🤷‍♂️ don't try to login into registry because it hangs the step

.gitea/workflows/main.yml

@@ -9,20 +9,16 @@
 #   - PRODUCTION_HOST: IP address or hostname of production server
 #   - PRODUCTION_USER: SSH username (e.g., 'deployer')
 #   - SSH_PRIVATE_KEY: Private SSH key for authentication
-#   - REGISTRY_USERNAME: Docker registry username (optional, if registry requires auth)
-#   - REGISTRY_PASSWORD: Docker registry password (optional, if registry requires auth)
 #
 # Environment Variables (configured below):
 #   - REGISTRY: Docker registry URL
 #   - IMAGE_NAME: Docker image name
 #
-# Docker Registry Authentication Strategy:
-#   - Registry login is OPTIONAL and conditional
-#   - Login only attempted if REGISTRY_USERNAME and REGISTRY_PASSWORD are configured
-#   - Login failures are logged but do NOT fail the workflow
-#   - Insecure/private registries (e.g., repository.workspace:5000) work without authentication
-#   - If push/pull fails due to auth, the workflow will fail at that point (not at login)
-#   - This approach supports both authenticated and insecure registries without workflow changes
+# Docker Registry Configuration:
+#   - Current registry (repository.workspace:5000) is INSECURE - no authentication required
+#   - Registry login steps are SKIPPED to avoid 7+ minute timeout delays
+#   - Docker push/pull operations work without credentials
+#   - If switching to authenticated registry: uncomment login steps and configure secrets
 
 name: Build and Deploy Next.js Blog to Production
 
@@ -92,21 +88,32 @@ jobs:
       - name: 🔎 Checkout code
         uses: actions/checkout@v4
 
-      # Optional: Only needed if registry requires authentication
-      # For insecure/private registries (e.g., repository.workspace:5000), login is not required
-      # Credentials are checked before attempting login to avoid unnecessary failures
-      - name: 🔐 Log in to Docker Registry (if credentials provided)
+      # Insecure registry configuration - no authentication required
+      # The registry at repository.workspace:5000 does not require login
+      # Docker push/pull operations work without credentials
+      - name: ℹ️ Registry configuration (insecure - no login required)
         run: |
-          if [ -n "${{ secrets.REGISTRY_USERNAME }}" ] && [ -n "${{ secrets.REGISTRY_PASSWORD }}" ]; then
-            echo "Logging into ${{ env.REGISTRY }} with credentials..."
-            if echo "${{ secrets.REGISTRY_PASSWORD }}" | docker login ${{ env.REGISTRY }} -u "${{ secrets.REGISTRY_USERNAME }}" --password-stdin 2>/dev/null; then
-              echo "✅ Login successful"
-            else
-              echo "⚠️ Login failed, continuing anyway (registry might not require auth)"
-            fi
-          else
-            echo "⚠️ No registry credentials provided - using insecure/public registry (no login required)"
-          fi
+          echo "=== Docker Registry Configuration ==="
+          echo "Registry: ${{ env.REGISTRY }}"
+          echo "Type: Insecure (no authentication required)"
+          echo ""
+          echo "ℹ️ Skipping registry login - insecure registry allows push/pull without credentials"
+          echo ""
+          echo "If your registry requires authentication in the future:"
+          echo "  1. Set REGISTRY_USERNAME and REGISTRY_PASSWORD secrets in Gitea"
+          echo "  2. Uncomment the login step below this message"
+          echo "  3. Change registry URL to authenticated registry"
+
+      # Uncomment this step if registry requires authentication in the future
+      # - name: 🔐 Log in to Docker Registry
+      #   timeout-minutes: 1
+      #   run: |
+      #     if [ -n "${{ secrets.REGISTRY_USERNAME }}" ] && [ -n "${{ secrets.REGISTRY_PASSWORD }}" ]; then
+      #       echo "Attempting login to ${{ env.REGISTRY }}..."
+      #       timeout 30s bash -c 'echo "${{ secrets.REGISTRY_PASSWORD }}" | docker login ${{ env.REGISTRY }} -u "${{ secrets.REGISTRY_USERNAME }}" --password-stdin' || {
+      #         echo "⚠️ Login failed - continuing anyway"
+      #       }
+      #     fi
 
       - name: 🏗️ Build Docker image
         timeout-minutes: 30
@@ -160,34 +167,29 @@ jobs:
       - name: 🔎 Checkout code (for docker-compose file)
         uses: actions/checkout@v4
 
-      # Optional: Validate registry access if authentication is configured
-      # For insecure registries, this step only logs status without failing workflow
-      # Actual registry access is tested during image pull in deployment step
-      - name: 🔐 Validate Registry Access on Production Server
+      # Verify Docker is accessible on production server
+      # Registry authentication is not required for insecure registry
+      - name: ℹ️ Verify production server Docker access
         uses: appleboy/ssh-action@v1.0.3
-        env:
-          REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }}
-          REGISTRY_USERNAME: ${{ secrets.REGISTRY_USERNAME }}
-          REGISTRY_URL: ${{ env.REGISTRY }}
         with:
           host: ${{ vars.PRODUCTION_HOST }}
           username: ${{ vars.PRODUCTION_USER }}
           key: ${{ secrets.SSH_PRIVATE_KEY }}
           port: 22
-          envs: REGISTRY_PASSWORD,REGISTRY_USERNAME,REGISTRY_URL
           script: |
-            echo "=== Validating Docker Registry access ==="
-            if [ -n "$REGISTRY_USERNAME" ] && [ -n "$REGISTRY_PASSWORD" ]; then
-              echo "Logging into $REGISTRY_URL with credentials..."
-              if echo "$REGISTRY_PASSWORD" | docker login "$REGISTRY_URL" -u "$REGISTRY_USERNAME" --password-stdin 2>/dev/null; then
-                echo "✅ Registry authentication successful"
-              else
-                echo "⚠️ Login failed - registry might not require authentication"
-              fi
-            else
-              echo "⚠️ No registry credentials configured - using insecure/public registry"
-              echo "ℹ️ Registry connectivity will be validated during image pull"
-            fi
+            echo "=== Verifying Docker is accessible ==="
+            docker info > /dev/null 2>&1 || {
+              echo "❌ Docker is not running or user has no access"
+              echo "Please ensure Docker is installed and user is in docker group"
+              exit 1
+            }
+            echo "✅ Docker is accessible"
+
+            echo ""
+            echo "=== Registry Configuration ==="
+            echo "Registry: ${{ env.REGISTRY }}"
+            echo "Type: Insecure (no authentication)"
+            echo "ℹ️ Skipping registry login - push/pull will work without credentials"
 
       - name: 📁 Ensure application directory structure
         uses: appleboy/ssh-action@v1.0.3
@@ -254,18 +256,12 @@ jobs:
             echo "=== Starting deployment to production server ==="
             cd /opt/mypage
 
-            # Log in to Docker registry (skip if credentials not configured)
-            # For insecure/private registries (repository.workspace:5000), login is optional
-            if [ -n "$REGISTRY_USERNAME" ] && [ -n "$REGISTRY_PASSWORD" ]; then
-              echo "=== Logging in to Docker registry ==="
-              if echo "$REGISTRY_PASSWORD" | docker login "$REGISTRY_URL" -u "$REGISTRY_USERNAME" --password-stdin 2>/dev/null; then
-                echo "✅ Registry login successful"
-              else
-                echo "⚠️ Login failed - continuing anyway (registry might not require auth)"
-              fi
-            else
-              echo "⚠️ No registry credentials - using insecure/public registry (no login required)"
-            fi
+            # Registry configuration - insecure registry does not require authentication
+            echo "=== Registry Configuration ==="
+            echo "Registry: $REGISTRY_URL"
+            echo "Type: Insecure (no authentication required)"
+            echo "ℹ️ Skipping registry login"
+            echo ""
 
             # Pull latest image from registry
             echo "=== Pulling latest Docker image ==="