgejo/workflows/container-build.yml index 9ad668e..75a51e1 100644 --- a/.forgejo/workflows/container-build.yml +++ b/.forgejo/workflows/container-build.yml @@ -18,8 +18,8 @@ jobs: run: "./build_container.sh" - name: Container push run: | - skopeo copy --dest-precompute-digests --image-parallel-copies 4 --dest-registry-token ${{ env.GITHUB_TOKEN }} containers-storage:localhost/keycloak:latest docker://${{ env.GITHUB_SERVER_URL }}/${{ env.GITHUB_REPOSITORY }}:latest - skopeo copy --dest-precompute-digests --image-parallel-copies 4 --dest-registry-token ${{ env.GITHUB_TOKEN }} containers-storage:localhost/keycloak:latest docker://${{ env.GITHUB_SERVER_URL }}/${{ env.GITHUB_REPOSITORY }}:${{ env.GITHUB_RUN_NUMBER}} + skopeo copy --dest-precompute-digests --dest-registry-token ${{ env.GITHUB_TOKEN }} containers-storage:localhost/keycloak:latest docker://${{ env.GITHUB_SERVER_URL }}/${{ env.GITHUB_REPOSITORY }}:latest + skopeo copy --dest-precompute-digests --dest-registry-token ${{ env.GITHUB_TOKEN }} containers-storage:localhost/keycloak:latest docker://${{ env.GITHUB_SERVER_URL }}/${{ env.GITHUB_REPOSITORY }}:${{ env.GITHUB_RUN_NUMBER}} - name: Cleanup run: | -- 2.39.2 From fe640319fe9bc8e0850974cb5cabd07d93639c50 Mon Sep 17 00:00:00 2001 From: Sebastian Tobie Date: Sun, 26 Jan 2025 19:05:18 +0100 Subject: [PATCH 35/54] added an replacemnet for the portocol --- .forgejo/workflows/container-build.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.forgejo/workflows/container-build.yml b/.forgejo/workflows/container-build.yml index 75a51e1..92c5345 100644 --- a/.forgejo/workflows/container-build.yml +++ b/.forgejo/workflows/container-build.yml @@ -18,8 +18,8 @@ jobs: run: "./build_container.sh" - name: Container push run: | - skopeo copy --dest-precompute-digests --dest-registry-token ${{ env.GITHUB_TOKEN }} containers-storage:localhost/keycloak:latest docker://${{ env.GITHUB_SERVER_URL }}/${{ env.GITHUB_REPOSITORY }}:latest - skopeo copy --dest-precompute-digests --dest-registry-token ${{ env.GITHUB_TOKEN }} containers-storage:localhost/keycloak:latest docker://${{ env.GITHUB_SERVER_URL }}/${{ env.GITHUB_REPOSITORY }}:${{ env.GITHUB_RUN_NUMBER}} + skopeo copy --dest-precompute-digests --dest-registry-token ${{ env.GITHUB_TOKEN }} containers-storage:localhost/keycloak:latest docker://${GITHUB_SERVER_URL//https:/docker:}/${{ env.GITHUB_REPOSITORY }}:latest + skopeo copy --dest-precompute-digests --dest-registry-token ${{ env.GITHUB_TOKEN }} containers-storage:localhost/keycloak:latest docker://${GITHUB_SERVER_URL//https:/docker:}/${{ env.GITHUB_REPOSITORY }}:${{ env.GITHUB_RUN_NUMBER}} - name: Cleanup run: | -- 2.39.2 From 665cfd1f08e5966fb0254974e15d25c1f06abf8a Mon Sep 17 00:00:00 2001 From: Sebastian Tobie Date: Sun, 26 Jan 2025 19:06:35 +0100 Subject: [PATCH 36/54] removed the duplicate docker:// --- .forgejo/workflows/container-build.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.forgejo/workflows/container-build.yml b/.forgejo/workflows/container-build.yml index 92c5345..74db057 100644 --- a/.forgejo/workflows/container-build.yml +++ b/.forgejo/workflows/container-build.yml @@ -18,8 +18,8 @@ jobs: run: "./build_container.sh" - name: Container push run: | - skopeo copy --dest-precompute-digests --dest-registry-token ${{ env.GITHUB_TOKEN }} containers-storage:localhost/keycloak:latest docker://${GITHUB_SERVER_URL//https:/docker:}/${{ env.GITHUB_REPOSITORY }}:latest - skopeo copy --dest-precompute-digests --dest-registry-token ${{ env.GITHUB_TOKEN }} containers-storage:localhost/keycloak:latest docker://${GITHUB_SERVER_URL//https:/docker:}/${{ env.GITHUB_REPOSITORY }}:${{ env.GITHUB_RUN_NUMBER}} + skopeo copy --dest-precompute-digests --dest-registry-token ${{ env.GITHUB_TOKEN }} containers-storage:localhost/keycloak:latest ${GITHUB_SERVER_URL//https:/docker:}/${{ env.GITHUB_REPOSITORY }}:latest + skopeo copy --dest-precompute-digests --dest-registry-token ${{ env.GITHUB_TOKEN }} containers-storage:localhost/keycloak:latest ${GITHUB_SERVER_URL//https:/docker:}/${{ env.GITHUB_REPOSITORY }}:${{ env.GITHUB_RUN_NUMBER}} - name: Cleanup run: | -- 2.39.2 From 9e7def6b204ff577c47e755fed610833bd9a1a7f Mon Sep 17 00:00:00 2001 From: Sebastian Tobie Date: Sun, 26 Jan 2025 19:24:36 +0100 Subject: [PATCH 37/54] added auth file --- .forgejo/workflows/container-build.yml | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/.forgejo/workflows/container-build.yml b/.forgejo/workflows/container-build.yml index 74db057..3b4dac0 100644 --- a/.forgejo/workflows/container-build.yml +++ b/.forgejo/workflows/container-build.yml @@ -4,9 +4,7 @@ on: workflow_dispatch: env: - CONTAINERFILE: Containerfile - - + REGISTRY_AUTH_FILE=${{env.RUNNER_TEMP}}/auth.json jobs: container_build: @@ -18,9 +16,7 @@ jobs: run: "./build_container.sh" - name: Container push run: | - skopeo copy --dest-precompute-digests --dest-registry-token ${{ env.GITHUB_TOKEN }} containers-storage:localhost/keycloak:latest ${GITHUB_SERVER_URL//https:/docker:}/${{ env.GITHUB_REPOSITORY }}:latest - skopeo copy --dest-precompute-digests --dest-registry-token ${{ env.GITHUB_TOKEN }} containers-storage:localhost/keycloak:latest ${GITHUB_SERVER_URL//https:/docker:}/${{ env.GITHUB_REPOSITORY }}:${{ env.GITHUB_RUN_NUMBER}} - + skopeo copy --additional-tag ${{ env.GITHUB_RUN_NUMBER}} --dest-precompute-digests --dest-registry-token=${{ env.GITHUB_TOKEN }} containers-storage:localhost/keycloak:latest ${GITHUB_SERVER_URL//https:/docker:}/${{ env.GITHUB_REPOSITORY }}:latest - name: Cleanup run: | buildah rmi -f localhost/keycloak -- 2.39.2 From 2b9cf8bb00516bd47f297f11b0ae92e0a5f4994b Mon Sep 17 00:00:00 2001 From: Sebastian Tobie Date: Sun, 26 Jan 2025 19:28:33 +0100 Subject: [PATCH 38/54] fixed the workflow file --- .forgejo/workflows/container-build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.forgejo/workflows/container-build.yml b/.forgejo/workflows/container-build.yml index 3b4dac0..05c87f7 100644 --- a/.forgejo/workflows/container-build.yml +++ b/.forgejo/workflows/container-build.yml @@ -4,7 +4,7 @@ on: workflow_dispatch: env: - REGISTRY_AUTH_FILE=${{env.RUNNER_TEMP}}/auth.json + REGISTRY_AUTH_FILE: ${{env.RUNNER_TEMP}}/auth.json jobs: container_build: -- 2.39.2 From e778d763faaffddebe6c0f2dfe250c226b6c15d9 Mon Sep 17 00:00:00 2001 From: Sebastian Tobie Date: Sun, 26 Jan 2025 19:30:41 +0100 Subject: [PATCH 39/54] creating trhe authfile and moved the definition to the skopeo step --- .forgejo/workflows/container-build.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.forgejo/workflows/container-build.yml b/.forgejo/workflows/container-build.yml index 05c87f7..51e45de 100644 --- a/.forgejo/workflows/container-build.yml +++ b/.forgejo/workflows/container-build.yml @@ -3,8 +3,6 @@ on: push: workflow_dispatch: -env: - REGISTRY_AUTH_FILE: ${{env.RUNNER_TEMP}}/auth.json jobs: container_build: @@ -15,7 +13,10 @@ jobs: - name: Container build run: "./build_container.sh" - name: Container push + env: + REGISTRY_AUTH_FILE: ${{env.RUNNER_TEMP}}/auth.json run: | + echo "{}">"$REGISTRY_AUTH_FILE" skopeo copy --additional-tag ${{ env.GITHUB_RUN_NUMBER}} --dest-precompute-digests --dest-registry-token=${{ env.GITHUB_TOKEN }} containers-storage:localhost/keycloak:latest ${GITHUB_SERVER_URL//https:/docker:}/${{ env.GITHUB_REPOSITORY }}:latest - name: Cleanup run: | -- 2.39.2 From 72ad8b2b08c2b8c5a79b1aa0e14231bfa1acad09 Mon Sep 17 00:00:00 2001 From: Sebastian Tobie Date: Sun, 26 Jan 2025 19:39:18 +0100 Subject: [PATCH 40/54] using the -a option --- .forgejo/workflows/container-build.yml | 2 +- build_container.sh | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/.forgejo/workflows/container-build.yml b/.forgejo/workflows/container-build.yml index 51e45de..2626f61 100644 --- a/.forgejo/workflows/container-build.yml +++ b/.forgejo/workflows/container-build.yml @@ -17,7 +17,7 @@ jobs: REGISTRY_AUTH_FILE: ${{env.RUNNER_TEMP}}/auth.json run: | echo "{}">"$REGISTRY_AUTH_FILE" - skopeo copy --additional-tag ${{ env.GITHUB_RUN_NUMBER}} --dest-precompute-digests --dest-registry-token=${{ env.GITHUB_TOKEN }} containers-storage:localhost/keycloak:latest ${GITHUB_SERVER_URL//https:/docker:}/${{ env.GITHUB_REPOSITORY }}:latest + skopeo copy -a --dest-precompute-digests --dest-registry-token=${{ env.GITHUB_TOKEN }} containers-storage:localhost/keycloak:latest ${GITHUB_SERVER_URL//https:/docker:}/${{ env.GITHUB_REPOSITORY }}:latest - name: Cleanup run: | buildah rmi -f localhost/keycloak diff --git a/build_container.sh b/build_container.sh index 5a0a88c..6706460 100755 --- a/build_container.sh +++ b/build_container.sh @@ -32,4 +32,5 @@ buildah run -- builder kc.sh build --db=postgres --metrics-enabled=true --https- buildah copy --from builder --chown root:root final /opt/keycloak/ /opt/keycloak/ buildah rm builder -buildah commit -q -f oci --rm final containers-storage:localhost/keycloak:latest \ No newline at end of file +buildah commit -q -f oci --rm final containers-storage:localhost/keycloak:latest +buildah tag containers-storage:localhost/keycloak:latest containers-storage:localhost/keycloak:$GITHUB_RUN_NUMBER \ No newline at end of file -- 2.39.2 From 7d9fa942e38a091ca43af6735b82fc52ea82cfc9 Mon Sep 17 00:00:00 2001 From: Sebastian Tobie Date: Sun, 26 Jan 2025 19:41:52 +0100 Subject: [PATCH 41/54] using skopeo instead of buildah to change tags --- build_container.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build_container.sh b/build_container.sh index 6706460..310f798 100755 --- a/build_container.sh +++ b/build_container.sh @@ -33,4 +33,4 @@ buildah run -- builder kc.sh build --db=postgres --metrics-enabled=true --https- buildah copy --from builder --chown root:root final /opt/keycloak/ /opt/keycloak/ buildah rm builder buildah commit -q -f oci --rm final containers-storage:localhost/keycloak:latest -buildah tag containers-storage:localhost/keycloak:latest containers-storage:localhost/keycloak:$GITHUB_RUN_NUMBER \ No newline at end of file +skopeo copy containers-storage:localhost/keycloak:latest containers-storage:localhost/keycloak:$GITHUB_RUN_NUMBER \ No newline at end of file -- 2.39.2 From 01cfafbc870f5314cf975ed7d37737e4a5bdca3e Mon Sep 17 00:00:00 2001 From: Sebastian Tobie Date: Sun, 26 Jan 2025 19:43:14 +0100 Subject: [PATCH 42/54] silenced the skopeo copy --- build_container.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build_container.sh b/build_container.sh index 310f798..786a739 100755 --- a/build_container.sh +++ b/build_container.sh @@ -33,4 +33,4 @@ buildah run -- builder kc.sh build --db=postgres --metrics-enabled=true --https- buildah copy --from builder --chown root:root final /opt/keycloak/ /opt/keycloak/ buildah rm builder buildah commit -q -f oci --rm final containers-storage:localhost/keycloak:latest -skopeo copy containers-storage:localhost/keycloak:latest containers-storage:localhost/keycloak:$GITHUB_RUN_NUMBER \ No newline at end of file +skopeo copy -q containers-storage:localhost/keycloak:latest containers-storage:localhost/keycloak:$GITHUB_RUN_NUMBER \ No newline at end of file -- 2.39.2 From f4cd8f04d391e5b22b8ab6704d805fc8973f529b Mon Sep 17 00:00:00 2001 From: Sebastian Tobie Date: Sun, 26 Jan 2025 19:43:35 +0100 Subject: [PATCH 43/54] removed the debug logging --- build_container.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build_container.sh b/build_container.sh index 786a739..b8b7214 100755 --- a/build_container.sh +++ b/build_container.sh @@ -27,7 +27,7 @@ buildah config \ -u keycloak:keycloak \ --entrypoint "[\"kc.sh\", \"start\", \"--optimized\", \"--http-enabled\", \"true\", \"--proxy\", \"edge\", \"--log-console-format\", \"'%-5p [%c] (%t) %s%e%n'\", \"--hostname-strict-backchannel=true\"]" \ final -set -x + buildah run -- builder kc.sh build --db=postgres --metrics-enabled=true --https-client-auth request --features web-authn,passkeys,persistent-user-sessions,recovery-codes --features-disabled kerberos,docker,ciba,fips buildah copy --from builder --chown root:root final /opt/keycloak/ /opt/keycloak/ -- 2.39.2 From a86949306ccf32e677c346adc614d6fa0a52f0c9 Mon Sep 17 00:00:00 2001 From: Sebastian Tobie Date: Sun, 26 Jan 2025 19:55:57 +0100 Subject: [PATCH 44/54] using the token in the login --- .forgejo/workflows/container-build.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.forgejo/workflows/container-build.yml b/.forgejo/workflows/container-build.yml index 2626f61..eeda67b 100644 --- a/.forgejo/workflows/container-build.yml +++ b/.forgejo/workflows/container-build.yml @@ -16,8 +16,8 @@ jobs: env: REGISTRY_AUTH_FILE: ${{env.RUNNER_TEMP}}/auth.json run: | - echo "{}">"$REGISTRY_AUTH_FILE" - skopeo copy -a --dest-precompute-digests --dest-registry-token=${{ env.GITHUB_TOKEN }} containers-storage:localhost/keycloak:latest ${GITHUB_SERVER_URL//https:/docker:}/${{ env.GITHUB_REPOSITORY }}:latest + skopeo login -u '' -p ${GITHUB_TOKEN} + skopeo copy -a --dest-precompute-digests containers-storage:localhost/keycloak:latest ${GITHUB_SERVER_URL//https:/docker:}/${{ env.GITHUB_REPOSITORY }}:latest - name: Cleanup run: | buildah rmi -f localhost/keycloak -- 2.39.2 From d52ca5c0b331bab2be0e5075f5fc96140329c5df Mon Sep 17 00:00:00 2001 From: Sebastian Tobie Date: Sun, 26 Jan 2025 19:56:48 +0100 Subject: [PATCH 45/54] fixed the missing domain --- .forgejo/workflows/container-build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.forgejo/workflows/container-build.yml b/.forgejo/workflows/container-build.yml index eeda67b..1d627ca 100644 --- a/.forgejo/workflows/container-build.yml +++ b/.forgejo/workflows/container-build.yml @@ -16,7 +16,7 @@ jobs: env: REGISTRY_AUTH_FILE: ${{env.RUNNER_TEMP}}/auth.json run: | - skopeo login -u '' -p ${GITHUB_TOKEN} + skopeo login -u '' -p ${GITHUB_TOKEN} ${GITHUB_SERVER_URL} skopeo copy -a --dest-precompute-digests containers-storage:localhost/keycloak:latest ${GITHUB_SERVER_URL//https:/docker:}/${{ env.GITHUB_REPOSITORY }}:latest - name: Cleanup run: | -- 2.39.2 From 3c3a0be3a60d8bde49085458e41fc72289bf9042 Mon Sep 17 00:00:00 2001 From: Sebastian Tobie Date: Sun, 26 Jan 2025 19:58:02 +0100 Subject: [PATCH 46/54] completly silenced the buildah from --- build_container.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/build_container.sh b/build_container.sh index b8b7214..17457ad 100755 --- a/build_container.sh +++ b/build_container.sh @@ -7,8 +7,8 @@ both() { } source=quay.io/keycloak/keycloak:latest -buildah from -q --name builder --pull=newer $source -buildah from -q --name final $source +buildah from -q --name builder --pull=newer $source >/dev/null +buildah from -q --name final $source >/dev/null buildah config -l - -e - -a - -p - final buildah config \ -- 2.39.2 From 87c3a81ee97c127f3c1431fd483ba1db1bbe8a95 Mon Sep 17 00:00:00 2001 From: Sebastian Tobie Date: Sun, 26 Jan 2025 20:02:51 +0100 Subject: [PATCH 47/54] fixed the empty user error --- .forgejo/workflows/container-build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.forgejo/workflows/container-build.yml b/.forgejo/workflows/container-build.yml index 1d627ca..1d6e57b 100644 --- a/.forgejo/workflows/container-build.yml +++ b/.forgejo/workflows/container-build.yml @@ -16,7 +16,7 @@ jobs: env: REGISTRY_AUTH_FILE: ${{env.RUNNER_TEMP}}/auth.json run: | - skopeo login -u '' -p ${GITHUB_TOKEN} ${GITHUB_SERVER_URL} + skopeo login -u 'user' -p ${GITHUB_TOKEN} ${GITHUB_SERVER_URL} skopeo copy -a --dest-precompute-digests containers-storage:localhost/keycloak:latest ${GITHUB_SERVER_URL//https:/docker:}/${{ env.GITHUB_REPOSITORY }}:latest - name: Cleanup run: | -- 2.39.2 From 75fa33efd96c32de3101c7a15df74cb5dbd1a239 Mon Sep 17 00:00:00 2001 From: Sebastian Tobie Date: Sun, 26 Jan 2025 20:05:22 +0100 Subject: [PATCH 48/54] added an sleep between login and push --- .forgejo/workflows/container-build.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.forgejo/workflows/container-build.yml b/.forgejo/workflows/container-build.yml index 1d6e57b..5fa2fea 100644 --- a/.forgejo/workflows/container-build.yml +++ b/.forgejo/workflows/container-build.yml @@ -17,6 +17,7 @@ jobs: REGISTRY_AUTH_FILE: ${{env.RUNNER_TEMP}}/auth.json run: | skopeo login -u 'user' -p ${GITHUB_TOKEN} ${GITHUB_SERVER_URL} + sleep 300 skopeo copy -a --dest-precompute-digests containers-storage:localhost/keycloak:latest ${GITHUB_SERVER_URL//https:/docker:}/${{ env.GITHUB_REPOSITORY }}:latest - name: Cleanup run: | -- 2.39.2 From d2d63748248e4a659439f4727b974a9ae31b0c44 Mon Sep 17 00:00:00 2001 From: Sebastian Tobie Date: Mon, 27 Jan 2025 08:02:13 +0100 Subject: [PATCH 49/54] replaced the token with an pac. this will be reverted when https://codeberg.org/forgejo/forgejo/issues/3571 is closed --- .forgejo/workflows/container-build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.forgejo/workflows/container-build.yml b/.forgejo/workflows/container-build.yml index 5fa2fea..1fa43b4 100644 --- a/.forgejo/workflows/container-build.yml +++ b/.forgejo/workflows/container-build.yml @@ -16,7 +16,7 @@ jobs: env: REGISTRY_AUTH_FILE: ${{env.RUNNER_TEMP}}/auth.json run: | - skopeo login -u 'user' -p ${GITHUB_TOKEN} ${GITHUB_SERVER_URL} + skopeo login -u 'user' -p ${{ secrets.DOCKER_TOKEN }} ${GITHUB_SERVER_URL} sleep 300 skopeo copy -a --dest-precompute-digests containers-storage:localhost/keycloak:latest ${GITHUB_SERVER_URL//https:/docker:}/${{ env.GITHUB_REPOSITORY }}:latest - name: Cleanup -- 2.39.2 From 1a89489d11485c3b72bd74f9833bd0a4b4ee214a Mon Sep 17 00:00:00 2001 From: Sebastian Tobie Date: Tue, 28 Jan 2025 09:54:33 +0100 Subject: [PATCH 50/54] rewrote the copy --- .forgejo/workflows/container-build.yml | 9 +++++---- build_container.sh | 3 +-- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.forgejo/workflows/container-build.yml b/.forgejo/workflows/container-build.yml index 1fa43b4..b1ecf0f 100644 --- a/.forgejo/workflows/container-build.yml +++ b/.forgejo/workflows/container-build.yml @@ -16,10 +16,11 @@ jobs: env: REGISTRY_AUTH_FILE: ${{env.RUNNER_TEMP}}/auth.json run: | - skopeo login -u 'user' -p ${{ secrets.DOCKER_TOKEN }} ${GITHUB_SERVER_URL} - sleep 300 - skopeo copy -a --dest-precompute-digests containers-storage:localhost/keycloak:latest ${GITHUB_SERVER_URL//https:/docker:}/${{ env.GITHUB_REPOSITORY }}:latest + skopeo login -u 'user' -p "${{ secrets.DOCKER_TOKEN }}" ${GITHUB_SERVER_URL} + for tag in latest $GITHUB_TAG_NUMBER ; do + skopeo sync -a --dest-precompute-digests dir:image ${GITHUB_SERVER_URL//https:/docker:}/${{ env.GITHUB_REPOSITORY }}:$tag + done - name: Cleanup run: | buildah rmi -f localhost/keycloak - buildah prune -f \ No newline at end of file + podman image prune -f \ No newline at end of file diff --git a/build_container.sh b/build_container.sh index 17457ad..f4a191b 100755 --- a/build_container.sh +++ b/build_container.sh @@ -32,5 +32,4 @@ buildah run -- builder kc.sh build --db=postgres --metrics-enabled=true --https- buildah copy --from builder --chown root:root final /opt/keycloak/ /opt/keycloak/ buildah rm builder -buildah commit -q -f oci --rm final containers-storage:localhost/keycloak:latest -skopeo copy -q containers-storage:localhost/keycloak:latest containers-storage:localhost/keycloak:$GITHUB_RUN_NUMBER \ No newline at end of file +buildah commit --squash -q -f oci --rm final dir:image \ No newline at end of file -- 2.39.2 From 55a4d6948c6557bc404b71ff0ce29174fc812331 Mon Sep 17 00:00:00 2001 From: Sebastian Tobie Date: Tue, 28 Jan 2025 10:11:46 +0100 Subject: [PATCH 51/54] forgot to replace the sync with copy --- .forgejo/workflows/container-build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.forgejo/workflows/container-build.yml b/.forgejo/workflows/container-build.yml index b1ecf0f..9cb80aa 100644 --- a/.forgejo/workflows/container-build.yml +++ b/.forgejo/workflows/container-build.yml @@ -18,7 +18,7 @@ jobs: run: | skopeo login -u 'user' -p "${{ secrets.DOCKER_TOKEN }}" ${GITHUB_SERVER_URL} for tag in latest $GITHUB_TAG_NUMBER ; do - skopeo sync -a --dest-precompute-digests dir:image ${GITHUB_SERVER_URL//https:/docker:}/${{ env.GITHUB_REPOSITORY }}:$tag + skopeo copy -a --dest-precompute-digests dir:image ${GITHUB_SERVER_URL//https:/docker:}/${{ env.GITHUB_REPOSITORY }}:$tag done - name: Cleanup run: | -- 2.39.2 From 4268d0ea7b5bbd7250597e2bca77ee0b03e3a1cc Mon Sep 17 00:00:00 2001 From: Sebastian Tobie Date: Tue, 28 Jan 2025 10:33:31 +0100 Subject: [PATCH 52/54] added an info message and fixed the cleanup --- .forgejo/workflows/container-build.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.forgejo/workflows/container-build.yml b/.forgejo/workflows/container-build.yml index 9cb80aa..b169a44 100644 --- a/.forgejo/workflows/container-build.yml +++ b/.forgejo/workflows/container-build.yml @@ -17,10 +17,11 @@ jobs: REGISTRY_AUTH_FILE: ${{env.RUNNER_TEMP}}/auth.json run: | skopeo login -u 'user' -p "${{ secrets.DOCKER_TOKEN }}" ${GITHUB_SERVER_URL} + server=${GITHUB_SERVER_URL//https:/docker:} for tag in latest $GITHUB_TAG_NUMBER ; do - skopeo copy -a --dest-precompute-digests dir:image ${GITHUB_SERVER_URL//https:/docker:}/${{ env.GITHUB_REPOSITORY }}:$tag + echo pushing image to "${server}/${GITHUB_REPOSITORY}:${tag}" + skopeo copy -q -a --dest-precompute-digests dir:image "${server}/${GITHUB_REPOSITORY}:${tag}" done - name: Cleanup run: | - buildah rmi -f localhost/keycloak podman image prune -f \ No newline at end of file -- 2.39.2 From f8f0288137019ea0b59df022535cddecb0ed5ba7 Mon Sep 17 00:00:00 2001 From: Sebastian Tobie Date: Tue, 28 Jan 2025 10:41:59 +0100 Subject: [PATCH 53/54] fixed the wrong env name --- .forgejo/workflows/container-build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.forgejo/workflows/container-build.yml b/.forgejo/workflows/container-build.yml index b169a44..c785b5a 100644 --- a/.forgejo/workflows/container-build.yml +++ b/.forgejo/workflows/container-build.yml @@ -18,7 +18,7 @@ jobs: run: | skopeo login -u 'user' -p "${{ secrets.DOCKER_TOKEN }}" ${GITHUB_SERVER_URL} server=${GITHUB_SERVER_URL//https:/docker:} - for tag in latest $GITHUB_TAG_NUMBER ; do + for tag in latest $GITHUB_RUN_NUMBER ; do echo pushing image to "${server}/${GITHUB_REPOSITORY}:${tag}" skopeo copy -q -a --dest-precompute-digests dir:image "${server}/${GITHUB_REPOSITORY}:${tag}" done -- 2.39.2 From fe4f2ef53002622416979af41786d4e89509aca1 Mon Sep 17 00:00:00 2001 From: Sebastian Tobie Date: Tue, 28 Jan 2025 11:02:00 +0100 Subject: [PATCH 54/54] preparing for pull --- .forgejo/workflows/testing.yml | 24 ------------------------ 1 file changed, 24 deletions(-) delete mode 100644 .forgejo/workflows/testing.yml diff --git a/.forgejo/workflows/testing.yml b/.forgejo/workflows/testing.yml deleted file mode 100644 index 6ca7515..0000000 --- a/.forgejo/workflows/testing.yml +++ /dev/null @@ -1,24 +0,0 @@ ---- -on: - workflow_dispatch: -jobs: - test_1: - runs-on: host - steps: - - name: Test OS - shell: sh - run: | - node <