Commit Graph

5 Commits

Author SHA1 Message Date
renovate[bot] 785fe6e306
chore(deps): update docker/metadata-action digest to c299e40 (#1887)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2025-11-27 17:45:12 +01:00
renovate[bot] aea4cb83d4
chore(deps): update actions/checkout action to v6 (#1854)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2025-11-22 01:19:54 +01:00
renovate[bot] 572140f744
chore(deps): update actions/checkout digest to 93cb6ef (#1838)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2025-11-17 23:23:13 +00:00
Copilot b38780e246
feat(ci): update Docker PR push build strategy for forked PRs (#1812)
This change switches from pull_request to pull_request_target trigger,
allowing PRs from forks to successfully build and push Docker images.

The pull_request trigger provides a read-only GITHUB_TOKEN for fork PRs,
even when permissions.packages is set to write. This caused builds to fail
for external contributors.

Using pull_request_target is safe here because:
- We explicitly checkout the PR's head SHA
- Only Docker build happens (isolated, no arbitrary code execution)
- No untrusted scripts are run in the workflow context

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: kolaente <13721712+kolaente@users.noreply.github.com>
Co-authored-by: kolaente <k@knt.li>
2025-11-13 08:52:20 +00:00
Copilot cf8ad52a27
feat: add PR Docker image builds for x86_64 (#1810)
* Initial plan

* feat: add PR docker build workflow

Add a new workflow that builds and pushes Docker images for pull requests:
- Runs independently without waiting for tests
- Builds only for linux/amd64 platform
- Pushes only to GHCR (not Docker Hub)
- Tags images with pr-<number> format

Co-authored-by: kolaente <13721712+kolaente@users.noreply.github.com>

* feat: add SHA tag to PR Docker images

Add type=sha,format=long to docker tags for PR images.
This will tag images with both pr-<number> and sha-<commit_hash>.

Co-authored-by: kolaente <13721712+kolaente@users.noreply.github.com>

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: kolaente <13721712+kolaente@users.noreply.github.com>
2025-11-12 23:31:25 +00:00