diff --git a/.gitea/actions/buildkit-build-push/action.yaml b/.gitea/actions/buildkit-build-push/action.yaml
index 475ce5e..f6355c4 100644
--- a/.gitea/actions/buildkit-build-push/action.yaml
+++ b/.gitea/actions/buildkit-build-push/action.yaml
@@ -28,30 +28,38 @@ inputs:
 runs:
   using: "composite"
   steps:
-    - name: Authenticate to Gitea registry
+    - name: run buildctl built and push
       shell: bash
       run: |
-        # Create a temporary file inside GITHUB_TEMP
-        DOCKER_CONFIG_FILE="${GITHUB_TEMP}/docker_config.json"
 
-        # Ensure cleanup ALWAYS happens
-        trap 'rm -f "$DOCKER_CONFIG_FILE"' EXIT
+        # create docker config temp folder
+        DOCKER_CONFIG_DIR="${RUNNER_TEMP}/.buildctl_docker"
+        mkdir -p "$DOCKER_CONFIG_DIR"
 
-        # Generate auth entry
+        # clean up
+        trap 'rm -rf "$DOCKER_CONFIG_DIR"' EXIT
+
+
+        # setup file docker config (auth) temp file
         AUTH=$(printf "%s" "${{ inputs.registry_username }}:${{ inputs.registry_password }}" | base64 -w 0)
+        cat > "$DOCKER_CONFIG_DIR/config.json" <<EOF
+        {
+          "auths": {
+            "${{ inputs.registry_addr }}": {
+              "auth": "$AUTH"
+            }
+          }
+        }
+        EOF
 
-        printf '{"auths":{"%s":{"auth":"%s"}}}' \
-          "${{ inputs.registry_addr }}" \
-          "$AUTH" \
-          > "$DOCKER_CONFIG_FILE"
-
-        # Run BuildKit build
-        buildctl \
+        # Run BuildKit build, set DOCKER_CONFIG to DOCKER_CONFIG_DIR so auth works on push 
+        DOCKER_CONFIG=$DOCKER_CONFIG_DIR buildctl \
           --addr ${{ inputs.buildkit_addr }} \
           build \
           --frontend=dockerfile.v0 \
           --local context=${{ inputs.context }} \
           --local dockerfile=${{ inputs.dockerfile }} \
           --opt filename=Dockerfile \
-          --output type=image,name=${{ inputs.tags }},push=true,registry.config=$DOCKER_CONFIG_FILE
+          --output type=image,name=${{ inputs.tags }},push=true
+