Allows callers to specify a Docker build target stage (e.g. target: production)
for multi-stage Dockerfiles. Empty default preserves backward compatibility.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
build-push.yaml:
- Add environment-tag and version-tag optional inputs
- Auto-detect environment from branch: main/master→:prod, staging→:staging, dev→:dev
- Replace :latest with :prod for main branch
- Support manual version tags for node-specific testing
deploy-k8s.yaml:
- Switch from image tag sed to deploy-timestamp annotation bump
- Mutable tags (:prod/:staging) stay constant in manifests
- ArgoCD detects rollout via timestamp annotation change
- Preserves SHA in commit message for traceability
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Pin catthehacker/ubuntu:act-22.04 to digest sha256:52581951... to
prevent supply-chain drift from mutable tags
- Add ARM64 builds section to README documenting QEMU emulation
trade-offs and when to switch to native ARM64 runners (Rust builds)
- Update Notes section to reference new ARM64 docs and digest pinning
Ref: CON-578
P1 — deploy-k8s.yaml:
- Add set -euo pipefail to all run blocks
- Replace sed-based image tag patching with yq for YAML-safe updates
- Add source commit SHA and CI run link to deploy commit messages
- Install yq v4.44.1 as prerequisite step
P1 — build-push.yaml:
- Add runner input parameter for future ARM64 self-hosted runners
(default: ubuntu-latest with QEMU emulation)
P2 — test-python.yaml:
- Add pyproject.toml support (pip install -e) before requirements.txt fallback
P2 — build-push.yaml:
- Pin catthehacker/ubuntu container image to act-22.04 (was act-latest)
Ref: CON-578
Reusable Gitea Actions workflows for lint, test, build, and deploy:
- lint-python, lint-node, lint-rust
- test-python, test-node, test-rust
- build-push (Docker build + push to Gitea registry)
- deploy-k8s (GitOps image tag update in cluster repo)
Plus example caller workflows for python-fullstack, rust-service,
and node-frontend stacks. Branch refs aligned to staging per CON-570 standards.
