# Build the soc-collector image and push it to the Gitea registry (public package). # This is a run-anywhere tool — there is NO deploy step; users `docker run` the image. # Reuses the Ethica org CI config: var REGISTRY_USER, secret REGISTRY_TOKEN. name: Build and push soc-collector on: push: branches: [main] workflow_dispatch: concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true env: IMAGE: git.skui.io/ethica/soc-collector jobs: build: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Log in to the Gitea registry run: echo "${{ secrets.REGISTRY_TOKEN }}" | docker login git.skui.io -u "${{ vars.REGISTRY_USER }}" --password-stdin - name: Determine version tag id: version run: | echo "version=$(date -u +%Y.%m.%d).${{ github.run_number }}" >> "$GITHUB_OUTPUT" - name: Build (retry transient base-image pulls) run: | n=0 until docker build --pull -t "$IMAGE:${{ steps.version.outputs.version }}" -t "$IMAGE:latest" .; do n=$((n+1)); [ "$n" -ge 3 ] && { echo "build failed after $n attempts"; exit 1; } echo "build attempt $n failed — retrying in $((n*15))s"; sleep $((n*15)) done - name: Push (retry transient registry TLS timeouts) run: | for ref in "$IMAGE:${{ steps.version.outputs.version }}" "$IMAGE:latest"; do n=0 until docker push "$ref"; do n=$((n+1)); [ "$n" -ge 3 ] && { echo "push of $ref failed after $n attempts"; exit 1; } echo "push attempt $n failed (transient registry TLS timeout) — retrying in $((n*15))s"; sleep $((n*15)) done done