From f544cc65d26961694409d89da018bd27c63bf6bf Mon Sep 17 00:00:00 2001 From: Jarvis Date: Mon, 30 Mar 2026 20:04:50 -0500 Subject: [PATCH] fix(ci): switch to Kaniko image builder using global gitea secrets --- .woodpecker/ci.yml | 78 ++++++++++++++++++++++++++++------------------ 1 file changed, 48 insertions(+), 30 deletions(-) diff --git a/.woodpecker/ci.yml b/.woodpecker/ci.yml index eddbb8e..c1c3154 100644 --- a/.woodpecker/ci.yml +++ b/.woodpecker/ci.yml @@ -59,40 +59,58 @@ steps: - lint - format - publish-gateway: - image: woodpeckerci/plugin-docker-buildx - settings: - registry: git.mosaicstack.dev - repo: git.mosaicstack.dev/mosaic/mosaic-stack-gateway - dockerfile: docker/gateway.Dockerfile - tags: - - latest - - ${CI_COMMIT_SHA} - username: - from_secret: REGISTRY_USERNAME - password: - from_secret: REGISTRY_PASSWORD + build-gateway: + image: gcr.io/kaniko-project/executor:debug + environment: + REGISTRY_USER: + from_secret: gitea_username + REGISTRY_PASS: + from_secret: gitea_password + CI_COMMIT_BRANCH: ${CI_COMMIT_BRANCH} + CI_COMMIT_TAG: ${CI_COMMIT_TAG} + CI_COMMIT_SHA: ${CI_COMMIT_SHA} + commands: + - mkdir -p /kaniko/.docker + - echo "{\"auths\":{\"git.mosaicstack.dev\":{\"username\":\"$REGISTRY_USER\",\"password\":\"$REGISTRY_PASS\"}}}" > /kaniko/.docker/config.json + - | + DESTINATIONS="--destination git.mosaicstack.dev/mosaic/mosaic-stack/gateway:sha-${CI_COMMIT_SHA:0:7}" + if [ "$CI_COMMIT_BRANCH" = "main" ]; then + DESTINATIONS="$DESTINATIONS --destination git.mosaicstack.dev/mosaic/mosaic-stack/gateway:latest" + fi + if [ -n "$CI_COMMIT_TAG" ]; then + DESTINATIONS="$DESTINATIONS --destination git.mosaicstack.dev/mosaic/mosaic-stack/gateway:$CI_COMMIT_TAG" + fi + /kaniko/executor --context . --dockerfile docker/gateway.Dockerfile $DESTINATIONS when: - - event: push - branch: main + - branch: [main] + event: [push, manual, tag] depends_on: - build - publish-web: - image: woodpeckerci/plugin-docker-buildx - settings: - registry: git.mosaicstack.dev - repo: git.mosaicstack.dev/mosaic/mosaic-stack-web - dockerfile: docker/web.Dockerfile - tags: - - latest - - ${CI_COMMIT_SHA} - username: - from_secret: REGISTRY_USERNAME - password: - from_secret: REGISTRY_PASSWORD + build-web: + image: gcr.io/kaniko-project/executor:debug + environment: + REGISTRY_USER: + from_secret: gitea_username + REGISTRY_PASS: + from_secret: gitea_password + CI_COMMIT_BRANCH: ${CI_COMMIT_BRANCH} + CI_COMMIT_TAG: ${CI_COMMIT_TAG} + CI_COMMIT_SHA: ${CI_COMMIT_SHA} + commands: + - mkdir -p /kaniko/.docker + - echo "{\"auths\":{\"git.mosaicstack.dev\":{\"username\":\"$REGISTRY_USER\",\"password\":\"$REGISTRY_PASS\"}}}" > /kaniko/.docker/config.json + - | + DESTINATIONS="--destination git.mosaicstack.dev/mosaic/mosaic-stack/web:sha-${CI_COMMIT_SHA:0:7}" + if [ "$CI_COMMIT_BRANCH" = "main" ]; then + DESTINATIONS="$DESTINATIONS --destination git.mosaicstack.dev/mosaic/mosaic-stack/web:latest" + fi + if [ -n "$CI_COMMIT_TAG" ]; then + DESTINATIONS="$DESTINATIONS --destination git.mosaicstack.dev/mosaic/mosaic-stack/web:$CI_COMMIT_TAG" + fi + /kaniko/executor --context . --dockerfile docker/web.Dockerfile $DESTINATIONS when: - - event: push - branch: main + - branch: [main] + event: [push, manual, tag] depends_on: - build