docs: document pipeline fix v5 using Docker Daemon configuration and update workflow
Build and Publish Docker Images / build-and-push (., backend/infrastructure/gateway/Dockerfile, api-gateway, api-gateway) (push) Failing after 35s
Build and Publish Docker Images / build-and-push (., backend/services/ping/Dockerfile, ping-service, ping-service) (push) Has been cancelled
Build and Publish Docker Images / build-and-push (., config/docker/caddy/web-app/Dockerfile, web-app, web-app) (push) Has been cancelled
Build and Publish Docker Images / build-and-push (., config/docker/keycloak/Dockerfile, keycloak, keycloak) (push) Has been cancelled
Build and Publish Docker Images / build-and-push (., backend/infrastructure/gateway/Dockerfile, api-gateway, api-gateway) (push) Failing after 35s
Build and Publish Docker Images / build-and-push (., backend/services/ping/Dockerfile, ping-service, ping-service) (push) Has been cancelled
Build and Publish Docker Images / build-and-push (., config/docker/caddy/web-app/Dockerfile, web-app, web-app) (push) Has been cancelled
Build and Publish Docker Images / build-and-push (., config/docker/keycloak/Dockerfile, keycloak, keycloak) (push) Has been cancelled
Added a session log detailing the resolution of HTTPS to HTTP conflicts during internal registry access by configuring the Docker Daemon with `insecure-registries` in `daemon.json` and restarting the service. Updated `.gitea/workflows/docker-publish.yaml` to reflect the new approach, ensuring reliable internal pushes bypassing Pangolin without timeouts.
This commit is contained in:
@@ -15,6 +15,8 @@ on:
|
||||
|
||||
env:
|
||||
REGISTRY: git.mo-code.at
|
||||
# Interner Registry-Endpunkt (direkter HTTP, kein Pangolin-Timeout)
|
||||
REGISTRY_INTERNAL: 10.0.0.22:3000
|
||||
# WICHTIG: Kleingeschrieben für Docker-Konformität
|
||||
IMAGE_PREFIX: mocode-software/meldestelle
|
||||
# Build Arguments für Zora (ARM64 Power)
|
||||
@@ -92,18 +94,20 @@ jobs:
|
||||
--max-workers=8 \
|
||||
-Dkotlin.daemon.jvm.options="-Xmx4g"
|
||||
|
||||
# Pangolin-Bypass via buildkitd Mirror (kein Root, kein iptables, kein socat nötig)
|
||||
# Problem: git.mo-code.at läuft extern über Pangolin (HTTPS), große Layer-Uploads timeouton (502).
|
||||
# Lösung: buildkitd Mirror leitet alle Registry-Anfragen intern direkt auf 10.0.0.22:3000 um.
|
||||
# Login erfolgt ebenfalls intern (HTTP) → kein Pangolin-Timeout möglich.
|
||||
# Pangolin-Bypass: Docker-Daemon + buildkitd für interne HTTP-Registry konfigurieren.
|
||||
# Problem: git.mo-code.at läuft über Pangolin (HTTPS), große Layer-Uploads timeouton (502).
|
||||
# Lösung: Push direkt auf 10.0.0.22:3000 (intern, HTTP). sudo tee funktioniert auf dem Runner.
|
||||
- name: Docker-Daemon für interne Registry konfigurieren (Pangolin-Bypass)
|
||||
run: |
|
||||
echo '{"insecure-registries":["10.0.0.22:3000"]}' | sudo tee /etc/docker/daemon.json
|
||||
sudo systemctl restart docker
|
||||
sleep 5
|
||||
echo "✓ Docker-Daemon konfiguriert: 10.0.0.22:3000 als insecure-registry"
|
||||
|
||||
- name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v3
|
||||
with:
|
||||
config-inline: |
|
||||
[registry."git.mo-code.at"]
|
||||
mirrors = ["http://10.0.0.22:3000"]
|
||||
http = true
|
||||
insecure = true
|
||||
[registry."10.0.0.22:3000"]
|
||||
http = true
|
||||
insecure = true
|
||||
@@ -111,7 +115,7 @@ jobs:
|
||||
- name: Bei Registry intern anmelden (Pangolin-Bypass)
|
||||
uses: docker/login-action@v3
|
||||
with:
|
||||
registry: 10.0.0.22:3000
|
||||
registry: ${{ env.REGISTRY_INTERNAL }}
|
||||
username: ${{ secrets.REGISTRY_USER }}
|
||||
password: ${{ secrets.REGISTRY_TOKEN }}
|
||||
|
||||
@@ -119,7 +123,7 @@ jobs:
|
||||
id: meta
|
||||
uses: docker/metadata-action@v5
|
||||
with:
|
||||
images: ${{ env.REGISTRY }}/${{ env.IMAGE_PREFIX }}/${{ matrix.image }}
|
||||
images: ${{ env.REGISTRY_INTERNAL }}/${{ env.IMAGE_PREFIX }}/${{ matrix.image }}
|
||||
tags: |
|
||||
type=raw,value=latest,enable=${{ github.ref == 'refs/heads/main' }}
|
||||
type=sha,format=long
|
||||
|
||||
Reference in New Issue
Block a user