othrayte/infra
1
0
Fork 0
Code Issues 1 Pull Requests 7 Actions Packages Projects Releases Wiki Activity

Compare commits

base: othrayte:phase-2-image-pull-validation
Branches Tags
othrayte:main othrayte:phase-2-image-pull-validation othrayte:renovate/mcr.microsoft.com-k8s-csi-smb-csi-1.x othrayte:renovate/ghcr.io-richardr1126-openreader-2.x othrayte:renovate/null-3.x othrayte:renovate/libvirt-0.x othrayte:renovate/cloudflare-5.x othrayte:renovate/litestream-litestream-0.x
..
compare: othrayte:renovate/ghcr.io-richardr1126-openreader-2.x
Branches Tags
othrayte:phase-2-image-pull-validation othrayte:renovate/mcr.microsoft.com-k8s-csi-smb-csi-1.x othrayte:renovate/ghcr.io-richardr1126-openreader-2.x othrayte:renovate/null-3.x othrayte:renovate/libvirt-0.x othrayte:renovate/cloudflare-5.x othrayte:main othrayte:renovate/litestream-litestream-0.x

1 Commits
phase-2-im ... renovate/g

Author SHA1 Message Date
Renovate Bot
d0744c1658 Update ghcr.io/richardr1126/openreader Docker tag to v2.2.0
All checks were successful
CI / Terraform fmt + validate (pull_request) Successful in 18s
Details
CI / Nomad job spec validate (pull_request) Successful in 16s
Details
2026-04-19 05:25:52 +00:00
4 changed files with 3 additions and 41 deletions
Expand all files Collapse all files

38
.gitea/workflows/ci.yml
View File

@@ -52,41 +52,3 @@ jobs:
echo "==> $f"
nomad job validate "$f"
done
image-pull:
name: Docker image pull validation
runs-on: ubuntu-latest
# Only run on PRs that touch nomad job specs
if: github.event_name == 'pull_request'
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Pull changed images
run: |
curl -fsSL https://download.docker.com/linux/static/stable/x86_64/docker-27.5.1.tgz \
| tar -xz --strip-components=1 -C /usr/local/bin docker/docker
git fetch origin ${{ github.base_ref }}
IMAGES=$(git diff origin/${{ github.base_ref }}...HEAD -- '*.nomad.hcl' \
| grep '^+\s*image\s*=' \
| grep -oP '"[^"]+:[^"]+"' \
| tr -d '"' \
| sort -u)
if [ -z "$IMAGES" ]; then
echo "No image changes detected, skipping pull."
exit 0
fi
FAILED=0
while IFS= read -r image; do
echo "==> Pulling $image"
if ! docker pull "$image"; then
echo "ERROR: Failed to pull $image"
FAILED=1
fi
done <<< "$IMAGES"
exit $FAILED

2
2-nomad-config/glance.nomad.hcl
View File

@@ -12,7 +12,7 @@ job "glance" {
driver = "docker"
config {
image = "glanceapp/glance:v0.7.8"
image = "glanceapp/glance:latest"
ports = ["http"]
volumes = [
"local/glance.yml:/app/config/glance.yml",

2
2-nomad-config/openreader.nomad.hcl
View File

@@ -59,7 +59,7 @@ job "openreader" {
driver = "docker"
config {
image = "ghcr.io/richardr1126/openreader:v2.1.2"
image = "ghcr.io/richardr1126/openreader:v2.2.0"
ports = ["http"]
}

2
cicd-plan.md
View File

@@ -296,7 +296,7 @@ exit 1
- [x] **Phase 1a**: Create `act-runner.nomad.hcl` + Terraform wrapper, register runner token in Gitea, get a hello-world workflow green
- [x] **Phase 1b**: Add `terraform fmt` + `terraform validate -backend=false` workflow — no secrets needed
- [x] **Phase 1c**: Add Nomad validate step — add `NOMAD_ADDR` + read-only `NOMAD_TOKEN` to Gitea secrets
- [x] **Phase 2**: Add image pull validation step to the workflow
- [ ] **Phase 2**: Add image pull validation step to the workflow
- [ ] **Phase 3a**: Add `update` stanzas to ntfy and glance (simplest, no volume conflict)
- [ ] **Phase 3b**: Add rolling `update` stanzas to remaining service jobs (jellyfin, sonarr, etc.)
- [ ] **Phase 3c**: Add health checks to openreader and unifi before adding update stanzas