df1ec1879d
Add an infra-owned image (Playwright base + google-chrome-stable) + its GHA build workflow. The bundled Chromium ships proprietary codecs compiled out, so H.264/AAC video (Instagram Reels, X, most .mp4) fails in the noVNC view with MEDIA_ERR_SRC_NOT_SUPPORTED; only real Google Chrome carries those codecs (libffmpeg swap + Chrome-for-Testing both ruled out). This commit only builds the image (→ ghcr.io/viktorbarzin/chrome-service-browser); a follow-up flips main.tf's launch to it once the image exists + is public. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
39 lines
1.3 KiB
YAML
39 lines
1.3 KiB
YAML
name: Build chrome-service-browser
|
|
|
|
# ADR-0002: infra-owned image built off-infra on GHA → ghcr. Playwright base +
|
|
# real Google Chrome (proprietary H.264/AAC codecs) for the chrome-service
|
|
# browser container, so the noVNC view can play H.264 video (Reels). Rebuilds
|
|
# are rare → dispatch + path trigger. NOTE: after the first push, set the ghcr
|
|
# package `chrome-service-browser` to PUBLIC (same as chrome-service-novnc) so
|
|
# the pod pulls it without credentials.
|
|
on:
|
|
push:
|
|
branches: [master]
|
|
paths:
|
|
- 'stacks/chrome-service/files/chrome/**'
|
|
workflow_dispatch: {}
|
|
|
|
permissions:
|
|
contents: read
|
|
packages: write
|
|
|
|
jobs:
|
|
build:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- uses: docker/setup-buildx-action@v3
|
|
- uses: docker/login-action@v3
|
|
with:
|
|
registry: ghcr.io
|
|
username: ${{ github.actor }}
|
|
password: ${{ secrets.GITHUB_TOKEN }}
|
|
- uses: docker/build-push-action@v6
|
|
with:
|
|
context: stacks/chrome-service/files/chrome
|
|
platforms: linux/amd64
|
|
provenance: false
|
|
push: true
|
|
tags: |
|
|
ghcr.io/viktorbarzin/chrome-service-browser:latest
|
|
ghcr.io/viktorbarzin/chrome-service-browser:${{ github.sha }}
|