Skip to content

Strip io.buildpacks.stack.id before push and verify after#1881

Merged
josegonzalez merged 1 commit into
masterfrom
strip-buildpacks-label-before-push
Apr 26, 2026
Merged

Strip io.buildpacks.stack.id before push and verify after#1881
josegonzalez merged 1 commit into
masterfrom
strip-buildpacks-label-before-push

Conversation

@josegonzalez

@josegonzalez josegonzalez commented Apr 26, 2026

Copy link
Copy Markdown
Member

The previous release shipped images that still carried the io.buildpacks.stack.id label because the post-push regctl image mod step failed silently and nothing in CI checked the result. This is a follow-up to #1880 (which closed #1879): it moves the label strip to before any Docker Hub push and adds an explicit verification gate after publish, so a silent failure can no longer ship.

Build the release image to a local OCI layout, strip the
io.buildpacks.stack.id label there, then copy out to each Docker Hub tag.
After publishing, inspect every tag on both platforms and fail the job if
the label is still present, so a silent regctl mod failure can no longer
ship.
@josegonzalez josegonzalez merged commit 571e10e into master Apr 26, 2026
19 checks passed
@josegonzalez josegonzalez deleted the strip-buildpacks-label-before-push branch April 26, 2026 12:21
@josegonzalez josegonzalez changed the title fix: strip io.buildpacks.stack.id before push and verify after Strip io.buildpacks.stack.id before push and verify after May 22, 2026
josegonzalez added a commit that referenced this pull request May 22, 2026
- #1880 @josegonzalez: Replace docker-copyedit with regctl for image retagging
- #1881 @josegonzalez: Strip io.buildpacks.stack.id before push and verify after
- #1882 @dependabot: chore(deps): bump puma from 8.0.0 to 8.0.1 in /buildpacks/buildpack-ruby/tests/ruby-sinatra
- #1883 @dokku-bot: Update nodejs to version v343
- #1885 @josegonzalez: Retry docker pull in post-install on timeout
- #1886 @dokku-bot: Update nodejs to version v344
- #1887 @dependabot: chore(deps): bump gunicorn from 25.3.0 to 26.0.0 in /buildpacks/buildpack-python/tests/python-flask
- #1888 @dependabot: chore(deps): bump gunicorn from 25.3.0 to 26.0.0 in /buildpacks/buildpack-python/tests/python-django
- #1889 @dependabot: chore(deps): bump gunicorn from 25.3.0 to 26.0.0 in /buildpacks/buildpack-multi/tests/multi
- #1890 @dokku-bot: Update nodejs to version v345
- #1893 @dokku-bot: Update nodejs to version v346
- #1894 @dokku-bot: Update python to version v344
- #1895 @dokku-bot: Update nodejs to version v347
- #1896 @dokku-bot: Update go to version v229
- #1897 @josegonzalez: Upgrade scala test app to play 3.0.10
- #1898 @dokku-bot: Update php to version v288
- #1899 @dependabot: chore(deps-dev): bump heroku/heroku-buildpack-php from 287 to 288 in /buildpacks/buildpack-php/tests/php
- #1900 @dokku-bot: Update nodejs to version v348
- #1902 @dokku-bot: Update ruby to version v358
- #1903 @dependabot: chore(deps-dev): bump heroku/heroku-buildpack-php from 288 to 289 in /buildpacks/buildpack-php/tests/php
- #1904 @dokku-bot: Update php to version v289
- #1905 @dependabot: chore(deps): bump twig/twig from 3.24.0 to 3.26.0 in /buildpacks/buildpack-php/tests/php
- #1906 @dokku-bot: Update nodejs to version v349
- #1907 @dependabot: chore(deps): bump slim/slim from 4.15.1 to 4.15.2 in /buildpacks/buildpack-php/tests/php
- #1908 @dependabot: chore(deps-dev): bump heroku/heroku-buildpack-php from 289 to 290 in /buildpacks/buildpack-php/tests/php
- #1909 @dokku-bot: Update nodejs to version v350
- #1910 @dokku-bot: Update php to version v290
@josegonzalez josegonzalez mentioned this pull request May 22, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Retagging the image in CI fails

1 participant