shithub Public

Notifications Fork 0 Star 0
trunk
Branches s50/cross-cutting scratch trunk
3 Branches 0 Tags
Go to file T
Code
Matthew Forrester Wolffe Merge pull request #198 from tenseleyFlow/payments-pro/08-pro-ga-audit
b03b58d 1389 Commits
README.md actions: fix shared runner provisioning defaults
flake.lock deploy: add nix-built runner image
flake.nix actions: fix shared runner provisioning defaults

shithub runner image

flake.nix builds the default S41d runner container image:

nix build ./deploy/runner-images#runnerImage
docker load < result

The image tag is ghcr.io/tenseleyflow/shithub/runner-nix:1.0, matching internal/runner/config's default. flake.lock pins nixpkgs so the image input set is reviewable and repeatable. The image intentionally contains only the baseline tools needed for v1 run: steps and checkout plumbing: bash, coreutils, git, curl, CA certificates, gnupg, gcc, gnumake, archive tools, OpenSSH, and shithub-shallow-checkout.

Publishing is handled by .github/workflows/runner-image.yml. That workflow is manual because the GHCR namespace may differ between the upstream project and self-hosted forks. Leave the image input blank to publish under the current repository's GHCR namespace, or override it with ghcr.io/tenseleyflow/shithub/runner-nix for the upstream package.