Switch CI jobs to container: image: overrides so jobs run inside official
SDK containers (dotnet/sdk:10.0, node:20-alpine) instead of the bare
runner container. This bypasses blocked CDN downloads for dotnet/node.
Deploy job stays on self-hosted:host where Docker CLI is available.
Update workflow comments to explain the required runner label config:
ubuntu-latest:docker://node:20-alpine (CI jobs)
self-hosted:host (deploy)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Root cause: actions/setup-dotnet@v4 downloads .NET from
download.visualstudio.microsoft.com and actions/setup-node@v4 downloads
Node from nodejs.org — both CDNs are blocked from Iran so jobs hang at 0s.
Fix:
- All .NET jobs: add container: mcr.microsoft.com/dotnet/sdk:10.0
so .NET is already inside the image — no download needed.
Remove actions/setup-dotnet step entirely.
- All Node.js jobs: add container: node:20-alpine
so Node/npm are already inside the image — no download needed.
Remove actions/setup-node step entirely.
- api-build: add postgres + redis service containers + env vars so
dotnet test can actually connect to a database (was silently failing).
- deploy job: change back to runs-on: self-hosted
ubuntu-latest containers don't have Docker CLI — docker compose
commands would fail immediately. Deploy MUST run on the server.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
.gitea/workflows/ci-cd.yml:
- Triggers on push to main and PRs
- CI jobs: dotnet build/test, dashboard tsc, finder tsc (all self-hosted)
- Deploy job: only on push to main, needs all CI jobs to pass
- Writes .env from ENV_FILE secret (set in Gitea repo settings)
- docker compose build --parallel with BuildKit
- Rolling restart (postgres/redis untouched)
- Health-check poll: waits up to 2min for meezi-api healthy
- Auto-prunes old images on success
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
soroush.asadi