Erich Blume
8ca8798121
All checks were successful
Test CI / test (push) Successful in 4s
## Summary - Replace Docker with Buildah for container image builds - No Docker socket required - buildah is daemonless - Cleaner security model (no privileged containers or socket mounting) - Remove Docker-related security context from deployment ## Changes - Update Dockerfile to install buildah/podman instead of docker-cli - Configure buildah storage with overlay driver and fuse-overlayfs - Update composite action to use `buildah bud` and `buildah push` - Add `imagePullPolicy: Always` to ensure fresh image pulls - Update test workflow to verify buildah/podman ## Testing - [ ] Runner pod starts successfully - [ ] Buildah is available in runner - [ ] Test workflow verifies buildah/podman versions - [ ] Container build workflow builds and pushes to zot 🤖 Generated with [Claude Code](https://claude.com/claude-code) Reviewed-on: https://forge.tail8d86e.ts.net/eblume/blumeops/pulls/51
53 lines
1.5 KiB
Bash
Executable file
53 lines
1.5 KiB
Bash
Executable file
#!/usr/bin/env bash
|
|
#MISE description="List available containers and their recent tags"
|
|
|
|
set -euo pipefail
|
|
|
|
REGISTRY="registry.tail8d86e.ts.net"
|
|
WORKFLOW_DIR=".forgejo/workflows"
|
|
|
|
echo "Container Images"
|
|
echo "================"
|
|
echo ""
|
|
|
|
# Find all build-*.yaml workflows
|
|
for workflow in "$WORKFLOW_DIR"/build-*.yaml; do
|
|
[[ -f "$workflow" ]] || continue
|
|
|
|
# Extract container name from filename: build-runner.yaml -> runner
|
|
filename=$(basename "$workflow")
|
|
container="${filename#build-}"
|
|
container="${container%.yaml}"
|
|
|
|
# Skip if not a container build workflow (check for image_name)
|
|
if ! grep -q "image_name:" "$workflow" 2>/dev/null; then
|
|
continue
|
|
fi
|
|
|
|
# Extract image name from workflow
|
|
image=$(grep -E "^\s+image_name:" "$workflow" | head -1 | awk '{print $2}')
|
|
|
|
echo "📦 $container"
|
|
echo " Image: $REGISTRY/$image"
|
|
echo " Workflow: $workflow"
|
|
|
|
# Query zot for recent tags
|
|
tags=$(curl -sf "https://$REGISTRY/v2/$image/tags/list" 2>/dev/null | jq -r '.tags // [] | .[]' | grep -E '^v[0-9]' | sort -V | tail -4 || true)
|
|
|
|
if [[ -n "$tags" ]]; then
|
|
echo " Recent tags:"
|
|
echo "$tags" | while read -r tag; do
|
|
echo " - $tag"
|
|
done
|
|
else
|
|
echo " Recent tags: (none)"
|
|
fi
|
|
echo ""
|
|
done
|
|
|
|
echo "---"
|
|
echo "To release a new version:"
|
|
echo " mise run container-release <container> <version>"
|
|
echo ""
|
|
echo "Example:"
|
|
echo " mise run container-release runner v1.0.0"
|