fix python

This commit is contained in:
2025-09-16 15:53:47 -04:00
parent 571d0400b2
commit 9df0b969b0
3 changed files with 46 additions and 62 deletions
+12 -7
View File
@@ -71,10 +71,15 @@ jobs:
LOCAL_REGISTRY="192.168.253.221:3000" LOCAL_REGISTRY="192.168.253.221:3000"
CACHE_IMAGE="$LOCAL_REGISTRY/jskala/nfoguard:dev-buildcache" CACHE_IMAGE="$LOCAL_REGISTRY/jskala/nfoguard:dev-buildcache"
# Clear any existing Docker configs to prevent permission issues
unset DOCKER_CONFIG
export HOME=/tmp/docker-home-dev
mkdir -p $HOME
# Enable Docker BuildKit for better caching # Enable Docker BuildKit for better caching
export DOCKER_BUILDKIT=1 export DOCKER_BUILDKIT=1
# Check if cache image exists and pull it # Check if DEV cache image exists and pull it
echo "Checking for existing DEV cache image..." echo "Checking for existing DEV cache image..."
CACHE_ARGS="" CACHE_ARGS=""
if curl -s "http://$LOCAL_REGISTRY/v2/jskala/nfoguard/manifests/dev-buildcache" > /dev/null 2>&1; then if curl -s "http://$LOCAL_REGISTRY/v2/jskala/nfoguard/manifests/dev-buildcache" > /dev/null 2>&1; then
@@ -89,13 +94,13 @@ jobs:
echo "️ No DEV cache image found (first build or cache expired)" echo "️ No DEV cache image found (first build or cache expired)"
fi fi
# Build with cache (if available) # Build DEV image with cache (if available)
echo "Building DEV image with layer caching..." echo "Building DEV image with layer caching..."
docker build \ docker build
$CACHE_ARGS \ $CACHE_ARGS
--tag nfoguard:dev \ --tag nfoguard:dev
--tag nfoguard:dev-${{ github.sha }} \ --tag nfoguard:dev-${{ github.sha }}
--tag "$CACHE_IMAGE" \ --tag "$CACHE_IMAGE"
. .
echo "DEV Docker image built and tagged successfully" echo "DEV Docker image built and tagged successfully"
+34 -55
View File
@@ -115,6 +115,7 @@ jobs:
fi fi
- name: Login and Push to Gitea registry (local IP only) - name: Login and Push to Gitea registry (local IP only)
continue-on-error: true # Don't fail the build if local registry fails
run: | run: |
echo "Using LOCAL IP ONLY - no Cloudflare tunnel!" echo "Using LOCAL IP ONLY - no Cloudflare tunnel!"
export DOCKER_CONFIG=/tmp/docker-config export DOCKER_CONFIG=/tmp/docker-config
@@ -130,74 +131,52 @@ jobs:
echo "Testing local registry connectivity..." echo "Testing local registry connectivity..."
curl -s "http://$LOCAL_REGISTRY/v2/" && echo "✅ Local registry accessible via HTTP" || echo "❌ Local registry not accessible" curl -s "http://$LOCAL_REGISTRY/v2/" && echo "✅ Local registry accessible via HTTP" || echo "❌ Local registry not accessible"
# Configure Docker to skip TLS for this specific registry
export DOCKER_OPTS="--insecure-registry=$LOCAL_REGISTRY"
# Create a script that forces HTTP for our local registry
cat > /tmp/docker-local << EOF
#!/bin/bash
export DOCKER_TLS_VERIFY=""
export DOCKER_HOST=""
exec docker "\$@"
EOF
chmod +x /tmp/docker-local
# Try multiple approaches to handle the HTTP issue # Try multiple approaches to handle the HTTP issue
echo "Attempting login to LOCAL registry..." echo "Attempting login to LOCAL registry..."
# Approach 1: Try with explicit HTTP in auth # Approach 1: Try with explicit HTTP in auth
if echo "${{ secrets.token }}" | docker --config $DOCKER_CONFIG login "$LOCAL_REGISTRY" -u "${{ secrets.username }}" --password-stdin 2>/dev/null; then if echo "${{ secrets.token }}" | docker --config $DOCKER_CONFIG login "$LOCAL_REGISTRY" -u "${{ secrets.username }}" --password-stdin 2>/dev/null; then
echo "✅ Login succeeded with direct method" echo "✅ Login succeeded with direct method"
else
echo "⚠️ Direct login failed, trying workarounds..."
# Approach 2: Try to modify the login URL handling # Tag for local registry (cache image already tagged in build step)
export DOCKER_BUILDKIT=0 docker tag nfoguard:latest "$LOCAL_REGISTRY/jskala/nfoguard:latest"
if echo "${{ secrets.token }}" | timeout 30 docker --config $DOCKER_CONFIG login "$LOCAL_REGISTRY" -u "${{ secrets.username }}" --password-stdin; then docker tag nfoguard:latest "$LOCAL_REGISTRY/jskala/nfoguard:${{ github.sha }}"
echo "✅ Login succeeded with workaround"
echo "Pushing to LOCAL registry (gigabit speed!)..."
# Push with reasonable timeout for local network
echo "=== Pushing cache image (for faster future builds) ==="
timeout 60 docker --config $DOCKER_CONFIG push "$LOCAL_REGISTRY/jskala/nfoguard:buildcache" && echo "✅ Cache image pushed" || echo "⚠️ Cache push failed"
echo "=== Pushing latest tag to LOCAL IP ==="
if timeout 120 docker --config $DOCKER_CONFIG push "$LOCAL_REGISTRY/jskala/nfoguard:latest"; then
echo "✅ Latest tag pushed successfully to LOCAL registry"
echo "=== Pushing SHA tag to LOCAL IP ==="
if timeout 60 docker --config $DOCKER_CONFIG push "$LOCAL_REGISTRY/jskala/nfoguard:${{ github.sha }}"; then
echo "✅ SHA tag pushed successfully to LOCAL registry"
else
echo "⚠️ SHA tag push failed but latest succeeded"
fi
else else
echo "❌ All login attempts failed" echo "❌ Push to LOCAL registry failed"
echo "The issue is Docker client trying HTTPS on HTTP registry" echo "This is likely because Docker daemon needs insecure-registry configuration"
echo "We need to configure the Docker daemon on the host to allow insecure registries"
echo ""
echo "SOLUTION: Run this on the host machine:"
echo "sudo mkdir -p /etc/docker"
echo 'echo '"'"'{"insecure-registries":["'$LOCAL_REGISTRY'"]}'"'"' | sudo tee /etc/docker/daemon.json'
echo "sudo systemctl restart docker"
echo ""
echo "For now, continuing without registry push (build succeeded)"
exit 0
fi
fi
# Tag for local registry (cache image already tagged in build step)
docker tag nfoguard:latest "$LOCAL_REGISTRY/jskala/nfoguard:latest"
docker tag nfoguard:latest "$LOCAL_REGISTRY/jskala/nfoguard:${{ github.sha }}"
echo "Pushing to LOCAL registry (gigabit speed!)..."
# Push with reasonable timeout for local network
echo "=== Pushing cache image (for faster future builds) ==="
timeout 60 docker --config $DOCKER_CONFIG push "$LOCAL_REGISTRY/jskala/nfoguard:buildcache" && echo "✅ Cache image pushed" || echo "⚠️ Cache push failed"
echo "=== Pushing latest tag to LOCAL IP ==="
if timeout 120 docker --config $DOCKER_CONFIG push "$LOCAL_REGISTRY/jskala/nfoguard:latest"; then
echo "✅ Latest tag pushed successfully to LOCAL registry"
echo "=== Pushing SHA tag to LOCAL IP ==="
if timeout 60 docker --config $DOCKER_CONFIG push "$LOCAL_REGISTRY/jskala/nfoguard:${{ github.sha }}"; then
echo "✅ SHA tag pushed successfully to LOCAL registry"
else
echo "⚠️ SHA tag push failed but latest succeeded"
fi fi
else else
echo "❌ Push to LOCAL registry failed" echo "❌ Local registry login failed"
echo "This is likely because Docker daemon needs insecure-registry configuration" echo "This is expected - Docker daemon needs insecure-registry configuration"
echo "Image is built successfully and available locally" echo ""
echo "🔧 To fix, run on the host machine:"
echo "sudo mkdir -p /etc/docker"
echo 'echo '"'"'{"insecure-registries":["'$LOCAL_REGISTRY'"]}'"'"' | sudo tee /etc/docker/daemon.json'
echo "sudo systemctl restart docker"
echo ""
echo "⏭️ Continuing to Docker Hub push..."
fi fi
echo "🎉 Build workflow completed (using LOCAL network only)!" echo "🎉 Local registry step completed!"
- name: Login and Push to Docker Hub - name: Login and Push to Docker Hub
run: | run: |
+1 -1
View File
@@ -1,4 +1,4 @@
FROM python:3.12-slim FROM python:3.11-slim
# Set environment variables # Set environment variables
ENV PYTHONDONTWRITEBYTECODE=1 \ ENV PYTHONDONTWRITEBYTECODE=1 \