From 64e7db451542f0b76f4cf5f55800517f18299653 Mon Sep 17 00:00:00 2001
From: Michal <michal@itaz.eu>
Date: Mon, 9 Mar 2026 03:46:11 +0000
Subject: [PATCH] ci: configure podman registries.conf for HTTP registry
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The host uses podman (not Docker) — the socket mounted in job containers
is /run/podman/podman.sock. Podman reads /etc/containers/registries.conf
for insecure registry config, which takes effect immediately without any
daemon restart.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 .gitea/workflows/ci.yml | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/.gitea/workflows/ci.yml b/.gitea/workflows/ci.yml
index dfb8f0e..47f6b12 100644
--- a/.gitea/workflows/ci.yml
+++ b/.gitea/workflows/ci.yml
@@ -142,14 +142,19 @@ jobs:
     runs-on: ubuntu-latest
     needs: [build]
     if: github.ref == 'refs/heads/main' && github.event_name == 'push'
-    container:
-      options: --privileged -v /var/run/docker.sock:/var/run/docker.sock
     env:
       REGISTRY: ${{ env.GITEA_REGISTRY }}
       OWNER: ${{ env.GITEA_OWNER }}
     steps:
       - uses: actions/checkout@v4
 
+      - name: Configure insecure registry
+        run: |
+          # Host uses podman — configure registries.conf for HTTP access
+          sudo mkdir -p /etc/containers
+          printf '[[registry]]\nlocation = "%s"\ninsecure = true\n' "${{ env.REGISTRY }}" \
+            | sudo tee /etc/containers/registries.conf
+
       - name: Login to Gitea container registry
         run: |
           echo "${{ secrets.PACKAGES_TOKEN }}" | docker login \