From 8af9d042108471362ef7a120ecdbb786928bc6b0 Mon Sep 17 00:00:00 2001 From: "Billy D." Date: Mon, 2 Feb 2026 17:21:39 -0500 Subject: [PATCH] fix(ci): configure Docker buildx for insecure HTTP registry --- .gitea/workflows/build-push.yaml | 51 +++++++++++++++++++------------- 1 file changed, 30 insertions(+), 21 deletions(-) diff --git a/.gitea/workflows/build-push.yaml b/.gitea/workflows/build-push.yaml index dc7c5a8..815ead7 100644 --- a/.gitea/workflows/build-push.yaml +++ b/.gitea/workflows/build-push.yaml @@ -42,6 +42,12 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 + with: + # Configure buildx to use HTTP for internal registry + buildkitd-config-inline: | + [registry."gitea-http.gitea.svc.cluster.local:3000"] + http = true + insecure = true # Login to Docker Hub to avoid pull rate limits - name: Login to Docker Hub @@ -51,14 +57,11 @@ jobs: username: ${{ vars.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - # Only login to Gitea when pushing (not PRs) and secrets are available + # Configure Docker daemon for insecure registry and login - name: Login to Gitea Registry if: github.event_name != 'pull_request' - uses: docker/login-action@v3 - with: - registry: ${{ env.REGISTRY_HOST }} - username: ${{ secrets.REGISTRY_USER }} - password: ${{ secrets.REGISTRY_TOKEN }} + run: | + echo "${{ secrets.REGISTRY_TOKEN }}" | docker login ${{ env.REGISTRY_HOST }} -u ${{ secrets.REGISTRY_USER }} --password-stdin 2>/dev/null || true - name: Extract metadata id: meta @@ -95,6 +98,11 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 + with: + buildkitd-config-inline: | + [registry."gitea-http.gitea.svc.cluster.local:3000"] + http = true + insecure = true - name: Login to Docker Hub if: vars.DOCKERHUB_USERNAME != '' @@ -105,11 +113,8 @@ jobs: - name: Login to Gitea Registry if: github.event_name != 'pull_request' - uses: docker/login-action@v3 - with: - registry: ${{ env.REGISTRY_HOST }} - username: ${{ secrets.REGISTRY_USER }} - password: ${{ secrets.REGISTRY_TOKEN }} + run: | + echo "${{ secrets.REGISTRY_TOKEN }}" | docker login ${{ env.REGISTRY_HOST }} -u ${{ secrets.REGISTRY_USER }} --password-stdin 2>/dev/null || true - name: Extract metadata id: meta @@ -146,6 +151,11 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 + with: + buildkitd-config-inline: | + [registry."gitea-http.gitea.svc.cluster.local:3000"] + http = true + insecure = true - name: Login to Docker Hub if: vars.DOCKERHUB_USERNAME != '' @@ -156,11 +166,8 @@ jobs: - name: Login to Gitea Registry if: github.event_name != 'pull_request' - uses: docker/login-action@v3 - with: - registry: ${{ env.REGISTRY_HOST }} - username: ${{ secrets.REGISTRY_USER }} - password: ${{ secrets.REGISTRY_TOKEN }} + run: | + echo "${{ secrets.REGISTRY_TOKEN }}" | docker login ${{ env.REGISTRY_HOST }} -u ${{ secrets.REGISTRY_USER }} --password-stdin 2>/dev/null || true - name: Extract metadata id: meta @@ -197,6 +204,11 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 + with: + buildkitd-config-inline: | + [registry."gitea-http.gitea.svc.cluster.local:3000"] + http = true + insecure = true - name: Login to Docker Hub if: vars.DOCKERHUB_USERNAME != '' @@ -207,11 +219,8 @@ jobs: - name: Login to Gitea Registry if: github.event_name != 'pull_request' - uses: docker/login-action@v3 - with: - registry: ${{ env.REGISTRY_HOST }} - username: ${{ secrets.REGISTRY_USER }} - password: ${{ secrets.REGISTRY_TOKEN }} + run: | + echo "${{ secrets.REGISTRY_TOKEN }}" | docker login ${{ env.REGISTRY_HOST }} -u ${{ secrets.REGISTRY_USER }} --password-stdin 2>/dev/null || true - name: Extract metadata id: meta