From 60848459f39f2d72bf0dfbde475e84c62f7d53a5 Mon Sep 17 00:00:00 2001 From: Damir Mukimov Date: Thu, 25 Dec 2025 16:20:10 +0100 Subject: [PATCH] feat: switch to Kaniko for containerd-native CI/CD - Replace buildah with Kaniko for optimal containerd compatibility - Kaniko is specifically designed for building in Kubernetes/containerd environments - No package installation needed - Kaniko runs in its own container - Maintains Harbor registry integration and caching capabilities - Simplifies runner deployment by removing package management Benefits: - Native containerd support (no Docker daemon needed) - No package installation in CI runners - Optimized for Kubernetes environments - Same Harbor registry functionality with cleaner architecture - Better resource usage than DinD approach --- .gitea/workflows/ci.yml | 52 ++++++++++++------------------- k8s/gitea-runners/deployment.yaml | 2 +- 2 files changed, 21 insertions(+), 33 deletions(-) diff --git a/.gitea/workflows/ci.yml b/.gitea/workflows/ci.yml index c16d82c..8c4b47a 100644 --- a/.gitea/workflows/ci.yml +++ b/.gitea/workflows/ci.yml @@ -42,22 +42,16 @@ jobs: if: gitea.event_name == 'push' && gitea.ref == 'refs/heads/master' steps: - uses: actions/checkout@v4 - - name: Install buildah and podman - run: | - apt-get update - apt-get install -y buildah podman - - name: Log in to Harbor with buildah - run: | - buildah login --username ${{ secrets.DOCKER_USERNAME }} --password ${{ secrets.DOCKER_PASSWORD }} registry.bk.glpx.pro - - name: Build and push frontend with buildah - run: | - buildah build \ - --tag registry.bk.glpx.pro/turash/turash-frontend:latest \ - --tag registry.bk.glpx.pro/turash/turash-frontend:${{ gitea.sha }} \ - --file bugulma/frontend/Dockerfile \ - bugulma/frontend - buildah push registry.bk.glpx.pro/turash/turash-frontend:latest - buildah push registry.bk.glpx.pro/turash/turash-frontend:${{ gitea.sha }} + - name: Build and push frontend with Kaniko + uses: aevea/action-kaniko@master + with: + registry: registry.bk.glpx.pro + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + image: turash/turash-frontend + tag: latest,${{ gitea.sha }} + cache: true + cache_registry: registry.bk.glpx.pro/turash/turash-frontend backend-lint: runs-on: ubuntu-latest @@ -92,22 +86,16 @@ jobs: if: gitea.event_name == 'push' && gitea.ref == 'refs/heads/master' steps: - uses: actions/checkout@v4 - - name: Install buildah and podman - run: | - apt-get update - apt-get install -y buildah podman - - name: Log in to Harbor with buildah - run: | - buildah login --username ${{ secrets.DOCKER_USERNAME }} --password ${{ secrets.DOCKER_PASSWORD }} registry.bk.glpx.pro - - name: Build and push backend with buildah - run: | - buildah build \ - --tag registry.bk.glpx.pro/turash/turash-backend:latest \ - --tag registry.bk.glpx.pro/turash/turash-backend:${{ gitea.sha }} \ - --file bugulma/backend/Dockerfile \ - bugulma/backend - buildah push registry.bk.glpx.pro/turash/turash-backend:latest - buildah push registry.bk.glpx.pro/turash/turash-backend:${{ gitea.sha }} + - name: Build and push backend with Kaniko + uses: aevea/action-kaniko@master + with: + registry: registry.bk.glpx.pro + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + image: turash/turash-backend + tag: latest,${{ gitea.sha }} + cache: true + cache_registry: registry.bk.glpx.pro/turash/turash-backend e2e-test: runs-on: ubuntu-latest diff --git a/k8s/gitea-runners/deployment.yaml b/k8s/gitea-runners/deployment.yaml index 477737f..c2d1b83 100644 --- a/k8s/gitea-runners/deployment.yaml +++ b/k8s/gitea-runners/deployment.yaml @@ -22,7 +22,7 @@ spec: - sh - -c - | - apk add --no-cache nodejs npm buildah podman || true + apk add --no-cache nodejs npm || true cd /data if [ ! -f .runner ]; then /usr/local/bin/act_runner register --instance "$GITEA_INSTANCE_URL" --token "$GITEA_RUNNER_REGISTRATION_TOKEN" --name "$GITEA_RUNNER_NAME" --labels "$GITEA_RUNNER_LABELS" --no-interactive || true