Обновлена конфигурация docker-build.yml: заменен шаг checkout на кастомный скрипт с использованием git, добавлены шаги для логина в Docker и сборки образа, упрощен процесс пуша образов.

.gitea/workflows/docker-build.yml

@@ -11,27 +11,24 @@ permissions:
 
 jobs:
   build:
-    runs-on: docker
+    runs-on: dind
     env:
       REGISTRY: hub.realmanual.ru
       IMAGE_NAME: pub/sqlite-backup/backup
     steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-
-      - name: Ensure tag commit is reachable from main
+      - name: Checkout (git)
         shell: bash
+        env:
+          TOKEN: ${{ secrets.GITEA_TOKEN }}
         run: |
           set -euo pipefail
-          git fetch --no-tags --depth=0 origin main
-          if git merge-base --is-ancestor "$GITHUB_SHA" origin/main; then
-            echo "Commit is on main history. Proceeding."
-          else
-            echo "Tag commit is not from main. Skipping build." >&2
-            exit 0
-          fi
+          : "${GITHUB_SERVER_URL:?}"
+          : "${GITHUB_REPOSITORY:?}"
+          : "${GITHUB_SHA:?}"
+          git init .
+          git remote add origin "${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}.git"
+          git -c http.extraHeader="Authorization: Bearer ${TOKEN}" fetch --no-tags --depth=1 origin "${GITHUB_SHA}"
+          git checkout --detach "${GITHUB_SHA}"
 
       - name: Extract tag
         id: vars
@@ -40,22 +37,24 @@ jobs:
           TAG_REF="${GITHUB_REF#refs/tags/}"
           echo "tag=$TAG_REF" >> "$GITHUB_OUTPUT"
 
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
+      - name: Docker login
+        shell: bash
+        run: |
+          set -euo pipefail
+          echo "${{ secrets.GITEA_TOKEN }}" | docker login "${{ env.REGISTRY }}" --username "${{ github.actor }}" --password-stdin
 
-      - name: Log in to registry
-        uses: docker/login-action@v3
-        with:
-          registry: ${{ env.REGISTRY }}
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITEA_TOKEN }}
+      - name: Build image
+        shell: bash
+        run: |
+          set -euo pipefail
+          docker build \
+            -t "${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.vars.outputs.tag }}" \
+            -t "${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest" \
+            .
 
-      - name: Build and push
-        uses: docker/build-push-action@v6
-        with:
-          context: .
-          push: true
-          platforms: linux/amd64
-          tags: |
-            ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.vars.outputs.tag }}
-            ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest
+      - name: Push images
+        shell: bash
+        run: |
+          set -euo pipefail
+          docker push "${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.vars.outputs.tag }}"
+          docker push "${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest"