Buildah scripts typically use shell. You can see an example of a script here,
#!/bin/sh ctr=$(buildah from alpine:3) buildah commit "$ctr" myAlpineImage Let's say I have such a shell script that produces an image "myAlpineImage". How can I use GitHub CI to automate the creation of this image, and preferably uploading it to GitHub Container Registry?
Here is what I did, I create a Makefile that includes my own method of image creation,
.PHONY: image clean image-release image: image-release image-release: cargo build --release buildah unshare ./image/distroless.sh release clean: cargo -v clean For this purpose the only thing that matters is the image created by ./image/distroless.sh matches the action (redhat-actions/push-to-registry) in the following flow. We'll continue using the name myAlpineImage as in the question,
name: Distroless Image Creation on: push: branches: [ master ] pull_request: branches: [ master ] env: CARGO_TERM_COLOR: always jobs: build: runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 - name: Download and create image. run: make image-release - name: Push To Registry uses: redhat-actions/[email protected] with: image: myAlpineImage tags: latest registry: ghcr.io/evancarroll/project username: evancarroll password: ${{ secrets.GHCR_TOKEN }} You can see here we make the call to make image-release which calls the buildah script and makes the image rootless.
Then I added the secret for GHCR_TOKEN to my repo. The token is generated in the "Settings / Developer settings / Personal access" tokens on github..