fix: stop base-image registry push to avoid blob reset failures
Some checks failed
Tests / Build and Push CICD Base Image (pull_request) Failing after 26m37s
Tests / Build and Push CICD Complete Image (pull_request) Has been skipped
Tests / Trailing Whitespace Check (pull_request) Has been skipped
Tests / End of File Check (pull_request) Has been skipped
Tests / YAML Syntax Check (pull_request) Has been skipped
Tests / TOML Syntax Check (pull_request) Has been skipped
Tests / Mixed Line Ending Check (pull_request) Has been skipped
Tests / TOML Formatting Check (pull_request) Has been skipped
Tests / Ruff Linting (pull_request) Has been skipped
Tests / Ruff Format Check (pull_request) Has been skipped
Tests / Pyright Type Check (pull_request) Has been skipped
Tests / Darglint Docstring Check (pull_request) Has been skipped
Tests / No Docstring Types Check (pull_request) Has been skipped
Tests / ESLint Check (pull_request) Has been skipped
Tests / Prettier Format Check (pull_request) Has been skipped
Tests / TypeScript Type Check (pull_request) Has been skipped
Tests / TSDoc Lint Check (pull_request) Has been skipped
Tests / Backend Tests (pull_request) Has been skipped
Tests / Frontend Tests (pull_request) Has been skipped
Tests / Backend Doctests (pull_request) Has been skipped
Tests / Integration Tests (pull_request) Has been skipped
Tests / End-to-End Tests (pull_request) Has been skipped

This commit is contained in:
copilotcoder
2026-05-18 14:40:45 -04:00
parent 48d1773b99
commit d64032d95a

View File

@@ -53,59 +53,16 @@ jobs:
- name: Check if base image needs rebuilding
id: check-base
env:
PACKAGE_ACCESS_TOKEN: ${{ secrets.PACKAGE_ACCESS_TOKEN }}
REGISTRY_USER: ${{ secrets.REGISTRY_USER || github.actor }}
run: |
echo "=== Checking if CICD Base Image Needs Rebuilding ==="
echo "=== Computing CICD Base Image Hash ==="
# Always compute hash first so downstream steps have a valid tag.
# Always compute hash so downstream steps have a stable tag.
BASE_HASH=$(sha256sum Dockerfile.cicd-base | cut -d' ' -f1 | head -c16)
echo "Base Dockerfile hash: ${BASE_HASH}"
echo "base_hash=${BASE_HASH}" >> $GITHUB_OUTPUT
# Login to registry to check for existing image
if echo "${PACKAGE_ACCESS_TOKEN}" | docker login "http://${GITEA_REGISTRY}" -u "${REGISTRY_USER}" --password-stdin; then
echo "✓ Successfully logged into registry"
else
echo "❌ Failed to login to registry, will force build"
echo "needs_build=true" >> $GITHUB_OUTPUT
exit 0
fi
# Try to pull existing base image with this hash (with timeout handling)
echo "Attempting to pull base image with hash: ${BASE_HASH}"
PULL_SUCCESS=false
# First try to pull the hash-specific image
if timeout 120 docker pull "${GITEA_REGISTRY}/darkhelm.org/plex-playlist-cicd-base:${BASE_HASH}" 2>/dev/null; then
echo "✓ Base image with hash ${BASE_HASH} found in registry"
PULL_SUCCESS=true
else
echo "Base image with hash ${BASE_HASH} not found, trying latest..."
# Fallback: try to pull latest and check if it matches our hash
if timeout 120 docker pull "${GITEA_REGISTRY}/darkhelm.org/plex-playlist-cicd-base:latest" 2>/dev/null; then
# Check if the pulled latest image is what we need (this is a simplified check)
echo "Pulled latest base image, will use it for now"
docker tag "${GITEA_REGISTRY}/darkhelm.org/plex-playlist-cicd-base:latest" \
"${GITEA_REGISTRY}/darkhelm.org/plex-playlist-cicd-base:${BASE_HASH}"
PULL_SUCCESS=true
fi
fi
if [ "$PULL_SUCCESS" = true ]; then
echo "✓ Base image available, skipping build"
echo "needs_build=false" >> $GITHUB_OUTPUT
# Ensure latest tag is available for dependent job
docker tag "${GITEA_REGISTRY}/darkhelm.org/plex-playlist-cicd-base:${BASE_HASH}" \
"${GITEA_REGISTRY}/darkhelm.org/plex-playlist-cicd-base:latest" 2>/dev/null || true
docker push "${GITEA_REGISTRY}/darkhelm.org/plex-playlist-cicd-base:latest" 2>/dev/null || \
echo "Warning: Could not push latest tag, but base image is available"
else
echo "Base image not available in registry - will build new image"
echo "This is normal for first run or when base dependencies change"
echo "needs_build=true" >> $GITHUB_OUTPUT
fi
# Registry blob HEAD requests are currently unstable on this infra,
# so we always build base locally and let downstream steps fallback as needed.
echo "needs_build=true" >> $GITHUB_OUTPUT
- name: Build and push base image
if: steps.check-base.outputs.needs_build == 'true'
@@ -139,34 +96,8 @@ jobs:
exit 1
fi
# Tag for registry with hash and latest
docker tag cicd-base:latest "${GITEA_REGISTRY}/darkhelm.org/plex-playlist-cicd-base:${BASE_HASH}"
docker tag cicd-base:latest "${GITEA_REGISTRY}/darkhelm.org/plex-playlist-cicd-base:latest"
# Push to registry with retry (with fallback to local-only strategy)
echo "Attempting to push base images to registry..."
PUSH_SUCCESS=false
for i in 1 2 3; do
echo "Push attempt $i..."
if docker push "${GITEA_REGISTRY}/darkhelm.org/plex-playlist-cicd-base:${BASE_HASH}" && \
docker push "${GITEA_REGISTRY}/darkhelm.org/plex-playlist-cicd-base:latest"; then
echo "✓ CICD base image built and pushed with hash ${BASE_HASH}"
PUSH_SUCCESS=true
break
else
echo "❌ Push attempt $i failed"
if [ $i -lt 3 ]; then
sleep 10
fi
fi
done
if [ "$PUSH_SUCCESS" = false ]; then
echo "⚠ Registry push unavailable, but base image is built locally"
echo "Subsequent jobs will build their own base images locally"
else
echo "✓ Base image successfully stored in registry"
fi
echo "✓ Base image built locally"
echo " Skipping base image registry push due transient registry reset issues"
setup:
name: Build and Push CICD Complete Image