C2(upgrade-grafana): impl fix grafana tarball extract path

The Grafana OSS tarball extracts to grafana-<version> (no v prefix), not grafana-v<version>. Fix the mv command to match. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
C2(upgrade-grafana): close kustomize-grafana-deployment
2026-02-23 17:48:42 -08:00 · 2026-02-23 17:48:32 -08:00 · 2026-02-23 17:48:32 -08:00 · 2026-02-23 17:48:32 -08:00 · 2026-02-23 17:48:32 -08:00 · 2026-02-23 17:48:32 -08:00
8 changed files with 21 additions and 7 deletions
--- a/argocd/manifests/forgejo-runner/deployment.yaml
+++ b/argocd/manifests/forgejo-runner/deployment.yaml
@ -29,7 +29,7 @@ spec:
            - name: RUNNER_NAME
              value: "k8s-runner"
            - name: RUNNER_LABELS
-              value: "k8s:docker://registry.ops.eblu.me/blumeops/forgejo-runner:v0.19.11-96a2d42"
+              value: "k8s:docker://registry.ops.eblu.me/blumeops/runner-job-image:v0.19.11-4c5e0f0"
          command:
            - /bin/sh
            - -c
--- a/argocd/manifests/grafana/deployment.yaml
+++ b/argocd/manifests/grafana/deployment.yaml
@ -88,7 +88,7 @@ spec:
              mountPath: /tmp/dashboards
        # Grafana
        - name: grafana
-          image: registry.ops.eblu.me/blumeops/grafana:v12.3.3-13390f6
+          image: registry.ops.eblu.me/blumeops/grafana:v12.3.3-b1ea762
          imagePullPolicy: IfNotPresent
          env:
            - name: POD_IP
--- a/containers/grafana/Dockerfile
+++ b/containers/grafana/Dockerfile
@ -33,7 +33,7 @@ RUN set -e && \
    url="https://dl.grafana.com/oss/release/grafana-${GRAFANA_VERSION}.linux-${ARCH}.tar.gz" && \
    echo "URL: $url" && \
    curl -fSL "$url" | tar -xz -C /tmp && \
-    mv /tmp/grafana-v${GRAFANA_VERSION} /usr/share/grafana && \
+    mv /tmp/grafana-${GRAFANA_VERSION} /usr/share/grafana && \
    apk del curl

 # Standard Grafana paths
--- a/containers/runner-job-image/Dockerfile
+++ b/containers/runner-job-image/Dockerfile
@ -7,7 +7,7 @@
 # so this image only needs: git, Docker CLI, Dagger CLI, ArgoCD CLI, uv, yq, and basic tools.
 #
 # Usage: Configure runner with label like:
-#   docker:docker://registry.ops.eblu.me/blumeops/forgejo-runner:latest
+#   docker:docker://registry.ops.eblu.me/blumeops/runner-job-image:latest

 ARG CONTAINER_APP_VERSION=0.19.11

--- a/docs/changelog.d/+rename-runner-job-image.infra.md
+++ b/docs/changelog.d/+rename-runner-job-image.infra.md
@ -0,0 +1 @@
+Rename `containers/forgejo-runner` to `containers/runner-job-image` to distinguish the CI job execution image from the Forgejo runner daemon, fixing a version-check false positive.
--- a/docs/how-to/configuration/update-documentation.md
+++ b/docs/how-to/configuration/update-documentation.md
@ -67,7 +67,7 @@ Fragments are automatically collected into `CHANGELOG.md` (at repo root) during
 The workflow runs on the `k8s` label, which uses the [[forgejo]]-runner in Kubernetes:

 - **Runner deployment**: `argocd/manifests/forgejo-runner/`
- **Job image**: `registry.ops.eblu.me/blumeops/forgejo-runner:latest`
+- **Job image**: `registry.ops.eblu.me/blumeops/runner-job-image` (commit-SHA tagged)
 - **Build engine**: [[dagger]] CLI installed at runtime; Node.js and Python run inside Dagger containers

 The job image is built from `containers/forgejo-runner/Dockerfile`.
--- a/docs/how-to/grafana/build-grafana-container.md
+++ b/docs/how-to/grafana/build-grafana-container.md
@ -22,6 +22,10 @@ Grafana currently uses the upstream `docker.io/grafana/grafana:11.4.0` image via
 3. Tag and push to `forge.ops.eblu.me/eblume/grafana:<version>`
 4. Add to `mise run container-list` inventory

+## Lessons
+
+- **Tarball directory name:** The Grafana OSS tarball extracts to `grafana-<version>` (e.g. `grafana-12.3.3`), *not* `grafana-v<version>`. The `mv` command in the Dockerfile must match this.
+
 ## Reference

 - Follow [[build-container-image]] for the standard container build workflow
--- a/service-versions.yaml
+++ b/service-versions.yaml
@ -190,8 +190,17 @@ services:
    current-version: "12.7.0"
    upstream-source: https://code.forgejo.org/forgejo/runner/releases
    notes: >-
-      Runner daemon version. Job execution container (containers/forgejo-runner)
-      tracks Dagger at v0.19.11.
+      Runner daemon version (code.forgejo.org/forgejo/runner). Job execution
+      image is tracked separately as runner-job-image.
+
+  - name: runner-job-image
+    type: argocd
+    last-reviewed: 2026-02-23
+    current-version: "0.19.11"
+    upstream-source: https://github.com/dagger/dagger/releases
+    notes: >-
+      Forgejo Actions job execution image. CONTAINER_APP_VERSION tracks the
+      Dagger CLI version, the primary build tool in the image.

  - name: nix-container-builder
    type: nixos
Author	SHA1	Message	Date
Erich Blume	286a6e70a8	C2(upgrade-grafana): impl fix grafana tarball extract path The Grafana OSS tarball extracts to grafana-<version> (no v prefix), not grafana-v<version>. Fix the mv command to match. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-23 17:48:42 -08:00
Erich Blume	6566cad5b2	C2(upgrade-grafana): close kustomize-grafana-deployment Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-23 17:48:32 -08:00
Erich Blume	892d5bc4af	C2(upgrade-grafana): impl kustomize-grafana-deployment Replace Helm chart with plain kustomize manifests: - deployment.yaml: Grafana 12.3.3 (home-built) + k8s-sidecar + init container - configmap.yaml: grafana.ini (Authentik OIDC, datasources, paths) - service.yaml, pvc.yaml, serviceaccount.yaml, rbac.yaml - ArgoCD app converted from Helm multi-source to single kustomize source - Removed Helm values.yaml Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-23 17:48:32 -08:00
Erich Blume	cafa44a817	C2(upgrade-grafana): close build-grafana-container Home-built Grafana 12.3.3 container is ready. Dockerfile builds from Alpine 3.22 + official OSS tarball, verified via dagger and container-version-check. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-23 17:48:32 -08:00
Erich Blume	d8f7ec4a19	C2(upgrade-grafana): impl build-grafana-container Add home-built Grafana 12.3.3 container image based on Alpine 3.22 with pre-built OSS tarball from dl.grafana.com. Uses UID 472 for PVC compatibility with the official image, standard Grafana paths, and multi-arch support via TARGETPLATFORM detection. Update service-versions.yaml to track 12.3.3. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-23 17:48:32 -08:00
Erich Blume	b2c3dc527f	C2(upgrade-grafana): plan document grafana tarball path lesson Discovered during build: the Grafana OSS tarball extracts to grafana-<version>, not grafana-v<version>. The Dockerfile mv command must match this naming. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-23 17:48:32 -08:00
Erich Blume	629a5d4f30	C2(upgrade-grafana): plan add branch field to goal card Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-23 17:48:32 -08:00
Erich Blume	9b419abf24	Update RUNNER_LABELS to use runner-job-image:v0.19.11-4c5e0f0 Now that the image is built under the new name, point the forgejo runner at it. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-23 17:47:14 -08:00
Erich Blume	4c5e0f0d16	Rename containers/forgejo-runner to runner-job-image All checks were successful Build Container (Nix) / detect (push) Successful in 2s Details Build Container / detect (push) Successful in 2s Details Build Container (Nix) / build (runner-job-image) (push) Successful in 2s Details Build Container / build (runner-job-image) (push) Successful in 1m42s Details The forgejo-runner container is the CI job execution environment (Dagger, ArgoCD CLI, etc.), not the runner daemon itself. Rename to runner-job-image to fix the version-check false positive (Dagger 0.19.11 vs daemon 12.7.0) and clarify the distinction. RUNNER_LABELS still references the old image name — will update after building the image under the new name. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-23 17:44:51 -08:00
				`@ -0,0 +1 @@`
				Rename `containers/forgejo-runner` to `containers/runner-job-image` to distinguish the CI job execution image from the Forgejo runner daemon, fixing a version-check false positive.