fix(ci): pin docker-capable runner label in both publish workflows (closes #576) #599
Merged
core-devops
merged 1 commits from 2026-05-11 23:24:08 +00:00
infra/docker-runner-label into main
1 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
| e8c78d6a20 |
fix(ci): pin docker-capable runner label in both publish workflows (closes #576)
Some checks failed
Block internal-flavored paths / Block forbidden paths (pull_request) Successful in 15s
Lint curl status-code capture / Scan workflows for curl status-capture pollution (pull_request) Successful in 10s
Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 14s
CI / Detect changes (pull_request) Successful in 33s
E2E API Smoke Test / detect-changes (pull_request) Successful in 46s
E2E Staging Canvas (Playwright) / detect-changes (pull_request) Successful in 38s
Handlers Postgres Integration / detect-changes (pull_request) Successful in 39s
qa-review / approved (pull_request) Failing after 15s
gate-check-v3 / gate-check (pull_request) Successful in 24s
security-review / approved (pull_request) Failing after 15s
sop-tier-check / tier-check (pull_request) Successful in 18s
Runtime PR-Built Compatibility / detect-changes (pull_request) Successful in 42s
CI / Platform (Go) (pull_request) Successful in 6s
CI / Canvas (Next.js) (pull_request) Successful in 7s
CI / Shellcheck (E2E scripts) (pull_request) Successful in 5s
CI / Python Lint & Test (pull_request) Successful in 5s
Runtime PR-Built Compatibility / PR-built wheel + import smoke (pull_request) Successful in 6s
Handlers Postgres Integration / Handlers Postgres Integration (pull_request) Successful in 7s
E2E API Smoke Test / E2E API Smoke Test (pull_request) Successful in 7s
E2E Staging Canvas (Playwright) / Canvas tabs E2E (pull_request) Successful in 7s
CI / Canvas Deploy Reminder (pull_request) Has been skipped
CI / all-required (pull_request) Successful in 2s
audit-force-merge / audit (pull_request) Successful in 14s
Coin-flip failure: publish-workspace-server-image / build-and-push lands on runners without /var/run/docker.sock (molecule-runner-1 vs molecule-runner-4), failing the Docker daemon health check. Fix: - runs-on: ubuntu-latest → runs-on: [ubuntu-latest, docker] infra-sre registers a `docker` label on every act-runner that mounts /var/run/docker.sock (group=docker, perms 660+). Jobs without the `docker` label are never queued on socket-less runners. - Health check step now echoes the runner hostname in both the success path and the error path so failures are traceable to a specific host. Applied to: .gitea/workflows/publish-workspace-server-image.yml .gitea/workflows/publish-canvas-image.yml Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> |
