No description
- Go Template 62.7%
- Dockerfile 37.3%
Kristoffer Opsahl
aef96ece97
The doc comment listed the per-host vars in envsubst's brace form, so render-time substitution copied the single-use registration token into a comment line of every rendered user-data, and a placeholder render produced two placeholders where replacing the wrong one silently breaks runner registration. The names are now unbraced in the comment so envsubst leaves them; the real substitution points are unchanged. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> |
||
|---|---|---|
| .forgejo/workflows | ||
| debian-trixie-base | ||
| debian-trixie-elixir | ||
| debian-trixie-go | ||
| debian-trixie-java | ||
| debian-trixie-node | ||
| debian-trixie-php | ||
| debian-trixie-python | ||
| debian-trixie-rust | ||
| debian-trixie-sukker | ||
| docs/superpowers | ||
| runner | ||
| README.md | ||
CI Images
Debian-slim-based CI runner images for cross-company use. One Containerfile per stack.
Available images
All images live in git.kristofferopsahl.com/kristofferopsahl/, tag :latest. All
extend debian-trixie-base (which is FROM debian:trixie-slim).
debian-trixie-base— common build deps: ca-certificates, curl, git, build-essential, locales, nodejs (Node 20 from apt — needed by JS-based actions likeactions/checkout; no npm), pkg-config, xz-utils, zstd, unzip, zip, jq. Use this as aruns-on:target when no language image fits, or as the base when extending in a downstream Containerfile.debian-trixie-elixir— Elixir 1.18 + Erlang/OTP 27 + Node 20 + postgres-client + inotify-tools.debian-trixie-java— Java 21 (default-jdk) + Maven.debian-trixie-python— Python 3.13 + venv + pip.pythonsymlinked topython3.debian-trixie-node— Node 20 + npm.debian-trixie-php— PHP 8.4 + Composer + common extensions (mbstring, xml, curl, mysql, pgsql, zip, intl, bcmath, gd, sqlite3).debian-trixie-go— Go 1.24.debian-trixie-rust— Rust + Cargo (trixie default ~1.85).debian-trixie-sukker— legacy umbrella for the sukker stack: Sury PHP 7.4 + extensions + Composer 2.2 LTS (upstream phar) + Node 20.
Two upstream Debian images are also available as runs-on: labels (configured in the runner, not built here):
debian-trixie→docker.io/library/debian:trixiedebian-trixie-slim→docker.io/library/debian:trixie-slim
Usage in downstream workflows
jobs:
test:
runs-on: debian-trixie-elixir # runner label, mapped to the image in runner config
steps:
- uses: actions/checkout@v4 # works because image has git
- run: mix test
Adding a new image
- Create
<stack-name>/Containerfile. If the stack should extend the common base, start it withFROM git.kristofferopsahl.com/kristofferopsahl/debian-trixie-base:latest. - Add a job for it in
.forgejo/workflows/build.yml— copy any existing child job, changeIMAGE_NAMEandname:. Keepneeds: baseif extending base. - Add a label mapping in
runner/userdata.yaml.tmplso new runners pick it up. - Commit and push to main. New runners get the mapping at provision time; existing runners need their
~forgerunner/.local/share/forgejo-runner/config.yamlupdated by hand (thensystemctl --user restart forgejo-runner.service).
Provisioning a runner host
See runner/README.md — pure cloud-init bootstrap from a
fresh Debian 13 cloud image, no snapshot needed.
Versioning
Versions follow Debian trixie's apt cadence. Weekly cron rebuild picks up Debian security updates.
Only :latest is published. If a build breaks, fix it ad hoc — there's no immutable tag to roll back to. Reproducibility for project code is handled by actions/cache@v4 keyed on mix.lock in downstream workflows.
Image build cycle
- On push when any
*/Containerfilechanges. - Weekly Monday 04:00 UTC.
- Manual via Forgejo workflow dispatch.