feat: switch to Kaniko for faster container builds

- Replace Docker CLI with Kaniko executor for Kubernetes compatibility
- Combine build and push into single Kaniko step
- Remove Docker daemon dependency for better performance in containerized runners
- Reduce setup time with lighter dependencies (~14MB vs ~50MB+)

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

.gitea/workflows/build.yaml

@@ -11,12 +11,15 @@ on:
 jobs:
   build-and-push:
     runs-on: ubuntu-latest
-    container:
-      image: docker:24-dind
-      options: --privileged
     steps:
       - name: Install dependencies
-        run: apk add --no-cache git bash
+        run: |
+          apk add --no-cache bash wget
+
+      - name: Install Kaniko
+        run: |
+          wget -O /usr/local/bin/executor https://github.com/GoogleContainerTools/kaniko/releases/download/v1.23.2/executor-linux-amd64
+          chmod +x /usr/local/bin/executor
 
       - name: Checkout code
         uses: actions/checkout@v4
@@ -58,27 +61,33 @@ jobs:
 
           echo "IMAGE_LATEST=${IMAGE_BASE}:latest" >> $GITHUB_OUTPUT
 
-      - name: Log in to Gitea Container Registry
+      - name: Setup Kaniko config
         run: |
-          echo "${{ secrets.PERSONAL_TOKEN }}" | docker login gitea.leeworks.dev -u "${{ gitea.actor }}" --password-stdin
+          mkdir -p /kaniko/.docker
+          cat > /kaniko/.docker/config.json <<EOF
+          {
+            "auths": {
+              "gitea.leeworks.dev": {
+                "auth": "$(echo -n "${{ gitea.actor }}:${{ secrets.PERSONAL_TOKEN }}" | base64)"
+              }
+            }
+          }
+          EOF
 
-      - name: Build Docker image
+      - name: Build and push with Kaniko
         run: |
-          echo "Building Docker image..."
+          echo "Building and pushing image with Kaniko..."
           if [[ "${{ steps.tags.outputs.PUSH_LATEST }}" == "true" ]]; then
-            docker build -t ${{ steps.tags.outputs.IMAGE_TAG }} -t ${{ steps.tags.outputs.IMAGE_LATEST }} .
+            /usr/local/bin/executor \
+              --context=/workspace/${{ gitea.repository }} \
+              --dockerfile=Dockerfile \
+              --destination=${{ steps.tags.outputs.IMAGE_TAG }} \
+              --destination=${{ steps.tags.outputs.IMAGE_LATEST }}
           else
-            docker build -t ${{ steps.tags.outputs.IMAGE_TAG }} .
+            /usr/local/bin/executor \
-          fi
+              --context=/workspace/${{ gitea.repository }} \
-
+              --dockerfile=Dockerfile \
-      - name: Push Docker image
+              --destination=${{ steps.tags.outputs.IMAGE_TAG }}
-        run: |
-          echo "Pushing Docker image to registry..."
-          docker push ${{ steps.tags.outputs.IMAGE_TAG }}
-
-          if [[ "${{ steps.tags.outputs.PUSH_LATEST }}" == "true" ]]; then
-            echo "Pushing latest tag..."
-            docker push ${{ steps.tags.outputs.IMAGE_LATEST }}
           fi
 
           echo "Build and push completed successfully!"