name: Build and Publish on: push: branches: - main env: CHART_NAME: ${{ github.event.repository.name }} IMAGE_NAME: ${{ github.event.repository.name }} jobs: build-release: runs-on: nix permissions: id-token: write contents: read steps: - name: Checkout repository uses: actions/checkout@v4 - name: Build Docker Image via Nix Flake run: | nix build .#dockerImage --print-build-logs docker load < result - name: Log in to Gitea Container Registry uses: docker/login-action@v3 with: registry: ${{ github.server_url }} username: ${{ secrets.CI_USER }} password: ${{ secrets.CI_PASSWORD }} - name: Tag and Push Docker Image run: | VERSION=${{ github.run_number }} # Strip https from server URL REGISTRY=${GITHUB_SERVER_URL#https://} TARGET_IMAGE=$REGISTRY/${{ github.repository_owner }}/${{ env.IMAGE_NAME }} # Auto-detect the built image name (better version) SOURCE_IMAGE=$(docker load < result | awk '{print $3}') docker tag $SOURCE_IMAGE $TARGET_IMAGE:$VERSION docker tag $SOURCE_IMAGE $TARGET_IMAGE:latest docker push $TARGET_IMAGE:$VERSION docker push $TARGET_IMAGE:latest - name: Setup Helm uses: azure/setup-helm@v4 with: version: v3.14.0 - name: Package Helm Chart run: | VERSION=${{ github.run_number }} helm dependency build ops/chart helm package ops/chart --version $VERSION --app-version $VERSION - name: Push Helm Chart to Gitea Registry run: | VERSION=${{ github.run_number }} CHART_FILE=${{ env.CHART_NAME }}-${VERSION}.tgz curl -f --user "${{ secrets.CI_USER }}:${{ secrets.CI_PASSWORD }}" \ -X POST \ --upload-file ./$CHART_FILE \ "${{ github.server_url }}/api/packages/${{ github.repository_owner }}/helm/api/charts"