Add builder image, fix runners

2025-10-30 18:48:30 -04:00
parent d8a44c7dea
commit 476b9c9a2c
3 changed files with 65 additions and 26 deletions
--- a/.gitea/workflows/build-builder-docker.yml
+++ b/.gitea/workflows/build-builder-docker.yml
@@ -0,0 +1,22 @@
+name: Build and Push Builder Image
+
+# Trigger this workflow when we change the Dockerfile
+on:
+  push:
+    paths:
+      - 'docker/Dockerfile'
+
+jobs:
+  build-and-push:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@v4
+
+      - name: Login to Gitea Container Registry
+        run: docker login git.dws.rip -u ${{ gitea.actor }} -p ${{ secrets.GLOBAL_TOKEN }}
+      - name: Build and Push Image
+        run: |
+          IMAGE_TAG="git.dws.rip/dws/chrony-builder:latest"
+          docker build -t $IMAGE_TAG -f docker/Dockerfile .
+          docker push $IMAGE_TAG
--- a/.gitea/workflows/build-debian.yml
+++ b/.gitea/workflows/build-debian.yml
@@ -13,46 +13,36 @@ on:

 jobs:
  build-and-upload-deb:
-    runs-on: ubuntu-24.04
-
+    runs-on: ubuntu:latest
+    container:
+      image: git.dws.rip/dws/chrony-builder:latest
    steps:
      - name: Get Build Version
        run: |
          if [[ "${{ gitea.event_name }}" == "push" ]]; then
            TRIGGER_TAG="${{ gitea.ref_name }}"
-            echo "Triggered by tag push: $TRIGGER_TAG"
          elif [[ "${{ gitea.event_name }}" == "workflow_dispatch" ]]; then
            TRIGGER_TAG="${{ inputs.tag }}"
-            echo "Triggered by manual dispatch: $TRIGGER_TAG"
          fi
-          if [ -z "$TRIGGER_TAG" ]; then
-            echo "Error: Could not determine tag name."
-            exit 1
-          fi
-
-          # The upstream chrony mirror uses "4.7", but our builder repo uses "v4.7".
-          # We strip the "v" to get the tag name for the mirror.
          UPSTREAM_TAG=$(echo $TRIGGER_TAG | sed 's/^v//')
          echo "Builder Tag: $TRIGGER_TAG"
          echo "Upstream Tag: $UPSTREAM_TAG"
-
-          echo "TRIGGER_TAG=${TRIGGER_TAG}" >> $GITEA_ENV
          echo "UPSTREAM_TAG=${UPSTREAM_TAG}" >> $GITEA_ENV
-
+        shell: bash # Explicitly use bash
      - name: Clone Chrony Source Code
        run: |
+          # git is already installed in our container!
          git clone https://git.dws.rip/dws/chrony.git
-          cd chrony
+          cd chrony-mirror
          echo "Checking out upstream tag: ${{ env.UPSTREAM_TAG }}"
          git checkout ${{ env.UPSTREAM_TAG }}
-      - name: Install Build Dependencies
-        run: |
-          sudo apt-get update
-          cd chrony
-          sudo apt-get install -y dpkg-dev debhelper devscripts build-essential
-          sudo apt-get build-dep -y .
-
+        shell: bash
      - name: Import GPG Key
+        run: |
+          apt-get update
+          apt-get install -y gpg gpg-agent
+        shell: bash
+      - name: Import GExample GPG
        uses: https://github.com/crazy-max/ghaction-import-gpg@v6
        with:
          gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
@@ -63,22 +53,25 @@ jobs:

      - name: Build the SIGNED .deb Package
        run: |
-          cd chrony
+          cd chrony-mirror
+          # dpkg-buildpackage is already installed!
          dpkg-buildpackage --unsigned-source -b
+        shell: bash
      - name: Upload to Gitea Debian Registry
        run: |
-          # --- Set your Gitea variables ---
          OWNER=dws
          DEBIAN_DIST=noble
          DEBIAN_COMP=main
-          # Find the .changes file (it's in the parent dir of chrony-mirror)
+          # curl is already installed!
          CHANGES_FILE=$(find . -maxdepth 1 -name "*.changes" | head -n 1)
          if [ -z "$CHANGES_FILE" ]; then
-            echo "Error: No .changes file found. Build may have failed."
+            echo "Error: No .changes file found."
            exit 1
          fi
+
          echo "Uploading $CHANGES_FILE..."
          curl -L --fail \
            -X POST "https://git.dws.rip/api/packages/${OWNER}/debian/upload/${DEBIAN_DIST}/${DEBIAN_COMP}" \
            -H "Authorization: token ${{ secrets.GITEA_TOKEN }}" \
            -F "file=@${CHANGES_FILE}"
+        shell: bash
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -0,0 +1,24 @@
+# Start from the same base as our target
+FROM ubuntu:24.04
+
+# Set non-interactive mode for apt to prevent it from asking questions
+ENV DEBIAN_FRONTEND=noninteractive
+
+# Update, install build tools, and install chrony's specific build-deps
+RUN apt-get update && \
+    apt-get install -y \
+    build-essential \
+    debhelper \
+    devscripts \
+    dpkg-dev \
+    git \
+    curl \
+    gnupg \
+    # Chrony's specific dependencies (from its debian/control file)
+    libcap-dev \
+    libedit-dev \
+    libgnutls28-dev \
+    libnss3-dev \
+    libseccomp-dev \
+    # Clean up apt cache
+    && rm -rf /var/lib/apt/lists/*