diff --git a/.gitea/workflows/build-push.yaml b/.gitea/workflows/build-push.yaml index 27f0634..a6f2a1f 100644 --- a/.gitea/workflows/build-push.yaml +++ b/.gitea/workflows/build-push.yaml @@ -126,46 +126,21 @@ jobs: if: steps.check.outputs.skip != 'true' uses: actions/checkout@v4 - # Clean stale buildx builders from persistent Docker cache (prevents GPU capability errors) - - name: Clean stale buildx builders + - name: Configure insecure registry if: steps.check.outputs.skip != 'true' run: | - for b in $(docker buildx ls --format '{{.Name}}' 2>/dev/null | grep -v default | grep -v '\*' | sort -u); do - docker buildx rm "$b" --force 2>/dev/null || true - done - docker container prune --force 2>/dev/null || true + sudo mkdir -p /etc/docker + echo '{"insecure-registries": ["${{ env.REGISTRY_HOST }}"]}' | sudo tee /etc/docker/daemon.json + sudo kill -SIGHUP "$(pidof dockerd)" || true + sleep 3 - - name: Set up Docker Buildx - if: steps.check.outputs.skip != 'true' - uses: docker/setup-buildx-action@v3 - with: - buildkitd-config-inline: | - [registry."gitea-http.gitea.svc.cluster.local:3000"] - http = true - insecure = true + - name: Login to Gitea Registry + if: steps.check.outputs.skip != 'true' && github.event_name != 'pull_request' + run: echo "${{ secrets.REGISTRY_TOKEN }}" | docker login "${{ env.REGISTRY_HOST }}" -u "${{ secrets.REGISTRY_USER }}" --password-stdin - name: Login to Docker Hub if: steps.check.outputs.skip != 'true' && vars.DOCKERHUB_USERNAME != '' - uses: docker/login-action@v3 - with: - username: ${{ vars.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} - - - name: Configure Gitea Registry Auth - if: steps.check.outputs.skip != 'true' && github.event_name != 'pull_request' - run: | - AUTH=$(echo -n "${{ secrets.REGISTRY_USER }}:${{ secrets.REGISTRY_TOKEN }}" | base64 -w0) - mkdir -p ~/.docker - cat > ~/.docker/config.json << EOF - { - "auths": { - "${{ env.REGISTRY_HOST }}": { - "auth": "$AUTH" - } - } - } - EOF - echo "Auth configured for ${{ env.REGISTRY_HOST }}" + run: echo "${{ secrets.DOCKERHUB_TOKEN }}" | docker login -u "${{ vars.DOCKERHUB_USERNAME }}" --password-stdin - name: Extract metadata if: steps.check.outputs.skip != 'true' @@ -179,15 +154,23 @@ jobs: - name: Build and push if: steps.check.outputs.skip != 'true' - uses: docker/build-push-action@v5 - with: - context: . - file: dockerfiles/${{ matrix.dockerfile }} - push: ${{ github.event_name != 'pull_request' }} - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} - cache-from: type=registry,ref=${{ env.REGISTRY }}/ray-worker-${{ matrix.name }}:buildcache - cache-to: type=registry,ref=${{ env.REGISTRY }}/ray-worker-${{ matrix.name }}:buildcache,mode=max,image-manifest=true,compression=zstd + run: | + # Build with all tags + TAGS="" + while IFS= read -r tag; do + [ -n "$tag" ] && TAGS="$TAGS -t $tag" + done <<< "${{ steps.meta.outputs.tags }}" + docker build $TAGS \ + --label "org.opencontainers.image.source=${{ gitea.server_url }}/${{ gitea.repository }}" \ + --label "org.opencontainers.image.revision=${{ gitea.sha }}" \ + -f dockerfiles/${{ matrix.dockerfile }} \ + . + # Push each tag (skip for PRs) + if [[ "${{ github.event_name }}" != "pull_request" ]]; then + while IFS= read -r tag; do + [ -n "$tag" ] && docker push "$tag" + done <<< "${{ steps.meta.outputs.tags }}" + fi release: name: Release