forget vibes, diy simplify the nginx build

2025-12-07 23:06:45 -08:00
parent 82cdc6a2ad
commit b5ec428e4d
1 changed files with 17 additions and 87 deletions
--- a/.github/workflows/nginx.yml
+++ b/.github/workflows/nginx.yml
@@ -3,104 +3,34 @@ name: nginx-build
 on:
  push:
    branches: [main]
+    paths:
+      - "nginx/**"
+      - ".github/workflows/nginx.yml"
  pull_request:
    branches: [main]
+    paths:
+      - "nginx/**"
+      - ".github/workflows/nginx.yml"
  workflow_dispatch:
-    inputs:
-      force:
-        description: "Set to true to force a build even if no files changed."
-        required: false
-        default: "false"
-  workflow_call:
-    secrets:
-      REGISTRY_TOKEN:
-        required: true
-        description: "Token for registry authentication."

 jobs:
  build:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-
-      - uses: docker/setup-buildx-action@v3
-
-      - uses: docker/login-action@v3
+      - name: Login to AUVEM Registry
+        uses: docker/login-action@v3
        with:
          registry: gitea.auvem.com
          username: ${{ vars.REGISTRY_USER || github.actor }}
          password: ${{ secrets.REGISTRY_TOKEN }}

-      - name: Decide and build nginx if needed
-        shell: bash
-        env:
-          GIT_SHA_SHORT: ${GITHUB_SHA::7}
-          FORCE: ${{ github.event.inputs.force || 'false' }}
-        run: |
-          set -euo pipefail
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3

-          if [[ ! -f nginx/Dockerfile ]]; then
-            echo "No nginx/Dockerfile present; nothing to build."
-            exit 0
-          fi
-
-          BUILD=false
-          # Manual trigger or explicit force -> build
-          if [[ "${{ github.event_name }}" == "workflow_dispatch" ]] || [[ "$FORCE" == "true" ]]; then
-            echo "Manual/forced trigger -> building nginx"
-            BUILD=true
-          else
-            # detect changed files between base/head (or list all files for shallow contexts)
-            if [[ "${{ github.event_name }}" == "pull_request" ]]; then
-              BASE_SHA="${{ github.event.pull_request.base.sha }}"
-              HEAD_SHA="${{ github.event.pull_request.head.sha }}"
-            elif [[ "${{ github.event_name }}" == "push" ]]; then
-              BASE_SHA="$(git rev-parse HEAD~1 2>/dev/null || true)"
-              HEAD_SHA="$(git rev-parse HEAD 2>/dev/null || true)"
-            else
-              BASE_SHA=""
-              HEAD_SHA="$(git rev-parse HEAD 2>/dev/null || true)"
-            fi
-
-            if [[ -n "$BASE_SHA" ]]; then
-              CHANGED=$(git diff --name-only "$BASE_SHA" "$HEAD_SHA")
-            else
-              CHANGED=$(git ls-files)
-            fi
-
-            echo "Changed files:\n$CHANGED"
-
-            if grep -q "^.github/workflows/" <<< "$CHANGED"; then
-              echo "Workflow changed; building nginx"
-              BUILD=true
-            elif grep -q "^nginx/" <<< "$CHANGED"; then
-              echo "nginx directory changed; building nginx"
-              BUILD=true
-            else
-              BUILD=false
-            fi
-          fi
-
-          if [[ "$BUILD" != "true" ]]; then
-            echo "No relevant changes; skipping nginx build."
-            exit 0
-          fi
-
-          IMAGE="gitea.auvem.com/auvem/wordpress-docker/nginx"
-          TAG="latest"
-          echo "Building $IMAGE:$TAG"
-          docker buildx build --push --platform linux/amd64 \
-            --tag "${IMAGE}:${TAG}" \
-            --tag "${IMAGE}:git-${GIT_SHA_SHORT}" \
-            --file nginx/Dockerfile \
-            .
-            IMAGE="gitea.auvem.com/auvem/wordpress-docker/nginx"
-            TAG="latest"
-            echo "Building nginx image ${IMAGE}:${TAG}"
-            docker buildx build --push --platform linux/amd64 \
-              --tag "${IMAGE}:${TAG}" \
-              --tag "${IMAGE}:git-${GIT_SHA_SHORT}" \
-              --file "nginx/Dockerfile" .
-          done
+      - name: Build and push
+        uses: docker/build-push-action@v6
+        with:
+          file: "{context}/nginx/Dockerfile"
+          tags: |
+            gitea.auvem.com/auvem/wordpress-docker/auvem-nginx:latest
+            gitea.auvem.com/auvem/wordpress-docker/auvem-nginx:${{ github.sha }}