From b5ec428e4d26f4d7d281b24ad843dde10dfbb2df Mon Sep 17 00:00:00 2001 From: Elijah Duffy Date: Sun, 7 Dec 2025 23:06:45 -0800 Subject: [PATCH] forget vibes, diy simplify the nginx build --- .github/workflows/nginx.yml | 104 ++++++------------------------------ 1 file changed, 17 insertions(+), 87 deletions(-) diff --git a/.github/workflows/nginx.yml b/.github/workflows/nginx.yml index dba58ba..e6b2fe6 100644 --- a/.github/workflows/nginx.yml +++ b/.github/workflows/nginx.yml @@ -3,104 +3,34 @@ name: nginx-build on: push: branches: [main] + paths: + - "nginx/**" + - ".github/workflows/nginx.yml" pull_request: branches: [main] + paths: + - "nginx/**" + - ".github/workflows/nginx.yml" workflow_dispatch: - inputs: - force: - description: "Set to true to force a build even if no files changed." - required: false - default: "false" - workflow_call: - secrets: - REGISTRY_TOKEN: - required: true - description: "Token for registry authentication." jobs: build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - - uses: docker/setup-buildx-action@v3 - - - uses: docker/login-action@v3 + - name: Login to AUVEM Registry + uses: docker/login-action@v3 with: registry: gitea.auvem.com username: ${{ vars.REGISTRY_USER || github.actor }} password: ${{ secrets.REGISTRY_TOKEN }} - - name: Decide and build nginx if needed - shell: bash - env: - GIT_SHA_SHORT: ${GITHUB_SHA::7} - FORCE: ${{ github.event.inputs.force || 'false' }} - run: | - set -euo pipefail + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 - if [[ ! -f nginx/Dockerfile ]]; then - echo "No nginx/Dockerfile present; nothing to build." - exit 0 - fi - - BUILD=false - # Manual trigger or explicit force -> build - if [[ "${{ github.event_name }}" == "workflow_dispatch" ]] || [[ "$FORCE" == "true" ]]; then - echo "Manual/forced trigger -> building nginx" - BUILD=true - else - # detect changed files between base/head (or list all files for shallow contexts) - if [[ "${{ github.event_name }}" == "pull_request" ]]; then - BASE_SHA="${{ github.event.pull_request.base.sha }}" - HEAD_SHA="${{ github.event.pull_request.head.sha }}" - elif [[ "${{ github.event_name }}" == "push" ]]; then - BASE_SHA="$(git rev-parse HEAD~1 2>/dev/null || true)" - HEAD_SHA="$(git rev-parse HEAD 2>/dev/null || true)" - else - BASE_SHA="" - HEAD_SHA="$(git rev-parse HEAD 2>/dev/null || true)" - fi - - if [[ -n "$BASE_SHA" ]]; then - CHANGED=$(git diff --name-only "$BASE_SHA" "$HEAD_SHA") - else - CHANGED=$(git ls-files) - fi - - echo "Changed files:\n$CHANGED" - - if grep -q "^.github/workflows/" <<< "$CHANGED"; then - echo "Workflow changed; building nginx" - BUILD=true - elif grep -q "^nginx/" <<< "$CHANGED"; then - echo "nginx directory changed; building nginx" - BUILD=true - else - BUILD=false - fi - fi - - if [[ "$BUILD" != "true" ]]; then - echo "No relevant changes; skipping nginx build." - exit 0 - fi - - IMAGE="gitea.auvem.com/auvem/wordpress-docker/nginx" - TAG="latest" - echo "Building $IMAGE:$TAG" - docker buildx build --push --platform linux/amd64 \ - --tag "${IMAGE}:${TAG}" \ - --tag "${IMAGE}:git-${GIT_SHA_SHORT}" \ - --file nginx/Dockerfile \ - . - IMAGE="gitea.auvem.com/auvem/wordpress-docker/nginx" - TAG="latest" - echo "Building nginx image ${IMAGE}:${TAG}" - docker buildx build --push --platform linux/amd64 \ - --tag "${IMAGE}:${TAG}" \ - --tag "${IMAGE}:git-${GIT_SHA_SHORT}" \ - --file "nginx/Dockerfile" . - done + - name: Build and push + uses: docker/build-push-action@v6 + with: + file: "{context}/nginx/Dockerfile" + tags: | + gitea.auvem.com/auvem/wordpress-docker/auvem-nginx:latest + gitea.auvem.com/auvem/wordpress-docker/auvem-nginx:${{ github.sha }}