guettli/sharedinbox
1
0
Fork 0
Code Issues 21 Pull Requests 6 Actions Packages Projects Releases Wiki Activity
Files
b631bdae24707c6c031cd236e035715b32a7e642
sharedinbox/scripts/check_ci_images.sh
T
Bot of Thomas GüttlerguettliThomas SharedInbox
 b631bdae24 feat: validate ci/main.go container images in pre-commit (#413) 
## Summary

- Adds `scripts/check_ci_images.sh`: extracts every `From("...")` image reference from `ci/main.go` and runs `skopeo inspect --no-creds` on each one (manifest-only, no layer pull, no daemon required)
- Adds `task check-ci-images` task in `Taskfile.yml` that runs the script
- Adds `ci-image-exists` hook to `.pre-commit-config.yaml` that fires only when `ci/main.go` is staged (using `files: ^ci/main\.go$` rather than `always_run`, to avoid a network round-trip on every unrelated commit)
- Adds `skopeo` to the Nix devShell so the tool is on PATH when the hook runs via `nix develop --command`

This catches a bad image tag (like `ghcr.io/cirruslabs/flutter:3.44.1` not yet published) at commit time, before the push reaches CI.

## Test plan

- Stage a change to `ci/main.go` bumping a `From("...")` tag to a non-existent version → hook rejects commit with NOT FOUND
- Stage a change with valid image tags → hook prints OK for each image and allows the commit
- Stage a change to any other file → `ci-image-exists` hook is skipped entirely

Closes #407

Co-authored-by: Thomas SharedInbox <sharedinbox@thomas-guettler.de>
Reviewed-on: https://codeberg.org/guettli/sharedinbox/pulls/413
2026-06-04 17:34:17 +02:00

33 lines
825 B
Bash
Executable File
Raw Blame History

#!/usr/bin/env bash
# Verify that every container image referenced in ci/main.go is reachable.
# Runs skopeo inspect (manifest-only, no layer pull) for each From("...") call.
set -euo pipefail
ROOT=$(git rev-parse --show-toplevel)
FILE="$ROOT/ci/main.go"
images=$(grep -oP 'From\("\K[^"]+' "$FILE" | sort -u)
if [ -z "$images" ]; then
echo "check-ci-images: no From() image references found in $FILE"
exit 0
fi
fail=0
while IFS= read -r image; do
printf "check-ci-images: %-55s" "$image"
if skopeo inspect --no-creds "docker://$image" > /dev/null 2>&1; then
echo "OK"
else
echo "NOT FOUND"
fail=1
fi
done <<< "$images"
if [ "$fail" -eq 1 ]; then
echo ""
echo "ERROR: one or more container images in ci/main.go could not be resolved."
echo "Fix the image tag before committing."
exit 1
fi
Reference in New Issue View Git Blame Copy Permalink