adding files
Some checks failed
FoundryVTT Container Build / Build FoundryVTT Container (push) Failing after 1m37s
Some checks failed
FoundryVTT Container Build / Build FoundryVTT Container (push) Failing after 1m37s
This commit is contained in:
parent
d98a8cc4c9
commit
b7b4a173c7
174
.gitea/workflows/build-container.yml
Normal file
174
.gitea/workflows/build-container.yml
Normal file
@ -0,0 +1,174 @@
|
||||
# FoundryVTT Container Build Pipeline
|
||||
name: FoundryVTT Container Build
|
||||
run-name: ${{ gitea.actor }} is building FoundryVTT Container
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
paths:
|
||||
- 'Containerfile'
|
||||
- 'scripts/**'
|
||||
- '.gitea/workflows/build-container.yml'
|
||||
workflow_dispatch:
|
||||
inputs:
|
||||
foundry_version:
|
||||
description: 'FoundryVTT version (or "latest")'
|
||||
required: false
|
||||
default: 'latest'
|
||||
force_build:
|
||||
description: 'Force build even if version exists'
|
||||
required: false
|
||||
default: 'false'
|
||||
|
||||
env:
|
||||
IMAGE_NAMESPACE: public/foundryvtt
|
||||
IMAGE_REGISTRY: registry.belway.me
|
||||
REGISTRY_USER: ${{ secrets.BELWAY_REGISTRY_USER }}
|
||||
REGISTRY_TOKEN: ${{ secrets.BELWAY_REGISTRY_TOKEN }}
|
||||
|
||||
jobs:
|
||||
Build:
|
||||
name: Build FoundryVTT Container
|
||||
runs-on: podman-stable
|
||||
steps:
|
||||
- name: Fail fast on missing secrets
|
||||
env:
|
||||
REPO_TOKEN: ${{ secrets.REPO_TOKEN }}
|
||||
FOUNDRY_USERNAME: ${{ secrets.FOUNDRY_USERNAME }}
|
||||
FOUNDRY_PASSWORD: ${{ secrets.FOUNDRY_PASSWORD }}
|
||||
run: |
|
||||
if [[ -z "${REGISTRY_USER}" || -z "${REGISTRY_TOKEN}" || -z "${REPO_TOKEN}" ]]; then
|
||||
echo "Error: Required registry secrets are missing"
|
||||
exit 1
|
||||
fi
|
||||
if [[ -z "${FOUNDRY_USERNAME}" || -z "${FOUNDRY_PASSWORD}" ]]; then
|
||||
echo "Error: FOUNDRY_USERNAME and FOUNDRY_PASSWORD secrets are required"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
- name: Registry Login
|
||||
run: |
|
||||
echo "${REGISTRY_TOKEN}" | podman login -u "${REGISTRY_USER}" --password-stdin "${IMAGE_REGISTRY}"
|
||||
|
||||
- name: Setup Container Tools
|
||||
run: |
|
||||
dnf install -y buildah git jq curl fuse-overlayfs podman
|
||||
dnf -y reinstall shadow-utils
|
||||
dnf clean all && rm -rf /var/cache/dnf
|
||||
|
||||
- name: Clone Repository
|
||||
run: |
|
||||
git clone "https://${{ secrets.REPO_TOKEN }}@gitea.belway.me/Public/foundryvtt_container.git"
|
||||
|
||||
- name: Set Git Information
|
||||
working-directory: ./foundryvtt_container
|
||||
run: |
|
||||
echo "GIT_COMMIT=$(git rev-parse HEAD)" >> $GITHUB_ENV
|
||||
echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> $GITHUB_ENV
|
||||
|
||||
- name: Get FoundryVTT Version
|
||||
working-directory: ./foundryvtt_container
|
||||
run: |
|
||||
if [[ "${{ gitea.event_name }}" == "workflow_dispatch" && "${{ inputs.foundry_version }}" != "latest" ]]; then
|
||||
FOUNDRY_VERSION="${{ inputs.foundry_version }}"
|
||||
else
|
||||
echo "Fetching latest FoundryVTT version..."
|
||||
chmod +x scripts/get_foundry_version.sh
|
||||
FOUNDRY_VERSION=$(bash scripts/get_foundry_version.sh --version-only)
|
||||
fi
|
||||
|
||||
echo "FOUNDRY_VERSION=${FOUNDRY_VERSION}" >> $GITHUB_ENV
|
||||
echo "FoundryVTT version: ${FOUNDRY_VERSION}"
|
||||
|
||||
- name: Check Existing Image
|
||||
run: |
|
||||
if podman pull "${IMAGE_REGISTRY}/${IMAGE_NAMESPACE}:${FOUNDRY_VERSION}" 2>/dev/null; then
|
||||
echo "EXISTING_VERSION=${FOUNDRY_VERSION}" >> $GITHUB_ENV
|
||||
else
|
||||
echo "EXISTING_VERSION=none" >> $GITHUB_ENV
|
||||
fi
|
||||
|
||||
- name: Get FoundryVTT Download URL
|
||||
working-directory: ./foundryvtt_container
|
||||
env:
|
||||
FOUNDRY_USERNAME: ${{ secrets.FOUNDRY_USERNAME }}
|
||||
FOUNDRY_PASSWORD: ${{ secrets.FOUNDRY_PASSWORD }}
|
||||
run: |
|
||||
echo "Authenticating to FoundryVTT..."
|
||||
chmod +x scripts/get_foundry_download.sh
|
||||
FOUNDRY_URL=$(bash scripts/get_foundry_download.sh --url-only --version "${FOUNDRY_VERSION}")
|
||||
|
||||
if [[ -z "${FOUNDRY_URL}" || "${FOUNDRY_URL}" == "null" ]]; then
|
||||
echo "Error: Failed to get download URL from FoundryVTT"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Mask the URL in logs (contains timed token)
|
||||
echo "::add-mask::${FOUNDRY_URL}"
|
||||
echo "FOUNDRY_URL=${FOUNDRY_URL}" >> $GITHUB_ENV
|
||||
echo "✅ Successfully obtained download URL"
|
||||
|
||||
- name: Build and Push Container Image
|
||||
working-directory: ./foundryvtt_container
|
||||
run: |
|
||||
set -e
|
||||
|
||||
SHOULD_BUILD=false
|
||||
FORCE_BUILD="${{ inputs.force_build }}"
|
||||
|
||||
if [[ "${FORCE_BUILD}" == "true" ]]; then
|
||||
SHOULD_BUILD=true
|
||||
elif [[ "${EXISTING_VERSION}" == "none" ]]; then
|
||||
SHOULD_BUILD=true
|
||||
elif [[ "${{ gitea.event_name }}" == "workflow_dispatch" ]]; then
|
||||
SHOULD_BUILD=true
|
||||
elif [[ "${{ gitea.event_name }}" == "push" ]]; then
|
||||
SHOULD_BUILD=true
|
||||
fi
|
||||
|
||||
if [[ "${SHOULD_BUILD}" == "true" ]]; then
|
||||
echo "Building FoundryVTT image..."
|
||||
|
||||
IMAGE_NAME="${IMAGE_REGISTRY}/${IMAGE_NAMESPACE}:${FOUNDRY_VERSION}"
|
||||
|
||||
podman build \
|
||||
--platform linux/amd64 \
|
||||
--format oci \
|
||||
--layers \
|
||||
--build-arg FOUNDRY_URL="${FOUNDRY_URL}" \
|
||||
--build-arg FOUNDRY_VERSION="${FOUNDRY_VERSION}" \
|
||||
--label "org.opencontainers.image.version=${FOUNDRY_VERSION}" \
|
||||
--label "org.opencontainers.image.revision=${GIT_COMMIT}" \
|
||||
--label "org.opencontainers.image.created=${BUILD_DATE}" \
|
||||
-f Containerfile \
|
||||
-t "${IMAGE_NAME}" \
|
||||
.
|
||||
|
||||
podman push "${IMAGE_NAME}"
|
||||
|
||||
# Also tag as latest
|
||||
podman tag "${IMAGE_NAME}" "${IMAGE_REGISTRY}/${IMAGE_NAMESPACE}:latest"
|
||||
podman push "${IMAGE_REGISTRY}/${IMAGE_NAMESPACE}:latest"
|
||||
|
||||
echo "BUILD_STATUS=success" >> $GITHUB_ENV
|
||||
echo "✅ Successfully built FoundryVTT ${FOUNDRY_VERSION}"
|
||||
else
|
||||
echo "BUILD_STATUS=skipped" >> $GITHUB_ENV
|
||||
echo "ℹ️ No build required"
|
||||
fi
|
||||
|
||||
- name: Registry Logout
|
||||
if: always()
|
||||
run: podman logout "${IMAGE_REGISTRY}" || true
|
||||
|
||||
- name: Build Summary
|
||||
run: |
|
||||
echo ""
|
||||
echo "🎲 FoundryVTT Container Build Summary"
|
||||
echo "====================================="
|
||||
echo " FoundryVTT Version: ${FOUNDRY_VERSION}"
|
||||
echo " Architecture: amd64"
|
||||
echo " Build Status: ${BUILD_STATUS:-unknown}"
|
||||
echo " Registry: ${IMAGE_REGISTRY}/${IMAGE_NAMESPACE}"
|
||||
echo " Tags: ${FOUNDRY_VERSION}, latest"
|
||||
echo ""
|
||||
155
scripts/get_foundry_download.sh
Executable file
155
scripts/get_foundry_download.sh
Executable file
@ -0,0 +1,155 @@
|
||||
#!/bin/bash
|
||||
#
|
||||
# Get FoundryVTT download URL using account credentials
|
||||
# Based on felddy/foundryvtt-docker authentication flow
|
||||
#
|
||||
# Usage: get_foundry_download.sh [--url-only] [--version VERSION]
|
||||
#
|
||||
# Required environment variables:
|
||||
# FOUNDRY_USERNAME - FoundryVTT account username/email
|
||||
# FOUNDRY_PASSWORD - FoundryVTT account password
|
||||
#
|
||||
|
||||
set -euo pipefail
|
||||
|
||||
# Configuration
|
||||
FOUNDRY_BASE_URL="https://foundryvtt.com"
|
||||
|
||||
# Check required environment variables
|
||||
if [[ -z "${FOUNDRY_USERNAME:-}" || -z "${FOUNDRY_PASSWORD:-}" ]]; then
|
||||
echo "Error: FOUNDRY_USERNAME and FOUNDRY_PASSWORD environment variables are required" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Create temp file for cookies
|
||||
COOKIE_JAR=$(mktemp)
|
||||
trap "rm -f $COOKIE_JAR" EXIT
|
||||
|
||||
# Step 1: Get CSRF token from the main page (not login page)
|
||||
get_csrf_token() {
|
||||
local main_page
|
||||
main_page=$(curl -fsSL -c "$COOKIE_JAR" -b "$COOKIE_JAR" \
|
||||
-H "DNT: 1" \
|
||||
-H "Referer: ${FOUNDRY_BASE_URL}" \
|
||||
-H "User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36" \
|
||||
"${FOUNDRY_BASE_URL}" 2>/dev/null)
|
||||
|
||||
# Extract csrfmiddlewaretoken from the form
|
||||
local csrf_token
|
||||
csrf_token=$(echo "$main_page" | grep -oP 'name="csrfmiddlewaretoken" value="\K[^"]+' 2>/dev/null | head -1)
|
||||
|
||||
echo "$csrf_token"
|
||||
}
|
||||
|
||||
# Step 2: Authenticate
|
||||
authenticate() {
|
||||
local csrf_token="$1"
|
||||
|
||||
# POST to login
|
||||
curl -fsSL -b "$COOKIE_JAR" -c "$COOKIE_JAR" \
|
||||
-X POST "${FOUNDRY_BASE_URL}/auth/login/" \
|
||||
-H "DNT: 1" \
|
||||
-H "Referer: ${FOUNDRY_BASE_URL}" \
|
||||
-H "User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36" \
|
||||
-H "Content-Type: application/x-www-form-urlencoded" \
|
||||
-d "csrfmiddlewaretoken=${csrf_token}&username=${FOUNDRY_USERNAME}&password=${FOUNDRY_PASSWORD}&next=/" \
|
||||
-o /dev/null 2>/dev/null || true
|
||||
|
||||
# Check for sessionid cookie (indicates successful login)
|
||||
if grep -q "sessionid" "$COOKIE_JAR" 2>/dev/null; then
|
||||
return 0
|
||||
else
|
||||
return 1
|
||||
fi
|
||||
}
|
||||
|
||||
# Step 3: Get download URL
|
||||
get_download_url() {
|
||||
local version="$1"
|
||||
|
||||
# Extract build number from version (e.g., "13.351" -> "351")
|
||||
local build
|
||||
build="${version##*.}"
|
||||
|
||||
# Fetch presigned URL from API
|
||||
local response
|
||||
response=$(curl -fsSL -b "$COOKIE_JAR" \
|
||||
-H "DNT: 1" \
|
||||
-H "Referer: ${FOUNDRY_BASE_URL}" \
|
||||
-H "User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36" \
|
||||
"${FOUNDRY_BASE_URL}/releases/download?build=${build}&platform=node&response_type=json" 2>/dev/null)
|
||||
|
||||
# Extract URL from JSON response
|
||||
local download_url
|
||||
download_url=$(echo "$response" | grep -oP '"url":\s*"\K[^"]+' 2>/dev/null || true)
|
||||
|
||||
echo "$download_url"
|
||||
}
|
||||
|
||||
# Main execution
|
||||
main() {
|
||||
local url_only=false
|
||||
local version_override=""
|
||||
|
||||
# Parse arguments
|
||||
while [[ $# -gt 0 ]]; do
|
||||
case "$1" in
|
||||
--url-only)
|
||||
url_only=true
|
||||
shift
|
||||
;;
|
||||
--version)
|
||||
version_override="$2"
|
||||
shift 2
|
||||
;;
|
||||
*)
|
||||
echo "Unknown option: $1" >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
done
|
||||
|
||||
# Get version
|
||||
local version="${version_override:-}"
|
||||
if [[ -z "$version" ]]; then
|
||||
# Get latest stable version
|
||||
version=$(bash "$(dirname "$0")/get_foundry_version.sh" --version-only 2>/dev/null || echo "")
|
||||
if [[ -z "$version" ]]; then
|
||||
echo "Error: Could not determine FoundryVTT version" >&2
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
|
||||
if [[ "$url_only" != true ]]; then
|
||||
echo "Authenticating with FoundryVTT..." >&2
|
||||
fi
|
||||
|
||||
local csrf_token
|
||||
csrf_token=$(get_csrf_token)
|
||||
|
||||
if [[ -z "$csrf_token" ]]; then
|
||||
echo "Error: Could not get CSRF token from FoundryVTT" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if ! authenticate "$csrf_token"; then
|
||||
echo "Error: Authentication failed. Check your credentials." >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [[ "$url_only" != true ]]; then
|
||||
echo "Fetching download URL for version ${version}..." >&2
|
||||
fi
|
||||
|
||||
local download_url
|
||||
download_url=$(get_download_url "$version")
|
||||
|
||||
if [[ -z "$download_url" || "$download_url" == "null" ]]; then
|
||||
echo "Error: Could not retrieve download URL. Make sure you have a valid license." >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo "$download_url"
|
||||
}
|
||||
|
||||
main "$@"
|
||||
48
scripts/get_foundry_version.sh
Executable file
48
scripts/get_foundry_version.sh
Executable file
@ -0,0 +1,48 @@
|
||||
#!/bin/bash
|
||||
#
|
||||
# Get FoundryVTT version information
|
||||
# Usage: get_foundry_version.sh [--version-only]
|
||||
# --version-only: just print the latest stable version and exit
|
||||
#
|
||||
|
||||
set -euo pipefail
|
||||
|
||||
# Fetch releases page and find latest stable
|
||||
get_stable_version() {
|
||||
local releases_page
|
||||
releases_page=$(curl -fsSL "https://foundryvtt.com/releases/" 2>/dev/null || true)
|
||||
|
||||
if [[ -z "$releases_page" ]]; then
|
||||
echo ""
|
||||
return 1
|
||||
fi
|
||||
|
||||
# Find stable releases - look for version in entries with "stable" tag
|
||||
# The HTML has "Release X.Y" followed later by 'class="release-tag stable"'
|
||||
local version
|
||||
version=$(echo "$releases_page" | grep -B5 'class="release-tag stable"' | grep -oE 'Release [0-9]+\.[0-9]+' | head -1 | sed 's/Release //')
|
||||
|
||||
echo "$version"
|
||||
}
|
||||
|
||||
# Handle --version-only flag
|
||||
if [[ "${1:-}" == "--version-only" ]]; then
|
||||
VERSION=$(get_stable_version)
|
||||
if [[ -z "$VERSION" ]]; then
|
||||
echo "Error: Failed to fetch version from FoundryVTT" >&2
|
||||
exit 1
|
||||
fi
|
||||
echo "$VERSION"
|
||||
exit 0
|
||||
fi
|
||||
|
||||
# Default: show version with context
|
||||
echo "Fetching latest stable FoundryVTT version..."
|
||||
VERSION=$(get_stable_version)
|
||||
|
||||
if [[ -z "$VERSION" ]]; then
|
||||
echo "Error: Could not determine latest stable version" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo "Latest stable version: $VERSION"
|
||||
Loading…
x
Reference in New Issue
Block a user