From 48b6821ae161c2703320796c5c62cd69b31e4f62 Mon Sep 17 00:00:00 2001
From: Mark Kaulertz <mark@kaulertz.de>
Date: Fri, 20 Jun 2025 10:52:39 +0200
Subject: [PATCH] add ci/cd pipeline

---
 .gitea/workflows/build-and-push.yaml | 41 ++++++++++++++++++++++++++++
 1 file changed, 41 insertions(+)
 create mode 100644 .gitea/workflows/build-and-push.yaml

diff --git a/.gitea/workflows/build-and-push.yaml b/.gitea/workflows/build-and-push.yaml
new file mode 100644
index 0000000..827c148
--- /dev/null
+++ b/.gitea/workflows/build-and-push.yaml
@@ -0,0 +1,41 @@
+name: Build and Push SOPS Decrypt Image
+
+# This workflow runs on any push to the 'main' or 'master' branch
+on:
+  push:
+    branches:
+      - main
+      - master
+
+jobs:
+  build-and-push:
+    # Use a standard Linux runner
+    runs-on: ubuntu-latest
+    steps:
+      # Step 1: Check out the repository code
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      # Step 2: Log in to the Gitea Container Registry
+      # It uses the secrets we created earlier.
+      - name: Log in to Gitea Registry
+        uses: docker/login-action@v3
+        with:
+          # Use '!<Gitea-instance-URL>' for the registry address
+          # Example: registry: gitea.yourcompany.com
+          registry: ${{ gitea.instance }}
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_PASSWORD }}
+
+      # Step 3: Build the Docker image and push it to the registry
+      - name: Build and Push Docker Image
+        uses: docker/build-push-action@v5
+        with:
+          # The directory containing your Dockerfile
+          context: ./sops-init
+          # Push the image after building
+          push: true
+          # Define the tags for the image
+          tags: |
+            ${{ gitea.instance }}/${{ gitea.repository_owner }}/sops-decrypt:latest
+            ${{ gitea.instance }}/${{ gitea.repository_owner }}/sops-decrypt:${{ gitea.sha }}