From 5f8ffb6854620e5f7c3f18e8a236cb03f7655081 Mon Sep 17 00:00:00 2001
From: Aleksandr Meshchriakov <avm@sh-inc.ru>
Date: Mon, 2 Feb 2026 13:36:37 +0100
Subject: [PATCH] fix(ci): create docker config.json manually for buildx auth

---
 .gitea/workflows/ci-cd.yml | 26 +++++++++++++++++++-------
 1 file changed, 19 insertions(+), 7 deletions(-)

diff --git a/.gitea/workflows/ci-cd.yml b/.gitea/workflows/ci-cd.yml
index 51b2cab..b50ede3 100644
--- a/.gitea/workflows/ci-cd.yml
+++ b/.gitea/workflows/ci-cd.yml
@@ -132,15 +132,27 @@ jobs:
             insecure = true
           EOF
           
-          # Create and use buildx builder with insecure registry support
-          docker buildx create --name insecure-builder --driver docker-container --config /tmp/buildkitd.toml --use
+          # Create docker config.json with credentials (for buildx)
+          mkdir -p ~/.docker
+          AUTH=$(echo -n "${{ gitea.actor }}:${{ gitea.token }}" | base64 -w 0)
+          cat > ~/.docker/config.json << EOF
+          {
+            "auths": {
+              "${REGISTRY_URL}": {
+                "auth": "${AUTH}"
+              }
+            }
+          }
+          EOF
+          
+          # Create buildx builder with insecure registry and mount docker config
+          docker buildx create --name insecure-builder \
+            --driver docker-container \
+            --config /tmp/buildkitd.toml \
+            --driver-opt network=host \
+            --use
           docker buildx inspect --bootstrap
 
-      - name: Login to Gitea Container Registry
-        run: |
-          REGISTRY_URL=$(echo ${GITHUB_SERVER_URL} | sed 's|.*://||')
-          echo "${{ gitea.token }}" | docker login ${REGISTRY_URL} -u ${{ gitea.actor }} --password-stdin
-
       - name: Build and push images
         run: |
           BRANCH_TAG=$(echo ${GITHUB_REF_NAME} | sed 's/\//-/g')