Sync missing GHCR images#48
Conversation
|
Thank you for your contribution. unfortunately, one or more of your commits are missing the required "Signed-off-by:" statement. Signing off is part of the Developer Certificate of Origin (DCO) which is used by this project. Read the DCO and project contributing guide carefully, and amend your commits using the git CLI. Note that this does not require any cryptography, keys or special steps to be taken. 💡 Shall we fix this?This will only take a few moments. First, clone your fork and checkout this branch using the git CLI. Next, set up your real name and email address:
Finally, run one of these commands to add the "Signed-off-by" line to your commits. If you only have one commit so far then run: Check that the message has been added properly by running "git log". |
This comment has been minimized.
This comment has been minimized.
b7b5db4 to
9d60ebd
Compare
9d60ebd to
8b437e7
Compare
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
8b437e7 to
6e96300
Compare
This comment has been minimized.
This comment has been minimized.
| TARGET_IMAGE: ghcr.io/inlets/inlets-pro | ||
| TAG: ${{ inputs.tag }} | ||
| run: | | ||
| set -euo pipefail |
There was a problem hiding this comment.
Something feels off/unmaintainable about this being inline.
I'd expect a script that can be independently tested with a SRC / DEST similar to how you define it above
6e96300 to
18c527b
Compare
This comment has been minimized.
This comment has been minimized.
Signed-off-by: Han Verstraete (OpenFaaS Ltd) <han@openfaas.com>
18c527b to
680b679
Compare
AI Pull Request OverviewDisclaimer: This review was generated by automated AI and may contain errors. Do not trust its outputs without human verification. Summary
Approval rating (1-10)7/10. The sync logic is simple, but the writable workflow should pin external code before merging. Summary per fileSummary per file
Overall AssessmentThe PR implements the intended image backfill path with a small, understandable script. The main issue is operational security: the workflow gives Detailed ReviewDetailed ReviewFindings
AI agent details. |
Description
Adds a
sync-imagesworkflow that copies missing image tags fromghcr.io/openfaasltd/inlets-protoghcr.io/inlets/inlets-pro. It runs nightly and can also be started manually.The workflow uses
crane lsto compare source and target tags, skips tags already present in the public package, copies only missing tags withcrane cp, and writes copied tags plus an aggregate skipped count to the workflow summary. The source package is expected to be public; the workflow uses the repositoryGITHUB_TOKENwithpackages: writeto publish to the public package.Manual sync
Run the workflow from GitHub Actions and set
tagto a version, for example0.11.14. This copiesghcr.io/openfaasltd/inlets-pro:0.11.14toghcr.io/inlets/inlets-pro:0.11.14if it is missing. If the tag is already present, it is skipped and included in the skipped count. Leavetagempty to sync all missing tags.Motivation and context
This is part of a series of changes to automate release publishing from the private inlets-pro repo and syncing those releases to the public inlets-pro repo.
How has this been tested