From 9cb7b6a5a2ef75cff9dc0010b01f8fe5a2acf185 Mon Sep 17 00:00:00 2001
From: continuist <continuist02@gmail.com>
Date: Fri, 12 Sep 2025 15:32:01 -0400
Subject: [PATCH] Update CI dockerfile to use newer podman

---
 ci/Dockerfile.ci-node-podman | 40 ++++++++++++++++--------------------
 1 file changed, 18 insertions(+), 22 deletions(-)

diff --git a/ci/Dockerfile.ci-node-podman b/ci/Dockerfile.ci-node-podman
index be3bdac..934a578 100644
--- a/ci/Dockerfile.ci-node-podman
+++ b/ci/Dockerfile.ci-node-podman
@@ -1,28 +1,24 @@
-# Dockerfile.ci-node-podman
-ARG CI_IMAGE_REV=1
 FROM node:20-bookworm-slim
 
-# Tools needed at runtime by actions and your scripts
-# - git: actions/checkout uses it
-# - curl, ca-certificates: handy for health checks, etc.
-# - jq: used in your scripts
-# Then add the libcontainers repo to get a recent Podman (v5.x).
+# Essentials for CI steps
 RUN set -eux; \
-  apt-get update; \
-  apt-get install -y --no-install-recommends \
-      ca-certificates curl git gnupg jq; \
-  . /etc/os-release; \
-  echo "deb [signed-by=/usr/share/keyrings/libcontainers-archive-keyring.gpg] \
-       https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/Debian_${VERSION_ID}/ /" \
-    > /etc/apt/sources.list.d/devel:kubic:libcontainers:stable.list; \
-  curl -fsSL \
-      "https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/Debian_${VERSION_ID}/Release.key" \
-    | gpg --dearmor -o /usr/share/keyrings/libcontainers-archive-keyring.gpg; \
-  apt-get update; \
-  apt-get install -y --no-install-recommends podman; \
-  apt-get purge -y gnupg; \
-  rm -rf /var/lib/apt/lists/*
+    apt-get update; \
+    apt-get install -y --no-install-recommends ca-certificates curl git jq; \
+    rm -rf /var/lib/apt/lists/*
 
-# These match your runner’s rootless socket layout
+# Install a recent podman-remote (static binary), and alias it as "podman"
+ARG PODMAN_REMOTE_VERSION=5.2.3
+RUN set -eux; \
+    arch="$(dpkg --print-architecture)"; case "$arch" in \
+      amd64) goarch=amd64;; arm64) goarch=arm64;; \
+      *) echo "unsupported arch: $arch"; exit 1;; \
+    esac; \
+    curl -fsSL -o /tmp/podman-remote.tgz \
+      "https://github.com/containers/podman/releases/download/v${PODMAN_REMOTE_VERSION}/podman-remote-static-linux_${goarch}.tar.gz"; \
+    tar -C /usr/local/bin -xzf /tmp/podman-remote.tgz podman-remote; \
+    ln -s /usr/local/bin/podman-remote /usr/local/bin/podman; \
+    /usr/local/bin/podman --version
+
+# Defaults that make the client talk to your host’s rootless socket
 ENV XDG_RUNTIME_DIR=/run/user/999
 ENV CONTAINER_HOST=unix:///run/user/999/podman/podman.sock
\ No newline at end of file