- Dockerfile 100%
|
All checks were successful
Build and Push Runner Images / build-and-push (push) Successful in 5m51s
|
||
|---|---|---|
| .forgejo/workflows | ||
| java-runner | ||
| security-runner | ||
| README.md | ||
Forgejo Runner Images
This repository is split into two independent image trees so they can later become separate repos and separate Docker images:
java-runner/for Java build workloadssecurity-runner/for Trivy and security workloads
The Forgejo Runner daemon is managed by your existing runner-registration script. This repo only provides the job images that the script will reference in runner labels, such as java-ci:docker://docker-hosted.nexus.ftmahringer.com/forgejo-runner-java:latest.
For the CI workflow in .forgejo/workflows/build-and-push.yml, register an ubuntu label in your runner script that points at docker-hosted.nexus.ftmahringer.com/forgejo-runner-java:latest. That image contains the Docker CLI and Buildx tooling needed to build and push both images.
Build and push
Use your Nexus secrets:
The Forgejo workflow performs the Nexus login and push directly. If you build locally, use:
printf '%s' "$NEXUS_PASSWORD" | docker login docker-hosted.nexus.ftmahringer.com -u "$NEXUS_USERNAME" --password-stdin
docker buildx build --push -t docker-hosted.nexus.ftmahringer.com/forgejo-runner-java:latest ./java-runner
docker buildx build --push -t docker-hosted.nexus.ftmahringer.com/forgejo-runner-security:latest ./security-runner
Recommended tags:
latestfor convenience1.0.0,1.0.1, ... for immutable releases- optional
1.0.0-<gitsha>for traceability
The workflow uses the following Nexus targets:
docker-hosted.nexus.ftmahringer.com/forgejo-runner-javadocker-hosted.nexus.ftmahringer.com/forgejo-runner-security
Scope
- Build and publish the Java runner image
- Build and publish the Security runner image
- Keep the repository structure ready for later split into two repos