From ace2391620fb6860a72c22d38533a7a14605261f Mon Sep 17 00:00:00 2001 From: Aleksandr Meshchriakov Date: Mon, 2 Feb 2026 13:26:56 +0100 Subject: [PATCH] fix(ci): use docker buildx with buildkitd config for insecure HTTP registry --- .gitea/workflows/ci-cd.yml | 53 +++++++++++++++++--------------------- 1 file changed, 23 insertions(+), 30 deletions(-) diff --git a/.gitea/workflows/ci-cd.yml b/.gitea/workflows/ci-cd.yml index 5e02a93..7c43076 100644 --- a/.gitea/workflows/ci-cd.yml +++ b/.gitea/workflows/ci-cd.yml @@ -121,18 +121,21 @@ jobs: git clone --depth=1 --branch=${GITHUB_REF_NAME} ${REPO_URL}/${GITHUB_REPOSITORY}.git . git checkout ${GITHUB_SHA} - - name: Configure Docker for insecure registry + - name: Setup Docker Buildx for insecure registry run: | REGISTRY_URL=$(echo ${GITHUB_SERVER_URL} | sed 's|.*://||') - sudo mkdir -p /etc/docker - echo "{\"insecure-registries\": [\"${REGISTRY_URL}\"]}" | sudo tee /etc/docker/daemon.json - sudo systemctl restart docker || sudo service docker restart || true - sleep 3 - - - name: Login to Gitea Container Registry - run: | - REGISTRY_URL=$(echo ${GITHUB_SERVER_URL} | sed 's|.*://||') - echo "${{ gitea.token }}" | docker login ${REGISTRY_URL} -u ${{ gitea.actor }} --password-stdin + + # Create buildkitd config for HTTP registry + mkdir -p ~/.docker/buildx + cat > /tmp/buildkitd.toml << EOF + [registry."${REGISTRY_URL}"] + http = true + insecure = true + EOF + + # Create and use buildx builder with insecure registry support + docker buildx create --name insecure-builder --driver docker-container --config /tmp/buildkitd.toml --use + docker buildx inspect --bootstrap - name: Build and push images run: | @@ -140,34 +143,24 @@ jobs: SHA_SHORT=$(echo ${GITHUB_SHA} | cut -c1-7) REGISTRY_URL=$(echo ${GITHUB_SERVER_URL} | sed 's|.*://||') REGISTRY="${REGISTRY_URL}/${{ github.repository_owner }}" - + # Build and push web image - docker build -f ./docker/Dockerfile.web \ + docker buildx build --push \ + -f ./docker/Dockerfile.web \ -t ${REGISTRY}/mostovik-web:${BRANCH_TAG} \ -t ${REGISTRY}/mostovik-web:${BRANCH_TAG}-${SHA_SHORT} \ + $([ "${GITHUB_REF_NAME}" = "main" ] && echo "-t ${REGISTRY}/mostovik-web:latest") \ . - docker push ${REGISTRY}/mostovik-web:${BRANCH_TAG} - docker push ${REGISTRY}/mostovik-web:${BRANCH_TAG}-${SHA_SHORT} - - # Tag as latest if main branch - if [ "${GITHUB_REF_NAME}" = "main" ]; then - docker tag ${REGISTRY}/mostovik-web:${BRANCH_TAG} ${REGISTRY}/mostovik-web:latest - docker push ${REGISTRY}/mostovik-web:latest - fi - + # Build and push celery image - docker build -f ./docker/Dockerfile.celery \ + docker buildx build --push \ + -f ./docker/Dockerfile.celery \ -t ${REGISTRY}/mostovik-celery:${BRANCH_TAG} \ -t ${REGISTRY}/mostovik-celery:${BRANCH_TAG}-${SHA_SHORT} \ + $([ "${GITHUB_REF_NAME}" = "main" ] && echo "-t ${REGISTRY}/mostovik-celery:latest") \ . - docker push ${REGISTRY}/mostovik-celery:${BRANCH_TAG} - docker push ${REGISTRY}/mostovik-celery:${BRANCH_TAG}-${SHA_SHORT} - - # Tag as latest if main branch - if [ "${GITHUB_REF_NAME}" = "main" ]; then - docker tag ${REGISTRY}/mostovik-celery:${BRANCH_TAG} ${REGISTRY}/mostovik-celery:latest - docker push ${REGISTRY}/mostovik-celery:latest - fi + env: + DOCKER_BUILDKIT: 1 - name: Image summary run: |