Commit Graph

15 Commits

Author SHA1 Message Date
renovate[bot] 453231c650 chore(deps): update github/codeql-action action to v4.31.11 (#88)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2026-01-23 20:30:48 +00:00
renovate[bot] b789cbcc56 chore(deps): update actions/checkout action to v6.0.2 (#87)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2026-01-22 21:51:23 +00:00
Jorijn Schrijvershof 42d141f4fa Revert "build(docker): add armv7 container support (#68)" (#76)
This reverts commit 75e50f7ee9.
2026-01-13 23:28:39 +01:00
Jorijn Schrijvershof 75e50f7ee9 build(docker): add armv7 container support (#68)
* build(docker): add armv7 container support

* fix(docker): update base images and improve uv extraction process
2026-01-13 06:36:25 +01:00
renovate[bot] c1b89782eb chore(deps): update github/codeql-action action to v4.31.10 (#67)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2026-01-12 22:23:23 +00:00
renovate[bot] 83425a48f6 chore(deps): update github/codeql-action action to v4 (#51)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2026-01-09 08:22:49 +01:00
renovate[bot] 9cb95f8108 chore(deps): pin dependencies (#55)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2026-01-09 08:20:27 +01:00
Jorijn Schrijvershof 1f6e7c5093 ci: switch actions to version tags for renovate digests (#54) 2026-01-09 08:18:02 +01:00
Jorijn Schrijvershof 40d7d3b2fa ci(docker): add PR build and smoke test (#53) 2026-01-09 08:04:21 +01:00
renovate[bot] dd7ec5b46e chore(deps): update github/codeql-action digest to ee117c9 (#41)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2026-01-09 07:57:53 +01:00
renovate[bot] e937f2b0b7 chore(deps): update actions/attest-build-provenance digest to 00014ed (#40)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2026-01-09 07:55:32 +01:00
Jorijn Schrijvershof adc442351b chore: switch to Renovate and pin uv image (#38) 2026-01-09 07:51:00 +01:00
Jorijn Schrijvershof c978844271 ci: add artifact-metadata permission for attestation storage records
Fixes warning: "Failed to create storage record: artifact-metadata:write
permission has been included"

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-06 12:15:50 +01:00
Jorijn Schrijvershof e3a1df4aa6 fix(ci): skip smoke test when manual push is disabled 2026-01-05 08:41:58 +01:00
Jorijn Schrijvershof 7a181e4b1a feat: add Docker containerization with GitHub Actions CI/CD
- Multi-stage Dockerfile with Python 3.12 + Ofelia scheduler
- docker-compose.yml for production (ghcr.io image)
- docker-compose.development.yml for local builds
- GitHub Actions workflow for multi-arch builds (amd64/arm64)
- Security hardening: non-root user, cap_drop, read_only filesystem
- Trivy vulnerability scanning and SBOM generation
- Nightly rebuilds for OS security patches

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-05 07:12:59 +01:00