diff --git a/.gitea/workflows/ci.yml b/.gitea/workflows/ci.yml index 98fef19..cd83df2 100644 --- a/.gitea/workflows/ci.yml +++ b/.gitea/workflows/ci.yml @@ -13,8 +13,6 @@ env: # ============================================================ # Required Gitea secrets: # PACKAGES_TOKEN — Gitea API token (packages + registry) -# PORTAINER_PASSWORD — Portainer login for stack deploy -# POSTGRES_PASSWORD — Database password for production stack # ============================================================ jobs: @@ -139,64 +137,10 @@ jobs: retention-days: 7 # ── Release pipeline (main branch push only) ────────────── - - docker: - runs-on: ubuntu-latest - needs: [build] - if: github.ref == 'refs/heads/main' && github.event_name == 'push' - env: - REGISTRY: ${{ env.GITEA_REGISTRY }} - OWNER: ${{ env.GITEA_OWNER }} - steps: - - uses: actions/checkout@v4 - - - name: Install kaniko - run: | - curl -sL "https://github.com/GoogleContainerTools/kaniko/releases/download/v1.23.2/executor-v1.23.2-linux-amd64.tar.gz" \ - -o /tmp/kaniko.tar.gz - sudo tar xzf /tmp/kaniko.tar.gz -C /usr/local/bin executor - sudo chmod +x /usr/local/bin/executor - - - name: Build & push mcpd - run: | - executor --dockerfile=deploy/Dockerfile.mcpd \ - --context=dir://. \ - --destination=${{ env.REGISTRY }}/${{ env.OWNER }}/mcpd:latest \ - --insecure --skip-tls-verify - - - name: Build & push node-runner - run: | - executor --dockerfile=deploy/Dockerfile.node-runner \ - --context=dir://. \ - --destination=${{ env.REGISTRY }}/${{ env.OWNER }}/mcpctl-node-runner:latest \ - --insecure --skip-tls-verify - - - name: Build & push python-runner - run: | - executor --dockerfile=deploy/Dockerfile.python-runner \ - --context=dir://. \ - --destination=${{ env.REGISTRY }}/${{ env.OWNER }}/mcpctl-python-runner:latest \ - --insecure --skip-tls-verify - - - name: Build & push docmost-mcp - run: | - executor --dockerfile=deploy/Dockerfile.docmost-mcp \ - --context=dir://. \ - --destination=${{ env.REGISTRY }}/${{ env.OWNER }}/docmost-mcp:latest \ - --insecure --skip-tls-verify - - - name: Link packages to repository - env: - GITEA_TOKEN: ${{ secrets.PACKAGES_TOKEN }} - GITEA_URL: http://${{ env.GITEA_REGISTRY }} - GITEA_OWNER: ${{ env.GITEA_OWNER }} - GITEA_REPO: mcpctl - run: | - source scripts/link-package.sh - link_package "container" "mcpd" - link_package "container" "mcpctl-node-runner" - link_package "container" "mcpctl-python-runner" - link_package "container" "docmost-mcp" + # NOTE: Docker image builds + deploy happen via `bash fulldeploy.sh` + # (not CI) because the runner containers lack the privileged access + # needed for container-in-container builds (no /proc/self/uid_map, + # no Docker socket access, buildah/podman/kaniko all fail). publish-rpm: runs-on: ubuntu-latest @@ -248,27 +192,3 @@ jobs: # Link package to repo source scripts/link-package.sh link_package "rpm" "mcpctl" - - deploy: - runs-on: ubuntu-latest - needs: [docker, publish-rpm] - if: github.ref == 'refs/heads/main' && github.event_name == 'push' - steps: - - uses: actions/checkout@v4 - - - name: Create stack env file - env: - POSTGRES_PASSWORD: ${{ secrets.POSTGRES_PASSWORD }} - run: | - printf '%s\n' \ - "POSTGRES_USER=mcpctl" \ - "POSTGRES_PASSWORD=${POSTGRES_PASSWORD}" \ - "POSTGRES_DB=mcpctl" \ - "MCPD_PORT=3100" \ - "MCPD_LOG_LEVEL=info" \ - > stack/.env - - - name: Deploy to Portainer - env: - PORTAINER_PASSWORD: ${{ secrets.PORTAINER_PASSWORD }} - run: bash deploy.sh