From bb437eda7bc6d0504de1063a165271974004d4dd Mon Sep 17 00:00:00 2001 From: Peter Pathirana Date: Tue, 19 May 2026 08:34:48 +0000 Subject: [PATCH 1/2] fix(cli-tools): drop aqua based installation of cli-tools as they are now installed by homebrew at runtime --- .github/renovate.json | 4 -- .github/renovate/aqua-cli-tools.json | 63 ------------------- .github/renovate/aqua-registry.json | 62 ------------------- .github/workflows/update-aqua-checksum.yaml | 29 --------- images/homelab-workspace/Dockerfile | 36 ----------- images/homelab-workspace/aqua-checksums.json | 64 -------------------- images/homelab-workspace/aqua.yaml | 18 ------ 7 files changed, 276 deletions(-) delete mode 100644 .github/renovate/aqua-cli-tools.json delete mode 100644 .github/renovate/aqua-registry.json delete mode 100644 .github/workflows/update-aqua-checksum.yaml delete mode 100644 images/homelab-workspace/aqua-checksums.json delete mode 100644 images/homelab-workspace/aqua.yaml diff --git a/.github/renovate.json b/.github/renovate.json index 9c8e9195..e0a7eab3 100644 --- a/.github/renovate.json +++ b/.github/renovate.json @@ -22,15 +22,11 @@ "helpers:pinGitHubActionDigests", "mergeConfidence:age-confidence-badges", "mergeConfidence:all-badges", - "github>aquaproj/aqua-renovate-config#2.12.0", - "github>suzuki-shunsuke/renovate-config:yaml-language-server#4.0.0", "github>ppat/renovate-presets#v0.1.1", "github>ppat/renovate-presets:dev-tools#v0.1.1", "github>ppat/renovate-presets:github-actions#v0.1.1", "github>ppat/coder//.github/renovate/template-terraform-provider", "github>ppat/coder//.github/renovate/image-cli-tools", - "github>ppat/coder//.github/renovate/aqua-cli-tools", - "github>ppat/coder//.github/renovate/aqua-registry", "github>ppat/coder//.github/renovate/exceptions" ], "internalChecksFilter": "strict", diff --git a/.github/renovate/aqua-cli-tools.json b/.github/renovate/aqua-cli-tools.json deleted file mode 100644 index 29dfb0ee..00000000 --- a/.github/renovate/aqua-cli-tools.json +++ /dev/null @@ -1,63 +0,0 @@ -{ - "$schema": "https://docs.renovatebot.com/renovate-schema.json", - "packageRules": [ - { - "addLabels": [ - "dependency-type:cli-tools" - ], - "matchFileNames": [ - "**/aqua.yaml" - ], - "matchManagers": [ - "custom.regex" - ], - "matchPackageNames": [ - "!aquaproj/aqua-registry" - ], - "semanticCommitScope": "cli-tools", - "separateMajorMinor": true, - "separateMinorPatch": false, - "separateMultipleMajor": false, - "separateMultipleMinor": false - }, - { - "automerge": true, - "groupName": "cli-tools", - "matchFileNames": [ - "**/aqua.yaml" - ], - "matchManagers": [ - "custom.regex" - ], - "matchPackageNames": [ - "!aquaproj/aqua-registry" - ], - "matchUpdateTypes": [ - "minor", - "patch" - ], - "minimumReleaseAge": "7 days", - "semanticCommitType": "fix" - }, - { - "automerge": false, - "commitBody": "BREAKING CHANGE", - "commitMessageTopic": "{{packageName}}", - "groupName": "{{packageName}}", - "matchFileNames": [ - "**/aqua.yaml" - ], - "matchManagers": [ - "custom.regex" - ], - "matchPackageNames": [ - "!aquaproj/aqua-registry" - ], - "matchUpdateTypes": [ - "major" - ], - "minimumReleaseAge": "60 days", - "semanticCommitType": "feat" - } - ] -} diff --git a/.github/renovate/aqua-registry.json b/.github/renovate/aqua-registry.json deleted file mode 100644 index 381b6e72..00000000 --- a/.github/renovate/aqua-registry.json +++ /dev/null @@ -1,62 +0,0 @@ -{ - "$schema": "https://docs.renovatebot.com/renovate-schema.json", - "packageRules": [ - { - "addLabels": [ - "dependency-type:aqua-registry" - ], - "commitMessageTopic": "aqua registry: {{packageName}}", - "groupName": "{{packageName}}", - "matchFileNames": [ - "**/aqua.yaml" - ], - "matchManagers": [ - "custom.regex" - ], - "matchPackageNames": [ - "aquaproj/aqua-registry" - ], - "semanticCommitScope": "cli-tools", - "separateMajorMinor": true, - "separateMinorPatch": false, - "separateMultipleMajor": true, - "separateMultipleMinor": false - }, - { - "automerge": true, - "matchFileNames": [ - "**/aqua.yaml" - ], - "matchManagers": [ - "custom.regex" - ], - "matchPackageNames": [ - "aquaproj/aqua-registry" - ], - "matchUpdateTypes": [ - "minor", - "patch" - ], - "minimumReleaseAge": "7 days", - "semanticCommitType": "fix" - }, - { - "automerge": false, - "commitBody": "BREAKING CHANGE", - "matchFileNames": [ - "**/aqua.yaml" - ], - "matchManagers": [ - "custom.regex" - ], - "matchPackageNames": [ - "aquaproj/aqua-registry" - ], - "matchUpdateTypes": [ - "major" - ], - "minimumReleaseAge": "30 days", - "semanticCommitType": "feat" - } - ] -} diff --git a/.github/workflows/update-aqua-checksum.yaml b/.github/workflows/update-aqua-checksum.yaml deleted file mode 100644 index 237e3eff..00000000 --- a/.github/workflows/update-aqua-checksum.yaml +++ /dev/null @@ -1,29 +0,0 @@ ---- -# yamllint disable rule:line-length -name: update-aqua-checksum - -on: - pull_request: - paths: - - 'images/homelab-workspace/aqua.yaml' - - 'images/homelab-workspace/aqua-checksums.json' - - '.github/workflows/update-aqua-checksum.yaml' - -concurrency: - group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} - cancel-in-progress: true - -permissions: - contents: read - -jobs: - update-aqua-checksums: - uses: ppat/github-workflows/.github/workflows/update-aqua-checksums.yaml@0bf8cd1eeb8e6e9f67fab279bc3be57e0be29c50 # v3.2.0 - with: - git_ref: ${{ github.head_ref || github.ref_name }} - aqua_dirs: | - images/homelab-workspace - prune: true - secrets: - app_id: ${{ secrets.HOMELAB_BOT_APP_ID }} - app_private_key: ${{ secrets.HOMELAB_BOT_APP_PRIVATE_KEY }} diff --git a/images/homelab-workspace/Dockerfile b/images/homelab-workspace/Dockerfile index 3595aa49..84f0c281 100644 --- a/images/homelab-workspace/Dockerfile +++ b/images/homelab-workspace/Dockerfile @@ -113,48 +113,12 @@ RUN --mount=type=cache,target=/var/cache/apt,id=cache-apt-${TARGETARCH},sharing= # Clean pycache created during apt-get install (as apt stills retains some crud in spite of PYTHONPYCACHEPREFIX) find /usr -name __pycache__ -exec rm -rf {} + -# ======================================================================================================== -FROM base AS binary-downloads -SHELL ["/bin/bash", "-o", "pipefail", "-c"] -ARG TARGETARCH -WORKDIR /tmp - -ENV AQUA_ROOT_DIR=$HOME/.local/share/aquaproj-aqua -ENV PATH=$AQUA_ROOT_DIR/bin:$PATH -ENV AQUA_GLOBAL_CONFIG=/etc/aqua/aqua.yaml -COPY aqua.yaml aqua-checksums.json /etc/aqua/ - -# renovate: datasource=github-releases depName=aquaproj/aqua -ARG AQUA_VERSION="2.57.2" -# hadolint ignore=SC2046 -RUN --mount=type=cache,target=$AQUA_ROOT_DIR,id=cache-aqua-${TARGETARCH},sharing=locked \ - --mount=type=tmpfs,target=/tmp \ - mkdir -p $AQUA_ROOT_DIR/bin && \ - mkdir -p /dist && \ - # Download and install aqua - curl -fsSL -O "https://github.com/aquaproj/aqua/releases/download/v${AQUA_VERSION}/aqua_linux_${TARGETARCH}.tar.gz" && \ - curl -fsSL -o checksums.txt "https://github.com/aquaproj/aqua/releases/download/v${AQUA_VERSION}/aqua_${AQUA_VERSION}_checksums.txt" && \ - grep -E "aqua_linux_${TARGETARCH}.tar.gz$" checksums.txt > aqua_artifact_checksum.txt && \ - sha256sum -c aqua_artifact_checksum.txt && \ - tar xzf "aqua_linux_${TARGETARCH}.tar.gz" aqua && \ - mv ./aqua $AQUA_ROOT_DIR/bin/aqua && \ - chmod +x $AQUA_ROOT_DIR/bin/aqua && \ - echo "aqua v$AQUA_VERSION installed successfully" && \ - # Install packages w/ aqua as defined in aqua.yaml - aqua install --all && \ - aqua cp -o /dist $(find $AQUA_ROOT_DIR/bin -type l -not -name upx -exec basename {} \; | sort) && \ - cp $AQUA_ROOT_DIR/bin/aqua /dist/aqua && \ - upx $(find /dist -type f -executable) - # ======================================================================================================== FROM system-base SHELL ["/bin/bash", "-o", "pipefail", "-c"] ARG TARGETARCH WORKDIR /tmp -# copy binaries from aqua based binary install stage -COPY --from=binary-downloads --chown=root:root --chmod=755 /dist/* /usr/local/sbin/ - # Instead of utilizing ENV statements, we make use of /etc/environment file to make the requisite # environment variables available to all users of this image (primarily 'root' and 'coder') # - set starting PATH variable value (this strips some Ubuntu defaults such as games and snap directories) diff --git a/images/homelab-workspace/aqua-checksums.json b/images/homelab-workspace/aqua-checksums.json deleted file mode 100644 index b3bd29e6..00000000 --- a/images/homelab-workspace/aqua-checksums.json +++ /dev/null @@ -1,64 +0,0 @@ -{ - "checksums": [ - { - "id": "github_release/github.com/bitwarden/clients/cli-v2026.4.1/bw-linux-2026.4.1.zip", - "checksum": "2172DC63F821FCBD4B4CE65E7106F1EBAB26B6CB16C9C8A5B28230DCC6F8A774", - "algorithm": "sha256" - }, - { - "id": "github_release/github.com/bitwarden/sdk-sm/bws-v1.0.0/bws-aarch64-unknown-linux-gnu-1.0.0.zip", - "checksum": "20A3DCB9E3CE7716A1DC3C0E1C76CEA9D5E2BF75094CBB5AAD54CED4304929CB", - "algorithm": "sha256" - }, - { - "id": "github_release/github.com/bitwarden/sdk-sm/bws-v1.0.0/bws-x86_64-unknown-linux-gnu-1.0.0.zip", - "checksum": "9077FB7B336A62ABC8194728FEA8753AFAD8B0BAA3A18723FC05FC02FDB53568", - "algorithm": "sha256" - }, - { - "id": "github_release/github.com/jdx/mise/v2026.5.1/mise-v2026.5.1-linux-arm64-musl.tar.gz", - "checksum": "375C6A365BF7A42B3645FD3816FBD11C94C1D04AF9DF49910FBE11929878A365", - "algorithm": "sha256" - }, - { - "id": "github_release/github.com/jdx/mise/v2026.5.1/mise-v2026.5.1-linux-x64-musl.tar.gz", - "checksum": "5CB9F8CC7B071C5C5931FAFD79BD523A81CBFFE6BB23D56DAEA7B0BE86D0A086", - "algorithm": "sha256" - }, - { - "id": "github_release/github.com/starship/starship/v1.25.1/starship-aarch64-unknown-linux-musl.tar.gz", - "checksum": "01517AAB398959EA9EA73BDB4F032EA4DBB51DFF5C8E5EB05B4A1B9B7AB872B8", - "algorithm": "sha256" - }, - { - "id": "github_release/github.com/starship/starship/v1.25.1/starship-x86_64-unknown-linux-musl.tar.gz", - "checksum": "C6DDD3ECB9C0071A2AD38D98CEE748160066B7C4F197421268058F4A5D6F8504", - "algorithm": "sha256" - }, - { - "id": "github_release/github.com/twpayne/chezmoi/v2.70.2/chezmoi_2.70.2_linux_amd64.tar.gz", - "checksum": "DDA79928BF8428C1BB3D48497BE00237A6ECC95A2BEF7DED573608436EC7270B", - "algorithm": "sha256" - }, - { - "id": "github_release/github.com/twpayne/chezmoi/v2.70.2/chezmoi_2.70.2_linux_arm64.tar.gz", - "checksum": "99E402AF70F457DBF3AD545F62F78892375F2D9361DB1C9C354E6D924A3B4FAE", - "algorithm": "sha256" - }, - { - "id": "github_release/github.com/upx/upx/v5.1.1/upx-5.1.1-amd64_linux.tar.xz", - "checksum": "1FF660454227861E00772F743F66B900072116B9DC24F6EE28B97CCE88A7828A", - "algorithm": "sha256" - }, - { - "id": "github_release/github.com/upx/upx/v5.1.1/upx-5.1.1-arm64_linux.tar.xz", - "checksum": "A307C2C821EEAB47607BA5C232408B22AB884CCA13884682508B98F7308B8443", - "algorithm": "sha256" - }, - { - "id": "registries/github_content/github.com/aquaproj/aqua-registry/v4.510.0/registry.yaml", - "checksum": "98B3C7425FFB0CE2D4B9164E4BEC9F5DC0781CC5E40B1C87EE20E200EAAA3DB68A08106CCD63CDF6FCC240EF419E1AC2B956661E7EE8693C470AA40E9744FF2F", - "algorithm": "sha512" - } - ] -} diff --git a/images/homelab-workspace/aqua.yaml b/images/homelab-workspace/aqua.yaml deleted file mode 100644 index 1efd7749..00000000 --- a/images/homelab-workspace/aqua.yaml +++ /dev/null @@ -1,18 +0,0 @@ ---- -# yaml-language-server: $schema=https://raw.githubusercontent.com/aquaproj/aqua/main/json-schema/aqua-yaml.json -checksum: - enabled: true - require_checksum: true - supported_envs: - - linux/amd64 - - linux/arm64 -registries: -- type: standard - ref: v4.510.0 # renovate: depName=aquaproj/aqua-registry -packages: -- name: bitwarden/clients@cli-v2026.4.1 -- name: bitwarden/sdk-sm@bws-v1.0.0 -- name: jdx/mise@v2026.5.1 -- name: starship/starship@v1.25.1 -- name: twpayne/chezmoi@v2.70.2 -- name: upx/upx@v5.1.1 From 72f16708389137d244bd98a6b0b5ea3ce208aa45 Mon Sep 17 00:00:00 2001 From: Peter Pathirana Date: Tue, 19 May 2026 09:24:02 +0000 Subject: [PATCH 2/2] fix: fix --- .github/workflows/release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 513d96aa..2cb016f5 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -111,7 +111,7 @@ jobs: curl -fsSL https://coder.com/install.sh | sh -s -- --method standalone --version "${CODER_VERSION}" echo echo "Logging into Coder..." - coder login ${CODER_URL} + coder login --use-token-as-session ${CODER_URL} - name: Publish template id: publish-template