name: Docker Build & Deploy on: push: branches: [ main, develop ] pull_request: branches: [ main ] jobs: build: runs-on: host steps: - name: Checkout code run: | echo "Current workspace: $(pwd)" # Clean workspace first rm -rf * .git* 2>/dev/null || true # Clone the repository since Gitea runner doesn't auto-checkout echo "Cloning repository..." git clone http://192.168.253.221:3000/jskala/NFOguard.git /tmp/repo cp -r /tmp/repo/* . cp -r /tmp/repo/.* . 2>/dev/null || true rm -rf /tmp/repo echo "Repository cloned successfully" ls -la echo "Checking Dockerfile:" head -30 Dockerfile - name: Check Docker availability run: | echo "Checking Docker installation..." which docker || (echo "Docker not found in PATH" && exit 1) docker --version || (echo "Docker not available" && exit 1) docker info || (echo "Docker daemon not running" && exit 1) - name: Configure Docker for local registry run: | echo "Configuring Docker client for insecure local registry..." LOCAL_REGISTRY="192.168.253.221:3000" # We can't use sudo in the container, so we'll configure the client differently export DOCKER_CONFIG=/tmp/docker-config mkdir -p $DOCKER_CONFIG # Create Docker client config for insecure registry cat > $DOCKER_CONFIG/config.json << EOF { "auths": {}, "HttpHeaders": { "User-Agent": "Docker-Client/20.10.0 (linux)" }, "credsStore": "", "credHelpers": {}, "experimental": "disabled" } EOF echo "Docker client config created" echo "Note: Since we can't modify daemon config in container, we'll use --insecure-registry flag" echo "Testing registry connectivity..." curl -s "http://$LOCAL_REGISTRY/v2/" && echo "✅ Registry accessible via HTTP" || echo "❌ Registry not accessible" - name: Build Docker image run: | echo "Building Docker image..." docker build -t nfoguard:latest . docker tag nfoguard:latest nfoguard:${{ github.sha }} echo "Docker image built and tagged successfully" - name: Login and Push to Gitea registry (local network) run: | echo "Using local network connection to avoid Cloudflare tunnel timeouts..." export DOCKER_CONFIG=/tmp/docker-config # Use local IP directly - no tunnel overhead LOCAL_REGISTRY="192.168.253.221:3000" echo "Registry: $LOCAL_REGISTRY" echo "Testing registry connectivity..." curl -s "http://$LOCAL_REGISTRY/v2/" && echo "✅ Registry accessible via HTTP" || echo "❌ Registry not accessible" # Since we can't configure daemon, we need to use a workaround # Let's try to create a custom docker command wrapper cat > /tmp/docker-insecure << 'EOF' #!/bin/bash # Custom docker wrapper for insecure registry if [[ "$*" == *"192.168.253.221:3000"* ]]; then # For registry operations, we need to find an alternative approach # Let's try using the domain name but with HTTP original_cmd="$*" modified_cmd="${original_cmd//192.168.253.221:3000/gitea.skalas.org}" echo "Executing: docker $modified_cmd" exec docker $modified_cmd else exec docker "$@" fi EOF chmod +x /tmp/docker-insecure # Fallback: Use domain name which should support HTTPS REGISTRY="gitea.skalas.org" echo "Fallback to domain registry: $REGISTRY" # Login to registry echo "Attempting login to registry..." echo "${{ secrets.token }}" | docker --config $DOCKER_CONFIG login "$REGISTRY" -u "${{ secrets.username }}" --password-stdin # Tag images for registry docker tag nfoguard:latest "$REGISTRY/jskala/nfoguard:latest" docker tag nfoguard:latest "$REGISTRY/jskala/nfoguard:${{ github.sha }}" echo "Pushing to registry..." # Push with shorter timeout since local network should be faster echo "=== Pushing latest tag ===" if timeout 300 docker --config $DOCKER_CONFIG push "$REGISTRY/jskala/nfoguard:latest"; then echo "✅ Latest tag pushed successfully" echo "=== Pushing SHA tag ===" if timeout 180 docker --config $DOCKER_CONFIG push "$REGISTRY/jskala/nfoguard:${{ github.sha }}"; then echo "✅ SHA tag pushed successfully" else echo "⚠️ SHA tag push failed but latest succeeded" fi else echo "❌ Registry push failed" docker images | grep nfoguard exit 1 fi echo "🎉 Registry push completed!" deploy: needs: build runs-on: host if: github.ref == 'refs/heads/main' steps: - name: Deploy application run: | echo "Deploying application..." # Add your deployment commands here # Examples: # docker-compose pull # docker-compose up -d # or # docker stop nfoguard || true # docker run -d --name nfoguard -p 8080:8080 nfoguard:latest echo "Deployment completed"