From cff68569cb5dae4d7ea4aaa821c0cbc5b6674d76 Mon Sep 17 00:00:00 2001
From: "Claude (bootstrap)" <claude@anhonesthost.net>
Date: Sun, 31 May 2026 08:35:54 -0700
Subject: [PATCH] ci: lint scripts directly on runner instead of via
 docker-in-docker
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The Gitea runner is itself containerized, so the previous
  docker run -v "$PWD:/src" --entrypoint php cpanel-importer:smoke -l "/src/$f"
shape couldn't bind mount the checkout: the runner's $PWD is not a
path the host docker daemon can reach. CI run 3703 surfaced this as
"Could not open input file: /src/scripts/scan-dbs.php" — the file
existed on the checkout, but the new container saw an empty /src.

Running php / bash directly on the runner side-steps the entire DinD
issue. ubuntu-latest already ships php-cli and bash, the checkout
files live in $PWD where the runner can see them, no docker-socket
gymnastics needed.

Smoke test (echo ok in the built image) and the build-and-push step
keep their docker invocations — those run against the built image
artifact, not the source tree, so DinD bind mount isn't involved.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
---
 .gitea/workflows/build-push.yaml | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/.gitea/workflows/build-push.yaml b/.gitea/workflows/build-push.yaml
index 57ec62d..9674d55 100644
--- a/.gitea/workflows/build-push.yaml
+++ b/.gitea/workflows/build-push.yaml
@@ -73,18 +73,25 @@ jobs:
           fi
           echo "smoke test passed"
 
+      # Lints run directly on the runner instead of via `docker run -v "$PWD:/src"`
+      # against the built image. Gitea runners are themselves containerized,
+      # so $PWD inside the runner is NOT a path the host docker daemon can bind
+      # mount; the previous approach surfaced as "Could not open input file"
+      # for every script. Running php/bash directly on the runner works because
+      # the runner image (ubuntu-latest) ships php-cli + bash, and the files
+      # exist in $PWD because the checkout step already populated them.
       - name: PHP syntax check
         run: |
           set -euo pipefail
           for f in scripts/*.php scripts/lib/*.php; do
-            docker run --rm -v "$PWD:/src" --entrypoint php cpanel-importer:smoke -l "/src/$f"
+            php -l "$f"
           done
 
       - name: Bash syntax check
         run: |
           set -euo pipefail
           for f in scripts/*.sh; do
-            docker run --rm -v "$PWD:/src" --entrypoint bash cpanel-importer:smoke -n "/src/$f"
+            bash -n "$f"
           done
 
       - name: Build and Push Image