diff --git a/.github/copilot-instructions.md b/.github/copilot-instructions.md index 835ccc5..786969e 100644 --- a/.github/copilot-instructions.md +++ b/.github/copilot-instructions.md @@ -1,6 +1,12 @@ + +Use professional, neutral language. +No jokes, sarcasm, playful metaphors, or “cute” commentary. +Keep responses direct and task-focused. + + For additional context about technologies to be used, project structure, -shell commands, and edge-case handling details, read specs/002-multiarch-image-cache/plan.md +shell commands, and edge-case handling details, read specs/003-support-adduser-utils/plan.md and treat it as the authoritative implementation context. @@ -8,6 +14,8 @@ and treat it as the authoritative implementation context. # Instructions +For governance principles, constraints, and PR requirements, see `.specify/memory/constitution.md`. + The purpose of this project is to build a Docker container image providing the latest patch release within the Ruby 2.6.x series (intentionally pinned to 2.6, not a newer major version). The 2.6.x pin is a hard requirement. @@ -21,9 +29,10 @@ The project will use `dependabot` to keep the pinned versions of Ruby, OpenSSL, ## Docker Specification -The resulting Docker image will be based on the "scratch" image, and have a minimal runtime footprint. -It will use a multi-stage build to limit image contents to only the compiled Ruby binaries, necessary -runtime libraries, and files needed for testing and validating the image. +The resulting Docker image will be based on `debian:bookworm-slim`, providing a practical runtime +footprint that supports downstream user-management workflows. It will use a multi-stage build to +limit image contents to compiled Ruby binaries, required runtime libraries, and files needed for +testing and validating the image. The `Dockerfile` will be formatted with "here-doc" `RUN` blocks for clarity and maintainability. @@ -44,7 +53,6 @@ The `Dockerfile` will be formatted with "here-doc" `RUN` blocks for clarity and * The project will be hosted on GitHub, with a clear branching strategy for development and releases. * Use semantic versioning for release tags, and maintain a changelog to document changes. -* Pull requests will be used for all changes, with code review and automated testing before merging. * Use `dependabot` to keep dependencies up to date. ## Validation diff --git a/.specify/extensions.yml b/.specify/extensions.yml index 6c7edea..06a245b 100644 --- a/.specify/extensions.yml +++ b/.specify/extensions.yml @@ -1,165 +1,165 @@ --- installed: - - agent-context - - git + - agent-context + - git settings: - auto_execute_hooks: true + auto_execute_hooks: true hooks: - before_constitution: - - extension: git - command: speckit.git.initialize - enabled: true - optional: false - prompt: Execute speckit.git.initialize? - description: Initialize Git repository before constitution setup - condition: null - before_specify: - - extension: git - command: speckit.git.feature - enabled: true - optional: false - prompt: Execute speckit.git.feature? - description: Create feature branch before specification - condition: null - before_clarify: - - extension: git - command: speckit.git.commit - enabled: true - optional: true - prompt: Commit outstanding changes before clarification? - description: Auto-commit before spec clarification - condition: null - before_plan: - - extension: git - command: speckit.git.commit - enabled: true - optional: true - prompt: Commit outstanding changes before planning? - description: Auto-commit before implementation planning - condition: null - before_tasks: - - extension: git - command: speckit.git.commit - enabled: true - optional: true - prompt: Commit outstanding changes before task generation? - description: Auto-commit before task generation - condition: null - before_implement: - - extension: git - command: speckit.git.commit - enabled: true - optional: true - prompt: Commit outstanding changes before implementation? - description: Auto-commit before implementation - condition: null - before_checklist: - - extension: git - command: speckit.git.commit - enabled: true - optional: true - prompt: Commit outstanding changes before checklist? - description: Auto-commit before checklist generation - condition: null - before_analyze: - - extension: git - command: speckit.git.commit - enabled: true - optional: true - prompt: Commit outstanding changes before analysis? - description: Auto-commit before analysis - condition: null - before_taskstoissues: - - extension: git - command: speckit.git.commit - enabled: true - optional: true - prompt: Commit outstanding changes before issue sync? - description: Auto-commit before tasks-to-issues conversion - condition: null - after_constitution: - - extension: git - command: speckit.git.commit - enabled: true - optional: true - prompt: Commit constitution changes? - description: Auto-commit after constitution update - condition: null - after_specify: - - extension: git - command: speckit.git.commit - enabled: true - optional: true - prompt: Commit specification changes? - description: Auto-commit after specification - condition: null - - extension: agent-context - command: speckit.agent-context.update - enabled: true - optional: true - prompt: Execute speckit.agent-context.update? - description: Refresh agent context after specification - condition: null - after_clarify: - - extension: git - command: speckit.git.commit - enabled: true - optional: true - prompt: Commit clarification changes? - description: Auto-commit after spec clarification - condition: null - after_plan: - - extension: git - command: speckit.git.commit - enabled: true - optional: true - prompt: Commit plan changes? - description: Auto-commit after implementation planning - condition: null - - extension: agent-context - command: speckit.agent-context.update - enabled: true - optional: true - prompt: Execute speckit.agent-context.update? - description: Refresh agent context after planning - condition: null - after_tasks: - - extension: git - command: speckit.git.commit - enabled: true - optional: true - prompt: Commit task changes? - description: Auto-commit after task generation - condition: null - after_implement: - - extension: git - command: speckit.git.commit - enabled: true - optional: true - prompt: Commit implementation changes? - description: Auto-commit after implementation - condition: null - after_checklist: - - extension: git - command: speckit.git.commit - enabled: true - optional: true - prompt: Commit checklist changes? - description: Auto-commit after checklist generation - condition: null - after_analyze: - - extension: git - command: speckit.git.commit - enabled: true - optional: true - prompt: Commit analysis results? - description: Auto-commit after analysis - condition: null - after_taskstoissues: - - extension: git - command: speckit.git.commit - enabled: true - optional: true - prompt: Commit after syncing issues? - description: Auto-commit after tasks-to-issues conversion - condition: null + before_constitution: + - extension: git + command: speckit.git.initialize + enabled: true + optional: false + prompt: Execute speckit.git.initialize? + description: Initialize Git repository before constitution setup + condition: null + before_specify: + - extension: git + command: speckit.git.feature + enabled: true + optional: false + prompt: Execute speckit.git.feature? + description: Create feature branch before specification + condition: null + before_clarify: + - extension: git + command: speckit.git.commit + enabled: true + optional: true + prompt: Commit outstanding changes before clarification? + description: Auto-commit before spec clarification + condition: null + before_plan: + - extension: git + command: speckit.git.commit + enabled: true + optional: true + prompt: Commit outstanding changes before planning? + description: Auto-commit before implementation planning + condition: null + before_tasks: + - extension: git + command: speckit.git.commit + enabled: true + optional: true + prompt: Commit outstanding changes before task generation? + description: Auto-commit before task generation + condition: null + before_implement: + - extension: git + command: speckit.git.commit + enabled: true + optional: true + prompt: Commit outstanding changes before implementation? + description: Auto-commit before implementation + condition: null + before_checklist: + - extension: git + command: speckit.git.commit + enabled: true + optional: true + prompt: Commit outstanding changes before checklist? + description: Auto-commit before checklist generation + condition: null + before_analyze: + - extension: git + command: speckit.git.commit + enabled: true + optional: true + prompt: Commit outstanding changes before analysis? + description: Auto-commit before analysis + condition: null + before_taskstoissues: + - extension: git + command: speckit.git.commit + enabled: true + optional: true + prompt: Commit outstanding changes before issue sync? + description: Auto-commit before tasks-to-issues conversion + condition: null + after_constitution: + - extension: git + command: speckit.git.commit + enabled: true + optional: true + prompt: Commit constitution changes? + description: Auto-commit after constitution update + condition: null + after_specify: + - extension: git + command: speckit.git.commit + enabled: true + optional: true + prompt: Commit specification changes? + description: Auto-commit after specification + condition: null + - extension: agent-context + command: speckit.agent-context.update + enabled: true + optional: true + prompt: Execute speckit.agent-context.update? + description: Refresh agent context after specification + condition: null + after_clarify: + - extension: git + command: speckit.git.commit + enabled: true + optional: true + prompt: Commit clarification changes? + description: Auto-commit after spec clarification + condition: null + after_plan: + - extension: git + command: speckit.git.commit + enabled: true + optional: true + prompt: Commit plan changes? + description: Auto-commit after implementation planning + condition: null + - extension: agent-context + command: speckit.agent-context.update + enabled: true + optional: true + prompt: Execute speckit.agent-context.update? + description: Refresh agent context after planning + condition: null + after_tasks: + - extension: git + command: speckit.git.commit + enabled: true + optional: true + prompt: Commit task changes? + description: Auto-commit after task generation + condition: null + after_implement: + - extension: git + command: speckit.git.commit + enabled: true + optional: true + prompt: Commit implementation changes? + description: Auto-commit after implementation + condition: null + after_checklist: + - extension: git + command: speckit.git.commit + enabled: true + optional: true + prompt: Commit checklist changes? + description: Auto-commit after checklist generation + condition: null + after_analyze: + - extension: git + command: speckit.git.commit + enabled: true + optional: true + prompt: Commit analysis results? + description: Auto-commit after analysis + condition: null + after_taskstoissues: + - extension: git + command: speckit.git.commit + enabled: true + optional: true + prompt: Commit after syncing issues? + description: Auto-commit after tasks-to-issues conversion + condition: null diff --git a/scripts/verify-ruby-jemalloc.sh b/scripts/verify-ruby-jemalloc.sh index 1474cd1..7aae6c1 100755 --- a/scripts/verify-ruby-jemalloc.sh +++ b/scripts/verify-ruby-jemalloc.sh @@ -13,10 +13,23 @@ run_args=(--rm) echo "[verify] image=${image} platform=${platform:-native}" -# When a platform is requested, resolve the platform-specific child digest from -# the manifest list so docker pull/run do not receive a manifest-list digest -# combined with --platform (which causes "cannot overwrite digest" errors). -if [[ -n "$platform" ]]; then +# Determine whether the image reference points to a remote registry or is a +# local-only tag (produced by `docker build --load` / `buildx --load`). +# A remote reference contains a registry host (contains a '.' or ':' before +# the first '/') or an explicit digest. Local tags look like "name:tag" with +# no host component. +is_remote=false +if [[ "$image" == *"@sha256:"* ]]; then + is_remote=true +elif [[ "$image" =~ ^[a-zA-Z0-9_-]+(\.[a-zA-Z0-9_-]+)+/ || "$image" =~ ^[^/]+:[0-9]+/ ]]; then + is_remote=true +fi + +# When a platform is requested and the image is remote, resolve the +# platform-specific child digest from the manifest list so docker pull/run do +# not receive a manifest-list digest combined with --platform (which causes +# "cannot overwrite digest" errors). +if [[ -n "$platform" && "$is_remote" == "true" ]]; then child_digest="$( docker buildx imagetools inspect --format \ '{{range .Manifest.Manifests}}{{if eq (printf "%s/%s" .Platform.OS .Platform.Architecture) "'"${platform}"'"}}{{.Digest}}{{end}}{{end}}' \ @@ -30,8 +43,10 @@ fi run_args+=(--platform "${platform:-linux/$(uname -m | sed s/x86_64/amd64/)}") -# Pre-pull the exact single-arch digest before running. -docker pull "${image}" >/dev/null +# Pre-pull remote images; local images are already available in the daemon. +if [[ "$is_remote" == "true" ]]; then + docker pull "${image}" >/dev/null +fi ruby_version="$(docker run --pull=never "${run_args[@]}" "$image" ruby -v)" echo "$ruby_version" | grep -E "ruby 2\.6\."