every.channel/evolution/proposals/ECP-0081-ci-boot-image-deploy.md

ECP-0081: CI Boot Image Deployment to Forgejo Releases

Status: Implemented

Context

Runner boot artifacts (netboot/ISO/SD) are currently built by hand from local Linux/Nix environments. That slows repeatable infra rollout and weakens traceability from commit to runnable images.

The constitution requires infrastructure definitions to live in-repo and stay independently operable. Boot image publication should follow the same Forgejo-primary CI model used for web deploys, while mirror hosts remain distribution-only.

Decision

1. Add a dedicated Forgejo Actions workflow to build runner boot images from flake outputs in CI.
2. Trigger this workflow on:
   • manual dispatch (workflow_dispatch), and
   • release-style tags (boot-v*).
3. Publish built artifacts to Forgejo Releases on the primary host using repository-scoped API calls and the workflow token.
4. Exclude Codeberg mirror runs using the existing server guard (github.server_url != 'https://codeberg.org').
5. Start with x86_64 image targets in CI (netboot, iso) to keep runtime/runner requirements explicit and reversible.

Alternatives considered

• Keep boot image builds fully manual. Rejected because operator discipline alone does not provide consistent provenance.
• Push images to external object storage first. Rejected for now because Forgejo Releases are already part of the controlled primary platform.
• Build all architectures in one CI pass immediately. Rejected because runner architecture availability is not guaranteed and would make initial rollout brittle.

Rollout / teardown plan

• Rollout:
  • merge workflow + docs,
  • run a manual dispatch to verify artifact publication,
  • optionally create boot-v* tags for versioned image drops.
• Teardown:
  • disable or delete the boot-image workflow,
  • continue using local/manual nix build paths from docs/RUNNER_IMAGES.md.