thaloco/banger
1
Fork 0
Code Pull requests Releases Packages Activity Actions

imagecat: publish debian-bookworm golden image

Browse source 
First entry in the image catalog. Verified end-to-end:
  - https://images.thaloco.com/debian-bookworm-x86_64.tar.zst reachable
  - sha256 071495e6... matches
  - bundle unpacks to rootfs.ext4 (4 GiB) + manifest.json with the
    expected name/distro/arch/kernel_ref.

publish-golden-image.sh tweaks:
  - default RCLONE_REMOTE from 'r2' to 'banger-images' (matches the
    rclone config actually in use here).
  - rclone copyto now passes --s3-no-check-bucket and --no-check-dest
    so scoped R2 tokens without HeadBucket/HeadObject permission
    still upload cleanly.

To use: restart bangerd so it picks up the new embedded catalog,
then `banger image pull debian-bookworm`.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
Thales Maciel 2026-04-18 13:25:42 -03:00
parent 5bdc9985c2
commit ab5627aec2
No known key found for this signature in database
GPG key ID: 33112E6833C34679
2 changed files with 21 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

13
scripts/publish-golden-image.sh
View file

@ -11,7 +11,7 @@
# [--size <spec>] [--platform <p>] [--skip-upload]
#
# Environment overrides:
# RCLONE_REMOTE rclone remote to upload through (default: r2)
# RCLONE_REMOTE rclone remote to upload through (default: banger-images)
# RCLONE_BUCKET R2 bucket name (default: banger-images)
# BASE_URL public URL prefix for the bucket (default: https://images.thaloco.com)
@ -24,7 +24,7 @@ SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
REPO_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)"
CATALOG_FILE="$REPO_ROOT/internal/imagecat/catalog.json"
RCLONE_REMOTE="${RCLONE_REMOTE:-r2}"
RCLONE_REMOTE="${RCLONE_REMOTE:-banger-images}"
RCLONE_BUCKET="${RCLONE_BUCKET:-banger-images}"
BASE_URL="${BASE_URL:-https://images.thaloco.com}"
@ -98,7 +98,14 @@ if [[ "$SKIP_UPLOAD" -eq 1 ]]; then
fi
log "uploading to $RCLONE_REMOTE:$RCLONE_BUCKET/$TARBALL_NAME"
rclone copyto "$OUT" "$RCLONE_REMOTE:$RCLONE_BUCKET/$TARBALL_NAME"
# --s3-no-check-bucket skips the HeadBucket preflight; --no-check-dest
# skips the HeadObject preflight. Both fail with 403 on R2 tokens that
# only have PutObject + GetObject but not Head* — a common scoped-token
# setup.
rclone copyto \
--s3-no-check-bucket \
--no-check-dest \
"$OUT" "$RCLONE_REMOTE:$RCLONE_BUCKET/$TARBALL_NAME"
URL="$BASE_URL/$TARBALL_NAME"
log "verifying $URL is reachable"