simplified Dockerfile, added workflow definition

Signed-off-by: Stephan Richter <s.richter@srsoftware.de>

.gitea/workflows/docker.yaml

@@ -0,0 +1,72 @@
+name: Build Docker Image
+run-name: ${{ gitea.actor }} building ${{ gitea.ref_name }}
+on:
+  push:
+    branches:
+      - main
+      - dev
+      - workflow
+
+jobs:
+  Docker-Build:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Clone Repository
+        uses: actions/checkout@v4
+
+      - name: Build docker image
+        run: docker build -t lightoidc .
+
+      - name: Store tag date
+        run: |
+          TAG=$(date +%Y%m%d_%H%M)_${{ gitea.ref_name }}
+          echo $TAG > /tmp/tag
+          echo Using '"'$TAG'"' as tag.
+
+      - name: Tag image for upload
+        run: |
+          TAG=$(cat /tmp/tag)
+          docker tag lightoidc ${{ secrets.REGISTRY_PATH }}/lightoidc:${{ gitea.ref_name }}
+          docker tag lightoidc ${{ secrets.REGISTRY_PATH }}/lightoidc:$TAG
+
+      - name: Login to registry
+        uses: docker/login-action@v2
+        with:
+          registry: ${{ secrets.REGISTRY_PATH }}
+          username: ${{ secrets.REGISTRY_USER }}
+          password: ${{ secrets.REGISTRY_PASS }}
+
+      - name: Push to registry
+        run: |
+          TAG=$(cat /tmp/tag)
+          docker push ${{ secrets.REGISTRY_PATH }}/lightoidc:${{ gitea.ref_name }}
+          docker push ${{ secrets.REGISTRY_PATH }}/lightoidc:$TAG
+
+  Clean-Registry:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Get tag list
+        run: |
+          TAGS="$(curl -s -u "${{ secrets.REGISTRY_USER }}:${{ secrets.REGISTRY_PASS }}" https://${{ secrets.REGISTRY_PATH }}/v2/lightoidc/tags/list | jq -r ".tags[]")"
+          COUNT=$(echo "$TAGS" | wc -l)
+          if [ $COUNT -gt 10 ]; then
+            REMAIN=$((COUNT - 10))
+            echo "$TAGS" | head -n $REMAIN > /tmp/old_tags
+          else
+            echo less than 10 tags, skipping cleanup
+            echo "" > /tmp/old_tags
+          fi
+
+      - name: Remove tags
+        run: |
+          cat /tmp/old_tags | while read TAG; do
+            if [ -n "$TAG" ]; then
+              DIGEST=$(curl -u "${{ secrets.REGISTRY_USER }}:${{ secrets.REGISTRY_PASS }}" -sS -H 'Accept: application/vnd.docker.distribution.manifest.v2+json' -o /dev/null -w '%header{Docker-Content-Digest}' https://${{ secrets.REGISTRY_PATH }}/v2/lightoidc/manifests/$TAG)
+              if [ -n "$DIGEST" ]; then
+                echo about to delete $TAG
+                curl -u "${{ secrets.REGISTRY_USER }}:${{ secrets.REGISTRY_PASS }}" -sS -X DELETE https://${{ secrets.REGISTRY_PATH }}/v2/lightoidc/manifests/$DIGEST
+              else
+                echo failed to get digest for $TAG
+              fi
+            fi
+          done

Dockerfile

@@ -1,6 +1,8 @@
 FROM alpine AS build
-RUN apk update \
-RUN apk add bash clang-extra-tools git openjdk21-jre
+RUN apk update
+RUN apk add openjdk21-jre
+# previous line is shared with next step
+RUN apk add git
 ADD . /LightOidc
 WORKDIR /LightOidc
 RUN ./gradlew jar && mv *app/build/libs/*.jar /lightoidc.jar