From e131f1d208e244bfb4abf847b717dca73e7d6a9e Mon Sep 17 00:00:00 2001
From: Michael Czechowski <mail@dailysh.it>
Date: Wed, 29 Apr 2026 21:24:18 +0200
Subject: [PATCH] feat: add docker-build composite action and build template

---
 .gitea/actions/docker-build/action.yml | 71 ++++++++++++++++++++++++++
 .gitea/workflows/build-template.yml    | 26 ++++++++++
 2 files changed, 97 insertions(+)
 create mode 100644 .gitea/actions/docker-build/action.yml
 create mode 100644 .gitea/workflows/build-template.yml

diff --git a/.gitea/actions/docker-build/action.yml b/.gitea/actions/docker-build/action.yml
new file mode 100644
index 0000000..28f7970
--- /dev/null
+++ b/.gitea/actions/docker-build/action.yml
@@ -0,0 +1,71 @@
+name: Docker Build & Push
+description: >
+  Standard libreshop image build+push pipeline. Logs into the registry,
+  computes semver/branch/sha tags via metadata-action, builds and
+  optionally pushes the image.
+
+inputs:
+  context:
+    description: Docker build context path
+    default: "."
+  dockerfile:
+    description: Path to Dockerfile
+    default: "Dockerfile"
+  registry:
+    description: Container registry hostname
+    required: true
+  registry_user:
+    description: Registry login username
+    required: true
+  registry_pass:
+    description: Registry login password / token
+    required: true
+  publish:
+    description: Set to "true" to push the image (requires registry creds)
+    default: "false"
+  image_name:
+    description: >
+      Full image name without tag, e.g. git.librete.ch/libreshop/cms.
+      Defaults to registry/owner/repo derived from the workflow context.
+    default: ""
+
+runs:
+  using: composite
+  steps:
+    - name: Log in to registry
+      if: inputs.publish == 'true'
+      uses: docker/login-action@v3
+      with:
+        registry: ${{ inputs.registry }}
+        username: ${{ inputs.registry_user }}
+        password: ${{ inputs.registry_pass }}
+
+    - name: Compute image name
+      id: name
+      shell: bash
+      run: |
+        if [ -n "${{ inputs.image_name }}" ]; then
+          echo "value=${{ inputs.image_name }}" >> $GITHUB_OUTPUT
+        else
+          echo "value=${{ inputs.registry }}/${{ github.repository }}" >> $GITHUB_OUTPUT
+        fi
+
+    - name: Compute tags and labels
+      id: meta
+      uses: docker/metadata-action@v5
+      with:
+        images: ${{ steps.name.outputs.value }}
+        tags: |
+          type=ref,event=branch
+          type=semver,pattern={{version}}
+          type=semver,pattern=v{{major}}.{{minor}}
+          type=sha,prefix=sha-,format=short
+
+    - name: Build and push
+      uses: docker/build-push-action@v6
+      with:
+        context: ${{ inputs.context }}
+        file: ${{ inputs.dockerfile }}
+        push: ${{ inputs.publish == 'true' }}
+        tags: ${{ steps.meta.outputs.tags }}
+        labels: ${{ steps.meta.outputs.labels }}
diff --git a/.gitea/workflows/build-template.yml b/.gitea/workflows/build-template.yml
new file mode 100644
index 0000000..84c14b5
--- /dev/null
+++ b/.gitea/workflows/build-template.yml
@@ -0,0 +1,26 @@
+# Example build.yml for a libreshop component repo.
+# Copy to .gitea/workflows/build.yml and remove the "on:" override below.
+#
+# Replace the existing multi-step build.yml with these ~20 lines.
+
+name: build
+
+on:
+  push:
+    branches: [main]
+    tags: ["v*"]
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    container:
+      image: git.librete.ch/libretech/runner-image:v1
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: libreshop/actions/.gitea/actions/docker-build@main
+        with:
+          registry: ${{ secrets.REGISTRY }}
+          registry_user: ${{ secrets.REGISTRY_USER }}
+          registry_pass: ${{ secrets.REGISTRY_PASS }}
+          publish: ${{ secrets.PUBLISH_ENABLED }}