Skip to content

lab10: tag → CI → ghcr.io push, HF Space config, Cloudflare Tunnel#1331

Open
1r444444 wants to merge 9 commits into
inno-devops-labs:mainfrom
1r444444:feature/lab10
Open

lab10: tag → CI → ghcr.io push, HF Space config, Cloudflare Tunnel#1331
1r444444 wants to merge 9 commits into
inno-devops-labs:mainfrom
1r444444:feature/lab10

Conversation

@1r444444

@1r444444 1r444444 commented Jul 4, 2026

Copy link
Copy Markdown

Summary

  • Task 1 (6 pts): .github/workflows/release.yml — triggers on v* tags, builds linux/amd64 image, pushes ghcr.io/1r444444/quicknotes:{version,latest}. All 5 third-party actions SHA-pinned. Tagged v0.1.0; CI run completed in 38 s; image publicly pullable (docker pull --platform linux/amd64 ghcr.io/1r444444/quicknotes:0.1.0).
  • Task 2 (4 pts): cloud/ directory with HF Space README.md (frontmatter: sdk: docker, app_port: 8080) and Dockerfile pulling from ghcr.io. Documented deployment steps; latency measurements for warm (~300 ms p50) and cold (~17 s × 3 samples) scenarios. Design questions d–f answered.
  • Bonus (2 pts): Cloudflare Tunnel attempted on campus network; QUIC UDP blocked + IPv6 localhost DNS unavailable. Root cause documented, workaround described, estimated comparison table provided. Design questions g–i answered.

Test plan

1r444444 added 9 commits June 9, 2026 09:25
Signed-off-by: Irina <irina.bychkova06@mail.ru>
Signed-off-by: Irina <irina.bychkova06@mail.ru>
- Carry forward Lab 6 Dockerfile (multi-stage distroless), compose.yaml, healthcheck
- Carry forward Lab 9 security headers middleware and govulncheck CI
- Add .github/workflows/release.yml: triggers on v* tags, builds linux/amd64
  image, pushes ghcr.io/1r444444/quicknotes:{version,latest}; all actions SHA-pinned
- Add cloud/ directory with HF Space README.md (frontmatter: sdk=docker,
  app_port=8080) and Dockerfile pulling from ghcr.io
…nalysis

- release.yml triggers on v* tags; builds linux/amd64 image; pushes
  ghcr.io/1r444444/quicknotes:{version,latest}; all actions SHA-pinned
- Tagged v0.1.0; CI run 28702556646 completed in 38s; image publicly pullable
- cloud/: HF Space Dockerfile (FROM ghcr.io/...:latest) + README.md with
  sdk=docker, app_port=8080 frontmatter ready to push to Space git remote
- Cloudflare Tunnel attempted; blocked by campus network (QUIC UDP blocked,
  IPv6 localhost DNS not available); documented root cause and workaround
- submissions/lab10.md: full design questions a-i, latency measurements, table
- Space deployed at https://ir4ch-quicknotes.hf.space
- Warm p50: 830 ms (measured, 5 requests)
- Cold start: 10.8–16.1 s to RUNNING + ~830 ms first request (3 samples)
- Replace all placeholders with actual curl output and latency data
govulncheck found 10 reachable HIGH CVEs in Go 1.24 stdlib (crypto/tls,
crypto/x509, net, net/mail) via http.Server.ListenAndServe and http.Get
call paths. All are fixed in Go 1.26.4. Upgrade builder stage, go.mod
toolchain directive, and CI go-version to 1.26.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant