Update build.yml

Author: wrjade

.github/workflows/build.yml

@@ -36,15 +36,10 @@ jobs:
       with:
         nix_path: nixpkgs=channel:nixos-unstable
 
-    - name: Install Nix dependencies
-      run: |
-        nix-env -iA nixpkgs.dockerTools
-        nix-env -iA nixpkgs.gnutar
-        nix-env -iA nixpkgs.gzip
-
     - name: Build Docker image with Nix
       run: |
-        nix-build docker.nix --option sandbox false
+        # 使用 nix-shell 提供所需的环境，避免全局安装
+        nix-shell -p dockerTools gnutar gzip --run "nix-build docker.nix --option sandbox false"
 
     - name: Set up Docker Buildx
       uses: docker/setup-buildx-action@v3
@@ -106,7 +101,7 @@ jobs:
         sarif_file: 'trivy-results.sarif'
 
   test:
-    runs-on: fedora-latest
+    runs-on: ubuntu-latest
     needs: build
     if: github.event.inputs.push_images != 'false'
 
@@ -159,7 +154,7 @@ jobs:
         "
 
   cleanup:
-    runs-on: fedora-latest
+    runs-on: ubuntu-latest
     needs: [build, test]
     if: always() && github.event.inputs.push_images != 'false'
 
@@ -175,7 +170,7 @@ jobs:
         keep-versions: 10
 
   generate-summary:
-    runs-on: fedora-latest
+    runs-on: ubuntu-latest
     needs: [build, test]
     if: always()