From a1af9c3595af42405fd6fd6349096f286cb3e13a Mon Sep 17 00:00:00 2001 From: Shadowbroker <43977454+BigBodyCobain@users.noreply.github.com> Date: Mon, 25 May 2026 02:04:53 -0600 Subject: [PATCH] fix(ci): wrap GitLab dind TLS env in docker context so buildx accepts it (#330) The build-backend and build-frontend jobs were failing immediately after identity verification finally allocated runners: $ docker buildx create --use --name multiarch --driver docker-container ERROR: could not create a builder instance with TLS data loaded from environment. Please use `docker context create ` to create a context for current environment and then create a builder instance with context set to The dind service exports DOCKER_HOST=tcp://docker:2376 + DOCKER_TLS_CERTDIR=/certs, but buildx --driver docker-container doesn't read TLS from those env vars directly. Documented GitLab fix: create an empty `docker context` (which inherits the current TLS env), then bind buildx to that context name as a positional arg. After this lands, the multi-arch buildx jobs should actually build and push amd64 + arm64 images to registry.gitlab.com/bigbodycobain/shadowbroker/backend:latest registry.gitlab.com/bigbodycobain/shadowbroker/frontend:latest Surfaced by the post-verification pipeline at https://gitlab.com/bigbodycobain/Shadowbroker/-/pipelines/2550501798 Co-authored-by: Claude Opus 4.7 --- .gitlab-ci.yml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index ec50f0e..131a214 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -52,7 +52,11 @@ variables: - docker info - docker login -u "$CI_REGISTRY_USER" -p "$CI_JOB_TOKEN" "$CI_REGISTRY" - docker run --privileged --rm tonistiigi/binfmt --install all - - docker buildx create --use --name multiarch --driver docker-container + # buildx --driver docker-container can't read TLS from the env vars + # the GitLab dind service exports. Wrap them in a docker context and + # bind buildx to it. See https://docs.gitlab.com/ee/ci/docker/using_docker_build.html#use-docker-buildx + - docker context create tls-env + - docker buildx create --use --name multiarch --driver docker-container tls-env # ── Backend image ──────────────────────────────────────────────────────── build-backend: