diff --git a/.gitea/workflows/build-images.yml b/.gitea/workflows/build-images.yml
index 9c974a8..bcafa44 100644
--- a/.gitea/workflows/build-images.yml
+++ b/.gitea/workflows/build-images.yml
@@ -58,36 +58,37 @@ jobs:
           echo "Has changes: ${{ steps.changes.outputs.has_changes }}"
 
   # ============================================================================
-  # Job 2 : Build avec Kaniko (100% containerisé, sans daemon Docker)
+  # Job 2 : Build avec Buildkit via Docker socket
   # ============================================================================
   build:
     needs: detect-changes
     if: needs.detect-changes.outputs.has_changes == 'true'
     runs-on: docker
     container:
-      image: gcr.io/kaniko-project/executor:debug
+      image: docker:cli
     strategy:
       matrix:
         image: ${{ fromJson(needs.detect-changes.outputs.matrix) }}
     steps:
-      - name: Checkout repository
+      - name: Install git and checkout
         run: |
-          # Kaniko debug image has busybox + sh
-          WORK_DIR="/workspace/source"
-          rm -rf "$WORK_DIR"
-          mkdir -p "$WORK_DIR"
-          
-          # Clone with git (included in debug image)
-          git clone --depth 1 https://gitea.arnodo.fr/${{ gitea.repository }}.git "$WORK_DIR"
+          apk add --no-cache git
+          git clone --depth 1 https://gitea.arnodo.fr/${{ gitea.repository }}.git /src
 
-      - name: Setup registry auth
+      - name: Build and push with Buildkit
         env:
           REGISTRY_TOKEN: ${{ secrets.REGISTRY_TOKEN }}
           REGISTRY_USER: ${{ gitea.actor }}
         run: |
-          mkdir -p /kaniko/.docker
+          IMAGE_NAME="${{ env.REGISTRY }}/damien/${{ matrix.image }}"
+          
+          echo "Building ${IMAGE_NAME}:latest ..."
+          echo "Context: /src/images/${{ matrix.image }}"
+          
+          # Create auth config for buildkit
+          mkdir -p /root/.docker
           AUTH=$(echo -n "${REGISTRY_USER}:${REGISTRY_TOKEN}" | base64 | tr -d '\n')
-          cat > /kaniko/.docker/config.json <<EOF
+          cat > /root/.docker/config.json <<EOF
           {
             "auths": {
               "${{ env.REGISTRY }}": {
@@ -96,21 +97,18 @@ jobs:
             }
           }
           EOF
-
-      - name: Build and push with Kaniko
-        run: |
-          IMAGE_NAME="${{ env.REGISTRY }}/damien/${{ matrix.image }}"
-          SHORT_SHA=$(echo "${{ gitea.sha }}" | cut -c1-7)
           
-          echo "Building ${IMAGE_NAME}..."
-          
-          /kaniko/executor \
-            --dockerfile=/workspace/source/images/${{ matrix.image }}/Dockerfile \
-            --context=/workspace/source/images/${{ matrix.image }} \
-            --destination=${IMAGE_NAME}:latest \
-            --destination=${IMAGE_NAME}:${SHORT_SHA} \
-            --cache=true \
-            --cache-repo=${IMAGE_NAME}-cache
+          # Run buildkit in daemonless mode via docker socket
+          docker run --rm \
+            --privileged \
+            -v /src/images/${{ matrix.image }}:/context:ro \
+            -v /root/.docker/config.json:/root/.docker/config.json:ro \
+            --entrypoint buildctl-daemonless.sh \
+            moby/buildkit:master \
+              build \
+              --frontend dockerfile.v0 \
+              --local context=/context \
+              --local dockerfile=/context \
+              --output type=image,name=${IMAGE_NAME}:latest,push=true
           
           echo "✅ Pushed ${IMAGE_NAME}:latest"
-          echo "✅ Pushed ${IMAGE_NAME}:${SHORT_SHA}"