mosaic/stack
1
0
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases 2 Wiki Activity

fix(ci): Use docker:dind with manual login instead of buildx plugin
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Details

Browse Source 
The buildx plugin's credential handling doesn't work properly with
Harbor. The docker-auth-test step proved that standard docker login
works, so we switch to:
- docker:dind image
- Manual docker login before build
- Standard docker build and docker push

This bypasses buildx's separate credential store issue.

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
This commit is contained in:
Jason Woltje
2026-02-01 17:31:05 -06:00
parent 211c532fb0
commit 32c35d327b
1 changed files with 28 additions and 60 deletions
Download Patch File Download Diff File Expand all files Collapse all files

88
.woodpecker.yml
View File

@@ -84,91 +84,59 @@ steps:
# ======================
# Requires secrets: harbor_username, harbor_password
# Debug step - test registry auth before building
docker-auth-test:
image: docker:cli
# Build and push API image
docker-build-api:
image: docker:dind
environment:
HARBOR_USER:
from_secret: harbor_username
HARBOR_PASS:
from_secret: harbor_password
commands:
- echo "Testing Harbor authentication..."
- echo "Username length:" $(echo -n "$HARBOR_USER" | wc -c)
- echo "Password length:" $(echo -n "$HARBOR_PASS" | wc -c)
- echo "$HARBOR_PASS" | docker login reg.mosaicstack.dev -u "$HARBOR_USER" --password-stdin
- echo "Login successful!"
- docker logout reg.mosaicstack.dev
- docker build -t reg.mosaicstack.dev/mosaic/api:${CI_COMMIT_SHA:0:8} -t reg.mosaicstack.dev/mosaic/api:latest -f apps/api/Dockerfile .
- docker push reg.mosaicstack.dev/mosaic/api:${CI_COMMIT_SHA:0:8}
- docker push reg.mosaicstack.dev/mosaic/api:latest
when:
- branch: [main, develop]
event: [push, manual]
depends_on:
- build
docker-build-api:
image: woodpeckerci/plugin-docker-buildx
settings:
registry: reg.mosaicstack.dev
repo: mosaic/api
dockerfile: apps/api/Dockerfile
context: .
platforms:
- linux/amd64
tags:
- "${CI_COMMIT_SHA:0:8}"
- latest
username:
from_secret: harbor_username
password:
from_secret: harbor_password
when:
- branch: [main, develop]
event: [push, manual]
depends_on:
- docker-auth-test
# Build and push Web image
docker-build-web:
image: woodpeckerci/plugin-docker-buildx
settings:
registry: reg.mosaicstack.dev
repo: mosaic/web
dockerfile: apps/web/Dockerfile
context: .
platforms:
- linux/amd64
build_args:
- NEXT_PUBLIC_API_URL=https://api.mosaicstack.dev
tags:
- "${CI_COMMIT_SHA:0:8}"
- latest
username:
image: docker:dind
environment:
HARBOR_USER:
from_secret: harbor_username
password:
HARBOR_PASS:
from_secret: harbor_password
commands:
- echo "$HARBOR_PASS" | docker login reg.mosaicstack.dev -u "$HARBOR_USER" --password-stdin
- docker build --build-arg NEXT_PUBLIC_API_URL=https://api.mosaicstack.dev -t reg.mosaicstack.dev/mosaic/web:${CI_COMMIT_SHA:0:8} -t reg.mosaicstack.dev/mosaic/web:latest -f apps/web/Dockerfile .
- docker push reg.mosaicstack.dev/mosaic/web:${CI_COMMIT_SHA:0:8}
- docker push reg.mosaicstack.dev/mosaic/web:latest
when:
- branch: [main, develop]
event: [push, manual]
depends_on:
- docker-auth-test
- build
# Build and push Postgres image
docker-build-postgres:
image: woodpeckerci/plugin-docker-buildx
settings:
registry: reg.mosaicstack.dev
repo: mosaic/postgres
dockerfile: docker/postgres/Dockerfile
context: docker/postgres
platforms:
- linux/amd64
tags:
- "${CI_COMMIT_SHA:0:8}"
- latest
username:
image: docker:dind
environment:
HARBOR_USER:
from_secret: harbor_username
password:
HARBOR_PASS:
from_secret: harbor_password
commands:
- echo "$HARBOR_PASS" | docker login reg.mosaicstack.dev -u "$HARBOR_USER" --password-stdin
- docker build -t reg.mosaicstack.dev/mosaic/postgres:${CI_COMMIT_SHA:0:8} -t reg.mosaicstack.dev/mosaic/postgres:latest -f docker/postgres/Dockerfile docker/postgres
- docker push reg.mosaicstack.dev/mosaic/postgres:${CI_COMMIT_SHA:0:8}
- docker push reg.mosaicstack.dev/mosaic/postgres:latest
when:
- branch: [main, develop]
event: [push, manual]
depends_on:
- docker-auth-test
- build