singularity-forge

singularity/singularity-forge

Fork 0

History

Mikael Hugo 46ef231b54 Some checks failed sf self-deploy / build, test, and publish server image (push) Failing after 2m3s Details sf self-deploy / deploy test and probe (push) Has been skipped Details sf self-deploy / promote prod (push) Has been skipped Details ci: switch self-deploy build to Nix buildah+skopeo, fix runs-on label The Forgejo runner is a k8s pod (forgejo-runner ns, on vega) registered with labels [ubuntu-latest, ubuntu-22.04, self-hosted]. The workflow's `runs-on: docker` matched no runner, so jobs never got claimed — that's why HEAD never built and the cluster stayed pinned to `4be963fd`. The runner has Nix on PATH but no docker daemon — that's intentional per the operator's runner manifest header: "Builds use Nix (nix build .#dockerImage + nix run nixpkgs#skopeo for the push) rather than DinD." So the build step uses rootless buildah from nixpkgs against the existing docker/Dockerfile.sf-server (vfs storage + chroot isolation works in-pod), and the push step hands the image to skopeo via containers-storage. SF_REGISTRY_USER / SF_REGISTRY_PASSWORD become --dest-creds for skopeo. Cache-from/cache-to dropped from the buildah invocation for now — first priority is a working build; registry-backed buildkit cache can be re-added later. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-18 01:11:46 +02:00
..
self-deploy.yml	ci: switch self-deploy build to Nix buildah+skopeo, fix runs-on label	2026-05-18 01:11:46 +02:00

Mikael Hugo 46ef231b54

sf self-deploy / build, test, and publish server image (push) Failing after 2m3s

Details

sf self-deploy / deploy test and probe (push) Has been skipped

Details

sf self-deploy / promote prod (push) Has been skipped

Details

ci: switch self-deploy build to Nix buildah+skopeo, fix runs-on label

The Forgejo runner is a k8s pod (forgejo-runner ns, on vega) registered
with labels [ubuntu-latest, ubuntu-22.04, self-hosted]. The workflow's
`runs-on: docker` matched no runner, so jobs never got claimed — that's
why HEAD never built and the cluster stayed pinned to 4be963fd.

The runner has Nix on PATH but no docker daemon — that's intentional
per the operator's runner manifest header: "Builds use Nix
(nix build .#dockerImage + nix run nixpkgs#skopeo for the push) rather
than DinD." So the build step uses rootless buildah from nixpkgs
against the existing docker/Dockerfile.sf-server (vfs storage + chroot
isolation works in-pod), and the push step hands the image to skopeo via
containers-storage. SF_REGISTRY_USER / SF_REGISTRY_PASSWORD become
--dest-creds for skopeo.

Cache-from/cache-to dropped from the buildah invocation for now — first
priority is a working build; registry-backed buildkit cache can be
re-added later.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-05-18 01:11:46 +02:00

self-deploy.yml ci: switch self-deploy build to Nix buildah+skopeo, fix runs-on label 2026-05-18 01:11:46 +02:00