From 512af5cce895074bc63bb05006fd7730a8296a0f Mon Sep 17 00:00:00 2001
From: Elmar Kresse <kresse.elmar@gmail.com>
Date: Thu, 4 Sep 2025 17:10:10 +0200
Subject: [PATCH] refactor: enhance git checkout step and improve registry
 variable handling in Docker workflow

---
 .gitea/workflows/docker-build-push.yml | 45 ++++++++++++++++++++------
 1 file changed, 35 insertions(+), 10 deletions(-)

diff --git a/.gitea/workflows/docker-build-push.yml b/.gitea/workflows/docker-build-push.yml
index 750cfea..45c3cbd 100644
--- a/.gitea/workflows/docker-build-push.yml
+++ b/.gitea/workflows/docker-build-push.yml
@@ -25,26 +25,50 @@ jobs:
         env:
           DOCKER_TLS_CERTDIR: ""
     steps:
+      - name: Checkout (git)
+        env:
+          GITEA_TOKEN: ${{ secrets.GITEA_TOKEN }}
+        run: |
+          set -euo pipefail
+          apk add --no-cache git ca-certificates
+          REF="$GITHUB_REF"
+          REPO_URL="$GITHUB_SERVER_URL/$GITHUB_REPOSITORY"
+          if echo "$REF" | grep -q '^refs/heads/'; then
+            NAME=${REF#refs/heads/}
+            git -c http.extraHeader="Authorization: Bearer $GITEA_TOKEN" clone --depth 1 --branch "$NAME" "$REPO_URL" .
+          elif echo "$REF" | grep -q '^refs/tags/'; then
+            NAME=${REF#refs/tags/}
+            git -c http.extraHeader="Authorization: Bearer $GITEA_TOKEN" clone --depth 1 --branch "$NAME" "$REPO_URL" .
+          else
+            git -c http.extraHeader="Authorization: Bearer $GITEA_TOKEN" clone --depth 1 "$REPO_URL" .
+            git fetch --depth 1 origin "$GITHUB_SHA"
+            git checkout --detach "$GITHUB_SHA"
+          fi
       - name: Define Registry Variables
         id: vars
+        env:
+          IMAGE_NAME_VAR: ${{ vars.IMAGE_NAME }}
+          GITEA_REGISTRY_VAR: ${{ vars.GITEA_REGISTRY }}
         run: |
-          # Derive registry/namespace/image from Gitea context, normalize to lowercase
-          OWNER="${{ gitea.repository_owner }}"
-          REPO="${{ gitea.repository_name }}"
+          set -euo pipefail
+          # Derive registry/namespace/image from environment provided by runner
+          # GITHUB_REPOSITORY is like "owner/repo"
+          OWNER=${GITHUB_REPOSITORY%%/*}
+          REPO=${GITHUB_REPOSITORY#*/}
           OWNER=$(echo "$OWNER" | tr '[:upper:]' '[:lower:]')
           REPO=$(echo "$REPO" | tr '[:upper:]' '[:lower:]')
 
           # Allow overriding image name via repository variable IMAGE_NAME; default to repo name
-          IMAGE_NAME="${{ vars.IMAGE_NAME }}"
+          IMAGE_NAME="$IMAGE_NAME_VAR"
           if [ -z "$IMAGE_NAME" ]; then IMAGE_NAME="$REPO"; fi
           IMAGE_NAME=$(echo "$IMAGE_NAME" | tr '[:upper:]' '[:lower:]')
 
-          # Gitea exposes server URL like https://gitea.example.com
-          # Prefer explicit var GITEA_REGISTRY; else, use the same host as Gitea server
-          if [ -n "${{ vars.GITEA_REGISTRY }}" ]; then
-            REGISTRY="${{ vars.GITEA_REGISTRY }}"
+          # Prefer explicit var GITEA_REGISTRY; else, use the same host as server URL
+          if [ -n "${GITEA_REGISTRY_VAR:-}" ]; then
+            REGISTRY="$GITEA_REGISTRY_VAR"
           else
-            REGISTRY=$(echo "${{ gitea.server_url }}" | sed -E 's#^https?://##; s#/$##')
+            # GITHUB_SERVER_URL like https://gitea.example.com
+            REGISTRY=$(echo "$GITHUB_SERVER_URL" | sed -E 's#^https?://##; s#/$##')
           fi
 
           echo "registry=$REGISTRY" >> "$GITHUB_OUTPUT"
@@ -102,7 +126,8 @@ jobs:
 
       - name: Ensure buildx builder
         run: |
-          docker buildx inspect >/dev/null 2>&1 || docker buildx create --use
+          set -euo pipefail
+          docker buildx inspect dindbuilder >/dev/null 2>&1 || docker buildx create --name dindbuilder --driver docker-container --use
 
       - name: Build and push (linux/amd64)
         env: