diff --git a/.gitea/workflows/ci-cd.yml b/.gitea/workflows/ci-cd.yml index b50ede3..ed0f02a 100644 --- a/.gitea/workflows/ci-cd.yml +++ b/.gitea/workflows/ci-cd.yml @@ -121,62 +121,40 @@ jobs: git clone --depth=1 --branch=${GITHUB_REF_NAME} ${REPO_URL}/${GITHUB_REPOSITORY}.git . git checkout ${GITHUB_SHA} - - name: Setup Docker Buildx for insecure registry + - name: Install crane and build images run: | - REGISTRY_URL=$(echo ${GITHUB_SERVER_URL} | sed 's|.*://||') + # Install crane for pushing to insecure HTTP registry + curl -sL https://github.com/google/go-containerregistry/releases/download/v0.19.0/go-containerregistry_Linux_x86_64.tar.gz | tar xz crane + chmod +x crane - # Create buildkitd config for HTTP registry - cat > /tmp/buildkitd.toml << EOF - [registry."${REGISTRY_URL}"] - http = true - insecure = true - EOF - - # Create docker config.json with credentials (for buildx) - mkdir -p ~/.docker - AUTH=$(echo -n "${{ gitea.actor }}:${{ gitea.token }}" | base64 -w 0) - cat > ~/.docker/config.json << EOF - { - "auths": { - "${REGISTRY_URL}": { - "auth": "${AUTH}" - } - } - } - EOF - - # Create buildx builder with insecure registry and mount docker config - docker buildx create --name insecure-builder \ - --driver docker-container \ - --config /tmp/buildkitd.toml \ - --driver-opt network=host \ - --use - docker buildx inspect --bootstrap - - - name: Build and push images - run: | BRANCH_TAG=$(echo ${GITHUB_REF_NAME} | sed 's/\//-/g') SHA_SHORT=$(echo ${GITHUB_SHA} | cut -c1-7) REGISTRY_URL=$(echo ${GITHUB_SERVER_URL} | sed 's|.*://||') REGISTRY="${REGISTRY_URL}/${{ github.repository_owner }}" - # Build and push web image - docker buildx build --push \ - -f ./docker/Dockerfile.web \ - -t ${REGISTRY}/mostovik-web:${BRANCH_TAG} \ - -t ${REGISTRY}/mostovik-web:${BRANCH_TAG}-${SHA_SHORT} \ - $([ "${GITHUB_REF_NAME}" = "main" ] && echo "-t ${REGISTRY}/mostovik-web:latest") \ - . + # Build web image locally + docker build -f ./docker/Dockerfile.web -t mostovik-web:local . + docker save mostovik-web:local -o /tmp/web.tar - # Build and push celery image - docker buildx build --push \ - -f ./docker/Dockerfile.celery \ - -t ${REGISTRY}/mostovik-celery:${BRANCH_TAG} \ - -t ${REGISTRY}/mostovik-celery:${BRANCH_TAG}-${SHA_SHORT} \ - $([ "${GITHUB_REF_NAME}" = "main" ] && echo "-t ${REGISTRY}/mostovik-celery:latest") \ - . - env: - DOCKER_BUILDKIT: 1 + # Push with crane (supports insecure HTTP) + ./crane auth login ${REGISTRY_URL} -u ${{ gitea.actor }} -p ${{ gitea.token }} + ./crane push --insecure /tmp/web.tar ${REGISTRY}/mostovik-web:${BRANCH_TAG} + ./crane push --insecure /tmp/web.tar ${REGISTRY}/mostovik-web:${BRANCH_TAG}-${SHA_SHORT} + + if [ "${GITHUB_REF_NAME}" = "main" ]; then + ./crane push --insecure /tmp/web.tar ${REGISTRY}/mostovik-web:latest + fi + + # Build celery image locally + docker build -f ./docker/Dockerfile.celery -t mostovik-celery:local . + docker save mostovik-celery:local -o /tmp/celery.tar + + ./crane push --insecure /tmp/celery.tar ${REGISTRY}/mostovik-celery:${BRANCH_TAG} + ./crane push --insecure /tmp/celery.tar ${REGISTRY}/mostovik-celery:${BRANCH_TAG}-${SHA_SHORT} + + if [ "${GITHUB_REF_NAME}" = "main" ]; then + ./crane push --insecure /tmp/celery.tar ${REGISTRY}/mostovik-celery:latest + fi - name: Image summary run: |