diff --git a/.gitea/workflows/build-images.yml b/.gitea/workflows/build-images.yml index bcafa44..2f6c050 100644 --- a/.gitea/workflows/build-images.yml +++ b/.gitea/workflows/build-images.yml @@ -83,26 +83,37 @@ jobs: IMAGE_NAME="${{ env.REGISTRY }}/damien/${{ matrix.image }}" echo "Building ${IMAGE_NAME}:latest ..." - echo "Context: /src/images/${{ matrix.image }}" - # Create auth config for buildkit - mkdir -p /root/.docker + # Create a unique volume name for this build + VOLUME_NAME="buildkit-ctx-$$" + + # Create a docker volume and copy source into it + docker volume create ${VOLUME_NAME} + docker run --rm -v ${VOLUME_NAME}:/context -v /src/images/${{ matrix.image }}:/src:ro alpine sh -c "cp -r /src/* /context/" + + # Create auth config in another volume + AUTH_VOLUME="buildkit-auth-$$" + docker volume create ${AUTH_VOLUME} AUTH=$(echo -n "${REGISTRY_USER}:${REGISTRY_TOKEN}" | base64 | tr -d '\n') - cat > /root/.docker/config.json < /auth/config.json << 'AUTHEOF' { - "auths": { - "${{ env.REGISTRY }}": { - "auth": "${AUTH}" + \"auths\": { + \"${{ env.REGISTRY }}\": { + \"auth\": \"${AUTH}\" } } } - EOF + AUTHEOF" - # Run buildkit in daemonless mode via docker socket + # Debug: show context content + echo "Context content:" + docker run --rm -v ${VOLUME_NAME}:/context alpine ls -la /context/ + + # Run buildkit in daemonless mode docker run --rm \ --privileged \ - -v /src/images/${{ matrix.image }}:/context:ro \ - -v /root/.docker/config.json:/root/.docker/config.json:ro \ + -v ${VOLUME_NAME}:/context:ro \ + -v ${AUTH_VOLUME}:/root/.docker:ro \ --entrypoint buildctl-daemonless.sh \ moby/buildkit:master \ build \ @@ -111,4 +122,7 @@ jobs: --local dockerfile=/context \ --output type=image,name=${IMAGE_NAME}:latest,push=true + # Cleanup volumes + docker volume rm ${VOLUME_NAME} ${AUTH_VOLUME} || true + echo "✅ Pushed ${IMAGE_NAME}:latest"