https://github.com/maltegrosse/woodpecker-buildah

Buildah Plugin for Woodpecker
https://github.com/maltegrosse/woodpecker-buildah

Last synced: about 2 months ago
JSON representation

Buildah Plugin for Woodpecker

• Host: GitHub
• URL: https://github.com/maltegrosse/woodpecker-buildah
• Owner: maltegrosse
• License: mit
• Created: 2024-02-14T12:32:14.000Z (over 2 years ago)
• Default Branch: main
• Last Pushed: 2024-02-19T16:21:53.000Z (over 2 years ago)
• Last Synced: 2025-12-19T22:55:58.377Z (6 months ago)
• Language: Go
• Size: 26.4 KB
• Stars: 2
• Watchers: 1
• Forks: 1
• Open Issues: 1
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# Woodpecker-Buildah Plugin

A basic wrapper for buildah commands to run as a woodpecker-ci pipeline.

Inspired by https://codeberg.org/Taywee/woodpecker-buildah/ , rewritten in golang.

Latest container can be found here:

https://hub.docker.com/r/maltegrosse/woodpecker-buildah/tags

## Usage

```

steps:

  build_and_release_and_push:

    image: maltegrosse/woodpecker-buildah:0.0.11

    pull: true

    settings:

      registry: somehub.com

      repository: theuser/mytarget_repo

      tag: 4.0.12c

      architectures: amd64 aarch64

      context: Dockerfile

      username:

        from_secret: docker_username

      password:

        from_secret: docker_password

```

## Limitation

There are certain considerations between security and performance, especially running on Kubernetes. Currently, the plugin runs with vfs - and it is quite slow... see links for further information.

Plugin is in early stage and only tested with Woodpecker Kubernetes backend. To run multi-arch builds, a second qemu container needs to be deployed (in privileged mode) --> see example-qemu.yaml (as one possible solution)

Fuse package is preinstalled, and fuse storage could be added as a flag. (untested)

If buildah runs in privileged mode, woodpecker needs to trust the container repo. See https://woodpecker-ci.org/docs/administration/server-config#all-server-configuration-options --> WOODPECKER_ESCALATE

## Links

A collection of useful buildah articles

- https://codeberg.org/Taywee/woodpecker-buildah/

- https://www.redhat.com/sysadmin/7-transports-features

- https://github.com/containers/buildah/issues/2554

- https://www.redhat.com/sysadmin/podman-inside-kubernetes

- https://opensource.com/article/19/3/tips-tricks-rootless-buildah

- https://github.com/containers/buildah/blob/main/docs/buildah.1.md

- https://insujang.github.io/2020-11-09/building-container-image-inside-container-using-buildah/

- https://danmanners.com/posts/2022-01-buildah-multi-arch/

- https://www.itix.fr/blog/build-multi-architecture-container-images-with-kubernetes-buildah-tekton-and-qemu/

- https://developers.redhat.com/blog/2019/08/14/best-practices-for-running-buildah-in-a-container#running_buildah_inside_a_container

## License

This wrapper is under MIT, [buildah image](https://github.com/containers/buildah/blob/04c61a7b7277e44ea69ea93ebbded92fdecac036/contrib/buildahimage/Containerfile) is under the Apache license.