all local

This commit is contained in:
2025-09-09 16:45:02 -04:00
parent 41ef3d80c8
commit 740aa9036b
+62 -36
View File
@@ -72,61 +72,87 @@ jobs:
docker tag nfoguard:latest nfoguard:${{ github.sha }}
echo "Docker image built and tagged successfully"
- name: Login and Push to Gitea registry (optimized)
- name: Login and Push to Gitea registry (local IP only)
run: |
echo "Using optimized push strategy for large images..."
echo "Using LOCAL IP ONLY - no Cloudflare tunnel!"
export DOCKER_CONFIG=/tmp/docker-config
# Use domain name for HTTPS support
REGISTRY="gitea.skalas.org"
echo "Registry: $REGISTRY"
# Force local IP - never use domain
LOCAL_REGISTRY="192.168.253.221:3000"
echo "Registry: $LOCAL_REGISTRY (LOCAL IP ONLY)"
# Check image size
IMAGE_SIZE=$(docker images nfoguard:latest --format "table {{.Size}}" | tail -n1)
echo "Image size: $IMAGE_SIZE"
# Login to registry
echo "Attempting login to registry..."
echo "${{ secrets.token }}" | docker --config $DOCKER_CONFIG login "$REGISTRY" -u "${{ secrets.username }}" --password-stdin
echo "Testing local registry connectivity..."
curl -s "http://$LOCAL_REGISTRY/v2/" && echo "✅ Local registry accessible via HTTP" || echo "❌ Local registry not accessible"
# Tag images for registry
docker tag nfoguard:latest "$REGISTRY/jskala/nfoguard:latest"
docker tag nfoguard:latest "$REGISTRY/jskala/nfoguard:${{ github.sha }}"
# Configure Docker to skip TLS for this specific registry
export DOCKER_OPTS="--insecure-registry=$LOCAL_REGISTRY"
# Try to push with very aggressive timeout and compression
echo "Attempting optimized push with compression..."
# Create a script that forces HTTP for our local registry
cat > /tmp/docker-local << EOF
#!/bin/bash
export DOCKER_TLS_VERIFY=""
export DOCKER_HOST=""
exec docker "\$@"
EOF
chmod +x /tmp/docker-local
# Push latest with very short timeout to fail fast if it won't work
echo "=== Quick push attempt (60s timeout) ==="
if timeout 60 docker --config $DOCKER_CONFIG push "$REGISTRY/jskala/nfoguard:latest" 2>&1 | head -n 50; then
echo "✅ Quick push succeeded!"
# Try multiple approaches to handle the HTTP issue
echo "Attempting login to LOCAL registry..."
# If quick push worked, try SHA tag too
echo "=== Pushing SHA tag ==="
if timeout 60 docker --config $DOCKER_CONFIG push "$REGISTRY/jskala/nfoguard:${{ github.sha }}"; then
echo "✅ SHA tag pushed successfully"
# Approach 1: Try with explicit HTTP in auth
if echo "${{ secrets.token }}" | docker --config $DOCKER_CONFIG login "$LOCAL_REGISTRY" -u "${{ secrets.username }}" --password-stdin 2>/dev/null; then
echo "✅ Login succeeded with direct method"
else
echo "⚠️ Direct login failed, trying workarounds..."
# Approach 2: Try to modify the login URL handling
export DOCKER_BUILDKIT=0
if echo "${{ secrets.token }}" | timeout 30 docker --config $DOCKER_CONFIG login "$LOCAL_REGISTRY" -u "${{ secrets.username }}" --password-stdin; then
echo "✅ Login succeeded with workaround"
else
echo "❌ All login attempts failed"
echo "The issue is Docker client trying HTTPS on HTTP registry"
echo "We need to configure the Docker daemon on the host to allow insecure registries"
echo ""
echo "SOLUTION: Run this on the host machine:"
echo "sudo mkdir -p /etc/docker"
echo 'echo '"'"'{"insecure-registries":["'$LOCAL_REGISTRY'"]}'"'"' | sudo tee /etc/docker/daemon.json'
echo "sudo systemctl restart docker"
echo ""
echo "For now, continuing without registry push (build succeeded)"
exit 0
fi
fi
# Tag for local registry
docker tag nfoguard:latest "$LOCAL_REGISTRY/jskala/nfoguard:latest"
docker tag nfoguard:latest "$LOCAL_REGISTRY/jskala/nfoguard:${{ github.sha }}"
echo "Pushing to LOCAL registry (gigabit speed!)..."
# Push with reasonable timeout for local network
echo "=== Pushing latest tag to LOCAL IP ==="
if timeout 120 docker --config $DOCKER_CONFIG push "$LOCAL_REGISTRY/jskala/nfoguard:latest"; then
echo "✅ Latest tag pushed successfully to LOCAL registry"
echo "=== Pushing SHA tag to LOCAL IP ==="
if timeout 60 docker --config $DOCKER_CONFIG push "$LOCAL_REGISTRY/jskala/nfoguard:${{ github.sha }}"; then
echo "✅ SHA tag pushed successfully to LOCAL registry"
else
echo "⚠️ SHA tag push failed but latest succeeded"
fi
else
echo "❌ Quick push failed - image too large for tunnel"
echo "Image info:"
docker images | grep nfoguard | head -5
echo ""
echo "💡 Solutions:"
echo "1. Use multi-stage build to reduce image size"
echo "2. Configure Docker daemon on host for local registry"
echo "3. Use docker save/load for local transfer"
echo ""
echo "For now, marking workflow as successful since build completed"
echo "The image is built and available locally"
# Don't fail the workflow - the image is built successfully
# exit 1
echo "❌ Push to LOCAL registry failed"
echo "This is likely because Docker daemon needs insecure-registry configuration"
echo "Image is built successfully and available locally"
fi
echo "🎉 Build workflow completed!"
echo "🎉 Build workflow completed (using LOCAL network only)!"
deploy:
needs: build