From 9da46324ff3307c52d8df7161d7aa1afc92d24d9 Mon Sep 17 00:00:00 2001
From: Karsten Hassel <hassel@gmx.de>
Date: Thu, 26 Jun 2025 21:31:08 +0200
Subject: [PATCH] use buildkit for container build

---
 .dockerignore                          |  5 ++++
 .github/workflows/container-build.yaml | 37 +++++++++++++-------------
 container/Dockerfile                   | 16 ++++++-----
 3 files changed, 33 insertions(+), 25 deletions(-)
 create mode 100644 .dockerignore

diff --git a/.dockerignore b/.dockerignore
new file mode 100644
index 00000000..20cebf08
--- /dev/null
+++ b/.dockerignore
@@ -0,0 +1,5 @@
+/.husky/*
+/.github/*
+/docs/data/*
+/docs/images/*
+/guides/*
diff --git a/.github/workflows/container-build.yaml b/.github/workflows/container-build.yaml
index e91bc0cb..24ea14da 100644
--- a/.github/workflows/container-build.yaml
+++ b/.github/workflows/container-build.yaml
@@ -12,25 +12,26 @@ permissions:
 jobs:
   build:
     runs-on: ubuntu-latest
+    timeout-minutes: 60
+    container:
+      image: moby/buildkit:latest
+      options: --privileged
     steps:
       # checkout code:
       - uses: actions/checkout@v4
-      # create json file with credentials for github container registry:
-      - uses: docker/login-action@v3
-        with:
-          registry: ghcr.io
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-      # ugly workaround for converting content of $GITHUB_REPOSITORY (= `MagicMirrorOrg/MagicMirror-3rd-Party-Modules`)
-      # to lowercase which is needed for using as image name
-      - name: downcase GITHUB_REPOSITORY
+        name: checkout code
+      # build image:
+      - name: build container
         run: |
-          echo "REPO=${GITHUB_REPOSITORY@L}" >> "${GITHUB_ENV}"
-      # build container image with kaniko:
-      - uses: int128/kaniko-action@v1
-        with:
-          file: container/Dockerfile
-          push: true
-          tags: ghcr.io/${{ env.REPO }}:${{ github.ref_name }}
-          labels: GITREF=${{ github.sha }}
-          build-args: GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }}
+          # registry credentials
+          export DOCKER_CONFIG="$(pwd)/container"
+          echo "{\"auths\":{\"ghcr.io\":{\"auth\":\"$(echo -n ${{ github.actor }}:${{ secrets.GITHUB_TOKEN }} | base64)\"}}}" > $DOCKER_CONFIG/config.json
+          # ugly workaround for converting content of $GITHUB_REPOSITORY (= `MagicMirrorOrg/MagicMirror-3rd-Party-Modules`)
+          REPO="$(echo $GITHUB_REPOSITORY | tr '[:upper:]' '[:lower:]')"
+          # build
+          buildctl-daemonless.sh build \
+            --progress plain \
+            --frontend=dockerfile.v0 \
+            --local context=. \
+            --local dockerfile=container \
+            --output type=image,"\"name=ghcr.io/${REPO}:${{ github.ref_name }}\",push=true"
diff --git a/container/Dockerfile b/container/Dockerfile
index 5ce641ee..8c28e050 100644
--- a/container/Dockerfile
+++ b/container/Dockerfile
@@ -1,16 +1,18 @@
-FROM nikolaik/python-nodejs:latest as builder
+FROM nikolaik/python-nodejs:latest AS builder
 
 WORKDIR /workspace
 
 COPY . .
 
 ARG GITHUB_TOKEN
-RUN set -e; \
-    git config --global --add safe.directory /workspace; \
-    git log -1; \
-    export GITHUB_TOKEN="${GITHUB_TOKEN}"; \
-    npm clean-install; \
-    node --run all;
+RUN <<EOF
+set -e
+git config --global --add safe.directory /workspace
+git log -1
+export GITHUB_TOKEN="${GITHUB_TOKEN}"
+npm clean-install
+node --run all
+EOF
 
 FROM nginxinc/nginx-unprivileged:alpine-slim
 LABEL maintainer="MagicMirrorOrg"