diff --git a/.gitea/workflows/ci-dev.yml b/.gitea/workflows/ci-dev.yml index 8e46606..2d13d04 100644 --- a/.gitea/workflows/ci-dev.yml +++ b/.gitea/workflows/ci-dev.yml @@ -1,24 +1,17 @@ -name: Docker Build & Deploy (Dev Branch) +name: Docker Build & Deploy (DEV) on: push: branches: [ dev ] pull_request: - # Build DEV image with cache (if available) - echo "Building DEV image with layer caching..." - docker build \ - $CACHE_ARGS \ - --tag nfoguard:dev \ - --tag nfoguard:dev-${{ github.sha }} \ - --tag "$CACHE_IMAGE" \ - .s: [ dev ] + branches: [ dev ] jobs: build-dev: runs-on: host steps: - - name: Checkout code + - name: Checkout code (DEV) run: | echo "Current workspace: $(pwd)" @@ -26,31 +19,30 @@ jobs: rm -rf * .git* 2>/dev/null || true # Clone the repository since Gitea runner doesn't auto-checkout - echo "Cloning repository (dev branch)..." - git clone -b dev http://${{ secrets.username }}:${{ secrets.token }}@192.168.253.221:3000/jskala/NFOguard.git /tmp/repo + echo "Cloning repository..." + git clone http://${{ secrets.username }}:${{ secrets.token }}@192.168.253.221:3000/jskala/NFOguard.git /tmp/repo cp -r /tmp/repo/* . cp -r /tmp/repo/.* . 2>/dev/null || true rm -rf /tmp/repo - echo "Dev branch repository cloned successfully" + echo "Repository cloned successfully" ls -la echo "Checking Dockerfile:" head -30 Dockerfile - - name: Check Docker availability + - name: Check Docker availability (DEV) run: | echo "Checking Docker installation..." which docker || (echo "Docker not found in PATH" && exit 1) docker --version || (echo "Docker not available" && exit 1) docker info || (echo "Docker daemon not running" && exit 1) - - name: Configure Docker for local registry + - name: Configure Docker for local registry (DEV) run: | echo "Configuring Docker client for insecure local registry..." LOCAL_REGISTRY="192.168.253.221:3000" - # We can't use sudo in the container, so we'll configure the client differently - export DOCKER_CONFIG=/tmp/docker-config + export DOCKER_CONFIG=/tmp/docker-config-dev mkdir -p $DOCKER_CONFIG # Create Docker client config for insecure registry @@ -66,9 +58,7 @@ jobs: } EOF - echo "Docker client config created" - echo "Note: Since we can't modify daemon config in container, we'll use --insecure-registry flag" - + echo "Docker client config created for DEV" echo "Testing registry connectivity..." curl -s "http://$LOCAL_REGISTRY/v2/" && echo "✅ Registry accessible via HTTP" || echo "❌ Registry not accessible" @@ -103,109 +93,47 @@ jobs: # Build DEV image with cache (if available) echo "Building DEV image with layer caching..." - docker build - $CACHE_ARGS - --tag nfoguard:dev - --tag nfoguard:dev-${{ github.sha }} - --tag "$CACHE_IMAGE" + docker build \ + $CACHE_ARGS \ + --tag nfoguard:dev \ + --tag nfoguard:dev-${{ github.sha }} \ + --tag "$CACHE_IMAGE" \ . echo "DEV Docker image built and tagged successfully" - - # Show layer info for debugging - echo "=== DEV Image layer history ===" - docker history nfoguard:dev --format "table {{.CreatedBy}}\t{{.Size}}" | head -5 || echo "Layer history completed" - name: Login and Push to Gitea registry (DEV tags) + continue-on-error: true run: | - echo "Using LOCAL IP ONLY - no Cloudflare tunnel!" - export DOCKER_CONFIG=/tmp/docker-config + echo "Using LOCAL IP ONLY for DEV push!" + export DOCKER_CONFIG=/tmp/docker-config-dev - # Force local IP - never use domain LOCAL_REGISTRY="192.168.253.221:3000" - echo "Registry: $LOCAL_REGISTRY (LOCAL IP ONLY)" + echo "Registry: $LOCAL_REGISTRY (DEV TAGS)" - # Check image size - IMAGE_SIZE=$(docker images nfoguard:dev --format "table {{.Size}}" | tail -n1) - echo "DEV Image size: $IMAGE_SIZE" - - echo "Testing local registry connectivity..." - curl -s "http://$LOCAL_REGISTRY/v2/" && echo "✅ Local registry accessible via HTTP" || echo "❌ Local registry not accessible" - - # Configure Docker to skip TLS for this specific registry - export DOCKER_OPTS="--insecure-registry=$LOCAL_REGISTRY" - - # Create a script that forces HTTP for our local registry - cat > /tmp/docker-local << EOF - #!/bin/bash - export DOCKER_TLS_VERIFY="" - export DOCKER_HOST="" - exec docker "\$@" - EOF - chmod +x /tmp/docker-local - - # Try multiple approaches to handle the HTTP issue - echo "Attempting login to LOCAL registry..." - - # Approach 1: Try with explicit HTTP in auth + # Try login to local registry if echo "${{ secrets.token }}" | docker --config $DOCKER_CONFIG login "$LOCAL_REGISTRY" -u "${{ secrets.username }}" --password-stdin 2>/dev/null; then - echo "✅ Login succeeded with direct method" - else - echo "⚠️ Direct login failed, trying workarounds..." + echo "✅ DEV Login succeeded" - # Approach 2: Try to modify the login URL handling - export DOCKER_BUILDKIT=0 - if echo "${{ secrets.token }}" | timeout 30 docker --config $DOCKER_CONFIG login "$LOCAL_REGISTRY" -u "${{ secrets.username }}" --password-stdin; then - echo "✅ Login succeeded with workaround" - else - echo "❌ All login attempts failed" - echo "The issue is Docker client trying HTTPS on HTTP registry" - echo "We need to configure the Docker daemon on the host to allow insecure registries" - echo "" - echo "SOLUTION: Run this on the host machine:" - echo "sudo mkdir -p /etc/docker" - echo 'echo '"'"'{"insecure-registries":["'$LOCAL_REGISTRY'"]}'"'"' | sudo tee /etc/docker/daemon.json' - echo "sudo systemctl restart docker" - echo "" - echo "For now, continuing without registry push (DEV build succeeded)" - exit 0 + # Tag for local registry + docker tag nfoguard:dev "$LOCAL_REGISTRY/jskala/nfoguard:dev" + docker tag nfoguard:dev "$LOCAL_REGISTRY/jskala/nfoguard:dev-${{ github.sha }}" + + # Push DEV images + echo "=== Pushing DEV cache image ===" + timeout 60 docker --config $DOCKER_CONFIG push "$LOCAL_REGISTRY/jskala/nfoguard:dev-buildcache" && echo "✅ DEV cache pushed" || echo "⚠️ DEV cache push failed" + + echo "=== Pushing DEV latest tag ===" + if timeout 120 docker --config $DOCKER_CONFIG push "$LOCAL_REGISTRY/jskala/nfoguard:dev"; then + echo "✅ DEV tag pushed successfully" + + if timeout 60 docker --config $DOCKER_CONFIG push "$LOCAL_REGISTRY/jskala/nfoguard:dev-${{ github.sha }}"; then + echo "✅ DEV SHA tag pushed successfully" + fi fi - fi - - # Tag for local registry (cache image already tagged in build step) - docker tag nfoguard:dev "$LOCAL_REGISTRY/jskala/nfoguard:dev" - docker tag nfoguard:dev "$LOCAL_REGISTRY/jskala/nfoguard:dev-${{ github.sha }}" - - echo "Pushing DEV images to LOCAL registry (gigabit speed!)..." - - # Push with reasonable timeout for local network - echo "=== Pushing DEV cache image (for faster future builds) ===" - timeout 60 docker --config $DOCKER_CONFIG push "$LOCAL_REGISTRY/jskala/nfoguard:dev-buildcache" && echo "✅ DEV cache image pushed" || echo "⚠️ DEV cache push failed" - - echo "=== Pushing DEV latest tag to LOCAL IP ===" - if timeout 120 docker --config $DOCKER_CONFIG push "$LOCAL_REGISTRY/jskala/nfoguard:dev"; then - echo "✅ DEV latest tag pushed successfully to LOCAL registry" - - echo "=== Pushing DEV SHA tag to LOCAL IP ===" - if timeout 60 docker --config $DOCKER_CONFIG push "$LOCAL_REGISTRY/jskala/nfoguard:dev-${{ github.sha }}"; then - echo "✅ DEV SHA tag pushed successfully to LOCAL registry" - else - echo "⚠️ DEV SHA tag push failed but latest succeeded" - fi - else - echo "❌ Push to LOCAL registry failed" - echo "This is likely because Docker daemon needs insecure-registry configuration" - echo "DEV image is built successfully and available locally" + echo "❌ DEV local registry login failed - continuing to Docker Hub" fi - - echo "🎉 DEV Build workflow completed (using LOCAL network only)!" - echo "" - echo "📦 Available DEV images:" - echo " - $LOCAL_REGISTRY/jskala/nfoguard:dev" - echo " - $LOCAL_REGISTRY/jskala/nfoguard:dev-${{ github.sha }}" - echo "" - echo "🚀 Usage: docker pull $LOCAL_REGISTRY/jskala/nfoguard:dev" - name: Push DEV to Docker Hub if: github.ref == 'refs/heads/dev' @@ -213,7 +141,7 @@ jobs: echo "=== Pushing DEV image to Docker Hub ===" # Use temporary config directory to avoid permission issues - export DOCKER_CONFIG=/tmp/docker-config-dev + export DOCKER_CONFIG=/tmp/docker-config-dev-hub mkdir -p $DOCKER_CONFIG if echo "${{ secrets.DOCKER_HUB_TOKEN }}" | docker --config $DOCKER_CONFIG login -u "${{ secrets.DOCKER_HUB_USERNAME }}" --password-stdin; then @@ -245,21 +173,4 @@ jobs: else echo "❌ Docker Hub login failed for DEV push" exit 1 - fi - - deploy-dev: - needs: build-dev - runs-on: host - if: github.ref == 'refs/heads/dev' - - steps: - - name: Deploy DEV application - run: | - echo "DEV deployment ready..." - echo "The DEV image is built and pushed as:" - echo " 192.168.253.221:3000/jskala/nfoguard:dev" - echo "" - echo "To use DEV image in your docker-compose:" - echo " image: 192.168.253.221:3000/jskala/nfoguard:dev" - echo "" - echo "DEV deployment completed" \ No newline at end of file + fi \ No newline at end of file