ci: migrate to buildx docker-container driver with standalone buildkitd

2026-04-22 20:40:08 +00:00
parent d171ce685d
commit b9ce8e2090
1 changed files with 35 additions and 11 deletions
@@ -6,7 +6,7 @@ on:
      - main

 env:
-  REGISTRY: git.chemavx.xyz
+  REGISTRY: gitea.gitea.svc.cluster.local:3000
  K8S_MANIFESTS_REPO: http://chemavx:${{ secrets.CI_TOKEN }}@gitea.gitea.svc.cluster.local:3000/chemavx/k8s-manifests.git
  GIT_SSL_NO_VERIFY: "true"

@@ -23,17 +23,41 @@ jobs:
        id: tag
        run: echo "TAG=${GITHUB_SHA::8}" >> $GITHUB_OUTPUT

+      - name: Log in to registry
+        run: echo "${{ secrets.CI_TOKEN }}" | docker login gitea.gitea.svc.cluster.local:3000 -u chemavx --password-stdin
+
+      - name: Create buildx builder
+        run: |
+          cat > /tmp/buildkitd.toml << 'EOF'
+          [registry."registry-cache.registry-cache.svc.cluster.local:5000"]
+            http = true
+            insecure = true
+
+          [registry."gitea.gitea.svc.cluster.local:3000"]
+            http = true
+            insecure = true
+
+          [registry."docker.io"]
+            mirrors = ["registry-cache.registry-cache.svc.cluster.local:5000"]
+          EOF
+          docker buildx create \
+            --name ci-builder \
+            --driver docker-container \
+            --driver-opt network=host \
+            --config /tmp/buildkitd.toml \
+            --use
+          docker buildx inspect --bootstrap
+
      - name: Build and push n8n image
-        uses: aevea/action-kaniko@master
-        with:
-          registry: git.chemavx.xyz
-          username: chemavx
-          password: ${{ secrets.CI_TOKEN }}
-          image: chemavx/n8n
-          tag: ${{ steps.tag.outputs.TAG }}
-          path: .
-          build_file: Dockerfile
-          extra_args: --insecure --skip-tls-verify
+        run: |
+          TAG=${{ steps.tag.outputs.TAG }}
+          docker buildx build \
+            --builder ci-builder \
+            --cache-from type=registry,ref=gitea.gitea.svc.cluster.local:3000/chemavx/n8n:buildcache \
+            --cache-to type=registry,ref=gitea.gitea.svc.cluster.local:3000/chemavx/n8n:buildcache,mode=max \
+            -t gitea.gitea.svc.cluster.local:3000/chemavx/n8n:${TAG} \
+            --push \
+            -f Dockerfile .

      - name: Update k8s manifests
        run: |