No description
  • Dockerfile 100%
Find a file
FTMahringer cf24457ba1
All checks were successful
Build and Push Runner Images / build-and-push (push) Successful in 5m51s
upload new
2026-06-08 21:55:13 +02:00
.forgejo/workflows upload new 2026-06-08 21:55:13 +02:00
java-runner upload new 2026-06-08 21:55:13 +02:00
security-runner upload 2026-06-08 21:42:58 +02:00
README.md upload new 2026-06-08 21:55:13 +02:00

Forgejo Runner Images

This repository is split into two independent image trees so they can later become separate repos and separate Docker images:

  • java-runner/ for Java build workloads
  • security-runner/ for Trivy and security workloads

The Forgejo Runner daemon is managed by your existing runner-registration script. This repo only provides the job images that the script will reference in runner labels, such as java-ci:docker://docker-hosted.nexus.ftmahringer.com/forgejo-runner-java:latest.

For the CI workflow in .forgejo/workflows/build-and-push.yml, register an ubuntu label in your runner script that points at docker-hosted.nexus.ftmahringer.com/forgejo-runner-java:latest. That image contains the Docker CLI and Buildx tooling needed to build and push both images.

Build and push

Use your Nexus secrets:

The Forgejo workflow performs the Nexus login and push directly. If you build locally, use:

printf '%s' "$NEXUS_PASSWORD" | docker login docker-hosted.nexus.ftmahringer.com -u "$NEXUS_USERNAME" --password-stdin
docker buildx build --push -t docker-hosted.nexus.ftmahringer.com/forgejo-runner-java:latest ./java-runner
docker buildx build --push -t docker-hosted.nexus.ftmahringer.com/forgejo-runner-security:latest ./security-runner

Recommended tags:

  • latest for convenience
  • 1.0.0, 1.0.1, ... for immutable releases
  • optional 1.0.0-<gitsha> for traceability

The workflow uses the following Nexus targets:

  • docker-hosted.nexus.ftmahringer.com/forgejo-runner-java
  • docker-hosted.nexus.ftmahringer.com/forgejo-runner-security

Scope

  • Build and publish the Java runner image
  • Build and publish the Security runner image
  • Keep the repository structure ready for later split into two repos