Merge branch 'main' into fix/docker-pr-build

ci(docker): add PR build and smoke test
2026-01-09 08:02:55 +01:00 · 2026-01-09 08:01:36 +01:00
2 changed files with 42 additions and 0 deletions
--- a/.github/workflows/docker-publish.yml
+++ b/.github/workflows/docker-publish.yml
@@ -20,6 +20,17 @@ on:
    # Daily at 4 AM UTC - rebuild with fresh base image
    - cron: "0 4 * * *"

+  pull_request:
+    paths:
+      - Dockerfile
+      - .dockerignore
+      - docker/**
+      - pyproject.toml
+      - uv.lock
+      - src/**
+      - scripts/**
+      - .github/workflows/docker-publish.yml
+
  workflow_dispatch:
    inputs:
      push:
@@ -45,6 +56,7 @@ env:

 jobs:
  build:
+    if: github.event_name != 'pull_request'
    runs-on: ubuntu-latest
    timeout-minutes: 30

@@ -233,3 +245,32 @@ jobs:
          subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
          subject-digest: ${{ steps.build-release.outputs.digest }}
          push-to-registry: true
+
+  build-pr:
+    if: github.event_name == 'pull_request'
+    runs-on: ubuntu-latest
+    timeout-minutes: 30
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0
+
+      - name: Build image (PR)
+        id: build-pr
+        uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
+        with:
+          context: .
+          platforms: linux/amd64
+          load: true
+          push: false
+          tags: meshcore-stats:pr-${{ github.event.pull_request.number }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+
+      - name: Smoke test (PR)
+        run: |
+          docker run --rm meshcore-stats:pr-${{ github.event.pull_request.number }} \
+            python -c "from meshmon.db import init_db; from meshmon.env import get_config; print('Smoke test passed')"
--- a/AGENTS.md
+++ b/AGENTS.md
@@ -366,6 +366,7 @@ Jobs configured in `docker/ofelia.ini`:
 | Release | `X.Y.Z`, `X.Y`, `latest` |
 | Nightly (4 AM UTC) | Rebuilds all version tags + `nightly`, `nightly-YYYYMMDD` |
 | Manual | `sha-xxxxxx` |
+| Pull request | Builds image (linux/amd64) without pushing and runs a smoke test |

 **Nightly rebuilds** ensure version tags always include the latest OS security patches. This is a common pattern used by official Docker images (nginx, postgres, node). Users needing reproducibility should pin by SHA digest or use dated nightly tags.
Author	SHA1	Message	Date
Jorijn Schrijvershof	800f12c145	Merge branch 'main' into fix/docker-pr-build	2026-01-09 08:02:55 +01:00
Jorijn Schrijvershof	1556e73c8f	ci(docker): add PR build and smoke test	2026-01-09 08:01:36 +01:00