feat: 添加Docker服务支持和等待机制，优化镜像构建流程

.gitea/workflows/docker-kaniko.yml

@@ -0,0 +1,72 @@
+name: Build with Kaniko (No Docker Required)
+
+on:
+  push:
+    branches:
+      - main
+      - master
+    tags:
+      - 'v*'
+  workflow_dispatch:
+
+env:
+  REGISTRY: code.littlelan.cn
+  IMAGE_NAME: carrotskin/backend
+
+jobs:
+  build-and-push:
+    runs-on: ubuntu-latest
+    container:
+      image: gcr.io/kaniko-project/executor:debug
+      options: --entrypoint ""
+    
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Create Kaniko config
+        run: |
+          mkdir -p /kaniko/.docker
+          cat > /kaniko/.docker/config.json << EOF
+          {
+            "auths": {
+              "${{ env.REGISTRY }}": {
+                "auth": "$(echo -n '${{ secrets.REGISTRY_USERNAME }}:${{ secrets.REGISTRY_PASSWORD }}' | base64)"
+              }
+            }
+          }
+          EOF
+
+      - name: Generate destination tags
+        id: tags
+        run: |
+          SHORT_SHA=$(echo "${{ github.sha }}" | cut -c1-7)
+          
+          # 基础标签
+          DEST="--destination=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.ref_name }}"
+          DEST="$DEST --destination=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:sha-$SHORT_SHA"
+          
+          # main/master 分支添加 latest 标签
+          REF="${{ github.ref }}"
+          if [ "$REF" = "refs/heads/main" ] || [ "$REF" = "refs/heads/master" ]; then
+            DEST="$DEST --destination=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest"
+          fi
+          
+          echo "destinations=$DEST" >> $GITHUB_OUTPUT
+
+      - name: Build and push with Kaniko
+        run: |
+          /kaniko/executor \
+            --context "${GITHUB_WORKSPACE}" \
+            --dockerfile "${GITHUB_WORKSPACE}/Dockerfile" \
+            ${{ steps.tags.outputs.destinations }} \
+            --cache=true \
+            --cache-repo=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/cache
+
+      - name: Build summary
+        run: |
+          echo "🚀 镜像构建完成"
+          echo "仓库: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}"
+

.gitea/workflows/docker.yml

@@ -16,6 +16,17 @@ env:
 jobs:
   build-and-push:
     runs-on: ubuntu-latest
+    container:
+      image: catthehacker/ubuntu:act-latest  # 包含 Docker 和常用工具的镜像
+      options: --privileged
+    services:
+      dind:
+        image: docker:dind
+        options: --privileged
+        env:
+          DOCKER_TLS_CERTDIR: ""
+    env:
+      DOCKER_HOST: tcp://dind:2375
     
     steps:
       - name: Checkout code
@@ -23,6 +34,19 @@ jobs:
         with:
           fetch-depth: 0
 
+      - name: Wait for Docker daemon
+        run: |
+          echo "等待 Docker 服务启动..."
+          for i in $(seq 1 30); do
+            if docker info >/dev/null 2>&1; then
+              echo "Docker 已就绪!"
+              docker version
+              break
+            fi
+            echo "等待中... ($i/30)"
+            sleep 2
+          done
+
       - name: Log in to Container Registry
         run: |
           echo "${{ secrets.REGISTRY_PASSWORD }}" | docker login ${{ env.REGISTRY }} -u "${{ secrets.REGISTRY_USERNAME }}" --password-stdin
@@ -30,35 +54,28 @@ jobs:
       - name: Generate tags
         id: tags
         run: |
+          SHORT_SHA=$(echo "${{ github.sha }}" | cut -c1-7)
           TAGS="${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.ref_name }}"
-          TAGS="$TAGS,${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:sha-$(echo ${{ github.sha }} | cut -c1-7)"
+          TAGS="$TAGS,${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:sha-$SHORT_SHA"
           if [[ "${{ github.ref }}" == "refs/heads/main" || "${{ github.ref }}" == "refs/heads/master" ]]; then
             TAGS="$TAGS,${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest"
           fi
           echo "tags=$TAGS" >> $GITHUB_OUTPUT
-          echo "生成的标签: $TAGS"
 
       - name: Build Docker image
-        run: |
-          docker build -t build-image:local -f Dockerfile .
+        run: docker build -t build-image:local -f Dockerfile .
 
       - name: Tag and push Docker image
         run: |
           IFS=',' read -ra TAG_ARRAY <<< "${{ steps.tags.outputs.tags }}"
           for tag in "${TAG_ARRAY[@]}"; do
-            echo "推送标签: $tag"
+            echo "推送: $tag"
             docker tag build-image:local "$tag"
             docker push "$tag"
           done
 
       - name: Build summary
         run: |
-          echo "## 🚀 Docker 镜像构建完成" >> $GITHUB_STEP_SUMMARY
-          echo "" >> $GITHUB_STEP_SUMMARY
-          echo "镜像已推送到: \`${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}\`" >> $GITHUB_STEP_SUMMARY
-          echo "" >> $GITHUB_STEP_SUMMARY
-          echo "推送的标签:" >> $GITHUB_STEP_SUMMARY
-          IFS=',' read -ra TAG_ARRAY <<< "${{ steps.tags.outputs.tags }}"
-          for tag in "${TAG_ARRAY[@]}"; do
-            echo "- \`$tag\`" >> $GITHUB_STEP_SUMMARY
-          done
+          echo "## 🚀 Docker 镜像构建完成"
+          echo "镜像: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}"
+          echo "标签: ${{ steps.tags.outputs.tags }}"