The buildx plugin was not passing NGINX_CONF build arg correctly,
causing the docker-compose nginx config (with hostname api-gateway)
to be used instead of the K8s one (with localhost).
- Replace pip with uv in Dockerfile.service builder stage (~5-10x faster)
- Replace pip with uv in CI test step
- Separate pyproject.toml copy from source copy in Dockerfile for better
Docker layer caching (deps only reinstalled when pyproject.toml changes)
- Add cache_from for buildx to reuse layers from previous builds
- Remove pip cache workaround from test step (not persisted in K8s)
The woodpeckerci/plugin-docker-buildx was not passing the EXTRAS build
arg correctly (commas in the value were likely being parsed as list
separators), causing the image to only install dev dependencies instead
of all service extras (api, news, sentiment, trading, backtester).
Hardcode the pip install extras directly in the Dockerfile rather than
relying on the build arg.
The publish-images step used an alpine container to run skopeo for
re-tagging, but intermittent DNS failures prevent apk from installing
packages. Instead, have the buildx plugin push with both the pipeline
number tag and latest tag directly, eliminating the extra step.
Woodpecker pre-processes ${VAR} syntax as CI variables, replacing
undefined ones with empty strings. Use $$ escaping for shell variables
to prevent Woodpecker from consuming them. The ${REPO} variable in
the skopeo publish step was being replaced with empty string.
plugins/docker does not get privileged: true in K8s pods despite being
in WOODPECKER_PLUGINS_PRIVILEGED. woodpeckerci/plugin-docker-buildx
correctly receives privileged mode. Previous build failure with buildx
was a transient network timeout reaching registry-1.docker.io.
The woodpeckerci/plugin-docker-buildx plugin started dockerd correctly
(privileged mode works) but failed DockerHub authentication. Switch back
to plugins/docker which is proven working in realestate-crawler pipeline.
- Use woodpeckerci/plugin-docker-buildx instead of plugins/docker to fix
Docker daemon connection failures (privileged mode not applied)
- Add pip dependency caching between builds via /woodpecker/pip-cache
- Fix slack plugin image (plugins/slack, not woodpeckerci/plugin-slack)
- Use proper buildx cache_from syntax (type=registry,ref=...)
