Skip to content

Create Docker image pipeline for aiden-runner #16

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
sks merged 8 commits into from
May 12, 2026
Merged

Create Docker image pipeline for aiden-runner #16

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
eef216a
Add aiden-runner Dockerfile and image workflow
Copilot May 9, 2026
bdfcfcb
Fix runner matrix usage and Dockerfile permission step
Copilot May 9, 2026
2ba7aa4
Adjust Dockerfile copy before non-root user switch
Copilot May 9, 2026
525e367
Refine aiden-runner workflow tag suffixes and image refs
Copilot May 9, 2026
94daa33
Harden aiden-runner download and version extraction
Copilot May 9, 2026
c4d502d
Tighten workflow error message and Dockerfile cleanup
Copilot May 9, 2026
9ee338c
Add stronger download and version validation checks
Copilot May 9, 2026
fbc1976
Add archive and stricter semver validation
Copilot May 9, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
106 changes: 106 additions & 0 deletions .github/workflows/aiden-runner.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,106 @@
# a pipeline to create container image on changes to aiden-runner.rb file
name: aiden-runner
on:
push:
branches:
- main
paths:
- 'aiden-runner.rb'
- aiden-runner/Dockerfile
- .github/workflows/aiden-runner.yaml
env:
REGISTRY: ghcr.io
IMAGE_NAME: stackgenhq/aiden-runner
jobs:
build:
outputs:
image_tag: ${{ steps.meta.outputs.tags }}
version: ${{ steps.version.outputs.VERSION }}
permissions:
contents: read
packages: write
strategy:
fail-fast: false
matrix:
include:
- platform: linux/amd64
runner: ubuntu-latest
tag-suffix: -amd64
- platform: linux/arm64
runner: ubuntu-22.04-arm
tag-suffix: -arm64
runs-on: ${{ matrix.runner }}
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 1
sparse-checkout: |
aiden-runner
aiden-runner.rb
- name: Get aiden-runner version
id: version
run: |
VERSION="$(awk '$1 == \"version\" { print $2; exit }' aiden-runner.rb | tr -d '\"')"
test -n "$VERSION" || { echo "Error: Failed to extract version from aiden-runner.rb"; exit 1; }
echo "$VERSION" | grep -Eq '^[0-9]+\.[0-9]+\.[0-9]+(-[0-9A-Za-z-]+(\.[0-9A-Za-z-]+)*)?(\+[0-9A-Za-z-]+(\.[0-9A-Za-z-]+)*)?$' || { echo "Error: Extracted version is not valid semver: $VERSION"; exit 1; }
echo "VERSION=$VERSION" >> "$GITHUB_OUTPUT"
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: |
type=raw,value=${{ steps.version.outputs.VERSION }}
type=raw,value=latest
flavor: |
suffix=${{ matrix.tag-suffix }},onlatest=false
- name: Log in to the Container registry
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Docker Build and push
uses: docker/build-push-action@v6
with:
context: ./aiden-runner
platforms: ${{ matrix.platform }}
tags: ${{ steps.meta.outputs.tags }}
push: true
provenance: false
labels: ${{ steps.meta.outputs.labels }}
build-args: |-
AIDEN_RUNNER_VERSION=${{ steps.version.outputs.VERSION }}

create_manifest:
name: Create manifest
runs-on: ubuntu-22.04
needs: build
permissions:
contents: read
packages: write
steps:
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Log in to the Container registry
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Create manifest
run: |
docker buildx imagetools create \
-t ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest \
${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest-amd64 \
${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest-arm64

docker buildx imagetools create \
-t ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ needs.build.outputs.version }} \
${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ needs.build.outputs.version }}-amd64 \
${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ needs.build.outputs.version }}-arm64
31 changes: 31 additions & 0 deletions aiden-runner/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
FROM alpine AS download_binary

ARG AIDEN_RUNNER_VERSION
ARG TARGETOS
ARG TARGETARCH

# install wget
RUN apk update && \
apk add --no-cache wget && \
rm -rf /var/cache/apk/*

RUN URL="https://releases.stackgen.com/binaries/aios-remote/v${AIDEN_RUNNER_VERSION}/aiden-runner_${AIDEN_RUNNER_VERSION}_${TARGETOS}_${TARGETARCH}.tar.gz" && \
wget --fail -O aiden-runner.tar.gz "$URL" || { echo "Error: failed to download aiden-runner from $URL" >&2; exit 1; } && \
tar -xzf aiden-runner.tar.gz && \
test -f aiden-runner || { echo "Error: extracted archive does not contain aiden-runner binary" >&2; exit 1; } && \
mv aiden-runner /tmp/aiden-runner && \
chmod +x /tmp/aiden-runner && \
rm -f aiden-runner.tar.gz

FROM alpine:latest

RUN apk update && \
apk add --no-cache ca-certificates && \
rm -rf /var/cache/apk/* && \
addgroup -S stackgen && adduser -S stackgen -G stackgen -u 1000 -h /home/stackgen

COPY --from=download_binary --chown=stackgen:stackgen /tmp/aiden-runner /usr/local/bin/aiden-runner

USER stackgen

ENTRYPOINT ["/usr/local/bin/aiden-runner"]
Loading