Localize authentik-redis container #309

Merged

eblume merged 3 commits from localize-redis into main

2026-03-24 13:27:37 -07:00

Author	SHA1	Message	Date
Erich Blume	8876422d1f	Fix detect job checkout for workflow_dispatch builds The detect job was checking out main instead of the dispatched ref, so it couldn't find build files that only exist on feature branches. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-24 13:23:45 -07:00
Erich Blume	353a141181	Remove tag = "latest" from nix container definitions The tag field in buildLayeredImage is optional and only affects the local docker-archive output. The CI workflow tags with immutable SHA-based tags via skopeo, so "latest" is misleading noise. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-24 13:19:23 -07:00
Erich Blume	a1a97966cc	Localize authentik-redis: nix-built container from nixpkgs Replace upstream docker.io/library/redis:7-alpine with a nix-built container using Redis 8.2.3 from nixpkgs. Introduces the attached service pattern: parent field in service-versions.yaml, naming convention (<parent>-<component>), and version assertion in default.nix to prevent silent version drift on flake.lock updates. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-24 13:16:22 -07:00

Author

SHA1

Message

Date

Erich Blume

8876422d1f

Fix detect job checkout for workflow_dispatch builds

The detect job was checking out main instead of the dispatched ref,
so it couldn't find build files that only exist on feature branches.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-03-24 13:23:45 -07:00

Erich Blume

353a141181

Remove tag = "latest" from nix container definitions

The tag field in buildLayeredImage is optional and only affects the
local docker-archive output. The CI workflow tags with immutable
SHA-based tags via skopeo, so "latest" is misleading noise.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-03-24 13:19:23 -07:00

Erich Blume

a1a97966cc

Localize authentik-redis: nix-built container from nixpkgs

Replace upstream docker.io/library/redis:7-alpine with a nix-built
container using Redis 8.2.3 from nixpkgs. Introduces the attached
service pattern: parent field in service-versions.yaml, naming
convention (<parent>-<component>), and version assertion in default.nix
to prevent silent version drift on flake.lock updates.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-03-24 13:16:22 -07:00