diff --git a/.gitea/workflows/image.yaml b/.gitea/workflows/image.yaml new file mode 100644 index 0000000..cdb288a --- /dev/null +++ b/.gitea/workflows/image.yaml @@ -0,0 +1,51 @@ +name: Build and Publish Container Image + +on: + push: + branches: + - main + tags: + - "v*" + +env: + REGISTRY: 92.205.130.254:32166 + IMAGE_NAME: netkingdom/key-cape + +jobs: + build-and-push: + runs-on: act_runner + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Login to Gitea registry + uses: docker/login-action@v3 + with: + registry: ${{ env.REGISTRY }} + username: ${{ secrets.REGISTRY_USER }} + password: ${{ secrets.REGISTRY_TOKEN }} + + - name: Extract metadata + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + tags: | + type=raw,value=latest,enable={{is_default_branch}} + type=sha,prefix=main-,format=short,enable={{is_default_branch}} + type=semver,pattern={{version}} + type=semver,pattern={{major}}.{{minor}} + type=semver,pattern={{major}} + + - name: Build and push + uses: docker/build-push-action@v5 + with: + context: . + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + cache-from: type=gha + cache-to: type=gha,mode=max diff --git a/Makefile b/Makefile index 7231f44..370923f 100644 --- a/Makefile +++ b/Makefile @@ -1,4 +1,9 @@ -.PHONY: dev seed build test lint +IMAGE_REGISTRY ?= 92.205.130.254:32166 +IMAGE_REPO ?= netkingdom/key-cape +IMAGE_TAG ?= latest +IMAGE := $(IMAGE_REGISTRY)/$(IMAGE_REPO):$(IMAGE_TAG) + +.PHONY: dev seed build test lint image push image-tag dev: docker compose -f docker-compose.dev.yml up @@ -14,3 +19,12 @@ test: lint: cd src && go vet ./... + +image: + docker build -t $(IMAGE) . + +push: image + docker push $(IMAGE) + +image-tag: + docker tag $(IMAGE) $(IMAGE_REGISTRY)/$(IMAGE_REPO):$(IMAGE_TAG) diff --git a/README.md b/README.md index 7cb9af2..35fb0dd 100644 --- a/README.md +++ b/README.md @@ -177,6 +177,62 @@ wiki/ # Specifications - `wiki/KeyCapeSpecificationPack_v0.1.md` — Normative implementation spec - `docs/adr/ADR-0001-choose-go-for-keycape.md` — Language decision (Go vs Rust) +## Container Image + +The KeyCape image is published to the Gitea OCI registry on CoulombCore. + +**Registry:** `92.205.130.254:32166` +**Image:** `92.205.130.254:32166/netkingdom/key-cape` + +### Pull + +```bash +docker pull 92.205.130.254:32166/netkingdom/key-cape:latest +``` + +The registry runs over plain HTTP. Configure Docker to allow it: + +```json +// /etc/docker/daemon.json +{ "insecure-registries": ["92.205.130.254:32166"] } +``` + +### Build and push locally + +```bash +# Build with default tag (latest) +make image + +# Build with a specific tag +IMAGE_TAG=dev make image + +# Push to registry (requires prior docker login) +docker login 92.205.130.254:32166 +make push + +# Push with a specific tag +IMAGE_TAG=v1.0.0 make push +``` + +### Tags + +| Trigger | Tags | +|---------|------| +| Push to `main` | `latest`, `main-` | +| Tag `v1.2.3` | `1.2.3`, `1.2`, `1`, `latest` | + +### CI (Gitea Actions) + +The workflow at `.gitea/workflows/image.yaml` builds and publishes automatically +on every push to `main` and on semver tags (`v*`). + +Required Gitea Actions secrets on the `key-cape` repo: + +| Secret | Value | +|--------|-------| +| `REGISTRY_USER` | Gitea username or machine account (e.g. `ci-netkingdom`) | +| `REGISTRY_TOKEN` | Gitea personal access token with `write:packages` scope | + ## Domain Part of the **NetKingdom** domain. Tracked in the Custodian State Hub under diff --git a/workplans/KEY-WP-0002-container-image-gitea.md b/workplans/KEY-WP-0002-container-image-gitea.md index 0565fa7..f153880 100644 --- a/workplans/KEY-WP-0002-container-image-gitea.md +++ b/workplans/KEY-WP-0002-container-image-gitea.md @@ -115,7 +115,7 @@ same file. ```task id: KEY-WP-0002-T01 -status: todo +status: done priority: high state_hub_task_id: "749472fc-edb9-4948-9ebc-58d5f38327ee" ``` @@ -133,7 +133,7 @@ produces a differently-tagged image. ```task id: KEY-WP-0002-T02 -status: todo +status: done priority: high state_hub_task_id: "8ecf18cc-a3bb-4ede-a09c-fcd0d26d7f9d" ``` @@ -220,7 +220,7 @@ Gate: pull succeeds; image is listed in Gitea → Packages → netkingdom/key-ca ```task id: KEY-WP-0002-T06 -status: todo +status: done priority: low state_hub_task_id: "946cd34d-94da-4fa9-a781-ed36f6c827a3" ```