From e03afe0651562040fcf799468ad9b8f20e0dfd7d Mon Sep 17 00:00:00 2001 From: Andrew Noyes Date: Fri, 12 Jun 2026 11:30:28 -0400 Subject: [PATCH] Run docker with sudo in build-image The default job image runs as a non-root user that lacks access to the mounted docker socket. --- .gitea/workflows/ci.yml | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/.gitea/workflows/ci.yml b/.gitea/workflows/ci.yml index 49db030..f7846f6 100644 --- a/.gitea/workflows/ci.yml +++ b/.gitea/workflows/ci.yml @@ -19,25 +19,25 @@ jobs: - name: Log in to registry run: | echo "${{ secrets.REGISTRY_TOKEN }}" \ - | docker login -u "${{ secrets.REGISTRY_USER }}" --password-stdin git.weaselab.dev + | sudo docker login -u "${{ secrets.REGISTRY_USER }}" --password-stdin git.weaselab.dev - name: Build and push image if changed run: | image=git.weaselab.dev/weaselab/conflict-set-ci tag="$(sha256sum Dockerfile .pre-commit-config.yaml | sha256sum | cut -c 1-16)-${{ matrix.arch }}" latest=latest-${{ matrix.arch }} - if docker manifest inspect "$image:$tag" > /dev/null 2>&1; then - if [ "$(docker manifest inspect "$image:$tag")" = "$(docker manifest inspect "$image:$latest" 2> /dev/null)" ]; then + if sudo docker manifest inspect "$image:$tag" > /dev/null 2>&1; then + if [ "$(sudo docker manifest inspect "$image:$tag")" = "$(sudo docker manifest inspect "$image:$latest" 2> /dev/null)" ]; then echo "$image:$latest is up to date" else - docker pull "$image:$tag" - docker tag "$image:$tag" "$image:$latest" - docker push "$image:$latest" + sudo docker pull "$image:$tag" + sudo docker tag "$image:$tag" "$image:$latest" + sudo docker push "$image:$latest" fi else - docker build -t "$image:$tag" -t "$image:$latest" . - docker push "$image:$tag" - docker push "$image:$latest" + sudo docker build -t "$image:$tag" -t "$image:$latest" . + sudo docker push "$image:$tag" + sudo docker push "$image:$latest" fi pre-commit: