In-house CI base image (python:3.12 + node 20 + docker CLI/buildx). Used by .forgejo/workflows/ci.yml in sibling agents/ repos.
- Dockerfile 100%
Justin Belec
6547b93993
All checks were successful
Build ci-base image / build-push (push) Successful in 6s
npx eslint@9 without --yes hangs in non-interactive containers waiting for install confirmation. Baking it in eliminates the download entirely and speeds up CI runs. |
||
|---|---|---|
| .forgejo/workflows | ||
| Dockerfile | ||
| README.md | ||
ci-base
In-house CI base image used by Forgejo Actions workflows across the agents/
namespace. Avoids the supply-chain exposure of third-party Docker Hub CI
images (act images, cimg, nikolaik, etc.) by building our own from the
official python:3.12-bookworm (Python Software Foundation) and adding:
- Node 20 (NodeSource official APT repo) — required for JS-based Forgejo
actions:
actions/checkout,actions/cache,actions/setup-python,docker/login-action,docker/build-push-action, etc. - Docker CLI +
buildxplugin (Docker Inc official APT repo) — required for build-push jobs. The Forgejo runner mounts the host Docker socket into every job viadocker_host: automountin its config. - Common build toolchain (
build-essential,libffi-dev, image/XML development headers) — covers wheels that compile at install time: Pillow, lxml, bcrypt, faster-whisper, pymupdf.
Published tags
git.lab.lostsource.net/agents/ci-base:latestgit.lab.lostsource.net/agents/ci-base:bookworm-py312-node20git.lab.lostsource.net/agents/ci-base:<short-sha>(per-commit snapshot)
Rebuild
Push any change to the Dockerfile on main and the build.yml workflow
rebuilds + pushes :latest and a fresh :<short-sha> tag. Manual rebuild
via Actions UI -> Run workflow.
Using it
# .forgejo/workflows/ci.yml in any agents/* repo
jobs:
test:
runs-on: ubuntu-latest
container:
image: git.lab.lostsource.net/agents/ci-base:latest
steps:
- uses: actions/checkout@v4
...