From 00c603431e9c71fd14cf09576f1279151e51a9be Mon Sep 17 00:00:00 2001
From: Marcelo Valle <mvallebr@gmail.com>
Date: Fri, 16 Jan 2026 18:10:48 +0000
Subject: [PATCH 1/5] Use buildx

---
 .github/workflows/build.yml | 44 +++++++++++++++++++------------------
 1 file changed, 23 insertions(+), 21 deletions(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 987a47b..df5d12b 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -55,7 +55,18 @@ jobs:
         run: |
           git checkout ${{ github.event.inputs.tag }}
       - name: Log in to Harbor
-        run: echo "${{ secrets.HARBOR_SECRET }}" | docker login https://harbor.local -u admin --password-stdin
+        uses: docker/login-action@v3
+        with:
+          registry: harbor.local
+          username: admin
+          password: ${{ secrets.HARBOR_SECRET }}
+      - name: Set up Buildx (kubernetes)
+        uses: docker/setup-buildx-action@v3
+        with:
+          driver: kubernetes
+          driver-opts: |
+            namespace=buildkit
+            replicas=1
       - name: Get and increment latest tag
         id: semver
         run: |
@@ -77,29 +88,20 @@ jobs:
             echo "New tag: $NEW_TAG"
           fi
           echo "NEW_TAG=$NEW_TAG" >> $GITHUB_ENV
-      - name: Build Docker image
-        run: |
-          docker build -t $IMAGE_NAME:${NEW_TAG} .
-          docker tag $IMAGE_NAME:${NEW_TAG} $IMAGE_NAME:latest
-      - name: Push Docker image (new tag)
-        if: (github.event_name == 'push' || github.event_name == 'workflow_dispatch') && github.ref == 'refs/heads/main'
-        run: docker push $IMAGE_NAME:${NEW_TAG}
-      - name: Push Docker image (latest)
-        if: (github.event_name == 'push' || github.event_name == 'workflow_dispatch') && github.ref == 'refs/heads/main'
-        run: docker push $IMAGE_NAME:latest
-      - name: Install kubectl
-        run: |
-          KUBECTL_VERSION=$(curl -L -s https://dl.k8s.io/release/stable.txt)
-          echo "Installing kubectl version: ${KUBECTL_VERSION}"
-          curl -LO "https://dl.k8s.io/release/${KUBECTL_VERSION}/bin/linux/amd64/kubectl"
-          chmod +x kubectl
-          sudo mv kubectl /usr/local/bin/
-      - name: Run example kubectl command if you don't want to use argoCD
-        run: kubectl get pods -n example-self-hosted-saas-app
+      - name: Build and push image
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          push: ${{ (github.event_name == 'push' || github.event_name == 'workflow_dispatch') && github.ref == 'refs/heads/main' }}
+          tags: |
+            ${{ env.IMAGE_NAME }}:${{ env.NEW_TAG }}
+            ${{ env.IMAGE_NAME }}:latest
+          cache-from: type=registry,ref=${{ env.IMAGE_NAME }}:buildcache
+          cache-to: type=registry,ref=${{ env.IMAGE_NAME }}:buildcache,mode=max
       - name: Create and push new git tag
         if: github.event_name == 'push' && github.ref == 'refs/heads/main'
         run: |
           git config user.name "github-actions[bot]"
           git config user.email "github-actions[bot]@users.noreply.github.com"
           git tag $NEW_TAG
-          git push origin $NEW_TAG
\ No newline at end of file
+          git push origin $NEW_TAG

From 86b83ff652e2fc86ab56602af0d629efdfae730b Mon Sep 17 00:00:00 2001
From: Marcelo Valle <mvallebr@gmail.com>
Date: Fri, 16 Jan 2026 18:28:12 +0000
Subject: [PATCH 2/5] Use buildx

---
 .github/workflows/build.yml | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index df5d12b..b83d947 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -60,13 +60,11 @@ jobs:
           registry: harbor.local
           username: admin
           password: ${{ secrets.HARBOR_SECRET }}
-      - name: Set up Buildx (kubernetes)
+      - name: Set up Buildx (remote)
         uses: docker/setup-buildx-action@v3
         with:
-          driver: kubernetes
-          driver-opts: |
-            namespace=buildkit
-            replicas=1
+          driver: remote
+          endpoint: tcp://buildkitd.buildkit:1234
       - name: Get and increment latest tag
         id: semver
         run: |

From 56ae60c843ab564c9728d226457c068c8dd3aa95 Mon Sep 17 00:00:00 2001
From: Marcelo Valle <mvallebr@gmail.com>
Date: Fri, 16 Jan 2026 19:15:14 +0000
Subject: [PATCH 3/5] Use buildx

---
 .github/workflows/build.yml | 22 ++++++++++++++++------
 1 file changed, 16 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index b83d947..59b8321 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -54,12 +54,22 @@ jobs:
         if: github.event.inputs.tag != ''
         run: |
           git checkout ${{ github.event.inputs.tag }}
-      - name: Log in to Harbor
-        uses: docker/login-action@v3
-        with:
-          registry: harbor.local
-          username: admin
-          password: ${{ secrets.HARBOR_SECRET }}
+      - name: Write Harbor auth config (no TLS login)
+        run: |
+          mkdir -p "$HOME/.docker"
+          auth="$(printf '%s' "admin:${HARBOR_SECRET}" | base64 | tr -d '\n')"
+          cat > "$HOME/.docker/config.json" <<'JSON'
+          {
+            "auths": {
+              "harbor.local": {
+                "auth": "AUTH_PLACEHOLDER"
+              }
+            }
+          }
+          JSON
+          sed -i "s|AUTH_PLACEHOLDER|$auth|" "$HOME/.docker/config.json"
+        env:
+          HARBOR_SECRET: ${{ secrets.HARBOR_SECRET }}
       - name: Set up Buildx (remote)
         uses: docker/setup-buildx-action@v3
         with:

From e077b0286360974959f24f0097b8a8a58a008cf6 Mon Sep 17 00:00:00 2001
From: Marcelo Valle <mvallebr@gmail.com>
Date: Fri, 16 Jan 2026 19:57:54 +0000
Subject: [PATCH 4/5] Use buildx

---
 .github/workflows/build.yml | 16 ----------------
 1 file changed, 16 deletions(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 59b8321..5edf7ad 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -54,22 +54,6 @@ jobs:
         if: github.event.inputs.tag != ''
         run: |
           git checkout ${{ github.event.inputs.tag }}
-      - name: Write Harbor auth config (no TLS login)
-        run: |
-          mkdir -p "$HOME/.docker"
-          auth="$(printf '%s' "admin:${HARBOR_SECRET}" | base64 | tr -d '\n')"
-          cat > "$HOME/.docker/config.json" <<'JSON'
-          {
-            "auths": {
-              "harbor.local": {
-                "auth": "AUTH_PLACEHOLDER"
-              }
-            }
-          }
-          JSON
-          sed -i "s|AUTH_PLACEHOLDER|$auth|" "$HOME/.docker/config.json"
-        env:
-          HARBOR_SECRET: ${{ secrets.HARBOR_SECRET }}
       - name: Set up Buildx (remote)
         uses: docker/setup-buildx-action@v3
         with:

From 92e1206952fd5a7ae0169b4c5ed6c956d483f0f5 Mon Sep 17 00:00:00 2001
From: Marcelo Valle <mvallebr@gmail.com>
Date: Fri, 16 Jan 2026 21:06:39 +0000
Subject: [PATCH 5/5] Use inline cache

---
 .github/workflows/build.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 5edf7ad..3a94638 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -88,8 +88,8 @@ jobs:
           tags: |
             ${{ env.IMAGE_NAME }}:${{ env.NEW_TAG }}
             ${{ env.IMAGE_NAME }}:latest
-          cache-from: type=registry,ref=${{ env.IMAGE_NAME }}:buildcache
-          cache-to: type=registry,ref=${{ env.IMAGE_NAME }}:buildcache,mode=max
+          cache-from: type=registry,ref=${{ env.IMAGE_NAME }}:latest
+          cache-to: type=inline
       - name: Create and push new git tag
         if: github.event_name == 'push' && github.ref == 'refs/heads/main'
         run: |