Fix CI workflow to use Kaniko for containerized runner

Replace Docker-based build with Kaniko executor to support Docker-based Gitea runners that don't have Docker daemon access. Kaniko builds container images without requiring Docker, making it ideal for containerized CI environments. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-10-29 13:50:22 +01:00 · 2025-10-29 13:50:22 +01:00 · 82093a0cf6
commit 82093a0cf6
parent 1c9c570ece
1 changed files with 16 additions and 31 deletions
--- a/.gitea/workflows/build-deploy.yml
+++ b/.gitea/workflows/build-deploy.yml
@ -8,40 +8,25 @@ on:
 jobs:
  build:
    runs-on: ubuntu-latest
+    container:
+      image: gcr.io/kaniko-project/executor:debug
+      options: --user root

    steps:
      - name: Checkout code
        uses: actions/checkout@v4

-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
+      - name: Prepare Kaniko config
+        run: |
+          mkdir -p /kaniko/.docker
+          echo "{\"auths\":{\"code.puffinoffset.com\":{\"auth\":\"$(echo -n "${{ github.actor }}:${{ secrets.GITHUB_TOKEN }}" | base64)\"}}}" > /kaniko/.docker/config.json

-      - name: Log in to Gitea Container Registry
-        uses: docker/login-action@v3
-        with:
-          registry: code.puffinoffset.com
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Extract metadata
-        id: meta
-        uses: docker/metadata-action@v5
-        with:
-          images: code.puffinoffset.com/matt/puffin-app
-          tags: |
-            type=raw,value=latest,enable={{is_default_branch}}
-            type=sha,prefix={{branch}}-
-
-      - name: Build and push Docker image
-        uses: docker/build-push-action@v5
-        with:
-          context: .
-          file: ./Dockerfile
-          push: true
-          tags: ${{ steps.meta.outputs.tags }}
-          labels: ${{ steps.meta.outputs.labels }}
-          cache-from: type=registry,ref=code.puffinoffset.com/matt/puffin-app:buildcache
-          cache-to: type=registry,ref=code.puffinoffset.com/matt/puffin-app:buildcache,mode=max
-
-      - name: Image digest
-        run: echo "Image pushed with digest ${{ steps.build.outputs.digest }}"
+      - name: Build and push with Kaniko
+        run: |
+          /kaniko/executor \
+            --context=${{ github.workspace }} \
+            --dockerfile=${{ github.workspace }}/Dockerfile \
+            --destination=code.puffinoffset.com/matt/puffin-app:latest \
+            --destination=code.puffinoffset.com/matt/puffin-app:main-${{ github.sha }} \
+            --cache=true \
+            --cache-repo=code.puffinoffset.com/matt/puffin-app/cache