molecule-ai/molecule-core
35
0
Fork 2
Code Issues 16 Pull Requests 2 Actions 49 Packages Projects Releases Wiki Activity
fix/issue173-shell-docker-push
molecule-core/.github/workflows
History
devops-engineer 43e2d24c5b
Some checks failed
Retarget main PRs to staging / Retarget to staging (pull_request) Has been skipped
Details
Block internal-flavored paths / Block forbidden paths (pull_request) Successful in 5s
Details
Check merge_group trigger on required workflows / Required workflows have merge_group trigger (pull_request) Successful in 5s
Details
CI / Detect changes (pull_request) Successful in 8s
Details
Lint curl status-code capture / Scan workflows for curl status-capture pollution (pull_request) Successful in 7s
Details
E2E API Smoke Test / detect-changes (pull_request) Successful in 7s
Details
E2E Staging Canvas (Playwright) / detect-changes (pull_request) Successful in 8s
Details
Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 7s
Details
Handlers Postgres Integration / detect-changes (pull_request) Successful in 8s
Details
Runtime PR-Built Compatibility / detect-changes (pull_request) Successful in 8s
Details
CI / Shellcheck (E2E scripts) (pull_request) Successful in 4s
Details
CI / Platform (Go) (pull_request) Successful in 4s
Details
CI / Python Lint & Test (pull_request) Successful in 4s
Details
E2E API Smoke Test / E2E API Smoke Test (pull_request) Successful in 4s
Details
Handlers Postgres Integration / Handlers Postgres Integration (pull_request) Successful in 4s
Details
E2E Staging Canvas (Playwright) / Canvas tabs E2E (pull_request) Successful in 6s
Details
Runtime PR-Built Compatibility / PR-built wheel + import smoke (pull_request) Successful in 4s
Details
CI / Canvas (Next.js) (pull_request) Successful in 17s
Details
CI / Canvas Deploy Reminder (pull_request) Has been skipped
Details
CodeQL / Analyze (${{ matrix.language }}) (javascript-typescript) (pull_request) Failing after 1m21s
Details
CodeQL / Analyze (${{ matrix.language }}) (python) (pull_request) Failing after 1m21s
Details
CodeQL / Analyze (${{ matrix.language }}) (go) (pull_request) Failing after 1m24s
Details
fix(ci): replace buildx with plain docker build+push (followup #173) 
CI run #946 (post-#43) confirmed `driver: docker` doesn't fix the ECR
push 401 either: buildx CLI inside the runner container talks to the
operator-host docker daemon (mounted socket), but the daemon doesn't
see the runner's ECR auth state, and the runner's buildx CLI doesn't
attach the auth header in a way the daemon accepts.

Drop buildx + build-push-action entirely. Plain `docker build` +
`docker push` from the runner container works because both use the
SAME docker socket + the SAME runner-container config.json (populated
by `aws ecr get-login-password | docker login` from amazon-ecr-login).

Trade-off: lose multi-arch support. We only ship linux/amd64 tenant
images today, so this is fine. If multi-arch becomes a requirement
later, we can revisit (likely with `docker buildx create
--driver=remote` pointing at an external buildkit, but that's
substantial infra work; not worth it for a single-arch shop).

Closes #173 (fourth piece — and hopefully last; this matches the
operator-host manual approach exactly).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-07 13:43:50 -07:00
..
auto-promote-on-e2e.yml fix(auto-promote): treat E2E completed/cancelled as defer, not failure 2026-05-04 19:26:29 -07:00
auto-promote-staging.yml fix(auto-promote): skip empty-tree promotes to break perpetual cycle 2026-05-03 08:56:44 -07:00
auto-promote-stale-alarm.yml feat(ops): hourly alarm for auto-promote PR stuck on REVIEW_REQUIRED (#2975) 2026-05-05 17:55:27 -07:00
auto-sync-main-to-staging.yml chore(deps)(deps): bump actions/checkout from 4 to 6 2026-05-02 19:23:01 +00:00
auto-tag-runtime.yml chore(deps)(deps): bump actions/checkout from 4 to 6 2026-05-02 19:23:01 +00:00
block-internal-paths.yml fix(ci): lowercase 'molecule-ai/' in cross-repo workflow refs 2026-05-07 01:00:10 -07:00
branch-protection-drift.yml fix(branch-protection-drift): hard-fail on schedule only, soft-skip + warn on PR 2026-05-04 21:20:30 -07:00
canary-staging.yml fix(workflows): preserve curl stderr in 8 status-capture sites 2026-05-04 18:54:50 -07:00
canary-verify.yml fix(ci): lowercase 'molecule-ai/' in cross-repo workflow refs 2026-05-07 01:00:10 -07:00
cascade-list-drift-gate.yml feat(ci): structural drift gate for cascade list vs manifest (RFC #388 PR-3) 2026-05-03 03:52:39 -07:00
check-merge-group-trigger.yml chore(deps)(deps): bump actions/checkout from 4 to 6 2026-05-02 19:23:01 +00:00
check-migration-collisions.yml chore(deps)(deps): bump actions/checkout from 4 to 6 2026-05-02 19:23:01 +00:00
ci.yml fix(ci): lowercase 'molecule-ai/' in cross-repo workflow refs 2026-05-07 01:00:10 -07:00
codeql.yml fix(ci): mark CodeQL continue-on-error (advisory only) — closes #156 2026-05-07 17:26:52 +00:00
continuous-synth-e2e.yml ci(canary): bump timeout-minutes 12 → 20 to absorb apt tail latency 2026-05-04 07:02:12 -07:00
e2e-api.yml test(e2e): add poll-mode chat upload E2E and wire into e2e-api.yml 2026-05-05 13:08:55 -07:00
e2e-staging-canvas.yml fix(workflows): preserve curl stderr in 8 status-capture sites 2026-05-04 18:54:50 -07:00
e2e-staging-external.yml fix(workflows): preserve curl stderr in 8 status-capture sites 2026-05-04 18:54:50 -07:00
e2e-staging-saas.yml fix(workflows): preserve curl stderr in 8 status-capture sites 2026-05-04 18:54:50 -07:00
e2e-staging-sanity.yml fix(workflows): preserve curl stderr in 8 status-capture sites 2026-05-04 18:54:50 -07:00
handlers-postgres-integration.yml ci(handlers-postgres-integration): apply legacy *.sql migrations too 2026-05-05 22:02:24 -07:00
harness-replays.yml chore: drop github-app-auth + swap GHCR→ECR (closes #157, #161) 2026-05-07 07:48:51 -07:00
lint-curl-status-capture.yml fix(workflows): rewrite curl status-capture to prevent exit-code pollution 2026-05-04 18:29:38 -07:00
pr-guards.yml fix(ci): lowercase 'molecule-ai/' in cross-repo workflow refs 2026-05-07 01:00:10 -07:00
promote-latest.yml chore(deps)(deps): bump imjasonh/setup-crane from 0.4 to 0.5 2026-05-02 19:23:13 +00:00
publish-canvas-image.yml Merge pull request #2521 from Molecule-AI/dependabot/github_actions/actions/checkout-6 2026-05-03 01:36:57 +00:00
publish-runtime.yml fix(ci): lowercase 'molecule-ai/' in cross-repo workflow refs 2026-05-07 01:00:10 -07:00
publish-workspace-server-image.yml fix(ci): replace buildx with plain docker build+push (followup #173) 2026-05-07 13:43:50 -07:00
railway-pin-audit.yml Merge pull request #2523 from Molecule-AI/dependabot/github_actions/actions/github-script-9.0.0 2026-05-03 01:37:00 +00:00
redeploy-tenants-on-main.yml fix(ci): lowercase 'molecule-ai/' in cross-repo workflow refs 2026-05-07 01:00:10 -07:00
redeploy-tenants-on-staging.yml fix(ci): lowercase 'molecule-ai/' in cross-repo workflow refs 2026-05-07 01:00:10 -07:00
retarget-main-to-staging.yml fix(ci): lowercase 'molecule-ai/' in cross-repo workflow refs 2026-05-07 01:00:10 -07:00
runtime-pin-compat.yml chore(deps)(deps): bump actions/checkout from 4 to 6 2026-05-02 19:23:01 +00:00
runtime-prbuild-compat.yml fix(ci): include event_name in runtime-prbuild-compat concurrency group 2026-05-05 04:01:20 -07:00
secret-pattern-drift.yml chore(deps)(deps): bump actions/checkout from 4 to 6 2026-05-02 19:23:01 +00:00
secret-scan.yml fix(ci): lowercase 'molecule-ai/' in cross-repo workflow refs 2026-05-07 01:00:10 -07:00
sweep-aws-secrets.yml feat(ops): add sweep-aws-secrets janitor — orphan tenant bootstrap secrets 2026-05-03 02:38:08 -07:00
sweep-cf-orphans.yml chore(deps)(deps): bump actions/checkout from 4 to 6 2026-05-02 19:23:01 +00:00
sweep-cf-tunnels.yml chore(deps)(deps): bump actions/checkout from 4 to 6 2026-05-02 19:23:01 +00:00
sweep-stale-e2e-orgs.yml chore(sweep): add orphan-tunnel cleanup step (#2987 / #340) 2026-05-05 19:36:20 -07:00
test-ops-scripts.yml chore(deps)(deps): bump actions/checkout from 4 to 6 2026-05-02 19:23:01 +00:00