From 3e233382551a23de56eb3dfc8d5f6dcdbbf9185c Mon Sep 17 00:00:00 2001
From: continuist <continuist02@gmail.com>
Date: Thu, 18 Sep 2025 22:04:28 -0400
Subject: [PATCH] test on ci.yml

---
 .forgejo/workflows/ci.yml | 67 +++++++++++++++------------------------
 1 file changed, 26 insertions(+), 41 deletions(-)

diff --git a/.forgejo/workflows/ci.yml b/.forgejo/workflows/ci.yml
index b90cea9..8fac2b0 100644
--- a/.forgejo/workflows/ci.yml
+++ b/.forgejo/workflows/ci.yml
@@ -1,54 +1,39 @@
-name: CI/CD Pipeline with Direct Podman Access
-
-on:
-  push:
-    branches: [main]
-  pull_request:
-    branches: [main]
-
-env:
-  REGISTRY: ${{ secrets.REGISTRY_HOST }}
-  APP_NAME: ${{ secrets.APP_NAME }}
-  IMAGE_TAG: ${{ github.sha }}
-  RUN_ID: ${{ github.run_id }}
-  RUST_IMG_DIGEST: ${{ secrets.RUST_IMG_DIGEST }}
-  NODE_IMG_DIGEST: ${{ secrets.NODE_IMG_DIGEST }}
-  POSTGRES_IMG_DIGEST: ${{ secrets.POSTGRES_IMG_DIGEST }}
+name: Podman Rootless Demo
+on: [push, pull_request]
 
 jobs:
   test-backend:
     runs-on: [ci]
-    container:
-      image: git.gcdo.org/devteam/sharenet/ci-node-podman@sha256:eb0d942bd9a8cc69c63eb9ccf3877703898d676d0268cf379defdcda7e55f37f
+
+    # Point all steps at the host's rootless Podman socket
+    env:
+      # Point the client at the mounted socket
+      CONTAINER_HOST: unix:///run/user/1001/podman/podman.sock
+      # Make sure podman looks in the correct runtime dir hierarchy
+      XDG_RUNTIME_DIR: /tmp
+      RUN_ID: ${{ github.run_id }}
+      POSTGRES_IMG_DIGEST: ${{ secrets.POSTGRES_IMG_DIGEST }}
+      RUST_IMG_DIGEST: ${{ secrets.RUST_IMG_DIGEST }}
+
     steps:
-      - uses: actions/checkout@v4
+      - name: Checkout code
+        uses: actions/checkout@v4
 
-      - name: Verify podman socket
+
+      - name: Verify socket visibility
         run: |
           set -euo pipefail
-          echo "DOCKER_HOST=${DOCKER_HOST:-}"
-          : "${DOCKER_HOST:=unix:///var/run/docker.sock}"
-          export DOCKER_HOST CONTAINER_HOST="${CONTAINER_HOST:-$DOCKER_HOST}"
+          id -u; id -g
+          ls -ld /run/user/1001/podman
+          ls -l  /run/user/1001/podman/podman.sock
+          test -S /run/user/1001/podman/podman.sock
 
-          mkdir -p "${XDG_RUNTIME_DIR:-/tmp/xdg-run}" "${XDG_CONFIG_HOME:-/tmp/.config}"
-
-          sock="${DOCKER_HOST#unix://}"
-          echo "Using socket: $sock"
-          test -S "$sock" || { echo "missing $sock"; ls -l "$(dirname "$sock")"; exit 1; }
-          # Prefer the remote-only binary and pass the URL explicitly
-          (if command -v podman-remote >/dev/null; then
-            podman-remote --url="$DOCKER_HOST" info
-          else
-            podman --remote --url="$DOCKER_HOST" info
-          fi) | sed -n '1,80p'
-
-      - name: Verify pinned digests
+      - name: Use host rootless Podman
         run: |
           set -euo pipefail
-          for v in RUST_IMG_DIGEST NODE_IMG_DIGEST POSTGRES_IMG_DIGEST; do
-            [ -n "${!v}" ] || { echo "Missing $v"; exit 1; }
-            echo "${!v}" | grep -Eq '^.+@sha256:[0-9a-f]{64}$' || { echo "$v must be a digest ref"; exit 1; }
-          done
+          podman --remote info --format '{{.Host.RemoteSocket.Path}} (remote={{.Host.RemoteSocket.Exists}})'
+          podman --remote version
+          podman --remote run --rm alpine:3.20 echo "Hello from host rootless Podman!"
 
       - name: Create internal network
         run: podman --remote network create --internal integ-${{ env.RUN_ID }}
@@ -86,4 +71,4 @@ jobs:
         if: always()
         run: |
           podman --remote rm -f test-postgres-${{ env.RUN_ID }} 2>/dev/null || true
-          podman --remote network rm integ-${{ env.RUN_ID }} 2>/dev/null || true
+          podman --remote network rm integ-${{ env.RUN_ID }} 2>/dev/null || true
\ No newline at end of file