guettli/sharedinbox
1
0
Fork 0
Code Issues 21 Pull Requests 6 Actions Packages Projects Releases Wiki Activity

feat: validate ci/main.go container images in pre-commit #413

Merged
guettlibot merged 1 commits from refs/pull/413/head into main 2026-06-04 15:34:19 +00:00
Conversation 0 Commits 1 Files Changed 4
+1427 -8064
guettlibot commented 2026-06-04 06:07:01 +00:00 (Migrated from codeberg.org)
Copy Link
Copy Source

Summary

  • Adds scripts/check_ci_images.sh: extracts every From("...") image reference from ci/main.go and runs skopeo inspect --no-creds on each one (manifest-only, no layer pull, no daemon required)
  • Adds task check-ci-images task in Taskfile.yml that runs the script
  • Adds ci-image-exists hook to .pre-commit-config.yaml that fires only when ci/main.go is staged (using files: ^ci/main\.go$ rather than always_run, to avoid a network round-trip on every unrelated commit)
  • Adds skopeo to the Nix devShell so the tool is on PATH when the hook runs via nix develop --command

This catches a bad image tag (like ghcr.io/cirruslabs/flutter:3.44.1 not yet published) at commit time, before the push reaches CI.

Test plan

  • Stage a change to ci/main.go bumping a From("...") tag to a non-existent version → hook rejects commit with NOT FOUND
  • Stage a change with valid image tags → hook prints OK for each image and allows the commit
  • Stage a change to any other file → ci-image-exists hook is skipped entirely

Closes #407

## Summary - Adds `scripts/check_ci_images.sh`: extracts every `From("...")` image reference from `ci/main.go` and runs `skopeo inspect --no-creds` on each one (manifest-only, no layer pull, no daemon required) - Adds `task check-ci-images` task in `Taskfile.yml` that runs the script - Adds `ci-image-exists` hook to `.pre-commit-config.yaml` that fires only when `ci/main.go` is staged (using `files: ^ci/main\.go$` rather than `always_run`, to avoid a network round-trip on every unrelated commit) - Adds `skopeo` to the Nix devShell so the tool is on PATH when the hook runs via `nix develop --command` This catches a bad image tag (like `ghcr.io/cirruslabs/flutter:3.44.1` not yet published) at commit time, before the push reaches CI. ## Test plan - Stage a change to `ci/main.go` bumping a `From("...")` tag to a non-existent version → hook rejects commit with NOT FOUND - Stage a change with valid image tags → hook prints OK for each image and allows the commit - Stage a change to any other file → `ci-image-exists` hook is skipped entirely Closes #407
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
Clear labels
NeedSupervisor
Issue escalated to a human supervisor; agentloop will skip it until cleared.
 State/InProgress
State/Later
State/Planned
automerge
Eligible for automatic merge by CI
 ci-failure
Issue opened by agentloop to track a failing CI workflow; used for deduplication.
 do-not-merge
Plan PR — review only, do not merge.
 loop/code
Add to run the built-in "code" prompt; override at prompts/code.md.
 loop/code-ci-pending
Prompt "code" finished; waiting for the PR's CI to pass before advancing.
 loop/code-done
Prompt "code" finished successfully.
 loop/code-in-process
Agent for the "code" prompt is currently running on this issue.
 loop/merge
Managed by agentloop
 loop/merge-done
Managed by agentloop
 loop/merge-in-process
Managed by agentloop
 loop/plan
Add to run the built-in "plan" prompt; override at prompts/plan.md.
 loop/plan-done
Prompt "plan" finished successfully.
 loop/plan-in-process
Agent for the "plan" prompt is currently running on this issue.
No labels
Milestone
No items
No Milestone
Projects
Clear projects
No projects
Assignees
Clear assignees
guettlibot guettli
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: guettli/sharedinbox#413