From 7f4a5a63c1275eb4363ccf71c5fd43639a55dc5c Mon Sep 17 00:00:00 2001
From: "Christoph K." <christoh@kroczek.eu>
Date: Tue, 7 Apr 2026 17:06:38 +0200
Subject: [PATCH] Use docker:latest container for deploy job
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Runs job steps in docker:latest image with host socket mounted —
no need to mount host Docker binary.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 .gitea/workflows/deploy.yml | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/.gitea/workflows/deploy.yml b/.gitea/workflows/deploy.yml
index 2db4196..3a55e88 100644
--- a/.gitea/workflows/deploy.yml
+++ b/.gitea/workflows/deploy.yml
@@ -7,6 +7,9 @@ on:
 jobs:
   deploy:
     runs-on: self-hosted
+    container:
+      image: docker:latest
+      options: -v /var/run/docker.sock:/var/run/docker.sock
 
     steps:
       - name: Pull code
@@ -21,7 +24,7 @@ jobs:
         run: printf 'DB_PASSWORD=%s\n' '${{ secrets.DB_PASSWORD }}' > ${{ secrets.DEPLOY_DIR }}/.env
 
       - name: Build & Deploy
-        run: /usr/local/bin/docker compose -f ${{ secrets.DEPLOY_DIR }}/docker-compose.yml up --build -d
+        run: docker compose -f ${{ secrets.DEPLOY_DIR }}/docker-compose.yml up --build -d
 
       - name: Health check
         run: |