From 9ec4148071dd4e5d161f68e52c9208fd6cc879f7 Mon Sep 17 00:00:00 2001
From: Michal <michal@itaz.eu>
Date: Mon, 9 Mar 2026 06:23:08 +0000
Subject: [PATCH] ci: mount docker socket in docker job container

The runner container doesn't have access to the Docker socket by
default. Mount /var/run/docker.sock via container.volumes so docker
build and skopeo can access the host's podman API. Removed sudo since
the container user is root.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 .gitea/workflows/ci.yml | 22 +++++++++++++---------
 1 file changed, 13 insertions(+), 9 deletions(-)

diff --git a/.gitea/workflows/ci.yml b/.gitea/workflows/ci.yml
index 79c33eb..3d81ce3 100644
--- a/.gitea/workflows/ci.yml
+++ b/.gitea/workflows/ci.yml
@@ -139,6 +139,10 @@ jobs:
     runs-on: ubuntu-latest
     needs: [build]
     if: github.ref == 'refs/heads/main' && github.event_name == 'push'
+    container:
+      image: docker.gitea.com/runner-images:ubuntu-latest
+      volumes:
+        - /var/run/docker.sock:/var/run/docker.sock
     env:
       REGISTRY: ${{ env.GITEA_REGISTRY }}
       OWNER: ${{ env.GITEA_OWNER }}
@@ -147,36 +151,36 @@ jobs:
       - uses: actions/checkout@v4
 
       - name: Install skopeo
-        run: sudo apt-get update && sudo apt-get install -y skopeo
+        run: apt-get update && apt-get install -y skopeo
 
       - name: Build & push mcpd
         run: |
-          sudo -E docker build -t mcpd:latest -f deploy/Dockerfile.mcpd .
-          sudo -E skopeo copy --dest-tls-verify=false \
+          docker build -t mcpd:latest -f deploy/Dockerfile.mcpd .
+          skopeo copy --dest-tls-verify=false \
             --dest-creds "${{ env.OWNER }}:${{ secrets.PACKAGES_TOKEN }}" \
             docker-daemon:mcpd:latest \
             docker://${{ env.REGISTRY }}/${{ env.OWNER }}/mcpd:latest
 
       - name: Build & push node-runner
         run: |
-          sudo -E docker build -t node-runner:latest -f deploy/Dockerfile.node-runner .
-          sudo -E skopeo copy --dest-tls-verify=false \
+          docker build -t node-runner:latest -f deploy/Dockerfile.node-runner .
+          skopeo copy --dest-tls-verify=false \
             --dest-creds "${{ env.OWNER }}:${{ secrets.PACKAGES_TOKEN }}" \
             docker-daemon:node-runner:latest \
             docker://${{ env.REGISTRY }}/${{ env.OWNER }}/mcpctl-node-runner:latest
 
       - name: Build & push python-runner
         run: |
-          sudo -E docker build -t python-runner:latest -f deploy/Dockerfile.python-runner .
-          sudo -E skopeo copy --dest-tls-verify=false \
+          docker build -t python-runner:latest -f deploy/Dockerfile.python-runner .
+          skopeo copy --dest-tls-verify=false \
             --dest-creds "${{ env.OWNER }}:${{ secrets.PACKAGES_TOKEN }}" \
             docker-daemon:python-runner:latest \
             docker://${{ env.REGISTRY }}/${{ env.OWNER }}/mcpctl-python-runner:latest
 
       - name: Build & push docmost-mcp
         run: |
-          sudo -E docker build -t docmost-mcp:latest -f deploy/Dockerfile.docmost-mcp .
-          sudo -E skopeo copy --dest-tls-verify=false \
+          docker build -t docmost-mcp:latest -f deploy/Dockerfile.docmost-mcp .
+          skopeo copy --dest-tls-verify=false \
             --dest-creds "${{ env.OWNER }}:${{ secrets.PACKAGES_TOKEN }}" \
             docker-daemon:docmost-mcp:latest \
             docker://${{ env.REGISTRY }}/${{ env.OWNER }}/docmost-mcp:latest