feat: add build workflows

- enable fetch-depth for code_checkout
- fetch master branch before checking for changed files
- ensure the clean target is called with the default
- improve makefile failure handling
- ensure VAULT_ADDR is set before VAULT_TOKEN

.gitea/workflows/build.yaml

@@ -0,0 +1,31 @@
+name: Build
+
+on:
+  pull_request:
+
+jobs:
+  build:
+    runs-on: almalinux-8
+    container:
+      image: git.query.consul/unkin/almalinux9-actionsdind:latest
+      options: --privileged
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - name: Fetch master branch
+        run: |
+          git fetch origin master:master
+
+      - name: Show changed files
+        run: |
+          git diff --name-only master
+
+      - name: Run Packer Builds
+        env:
+          VAULT_ROLEID: ${{ secrets.PACKER_BUILDER_VAULT_ROLEID }}
+        run: |
+          make

.gitea/workflows/deploy.yaml

@@ -0,0 +1,38 @@
+name: Deploy
+
+on:
+  push:
+    branches:
+      - master
+
+jobs:
+  build:
+    runs-on: almalinux-8
+    container:
+      image: git.query.consul/unkin/almalinux8:latest
+      options: --privileged
+
+    steps:
+      - name: Set up environment
+        run: |
+          dnf install -y yum-utils
+          yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
+          dnf module enable -y nodejs:20
+          dnf install -y docker-ce-cli make bash git nodejs
+
+      - name: Checkout code
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - name: Fetch master branch
+        run: |
+          git fetch origin master:master
+
+      - name: Run Packer Builds
+        env:
+          VAULT_ROLEID: ${{ secrets.PACKER_BUILDER_VAULT_ROLEID }}
+          DOCKER_USERNAME: ${{ secrets.UPLOAD_USER }}
+          DOCKER_PASSWORD: ${{ secrets.UPLOAD_PASS }}
+        run: |
+          make

Makefile

@@ -17,7 +17,7 @@ DIRS := $(shell find $(IMAGES_PATH) -mindepth 3 -maxdepth 3 -type d | sed 's|$(I
 .PHONY: list $(DIRS)
 
 .DEFAULT_GOAL := default
-default:
+default: clean
 	./ci/build.sh
 
 # Make all images
@@ -39,9 +39,11 @@ $(DIRS):
 	@echo "Building for $@"
 
 	# Export environment
-	export VAULT_TOKEN=$$(vault write -field=token auth/approle/login role_id=$$VAULT_ROLEID)
-	export VAULT_ADDR=https://vault.service.consul:8200
-	@eval $$(vault kv get -format=json kv/service/packer/builder/env | jq -r '.data.data | to_entries[] | "export \(.key)=\(.value)"')
+	export VAULT_ADDR=https://vault.query.consul:8200
+	export VAULT_TOKEN=$$(vault write -field=token auth/approle/login role_id=$$VAULT_ROLEID) && \
+	eval $$(vault kv get -format=json kv/service/packer/builder/env | jq -r '.data.data | to_entries[] | "export \(.key)=\(.value)"')
+
+	@echo "Environment retrieved for $@"
 
 	# Check if on master branch
 	@if [ "$(GIT_BRANCH)" = "master" ]; then \

ci/build.sh

@@ -1,6 +1,7 @@
 #!/bin/bash
 
 # Check for changes in images/ folder and the builds/ folder
+git fetch origin master:master
 if [ "$(git branch --show-current)" = "master" ]; then
   builds_changes=$(git diff --name-only HEAD^...master | grep -E '^builds/')
   images_changes=$(git diff --name-only HEAD^...master | grep -E '^images/')